I need to generate the secure string for a password and save it in a file.
I could do it in powershell with:
ConvertTo-SecureString "ThisisMypassword" -AsPlainText -Force | ConvertFrom-SecureString | Out-File "C:\cred_pass.txt"
Then for normal operations, I want to read the file and decode the password
$login = "my_Login"
$MyPass = Get-Content "C:\cred_pass.txt" | ConvertTo-SecureString
$Cred_pass = New-Object System.Management.Automation.PsCredential($login,$MyPass)
$pass = $Cred_pass.GetNetworkCredential().password
Can I do the same with winbatch?
Yes, using WinBath's CLR hosting. Powershell is mostly just a thin cover for MSFT's various dotNet Frameworks. A quick search of MSFT's documentation for the PSCredential class should get you started.
There should be a thread in this section which discussed secure strings. Below is something I posted which uses WB's CLR to run Powershell
;Winbatch 2018B - CLR - Decrypt Secure String
;needs help from Powershell
;Stan Littlefield May 4th 2019 [ May 4th be with you ]
;=================================================================================
IntControl(73,1,0,0,0)
Gosub udfs
cScript=""
text="This is a String That is about to be made secure, or I could load text"
file="c:\TEMP\test.txt"
If FileExist(file) Then FileDelete(file)
CrSecret()
CrPS()
If ! FileExist(file) Then Terminate(@TRUE,"Cannot Continue","Missing ":file)
Message("Secure String",FileGetW(file))
ClipPut("")
DcSecret()
CrPS()
Message("Decrypted",ClipGet())
Exit
:WBERRORHANDLER
oPShell=0
ErrorProcessing(0,1,0,0)
Exit
;=================================================================================
:udfs
#DefineSubRoutine CrPS() ;Creates Powershell CLR Object
ObjectClrOption("useany", "System.Management.Automation")
objAutoPs = ObjectClrNew("System.Management.Automation.PowerShell")
oPshell = objAutoPs.Create()
oScope = ObjectType("BOOL",@TRUE)
oPshell.AddScript(cScript,oScope)
objAsync = oPshell.BeginInvoke()
oPShell.EndInvoke(objAsync)
oPShell=0
Return(1)
#EndSubRoutine
#DefineSubroutine CrSecret() ;Creates file with secure string
cScript='$storage = "%file%"':@CRLF
cScript :='$mysecret = "%text%"':@CRLF
cScript :='$mysecret | ':@CRLF
cScript :=' ConvertTo-SecureString -AsPlainText -Force | ':@CRLF
cScript :=' ConvertFrom-SecureString | ':@CRLF
cScript :=' Out-File -FilePath $storage ':@CRLF
Return(1)
#EndSubRoutine
#DefineSubroutine DcSecret() ; outputs secure string as plain text
cScript='$storage = "%file%"':@CRLF
cScript :='$secureString = Get-Content -Path $storage | ConvertTo-SecureString':@CRLF
cScript :='$ptr = [System.Runtime.InteropServices.Marshal]::SecureStringToGlobalAllocUnicode($secureString)':@CRLF
cScript :='$mysecret = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($ptr)':@CRLF
cScript :='$mysecret | clip'
Return(1)
#EndSubRoutine
#DefineSubroutine ErrorProcessing(deleteIni,showerr,logfile,Err_Array)
If Vartype(Err_Array) ==256
WbError = Err_Array[0]
wberrorhandlerline = Err_Array[1]
wberrorhandleroffset = Err_Array[2]
wberrorhandlerassignment = Err_Array[3]
