PowerShell的ConvertFrom-SecureString -key有多安全 [英] How secure is PowerShell's ConvertFrom-SecureString -key

问题描述

我有一个模块，其中包含一些带有一些私有数据的字符串，这些私有数据应该很难获得，但是经常更改.我需要将此脚本放在可以访问该脚本的各种机器上，并由不应该使用用于导出输出的信息的人读取该代码.

I have a module that includes some strings with some private data that should be hard to attain, but changes frequently. I need to put this script on a variety of machines where it might be accessed and the code read by someone who should not have the information used to derive the output.

我真的很担心字符串会不时变化，因此我正在考虑创建一个脚本，该脚本提示这些值作为安全字符串，并使用密钥对它们进行加密并将其转储到xml文件中.然后使用XML文件提供字符串.从此模块运行需要数据的命令的任何人都必须提供密钥，以便可以解密字符串.

I'm really concerned about strings that change from time to time so I'm considering creating a script which prompts for those values as secure strings and encrypts them using a key and dumps them into an xml file. The XML file then is used to provide the strings. Anyone running a command from this module that needs that data would have to provide the key so the strings could be decrypted.

基本上，这就是我期望做的，但我将处理对象

Here is basically what I expect to do, but I'll be dealing with objects

$secure = Read-Host -AsSecureString
$encrypted =  ConvertFrom-SecureString -securestring $secure -key somekey
$encrypted | Export-Clixml testing.xml
$imported = Import-Clixml testing.xml
$value = ConvertTo-SecureString -string $imported -key somekey

我知道该字符串将使用Rijndael加密算法(我相信也称为AES)进行加密.

I understand that the string will be encrypted using the Rijndael encryption algorithm, which is also known as AES I believe.

在授予脚本访问权限的情况下，需要花费多大的精力才能将其保存在xml文件中的那个加密密钥上?

How much effort is needed to break that encrypted key where it rests in the xml file, given access to the script?

推荐答案

然后单独加密的秘密字符串 是安全的，但据推测不能以这种形式使用. ConvertTo-SecureString会将其从加密的标准字符串转换为SecureString，但是为此，您需要密钥.如果您的用户或脚本具有密钥，则他们可以执行任何操作.

Then encrpted secret string on its own is safe, but it is presumably unusable in that form. ConvertTo-SecureString will convert it from an encrypted standard string into a SecureString, but in order to do that, you need the key. If you users or script have the key, then they can do anything.

您甚至可以将SecureString传递给正在使用的任何应用程序，还是需要将其转换回常规字符串?如果秘密数据在任何时候都是纯文本格式，那么您的用户可以看到它.

And can you even pass the SecureString to whatever application you are working with, or will you need to convert it back to regular string? If the secret data is at any time in plaintext form, then your users can see it.

即使您的应用程序支持SecureString，由于SecureString容易被破解，您仍然处于困境:

Even if your application supports SecureString, you are still hosed because SecureString is trivially crackable:

[System.Runtime.InteropServices.Marshal]::PtrToStringAuto(
  [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($securestring)
 )

使用某些密钥加密机密数据但允许低特权用户拥有密钥的方法被打破了.等同于我不希望我的朋友拥有我家的钥匙，所以我会将钥匙锁在盒子里，然后给他钥匙给盒子."

The approach of encrypting the secret data with some key, but allowing low-priv users to have the key, is broken. It's equivalent to "I don't want my friend to have the keys to my house, so I'll lock the keys in a box and give him the keys to the box instead."

这篇关于PowerShell的ConvertFrom-SecureString -key有多安全的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！