From bf791c73428ca06084bc1eff3d89913d250c690e Mon Sep 17 00:00:00 2001 From: Mike Hendrickson Date: Tue, 27 Nov 2018 15:17:37 -0800 Subject: [PATCH] Fix multiple style issues --- CHANGELOG.md | 4 + .../MSFT_xBLAutoBitlocker.psm1 | 58 +++---- .../MSFT_xBLBitlocker/MSFT_xBLBitlocker.psm1 | 18 +- DSCResources/MSFT_xBLTpm/MSFT_xBLTpm.psm1 | 6 +- .../ConfigureBitlockerAndAutoBitlocker.ps1 | 18 +- .../ConfigureBitlockerOnOSDrive.ps1 | 12 +- Misc/xBitlockerCommon.psm1 | 163 +++++++++--------- Tests/Unit/xBitlockerCommon.tests.ps1 | 6 +- 8 files changed, 143 insertions(+), 142 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 71e402a..b8c59d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,10 @@ - Update Schema.mof Description fields - Fixes issue where Switch parameters are passed to Enable-Bitlocker even if the corresponding DSC resource parameter was set to False (Issue #12) +- Change double quoted string literals to single quotes +- Add spaces between array members +- Add spaces between variable types and variable names +- Add spaces between comment hashtag and comments ## 1.2.0.0 diff --git a/DSCResources/MSFT_xBLAutoBitlocker/MSFT_xBLAutoBitlocker.psm1 b/DSCResources/MSFT_xBLAutoBitlocker/MSFT_xBLAutoBitlocker.psm1 index 632efe2..ee184c4 100644 --- a/DSCResources/MSFT_xBLAutoBitlocker/MSFT_xBLAutoBitlocker.psm1 +++ b/DSCResources/MSFT_xBLAutoBitlocker/MSFT_xBLAutoBitlocker.psm1 @@ -87,7 +87,7 @@ function Get-TargetResource param ( [Parameter(Mandatory = $true)] - [ValidateSet("Fixed","Removable")] + [ValidateSet('Fixed', 'Removable')] [System.String] $DriveType, @@ -96,7 +96,7 @@ function Get-TargetResource $MinDiskCapacityGB, [Parameter(Mandatory = $true)] - [ValidateSet("PasswordProtector","RecoveryPasswordProtector","StartupKeyProtector","TpmProtector")] + [ValidateSet('PasswordProtector', 'RecoveryPasswordProtector', 'StartupKeyProtector', 'TpmProtector')] [System.String] $PrimaryProtector, @@ -113,7 +113,7 @@ function Get-TargetResource $AutoUnlock = $false, [Parameter()] - [ValidateSet("Aes128","Aes256")] + [ValidateSet('Aes128', 'Aes256')] [System.String] $EncryptionMethod, @@ -170,7 +170,7 @@ function Get-TargetResource $UsedSpaceOnly ) - #Load helper module + # Load helper module Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0 Assert-HasPrereqsForBitlocker @@ -270,7 +270,7 @@ function Set-TargetResource param ( [Parameter(Mandatory = $true)] - [ValidateSet("Fixed","Removable")] + [ValidateSet('Fixed', 'Removable')] [System.String] $DriveType, @@ -279,7 +279,7 @@ function Set-TargetResource $MinDiskCapacityGB, [Parameter(Mandatory = $true)] - [ValidateSet("PasswordProtector","RecoveryPasswordProtector","StartupKeyProtector","TpmProtector")] + [ValidateSet('PasswordProtector', 'RecoveryPasswordProtector', 'StartupKeyProtector', 'TpmProtector')] [System.String] $PrimaryProtector, @@ -296,7 +296,7 @@ function Set-TargetResource $AutoUnlock = $false, [Parameter()] - [ValidateSet("Aes128","Aes256")] + [ValidateSet('Aes128', 'Aes256')] [System.String] $EncryptionMethod, @@ -353,7 +353,7 @@ function Set-TargetResource $UsedSpaceOnly ) - #Load helper module + # Load helper module Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0 Assert-HasPrereqsForBitlocker @@ -366,13 +366,13 @@ function Set-TargetResource } else { - Remove-FromPSBoundParametersUsingHashtable -PSBoundParametersIn $PSBoundParameters -ParamsToRemove "DriveType","MinDiskCapacityGB" - Add-ToPSBoundParametersFromHashtable -PSBoundParametersIn $PSBoundParameters -ParamsToAdd @{"MountPoint" = ""} + Remove-FromPSBoundParametersUsingHashtable -PSBoundParametersIn $PSBoundParameters -ParamsToRemove 'DriveType', 'MinDiskCapacityGB' + Add-ToPSBoundParametersFromHashtable -PSBoundParametersIn $PSBoundParameters -ParamsToAdd @{'MountPoint' = ''} - #Loop through each potential AutoBitlocker volume, see whether they are enabled for Bitlocker, and if not, enable it + # Loop through each potential AutoBitlocker volume, see whether they are enabled for Bitlocker, and if not, enable it foreach ($key in $autoBlVols.Keys) { - $PSBoundParameters["MountPoint"] = $key + $PSBoundParameters['MountPoint'] = $key $testResult = Test-BitlockerEnabled @PSBoundParameters @@ -474,7 +474,7 @@ function Test-TargetResource param ( [Parameter(Mandatory = $true)] - [ValidateSet("Fixed","Removable")] + [ValidateSet('Fixed', 'Removable')] [System.String] $DriveType, @@ -483,7 +483,7 @@ function Test-TargetResource $MinDiskCapacityGB, [Parameter(Mandatory = $true)] - [ValidateSet("PasswordProtector","RecoveryPasswordProtector","StartupKeyProtector","TpmProtector")] + [ValidateSet('PasswordProtector', 'RecoveryPasswordProtector', 'StartupKeyProtector', 'TpmProtector')] [System.String] $PrimaryProtector, @@ -500,7 +500,7 @@ function Test-TargetResource $AutoUnlock = $false, [Parameter()] - [ValidateSet("Aes128","Aes256")] + [ValidateSet('Aes128', 'Aes256')] [System.String] $EncryptionMethod, @@ -557,7 +557,7 @@ function Test-TargetResource $UsedSpaceOnly ) - #Load helper module + # Load helper module Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0 Assert-HasPrereqsForBitlocker @@ -574,13 +574,13 @@ function Test-TargetResource } else { - Remove-FromPSBoundParametersUsingHashtable -PSBoundParametersIn $PSBoundParameters -ParamsToRemove "DriveType","MinDiskCapacityGB" - Add-ToPSBoundParametersFromHashtable -PSBoundParametersIn $PSBoundParameters -ParamsToAdd @{"MountPoint" = ""} + Remove-FromPSBoundParametersUsingHashtable -PSBoundParametersIn $PSBoundParameters -ParamsToRemove 'DriveType', 'MinDiskCapacityGB' + Add-ToPSBoundParametersFromHashtable -PSBoundParametersIn $PSBoundParameters -ParamsToAdd @{'MountPoint' = ''} - #Check whether any potential AutoBitlocker volume is not currently enabled for Bitlocker, or doesn't have the correct settings + # Check whether any potential AutoBitlocker volume is not currently enabled for Bitlocker, or doesn't have the correct settings foreach ($key in $autoBlVols.Keys) { - $PSBoundParameters["MountPoint"] = $key + $PSBoundParameters['MountPoint'] = $key $testResult = Test-BitlockerEnabled @PSBoundParameters -VerbosePreference $VerbosePreference @@ -684,7 +684,7 @@ function Get-AutoBitlockerStatus param ( [Parameter(Mandatory = $true)] - [ValidateSet("Fixed","Removable")] + [ValidateSet('Fixed', 'Removable')] [System.String] $DriveType, @@ -693,7 +693,7 @@ function Get-AutoBitlockerStatus $MinDiskCapacityGB, [Parameter(Mandatory = $true)] - [ValidateSet("PasswordProtector","RecoveryPasswordProtector","StartupKeyProtector","TpmProtector")] + [ValidateSet('PasswordProtector', 'RecoveryPasswordProtector', 'StartupKeyProtector', 'TpmProtector')] [System.String] $PrimaryProtector, @@ -710,7 +710,7 @@ function Get-AutoBitlockerStatus $AutoUnlock = $false, [Parameter()] - [ValidateSet("Aes128","Aes256")] + [ValidateSet('Aes128', 'Aes256')] [System.String] $EncryptionMethod, @@ -767,19 +767,19 @@ function Get-AutoBitlockerStatus $UsedSpaceOnly ) - #First get all Bitlocker Volumes of type Data + # First get all Bitlocker Volumes of type Data $allBlvs = Get-BitLockerVolume | Where-Object -FilterScript {$_.VolumeType -eq 'Data'} - #Filter on size if it was specified - if ($PSBoundParameters.ContainsKey("MinDiskCapacityGB")) + # Filter on size if it was specified + if ($PSBoundParameters.ContainsKey('MinDiskCapacityGB')) { $allBlvs = $allBlvs | Where-Object -FilterScript {$_.CapacityGB -ge $MinDiskCapacityGB} } - #Now find disks of the appropriate drive type, and add them to the collection + # Now find disks of the appropriate drive type, and add them to the collection if ($null -ne $allBlvs) { - [Hashtable]$returnValue = @{} + [Hashtable] $returnValue = @{} # Convert DriveType into values returned by Win32_EncryptableVolume.VolumeType switch ($DriveType) @@ -813,7 +813,7 @@ function Get-AutoBitlockerStatus if ($null -ne $vol) { - [Hashtable]$props = @{ + [Hashtable] $props = @{ VolumeStatus = $blv.VolumeStatus KeyProtectors = $blv.KeyProtector EncryptionMethod = $blv.EncryptionMethod diff --git a/DSCResources/MSFT_xBLBitlocker/MSFT_xBLBitlocker.psm1 