Skip to content

brysontyrrell/EncryptedStrings

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Encrypted Strings

Credit to Jason Van Zanten for the original code this is based upon

The Bash and Python scripts included here contain functions that use 'openssl' to generate encrypted strings with unqiue hashes and passphrases required for decoding and the functions to use those values to decrypt the strings.

The most obvious use case is passing credentials from a JSS policy to a script running on the client. This is usually done when some action using an API (either the JSS API or another API) is required. The password for this service account can be encrypted using these functions to better protect it.

The encrypted string would be entered as a policy parameter. The unique 'salt' and 'passphrase' values would be present in the script downloaded to the client. This requires any party to have access to the script code as well as the policy in the JSS in order to decrypt the string.

Here are examples of these functions in both languages:

~$ GenerateEncryptedString "Captain Hammer"
Encrypted String: U2FsdGVkX18/iRQ6O7Hr+pouW8TAl0RcrUByBUzavuY=
Salt: 3f89143a3bb1ebfa | Passphrase: 67a61589eb6fb3874052333b

~$ DecryptString U2FsdGVkX18/iRQ6O7Hr+pouW8TAl0RcrUByBUzavuY= 3f89143a3bb1ebfa 67a61589eb6fb3874052333b
Captain Hammer
>>> import subprocess

>>> GenerateEncryptedString("Doctor Horrible")
Encrypted String: U2FsdGVkX1/+1bcze4/E7R3wCfEru9qnHWG5da7p+bg=
Salt: fed5b7337b8fc4ed | Passphrase: bbf59ee05d84e8c8d5190b31

>>> DecryptString('U2FsdGVkX1/+1bcze4/E7R3wCfEru9qnHWG5da7p+bg=', 'fed5b7337b8fc4ed', 'bbf59ee05d84e8c8d5190b31')
'Doctor Horrible'

About

Generate encrypted strings for use in policy script parameters.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published