AES Encryption With PowerShell

Powershell isn’t just for Windows, it can be installed on most operating systems:
Photo by Pietro Jeng on Unsplash

AES Encryption With PowerShell

Powershell isn’t just for Windows, it can be installed on most operating systems:

It is also well supported with Microsoft Code, such as running on Mac OSX:

With AES encryption we can either use a block cipher of 128 bits for each block, or a stream cipher. ECB, CBC (Cipher Block Chaining) and CFB (Cipher Feedback Block) are block cipher modes, whereas OFB (Output feedback) and CTR (Counter) are stream cipher modes. In the following case we will use a 256-bit encryption key, and with a random salt (IV). The following code is taken from [here]:

With PowerShell, we use the System.Security.Cryptography namespace, and which is defined in the System.Security.Cryptography.Primitives.dll. There are five main cipher modes that we can use with this:

  • [System.Security.Cryptography.CipherMode]::CBC
  • [System.Security.Cryptography.CipherMode]::CFB
  • [System.Security.Cryptography.CipherMode]::CTS
  • [System.Security.Cryptography.CipherMode]::ECB
  • [System.Security.Cryptography.CipherMode]::OFB

Next we can define the padding used for block modes, this include:

  • [System.Security.Cryptography.PaddingMode]::PKCS7
  • [System.Security.Cryptography.PaddingMode]::Zeros
  • [System.Security.Cryptography.PaddingMode]::None
  • [System.Security.Cryptography.PaddingMode]::ANSIX923
  • [System.Security.Cryptography.PaddingMode]::ISO10126

In normal encryption, we use PKCS7 padding. A sample run shows [here]:

== Powershell AES CBC Encyption==
Key: NbK6+H5l6Tfze61eyPzgBAIswS+UtQYIGd40O8E1zCo=
Salt: 677BF2C0D1AA2CF93379848B20BB5CE5
Salt: Z3vywNGqLPkzeYSLILtc5Q==
Encrypted: Z3vywNGqLPkzeYSLILtc5XLFQUWEwdTqIo54Yjj1tYM=
Decrypted: qwerty 123

There are quite a few recent upgrades into PowerShell 7, and which is run with the command of “pwsh”:

pwsh aes07.ps1 Hello CBC

Conclusion

And, so, if you don’t want to compile your code, your main choices may be Python, Node.js or PowerShell. Overall, PowerShell gives us access to the .NET framework, and which can provide access to a wide range of cryptographic methods.