-
-
Notifications
You must be signed in to change notification settings - Fork 21
/
Unprotect-PGP.ps1
115 lines (103 loc) · 4.69 KB
/
Unprotect-PGP.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
function Unprotect-PGP {
[cmdletBinding(DefaultParameterSetName = 'FolderClearText')]
param(
[Parameter(Mandatory, ParameterSetName = 'FolderCredential')]
[Parameter(Mandatory, ParameterSetName = 'FolderClearText')]
[Parameter(Mandatory, ParameterSetName = 'FileCredential')]
[Parameter(Mandatory, ParameterSetName = 'FileClearText')]
[Parameter(Mandatory, ParameterSetName = 'StringClearText')]
[Parameter(Mandatory, ParameterSetName = 'StringCredential')]
[string] $FilePathPrivate,
[Parameter(ParameterSetName = 'FolderClearText')]
[Parameter(ParameterSetName = 'FileClearText')]
[Parameter(ParameterSetName = 'StringClearText')]
[string] $Password,
[Parameter(Mandatory, ParameterSetName = 'FileCredential')]
[Parameter(Mandatory, ParameterSetName = 'FolderCredential')]
[Parameter(Mandatory, ParameterSetName = 'StringCredential')]
[pscredential] $Credential,
[Parameter(Mandatory, ParameterSetName = 'FolderCredential')]
[Parameter(Mandatory, ParameterSetName = 'FolderClearText')]
[string] $FolderPath,
[Parameter(Mandatory, ParameterSetName = 'FolderCredential')]
[Parameter(Mandatory, ParameterSetName = 'FolderClearText')]
[string] $OutputFolderPath,
[Parameter(Mandatory, ParameterSetName = 'FileCredential')]
[Parameter(Mandatory, ParameterSetName = 'FileClearText')]
[string] $FilePath,
[Parameter(Mandatory, ParameterSetName = 'FileCredential')]
[Parameter(Mandatory, ParameterSetName = 'FileClearText')]
[string] $OutFilePath,
[Parameter(Mandatory, ParameterSetName = 'StringClearText')]
[Parameter(Mandatory, ParameterSetName = 'StringCredential')]
[string] $String
)
if ($Credential) {
$Password = $Credential.GetNetworkCredential().Password
}
if (-not (Test-Path -LiteralPath $FilePathPrivate)) {
Write-Warning -Message "Unprotect-PGP - Remove PGP encryption failed because private key file doesn't exists."
return
}
$PrivateKey = Get-Content -LiteralPath $FilePathPrivate -Raw
try {
$EncryptionKeys = [PgpCore.EncryptionKeys]::new($PrivateKey, $Password)
$PGP = [PgpCore.PGP]::new($EncryptionKeys)
} catch {
if ($PSBoundParameters.ErrorAction -eq 'Stop') {
throw
} else {
Write-Warning -Message "Protect-PGP - Can't encrypt files because: $($_.Exception.Message)"
return
}
}
if ($FolderPath) {
$ResolvedFolderPath = Resolve-Path -Path $FolderPath
foreach ($File in Get-ChildItem -LiteralPath $ResolvedFolderPath.Path -Recurse:$Recursive) {
try {
if ($OutputFolderPath) {
$ResolvedOutputFolder = $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($OutputFolderPath)
$OutputFile = [io.Path]::Combine($ResolvedOutputFolder, "$($File.Name.Replace('.pgp',''))")
$PGP.DecryptFile($File.FullName, $OutputFile)
} else {
$PGP.DecryptFile($File.FullName, "$($File.FullName)")
}
} catch {
if ($PSBoundParameters.ErrorAction -eq 'Stop') {
throw
} else {
Write-Warning -Message "Unprotect-PGP - Remove PGP encryption from $($File.FuleName) failed: $($_.Exception.Message)"
return
}
}
}
} elseif ($FilePath) {
try {
$ResolvedFilePath = Resolve-Path -Path $FilePath
if ($OutFilePath) {
$ResolvedOutFilePath = $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($OutFilePath)
$PGP.DecryptFile($ResolvedFilePath.Path, "$($ResolvedOutFilePath)", $FilePathPrivate, $Password)
} else {
$PGP.DecryptFile($ResolvedFilePath.Path, "$($FilePath.Replace('.pgp',''))")
}
} catch {
if ($PSBoundParameters.ErrorAction -eq 'Stop') {
throw
} else {
Write-Warning -Message "Unprotect-PGP - Remove PGP encryption from $($File.FuleName) failed: $($_.Exception.Message)"
return
}
}
} elseif ($String) {
try {
$PGP.DecryptArmoredString($String)
} catch {
if ($PSBoundParameters.ErrorAction -eq 'Stop') {
throw
} else {
Write-Warning -Message "Unprotect-PGP - Remove PGP encryption from string failed: $($_.Exception.Message)"
return
}
}
}
}