Using NetCmdlets to Encrypt/Decrypt Data and Files

The Protect-Data and Unprotect-Data cmdlets included in NetCmdlets provide a simple way to encrypt and decrypt data. Support for various symmetric algorithms including:

• AES (default)
• Blowfish
• CAST
• DES
• IDEA
• RC2
• RC4
• TEA
• TripleDES
• Twofish

Encrypt Examples

#Encrypt a string with AES and default options
$encryptedData = Protect-Data -InputMessage test -KeyPassword password

#Encrypt a string to file with 3DES
Protect-Data -InputMessage test -KeyPassword password -OutputFile C:\encrypted.dat -Algorithm tripledes

#Encrypt a file to string and hex encode it
Protect-Data -InputFile C:\test.txt -KeyPassword password -UseHex

Decrypt Examples

#Decrypt a string with AES
Unprotect-Data -InputMessageB $encryptedData.DataB -KeyPassword password

#Decrypt a file to string with 3DES
Unprotect-Data -InputFile C:\encrypted.dat -KeyPassword password -Algorithm tripledes

#Decrypt a string to file and hex decode it
Unprotect-Data -InputMessage ADE51B29E36B2C1FCB4C9A1BEB8884AE -KeyPassword password -UseHex -OutputFile C:\test.decrypted.txt

Overview

To begin, specify the input data through either InputMessage or InputFile. If OutputFile is set, the encrypted data will be written to the specified file, otherwise it will be returned in the OutputMessage object.

Next, set KeyPassword, and specify the Algorithm if desired. Additional parameters that affect the encryption algorithm include CipherMode and PaddingMode.

If the output will be stored as a string set UseHex to hex encode the output before encrypting. This makes storage and transmission of the data easier.

Additional options include specifying Key and InitializationVector instead of KeyPassword, encrypting block-by-block via InputBlockB, specifying KeySize, KeyPasswordAlgorithm, and more.