https://github.com/ms-luf/quick.file.encryption
a toolbox to encrypt automatically file in a folder (FileSystemWatcher) using Cryptographic Message Syntax format (CMS) and a public key (certificate)
https://github.com/ms-luf/quick.file.encryption
certificate cryptographic powershell powershell-module powershell-script
Last synced: about 2 months ago
JSON representation
a toolbox to encrypt automatically file in a folder (FileSystemWatcher) using Cryptographic Message Syntax format (CMS) and a public key (certificate)
- Host: GitHub
- URL: https://github.com/ms-luf/quick.file.encryption
- Owner: MS-LUF
- Created: 2018-11-22T19:09:40.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2019-05-15T22:05:20.000Z (over 6 years ago)
- Last Synced: 2025-03-16T17:17:30.575Z (7 months ago)
- Topics: certificate, cryptographic, powershell, powershell-module, powershell-script
- Language: PowerShell
- Size: 10.7 KB
- Stars: 3
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Quick.File.Encryption
a toolbox to encrypt (protect-cmsmessage) automatically file in a folder (FileSystemWatcher) using Cryptographic Message Syntax format (CMS) and a public key (certificate)
(c) 2018-2019 lucas-cueff.com Distributed under Artistic Licence 2.0 (https://opensource.org/licenses/artistic-license-2.0).
## Description
This toolbox can be used to watch (FileSystemWatcher - inotify) a folder and encrypt automatically new file created using the CMS format https://en.wikipedia.org/wiki/Cryptographic_Message_Syntax and a valid public key (OID and key usage speaking)
## Note
To use this module you need Powershell Core or PowerShell 5 for Windows.
You need also a valid certificate (OID 1.3.6.1.4.1.311.80.1 aka DOCUMENT_ENCRYPTION), see https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/protect-cmsmessage?view=powershell-6
- you can use my OpenSSL sample conf file to generate a DEV CA and generate valid user encryption certificate to test it :)
## Documentation
To do ;)
## Exported Functions and Alias
### Functions
- ConvertFrom-Base64ToBinaryFile
- ConvertFrom-BinaryFileToBase64
- Trace-FileSystemFolder
## Use the toolbox
### Encrypt all text file in your C:\temp folder using test.cer public key
Use Watch-And_Encrypt.ps1 with C:\temp as TargetFolder parameter, c:\temp2\test.cer as TargetCertificate parameter and "*.txt" as FileFilter parameter
```
C:\PS> .\Watch-And-AutoEncrypt.ps1 -TargetFolder C:\temp -TargetCertificate c:\temp2\test.cer -FileFilter "*.txt"
```
### Encrypt all binaries file in your c:\temp folder using test.cer public key
Use Watch-And_Encrypt.ps1 with C:\temp as TargetFolder parameter, c:\temp2\test.cer as TargetCertificate parameter , "*.exe" as FileFilter parameter and IsBinaryFile switch
```
C:\PS> .\Watch-And-AutoEncrypt.ps1 -TargetFolder C:\temp -TargetCertificate c:\temp2\test.cer -FileFilter "*.exe" -IsBinaryFile
```
### Result
the source file is copied and encrypted into *.enc file and source file is automatically removed after that.
## Decrypt
Import the QuickFileEncryption if you have encrypted binary (optional)
Import the cetificate with the private key locally (and trust the AC linked also)
### Non binary file
```
C:\PS> Unprotect-CmsMessage -Path C:\temp\your.txt.enc
```
### binary file
```
C:\PS> Unprotect-CmsMessage -Path C:\temp\your.exe.enc | ConvertFrom-Base64ToBinaryFile -OutputFilePath C:\temp\your.exe
```