b/DSCResources/MSFT_xBLBitlocker/MSFT_xBLBitlocker.psm1 index 4ad90b3..e83c867 100644 --- a/DSCResources/MSFT_xBLBitlocker/MSFT_xBLBitlocker.psm1 +++ b/DSCResources/MSFT_xBLBitlocker/MSFT_xBLBitlocker.psm1 @@ -87,7 +87,7 @@ function Get-TargetResource $MountPoint, [Parameter(Mandatory = $true)] - [ValidateSet("PasswordProtector","RecoveryPasswordProtector","StartupKeyProtector","TpmProtector")] + [ValidateSet('PasswordProtector', 'RecoveryPasswordProtector', 'StartupKeyProtector', 'TpmProtector')] [System.String] $PrimaryProtector, @@ -108,7 +108,7 @@ function Get-TargetResource $AutoUnlock = $false, [Parameter()] - [ValidateSet("Aes128","Aes256")] + [ValidateSet('Aes128', 'Aes256')] [System.String] $EncryptionMethod, @@ -165,7 +165,7 @@ function Get-TargetResource $UsedSpaceOnly ) - #Load helper module + # Load helper module Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0 Assert-HasPrereqsForBitlocker @@ -265,7 +265,7 @@ function Set-TargetResource $MountPoint, [Parameter(Mandatory = $true)] - [ValidateSet("PasswordProtector","RecoveryPasswordProtector","StartupKeyProtector","TpmProtector")] + [ValidateSet('PasswordProtector', 'RecoveryPasswordProtector', 'StartupKeyProtector', 'TpmProtector')] [System.String] $PrimaryProtector, @@ -286,7 +286,7 @@ function Set-TargetResource $AutoUnlock = $false, [Parameter()] - [ValidateSet("Aes128","Aes256")] + [ValidateSet('Aes128', 'Aes256')] [System.String] $EncryptionMethod, @@ -343,7 +343,7 @@ function Set-TargetResource $UsedSpaceOnly ) - #Load helper module + # Load helper module Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0 Assert-HasPrereqsForBitlocker @@ -441,7 +441,7 @@ function Test-TargetResource $MountPoint, [Parameter(Mandatory = $true)] - [ValidateSet("PasswordProtector","RecoveryPasswordProtector","StartupKeyProtector","TpmProtector")] + [ValidateSet('PasswordProtector', 'RecoveryPasswordProtector', 'StartupKeyProtector', 'TpmProtector')] [System.String] $PrimaryProtector, @@ -462,7 +462,7 @@ function Test-TargetResource $AutoUnlock = $false, [Parameter()] - [ValidateSet("Aes128","Aes256")] + [ValidateSet('Aes128', 'Aes256')] [System.String] $EncryptionMethod, @@ -519,7 +519,7 @@ function Test-TargetResource $UsedSpaceOnly ) - #Load helper module + # Load helper module Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0 Assert-HasPrereqsForBitlocker diff --git a/DSCResources/MSFT_xBLTpm/MSFT_xBLTpm.psm1 b/DSCResources/MSFT_xBLTpm/MSFT_xBLTpm.psm1 index ff543fe..7633a7d 100644 --- a/DSCResources/MSFT_xBLTpm/MSFT_xBLTpm.psm1 +++ b/DSCResources/MSFT_xBLTpm/MSFT_xBLTpm.psm1 @@ -42,7 +42,7 @@ function Get-TargetResource $AllowImmediateReboot = $false ) - #Load helper module + # Load helper module Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0 Assert-HasPrereqsForBitlocker @@ -109,7 +109,7 @@ function Set-TargetResource $AllowImmediateReboot = $false ) - #Load helper module + # Load helper module Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0 Assert-HasPrereqsForBitlocker @@ -185,7 +185,7 @@ function Test-TargetResource $AllowImmediateReboot = $false ) - #Load helper module + # Load helper module Import-Module "$((Get-Item -LiteralPath "$($PSScriptRoot)").Parent.Parent.FullName)\Misc\xBitlockerCommon.psm1" -Verbose:0 Assert-HasPrereqsForBitlocker diff --git a/Examples/ConfigureBitlockerAndAutoBitlocker/ConfigureBitlockerAndAutoBitlocker.ps1 b/Examples/ConfigureBitlockerAndAutoBitlocker/ConfigureBitlockerAndAutoBitlocker.ps1 index 3d69fe6..78e0360 100644 --- a/Examples/ConfigureBitlockerAndAutoBitlocker/ConfigureBitlockerAndAutoBitlocker.ps1 +++ b/Examples/ConfigureBitlockerAndAutoBitlocker/ConfigureBitlockerAndAutoBitlocker.ps1 @@ -1,11 +1,11 @@ Configuration ConfigureBitlockerAndAutoBitlocker { - Import-DscResource �ModuleName PSDesiredStateConfiguration + Import-DscResource -ModuleName PSDesiredStateConfiguration Import-DscResource -ModuleName xBitlocker - Node 'E15-1' + Node 'localhost' { - #First install the required Bitlocker features + # First install the required Bitlocker features WindowsFeature BitlockerFeature { Name = 'Bitlocker' @@ -20,7 +20,7 @@ Configuration ConfigureBitlockerAndAutoBitlocker IncludeAllSubFeature = $true } - #This example enables Bitlocker on the Operating System drive using both a RecoveryPasswordProtector and a StartupKeyProtector + # This example enables Bitlocker on the Operating System drive using both a RecoveryPasswordProtector and a StartupKeyProtector xBLBitlocker Bitlocker { MountPoint = 'C:' @@ -31,22 +31,20 @@ Configuration ConfigureBitlockerAndAutoBitlocker AllowImmediateReboot = $true UsedSpaceOnly = $true - DependsOn = '[WindowsFeature]BitlockerFeature','[WindowsFeature]BitlockerToolsFeature' + DependsOn = '[WindowsFeature]BitlockerFeature', '[WindowsFeature]BitlockerToolsFeature' } - #This example sets up AutoBitlocker for any drive of type Fixed with a RecoveryPasswordProtector only. + # This example sets up AutoBitlocker for any drive of type Fixed with a RecoveryPasswordProtector only. xBLAutoBitlocker AutoBitlocker { DriveType = 'Fixed' PrimaryProtector = 'RecoveryPasswordProtector' RecoveryPasswordProtector = $true UsedSpaceOnly = $true - - DependsOn = '[xBLBitlocker]Bitlocker' #Don't enable AutoBL until the OS drive has been encrypted + # Don't enable AutoBL until the OS drive has been encrypted + DependsOn = '[xBLBitlocker]Bitlocker' } } } ConfigureBitlockerAndAutoBitlocker - -#Start-DscConfiguration -Verbose -Wait -Path .\ConfigureBitlockerAndAutoBitlocker -ComputerName "E15-1" diff --git a/Examples/ConfigureBitlockerOnOSDrive/ConfigureBitlockerOnOSDrive.ps1 b/Examples/ConfigureBitlockerOnOSDrive/ConfigureBitlockerOnOSDrive.ps1 index ec9af74..0f84d06 100644 --- a/Examples/ConfigureBitlockerOnOSDrive/ConfigureBitlockerOnOSDrive.ps1 +++ b/Examples/ConfigureBitlockerOnOSDrive/ConfigureBitlockerOnOSDrive.ps1 @@ -1,11 +1,11 @@ Configuration ConfigureBitlockerOnOSDrive { - Import-DscResource �ModuleName PSDesiredStateConfiguration + Import-DscResource -ModuleName PSDesiredStateConfiguration Import-DscResource -ModuleName xBitlocker - Node "E15-1" + Node 'localhost' { - #First install the required Bitlocker features + # First install the required Bitlocker features WindowsFeature BitlockerFeature { Name = 'Bitlocker' @@ -20,7 +20,7 @@ Configuration ConfigureBitlockerOnOSDrive IncludeAllSubFeature = $true } - #This example enables Bitlocker on the Operating System drive using both a RecoveryPasswordProtector and a StartupKeyProtector + # This example enables Bitlocker on the Operating System drive using both a RecoveryPasswordProtector and a StartupKeyProtector xBLBitlocker Bitlocker { MountPoint = 'C:' @@ -31,11 +31,9 @@ Configuration ConfigureBitlockerOnOSDrive AllowImmediateReboot = $true UsedSpaceOnly = $true - DependsOn = '[WindowsFeature]BitlockerFeature','[WindowsFeature]BitlockerToolsFeature' + DependsOn = '[WindowsFeature]BitlockerFeature', '[WindowsFeature]BitlockerToolsFeature' } } } ConfigureBitlockerOnOSDrive - -#Start-DscConfiguration -Verbose -Wait -Path .\ConfigureBitlockerOnOSDrive -ComputerName "E15-1" diff --git a/Misc/xBitlockerCommon.psm1 b/Misc/xBitlockerCommon.psm1 index 6e5500f..814b156 100644 --- a/Misc/xBitlockerCommon.psm1 +++ b/Misc/xBitlockerCommon.psm1 @@ -95,7 +95,7 @@ function Enable-BitlockerInternal $MountPoint, [Parameter(Mandatory = $true)] - [ValidateSet("PasswordProtector","RecoveryPasswordProtector","StartupKeyProtector","TpmProtector")] + [ValidateSet('PasswordProtector', 'RecoveryPasswordProtector', 'StartupKeyProtector', 'TpmProtector')] [System.String] $PrimaryProtector, @@ -116,7 +116,7 @@ function Enable-BitlockerInternal $AutoUnlock = $false, [Parameter()] - [ValidateSet("Aes128","Aes256")] + [ValidateSet('Aes128', 'Aes256')] [System.String] $EncryptionMethod, @@ -182,115 +182,116 @@ function Enable-BitlockerInternal if ($null -ne $blv) { - if ($PSBoundParameters.ContainsKey("TpmProtector") -and $PrimaryProtector -ne "TpmProtector") + if ($PSBoundParameters.ContainsKey('TpmProtector') -and $PrimaryProtector -ne 'TpmProtector') { - throw "If TpmProtector is used, it must be the PrimaryProtector." + throw 'If TpmProtector is used, it must be the PrimaryProtector.' } - if ($PSBoundParameters.ContainsKey("Pin") -and !