Powershell 安全字符串加密
Powershell secure string encryption
安全字符串是如何加密的?我 read 它使用 DPAPI,但如果我使用 AsPlainText 怎么办?它仍然使用 DPAPI 吗?
您链接到的文章的第二段开头为:
The ConvertFrom-SecureString and ConvertTo-SecureString cmdlets, when
you don’t use their -Key, -SecureKey, or -AsPlainText switches, use
DPAPI to encrypt / decrypt your secret data.
所以不,如果您使用 -AsPlainText 它未加密且不使用 DPAPI。
加密后,密钥特定于您已完成加密的用户和计算机。
根据the ConvertFrom-SecureString documentation, if you use -Key or -SecureKey, then AES is used. As for how DPAPI encrypts data, have a look at this MSDN article about Windows Data Protection。它的要点之一是:
It uses proven cryptographic routines, such as the strong Triple-DES
algorithm in CBC mode, the strong SHA-1 algorithm, and the PBKDF2
password-based key derivation routine.
安全字符串是如何加密的?我 read 它使用 DPAPI,但如果我使用 AsPlainText 怎么办?它仍然使用 DPAPI 吗?
您链接到的文章的第二段开头为:
The
ConvertFrom-SecureStringandConvertTo-SecureStringcmdlets, when you don’t use their -Key, -SecureKey, or -AsPlainText switches, use DPAPI to encrypt / decrypt your secret data.
所以不,如果您使用 -AsPlainText 它未加密且不使用 DPAPI。
加密后,密钥特定于您已完成加密的用户和计算机。
根据the ConvertFrom-SecureString documentation, if you use -Key or -SecureKey, then AES is used. As for how DPAPI encrypts data, have a look at this MSDN article about Windows Data Protection。它的要点之一是:
It uses proven cryptographic routines, such as the strong Triple-DES algorithm in CBC mode, the strong SHA-1 algorithm, and the PBKDF2 password-based key derivation routine.