wberrorhandlerfile = Err_Array[4]
wberrortextstring = Err_Array[5]
wberroradditionalinfo = Err_Array[6]
wberrorinsegment = Err_Array[7]
Else
WbError = LastError()
Endif
WbTextcode = WbError
If WbError==1668||WbError==2669||WbError==3670
WbError = ItemExtract(1,IntControl(34,-1,0,0,0),":")
WbTextcode = -1
EndIf
WbErrorString = IntControl(34,WbTextcode,0,0,0)
WbErrorDateTime = TimeYmdHms()
If deleteIni
WbErrorFile = StrCat(ShortCutDir( 'AppData', 0, 0 ),'\WinBatch\Settings\')
If ! DirExist(WbErrorFile) Then WbErrorFile = DirWindows(0)
WbErrorFile = StrCat(WbErrorFile,"WWWBATCH.INI")
FileDelete(WbErrorFile)
;IniWritePvt(WbErrorDateTime,"CurrentScript",WbErrorHandlerFile ,WbErrorFile)
IniWritePvt(WbErrorDateTime,"ErrorValue" ,WbError ,WbErrorFile)
IniWritePvt(WbErrorDateTime,"ErrorString" ,WbErrorString ,WbErrorFile)
IniWritePvt(WbErrorDateTime,"ScriptLine" ,WbErrorHandlerLine ,WbErrorFile)
IniWritePvt(WbErrorDateTime,"ScriptOffset" ,WbErrorHandlerOffset ,WbErrorFile)
IniWritePvt(WbErrorDateTime,"VarAssignment",WbErrorHandlerAssignment,WbErrorFile)
IniWritePvt(WbErrorDateTime,"VarInSegment" ,WbErrorInSegment,WbErrorFile)
IniWritePvt("","","",WbErrorFile)
Endif
WbErrorMsgText = StrCat(WbErrorDateTime,@CRLF)
WbErrorMsgText = StrCat(WbErrorMsgText,"Current Script: ",WbErrorHandlerFile,@CRLF)
WbErrorMsgText = StrCat(WbErrorMsgText,"Error# [",WbError,"]",@CRLF)
WbErrorMsgText = StrCat(WbErrorMsgText,"Error Text: ",wberrortextstring,@CRLF)
WbErrorMsgText = StrCat(WbErrorMsgText,"[Extended Information] ",wberroradditionalinfo,@CRLF,@CRLF)
WbErrorMsgText = StrCat(WbErrorMsgText,"On Line:",@CRLF,WbErrorHandlerLine,@CRLF)
;WbErrorMsgText = StrCat(WbErrorMsgText,"Offset: ",WbErrorHandlerOffset,@CRLF)
If (WbErrorHandlerAssignment>"") Then %WbErrorHandlerAssignment% = "UNKNOWN"
WbErrorMsgText = StrCat(WbErrorMsgText,"Assignment/Variable: ",WbErrorHandlerAssignment,@CRLF)
If (WbErrorInSegment>"") Then WbErrorMsgText = StrCat(WbErrorMsgText,"In UDF/UDS: ",WbErrorInSegment,@CRLF)
If logfile
cSep = StrCat(StrFill("=",50),@CRLF)
cLogFile = StrCat(dirscript(),"log.err")
If ! FileExist(cLogFile) Then FilePut(cLogFile,StrCat("Error Log",@CRLF,cSep))
FilePut(cLogFile,StrCat(FileGet(cLogFile),WbErrorMsgText,cSep))
display(2,"An Error Occured",StrCat("written to ",cLogFile))
Else
If showerr
WbErrorMsgText = StrCat(WbErrorMsgText,"[THIS ERROR NOT WRITTEN TO LOG FILE]",@CRLF)
Message("An Error Was Encountered",WbErrorMsgText)
Endif
Endif
Return(1)
#EndSubroutine
Return
;=================================================================================
Thanks Stan. This is great.
You can skip the whole PowerShell business using the classes in the System.Security.Cryptography dotNet Framework namespace. I am not seeing much on the namespace in the WinBatch Tech Database. The oversight should be corrected when time permits.
Here is a link to a topic with an example on this forum:
https://forum.winbatch.com/index.php?topic=1973.msg10043#msg10043 (https://forum.winbatch.com/index.php?topic=1973.msg10043#msg10043)