($PSBoundParameters.ContainsKey("TpmProtector"))) + if ($PSBoundParameters.ContainsKey('Pin') -and !($PSBoundParameters.ContainsKey('TpmProtector'))) { - throw "A TpmProtector must be used if Pin is used." + throw 'A TpmProtector must be used if Pin is used.' } Add-MissingBitLockerKeyProtector @PSBoundParameters - #Now enable Bitlocker with the primary key protector - if ($blv.VolumeStatus -eq "FullyDecrypted") + # Now enable Bitlocker with the primary key protector + if ($blv.VolumeStatus -eq 'FullyDecrypted') { - #First add non-key related parameters + # First add non-key related parameters $params = @{} - $params.Add("MountPoint", $MountPoint) + $params.Add('MountPoint', $MountPoint) - if ($PSBoundParameters.ContainsKey("EncryptionMethod")) + if ($PSBoundParameters.ContainsKey('EncryptionMethod')) { - $params.Add("EncryptionMethod", $EncryptionMethod) + $params.Add('EncryptionMethod', $EncryptionMethod) } - if ($PSBoundParameters.ContainsKey("HardwareEncryption")) + if ($PSBoundParameters.ContainsKey('HardwareEncryption')) { - $params.Add("HardwareEncryption", $HardwareEncryption) + $params.Add('HardwareEncryption', $HardwareEncryption) } - if ($PSBoundParameters.ContainsKey("Service")) + if ($PSBoundParameters.ContainsKey('Service')) { - $params.Add("Service", $Service) + $params.Add('Service', $Service) } - if ($PSBoundParameters.ContainsKey("SkipHardwareTest")) + if ($PSBoundParameters.ContainsKey('SkipHardwareTest')) { - $params.Add("SkipHardwareTest", $SkipHardwareTest) + $params.Add('SkipHardwareTest', $SkipHardwareTest) } - if ($PSBoundParameters.ContainsKey("UsedSpaceOnly")) + if ($PSBoundParameters.ContainsKey('UsedSpaceOnly')) { - $params.Add("UsedSpaceOnly", $UsedSpaceOnly) + $params.Add('UsedSpaceOnly', $UsedSpaceOnly) } - #Now add the primary protector + # Now add the primary protector $handledTpmAlready = $false - #Deal with a couple one off cases - if ($PSBoundParameters.ContainsKey("Pin")) + # Deal with a couple one off cases + if ($PSBoundParameters.ContainsKey('Pin')) { $handledTpmAlready = $true - $params.Add("Pin", $Pin.Password) + $params.Add('Pin', $Pin.Password) - if ($PSBoundParameters.ContainsKey("StartupKeyProtector")) + if ($PSBoundParameters.ContainsKey('StartupKeyProtector')) { - $params.Add("TpmAndPinAndStartupKeyProtector", $true) - $params.Add("StartupKeyPath", $StartupKeyPath) + $params.Add('TpmAndPinAndStartupKeyProtector', $true) + $params.Add('StartupKeyPath', $StartupKeyPath) } else { - $params.Add("TpmAndPinProtector", $true) + $params.Add('TpmAndPinProtector', $true) } } - if ($PSBoundParameters.ContainsKey("StartupKeyProtector") -and $PrimaryProtector -like "TpmProtector" -and $handledTpmAlready -eq $false) + if ($PSBoundParameters.ContainsKey('StartupKeyProtector') -and $PrimaryProtector -like 'TpmProtector' -and $handledTpmAlready -eq $false) { $handledTpmAlready = $true - $params.Add("TpmAndStartupKeyProtector", $true) - $params.Add("StartupKeyPath", $StartupKeyPath) + $params.Add('TpmAndStartupKeyProtector', $true) + $params.Add('StartupKeyPath', $StartupKeyPath) } - #Now deal with the standard primary protectors - if ($PrimaryProtector -like "PasswordProtector") + # Now deal with the standard primary protectors + if ($PrimaryProtector -like 'PasswordProtector') { - $params.Add("PasswordProtector", $true) - $params.Add("Password", $Password.Password) + $params.Add('PasswordProtector', $true) + $params.Add('Password', $Password.Password) } - elseif ($PrimaryProtector -like "RecoveryPasswordProtector") + elseif ($PrimaryProtector -like 'RecoveryPasswordProtector') { - $params.Add("RecoveryPasswordProtector", $true) + $params.Add('RecoveryPasswordProtector', $true) } - elseif ($PrimaryProtector -like "StartupKeyProtector") + elseif ($PrimaryProtector -like 'StartupKeyProtector') { - $params.Add("StartupKeyProtector", $true) - $params.Add("StartupKeyPath", $StartupKeyPath) + $params.Add('StartupKeyProtector', $true) + $params.Add('StartupKeyPath', $StartupKeyPath) } - elseif ($PrimaryProtector -like "TpmProtector" -and $handledTpmAlready -eq $false) + elseif ($PrimaryProtector -like 'TpmProtector' -and $handledTpmAlready -eq $false) { - $params.Add("TpmProtector", $true) + $params.Add('TpmProtector', $true) } - #Run Enable-Bitlocker - Write-Verbose "Running Enable-Bitlocker" + # Run Enable-Bitlocker + Write-Verbose 'Running Enable-Bitlocker' $blv = Enable-Bitlocker @params - #Check if the Enable succeeded + # Check if the Enable succeeded if ($null -ne $blv) { - if ($blv.VolumeType -eq "OperatingSystem") #Only initiate reboot if this is an OS drive + # Only initiate reboot if this is an OS drive + if ($blv.VolumeType -eq 'OperatingSystem') { $global:DSCMachineStatus = 1 if ($AllowImmediateReboot -eq $true) { - Write-Verbose "Forcing an immediate reboot of the computer in 30 seconds" + Write-Verbose 'Forcing an immediate reboot of the computer in 30 seconds' Start-Sleep -Seconds 30 Restart-Computer -Force @@ -406,7 +407,7 @@ function Add-MissingBitLockerKeyProtector $MountPoint, [Parameter(Mandatory = $true)] - [ValidateSet("PasswordProtector","RecoveryPasswordProtector","StartupKeyProtector","TpmProtector")] + [ValidateSet('PasswordProtector', 'RecoveryPasswordProtector', 'StartupKeyProtector', 'TpmProtector')] [System.String] $PrimaryProtector, @@ -427,7 +428,7 @@ function Add-MissingBitLockerKeyProtector $AutoUnlock = $false, [Parameter()] - [ValidateSet("Aes128","Aes256")] + [ValidateSet('Aes128', 'Aes256')] [System.String] $EncryptionMethod, @@ -487,33 +488,33 @@ function Add-MissingBitLockerKeyProtector $VerbosePreference ) - if ($PSBoundParameters.ContainsKey("AdAccountOrGroupProtector") -and $PrimaryProtector -notlike "AdAccountOrGroupProtector" -and !(Test-CollectionContainsKeyProtector -Type "AdAccountOrGroup" -KeyProtectorCollection $blv.KeyProtector)) + if ($PSBoundParameters.ContainsKey('AdAccountOrGroupProtector') -and $PrimaryProtector -notlike 'AdAccountOrGroupProtector' -and !(Test-CollectionContainsKeyProtector -Type 'AdAccountOrGroup' -KeyProtectorCollection $blv.KeyProtector)) { - Write-Verbose "Adding AdAccountOrGroupProtector" + Write-Verbose 'Adding AdAccountOrGroupProtector' Add-BitLockerKeyProtector -MountPoint $MountPoint -AdAccountOrGroupProtector -AdAccountOrGroup $AdAccountOrGroup } - if ($PSBoundParameters.ContainsKey("PasswordProtector") -and $PrimaryProtector -notlike "PasswordProtector" -and !(Test-CollectionContainsKeyProtector -Type "Password" -KeyProtectorCollection $blv.KeyProtector)) + if ($PSBoundParameters.ContainsKey('PasswordProtector') -and $PrimaryProtector -notlike 'PasswordProtector' -and !(Test-CollectionContainsKeyProtector -Type 'Password' -KeyProtectorCollection $blv.KeyProtector)) { - Write-Verbose "Adding PasswordProtector" + Write-Verbose 'Adding PasswordProtector' Add-BitLockerKeyProtector -MountPoint $MountPoint -PasswordProtector -Password $Password.Password } - if ($PSBoundParameters.ContainsKey("RecoveryKeyProtector") -and $PrimaryProtector -notlike "RecoveryKeyProtector" -and !(Test-CollectionContainsKeyProtector -Type "ExternalKey" -KeyProtectorCollection $blv.KeyProtector)) + if ($PSBoundParameters.ContainsKey('RecoveryKeyProtector') -and $PrimaryProtector -notlike 'RecoveryKeyProtector' -and !(Test-CollectionContainsKeyProtector -Type 'ExternalKey' -KeyProtectorCollection $blv.KeyProtector)) { - Write-Verbose "Adding RecoveryKeyProtector" + Write-Verbose 'Adding RecoveryKeyProtector' Add-BitLockerKeyProtector -MountPoint $MountPoint -RecoveryKeyProtector -RecoveryKeyPath $RecoveryKeyPath } - if ($PSBoundParameters.ContainsKey("RecoveryPasswordProtector") -and $PrimaryProtector -notlike "RecoveryPasswordProtector" -and !(Test-CollectionContainsKeyProtector -Type "RecoveryPassword" -KeyProtectorCollection $blv.KeyProtector)) + if ($PSBoundParameters.ContainsKey('RecoveryPasswordProtector') -and $PrimaryProtector -notlike 'RecoveryPasswordProtector' -and !