Hi, I have a problem i’ve been experiencing with OpenSSL decrypt and Powershell. I hope you could help me find a more efficient and clean solution. I tried using this PS addon but it didn’t work (PowerShell Gallery | OpenSSL 1.0.0), using the standard OpenSSL environment works, but I didn’t manage to launch it and pass arguments via PS.
Here is in breif my situation and what I’ve come up with so far:
I have a folder on a server with some CSV file I have to decode everyday.
…
$Path1 = #the path were the CSV are stored
$Path2 = #another folder I use to backup the files before decoding them
$Path4 = #the destination of the decoded files
$Path5 = “C:\Program Files\OpenSSL-Win64\start.bat” #this is the standard OpenSSL path
…
The OpenSSL command I have to use is this:
certutil -decode FINE1.csv FINE2.tmp.csv & openssl des-ede3 -d -nopad -nosalt -in FINE2.tmp.csv -out FINE1.decoded.csv -K 686436377773547232333473375448387772543134647a38
in which:
FINE1 is the file I have to decode,
FINE2 is a temporary file used in the process,
FINE1.decoded.csv is the decoded file
and the long number at the bottom is the decoding key.
This is my code:
…
$StringaDecodifica = (“certutil -decode " + $filePath +” " +$Path2 + '' +“FINE2.tmp.csv”+ " & openssl des-ede3 -d -nopad -nosalt -in " +$Path2 + '' +“FINE2.tmp.csv” + " -out " +$Path4 + '' + $fileName+“.decoded.csv -K 686436377773547232333473375448387772543134647a38”)
Write-Output "$StringaDecodifica"| Clip
Invoke-Item "$Path5"
Start-Sleep -Seconds 10
[void][System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms')
[System.Windows.Forms.SendKeys]::SendWait("$StringaDecodifica")
[void][System.Reflection.Assembly]::LoadWithPartialName('System.Windows.Forms')
[System.Windows.Forms.SendKeys]::SendWait("{ENTER}")
Start-Sleep -Seconds 2
taskkill /f /im cmd.exe /T
Remove-Item "C:\Invia_Sanzioni\Backup\FINE2.tmp.csv"
…
- The first thing I do is construct “$StringaDecodifica” wich is the OpenSSL command I have to run.
- Then I copy it with Clip,
- open the OpenSSL batch with Invoke-Item
- and emulating the keyboard I write every single character of the string and press “Enter”.
- After decoding one file I kill the CMD and delete the temproary file for the next decode.
Don’t get me wrong, this works, but as you may suspect it requires a computer to always be on and connected via remote desktop to my server at the time of the process, otherwise the emulation of the keyboard doesn’t work.
The ideal solution would be: decrypting the file directly using Powershell or launch OpenSSL with my string as argument (I tried and failed).
