-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathEncryptConnectionString.ps1
31 lines (24 loc) · 1.2 KB
/
EncryptConnectionString.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#Requires -Version 3.0
<#
.DESCRIPTION
Encrypt storage connection string using the specified certficate in LocalMachine\My store
.EXAMPLE
.\EncryptConnectionString.ps1 -certThumbprint "B4539A3A61308639B98C72467023F12B913A7839" `
-connectionString "DefaultEndpointsProtocol=https;AccountName=sample;AccountKey=WSzqQQrzxeVtUFL+1Y2DaO7M4dmMojgjMgwu60Vg0BFdTyX/EWTXwp08ss7M27XUVF/J+2mOLuvQgd6XwWgLbw="
#>
[CmdletBinding()]
Param(
[Parameter(Mandatory=$true, Position=0)]
[string]$certThumbprint,
[Parameter(Mandatory=$true, Position=1)]
[string]$connectionString
)
$cert = Get-Item "Cert:\LocalMachine\My\$certThumbprint" -ErrorAction Stop
$data = [system.Text.Encoding]::UTF8.GetBytes($connectionString)
$contentInfo = New-Object System.Security.Cryptography.Pkcs.ContentInfo @(,$data)
$envelope = New-Object Security.Cryptography.Pkcs.EnvelopedCms $contentInfo
$recipient = New-Object Security.Cryptography.Pkcs.CmsRecipient $cert
$envelope.Encrypt($recipient)
$encryptedData = $envelope.Encode()
$encryptedConnectionString = [System.Convert]::ToBase64String($encryptedData)
Write-Host $encryptedConnectionString