(Test-CollectionContainsKeyProtector -Type 'RecoveryPassword' -KeyProtectorCollection $blv.KeyProtector)) { - Write-Verbose "Adding RecoveryPasswordProtector" + Write-Verbose 'Adding RecoveryPasswordProtector' Add-BitLockerKeyProtector -MountPoint $MountPoint -RecoveryPasswordProtector } - if ($PSBoundParameters.ContainsKey("StartupKeyProtector") -and $PrimaryProtector -notlike "TpmProtector" -and $PrimaryProtector -notlike "StartupKeyProtector" -and !(Test-CollectionContainsKeyProtector -Type "ExternalKey" -KeyProtectorCollection $blv.KeyProtector)) + if ($PSBoundParameters.ContainsKey('StartupKeyProtector') -and $PrimaryProtector -notlike 'TpmProtector' -and $PrimaryProtector -notlike 'StartupKeyProtector' -and !(Test-CollectionContainsKeyProtector -Type 'ExternalKey' -KeyProtectorCollection $blv.KeyProtector)) { - Write-Verbose "Adding StartupKeyProtector" + Write-Verbose 'Adding StartupKeyProtector' Add-BitLockerKeyProtector -MountPoint $MountPoint -StartupKeyProtector -StartupKeyPath $StartupKeyPath } } @@ -610,7 +611,7 @@ function Test-BitlockerEnabled $MountPoint, [Parameter(Mandatory = $true)] - [ValidateSet("PasswordProtector","RecoveryPasswordProtector","StartupKeyProtector","TpmProtector")] + [ValidateSet('PasswordProtector', 'RecoveryPasswordProtector', 'StartupKeyProtector', 'TpmProtector')] [System.String] $PrimaryProtector, @@ -631,7 +632,7 @@ function Test-BitlockerEnabled $AutoUnlock = $false, [Parameter()] - [ValidateSet("Aes128","Aes256")] + [ValidateSet('Aes128', 'Aes256')] [System.String] $EncryptionMethod, @@ -698,7 +699,7 @@ function Test-BitlockerEnabled Write-Verbose "Unable to locate MountPoint: $($MountPoint)" return $false } - elseif ($blv.VolumeStatus -eq "FullyDecrypted") + elseif ($blv.VolumeStatus -eq 'FullyDecrypted') { Write-Verbose "MountPoint: $($MountPoint) Not Encrypted" return $false @@ -715,49 +716,49 @@ function Test-BitlockerEnabled } else { - if ($PSBoundParameters.ContainsKey("AdAccountOrGroupProtector") -and !(Test-CollectionContainsKeyProtector -Type "AdAccountOrGroup" -KeyProtectorCollection $blv.KeyProtector)) + if ($PSBoundParameters.ContainsKey('AdAccountOrGroupProtector') -and !(Test-CollectionContainsKeyProtector -Type 'AdAccountOrGroup' -KeyProtectorCollection $blv.KeyProtector)) { Write-Verbose "MountPoint '$($MountPoint) 'does not have AdAccountOrGroupProtector (AdAccountOrGroup)" return $false } - if ($PSBoundParameters.ContainsKey("PasswordProtector") -and !(Test-CollectionContainsKeyProtector -Type "Password" -KeyProtectorCollection $blv.KeyProtector)) + if ($PSBoundParameters.ContainsKey('PasswordProtector') -and !(Test-CollectionContainsKeyProtector -Type 'Password' -KeyProtectorCollection $blv.KeyProtector)) { Write-Verbose "MountPoint '$($MountPoint) 'does not have PasswordProtector (Password)" return $false } - if ($PSBoundParameters.ContainsKey("Pin") -and !(Test-CollectionContainsKeyProtector -Type "TpmPin" -KeyProtectorCollection $blv.KeyProtector -StartsWith $true)) + if ($PSBoundParameters.ContainsKey('Pin') -and !(Test-CollectionContainsKeyProtector -Type 'TpmPin' -KeyProtectorCollection $blv.KeyProtector -StartsWith $true)) { Write-Verbose "MountPoint '$($MountPoint) 'does not have TpmPin assigned." return $false } - if ($PSBoundParameters.ContainsKey("RecoveryKeyProtector") -and !(Test-CollectionContainsKeyProtector -Type "ExternalKey" -KeyProtectorCollection $blv.KeyProtector)) + if ($PSBoundParameters.ContainsKey('RecoveryKeyProtector') -and !(Test-CollectionContainsKeyProtector -Type 'ExternalKey' -KeyProtectorCollection $blv.KeyProtector)) { Write-Verbose "MountPoint '$($MountPoint) 'does not have RecoveryKeyProtector (ExternalKey)" return $false } - if ($PSBoundParameters.ContainsKey("RecoveryPasswordProtector") -and !(Test-CollectionContainsKeyProtector -Type "RecoveryPassword" -KeyProtectorCollection $blv.KeyProtector)) + if ($PSBoundParameters.ContainsKey('RecoveryPasswordProtector') -and !(Test-CollectionContainsKeyProtector -Type 'RecoveryPassword' -KeyProtectorCollection $blv.KeyProtector)) { Write-Verbose "MountPoint '$($MountPoint) 'does not have RecoveryPasswordProtector (RecoveryPassword)" return $false } - if ($PSBoundParameters.ContainsKey("StartupKeyProtector")) + if ($PSBoundParameters.ContainsKey('StartupKeyProtector')) { - if ($PrimaryProtector -notlike "TpmProtector") + if ($PrimaryProtector -notlike 'TpmProtector') { - if (!(Test-CollectionContainsKeyProtector -Type "ExternalKey" -KeyProtectorCollection $blv.KeyProtector)) + if (!(Test-CollectionContainsKeyProtector -Type 'ExternalKey' -KeyProtectorCollection $blv.KeyProtector)) { Write-Verbose "MountPoint '$($MountPoint) 'does not have StartupKeyProtector (ExternalKey)" return $false } } - else #TpmProtector is primary + else # TpmProtector is primary { - if(!(Test-CollectionContainsKeyProtector -Type "Tpm" -KeyProtectorCollection $blv.KeyProtector -StartsWith $true) -and !(Test-CollectionContainsKeyProtector -Type "StartupKey" -KeyProtectorCollection $blv.KeyProtector -Contains $true)) + if(!(Test-CollectionContainsKeyProtector -Type 'Tpm' -KeyProtectorCollection $blv.KeyProtector -StartsWith $true) -and !(Test-CollectionContainsKeyProtector -Type 'StartupKey' -KeyProtectorCollection $blv.KeyProtector -Contains $true)) { Write-Verbose "MountPoint '$($MountPoint) 'does not have TPM + StartupKey protector." return $false @@ -765,7 +766,7 @@ function Test-BitlockerEnabled } } - if ($PSBoundParameters.ContainsKey("TpmProtector") -and !(Test-CollectionContainsKeyProtector -Type "Tpm" -KeyProtectorCollection $blv.KeyProtector -StartsWith $true)) + if ($PSBoundParameters.ContainsKey('TpmProtector') -and !(Test-CollectionContainsKeyProtector -Type 'Tpm' -KeyProtectorCollection $blv.KeyProtector -StartsWith $true)) { Write-Verbose "MountPoint '$($MountPoint) 'does not have TpmProtector" return $false @@ -791,30 +792,30 @@ function Assert-HasPrereqsForBitlocker $blAdminToolsFeature = Get-WindowsFeature RSAT-Feature-Tools-BitLocker $blAdminToolsRemoteFeature = Get-WindowsFeature RSAT-Feature-Tools-BitLocker-RemoteAdminTool - if ($blFeature.InstallState -ne "Installed") + if ($blFeature.InstallState -ne 'Installed') { $hasAllPreReqs = $false - Write-Error "The Bitlocker feature needs to be installed before the xBitlocker module can be used" + Write-Error 'The Bitlocker feature needs to be installed before the xBitlocker module can be used' } - if ($blAdminToolsFeature.InstallState -ne "Installed") + if ($blAdminToolsFeature.InstallState -ne 'Installed') { $hasAllPreReqs = $false - Write-Error "The RSAT-Feature-Tools-BitLocker feature needs to be installed before the xBitlocker module can be used" + Write-Error 'The RSAT-Feature-Tools-BitLocker feature needs to be installed before the xBitlocker module can be used' } if ($blAdminToolsRemoteFeature.InstallState -ne 'Installed' -and (Get-OSEdition) -notmatch 'Core') { $hasAllPreReqs = $false - Write-Error "The RSAT-Feature-Tools-BitLocker-RemoteAdminTool feature needs to be installed before the xBitlocker module can be used" + Write-Error 'The RSAT-Feature-Tools-BitLocker-RemoteAdminTool feature needs to be installed before the xBitlocker module can be used' } if ($hasAllPreReqs -eq $false) { - throw "Required Bitlocker features need to be installed before xBitlocker can be used" + throw 'Required Bitlocker features need to be installed before xBitlocker can be used' } } @@ -910,11 +911,11 @@ function Add-ToPSBoundParametersFromHashtable foreach ($key in $ParamsToAdd.Keys) { - if (!($PSBoundParametersIn.ContainsKey($key))) #Key doesn't exist, so add it with value + if (!($PSBoundParametersIn.ContainsKey($key))) # Key doesn't exist, so add it with value { $PSBoundParametersIn.Add($key, $ParamsToAdd[$key]) | Out-Null } - else #Key already exists, so just replace the value + else # Key already exists, so just replace the value { $PSBoundParametersIn[$key] = $ParamsToAdd[$key] } diff --git a/Tests/Unit/xBitlockerCommon.tests.ps1 b/Tests/Unit/xBitlockerCommon.tests.ps1 index 581f181..e52cd6f 100644 --- a/Tests/Unit/xBitlockerCommon.tests.ps1 +++ b/Tests/Unit/xBitlockerCommon.tests.ps1 @@ -392,7 +392,7 @@ try Describe 'xBitLockerCommon\Get-OSEdition' { It 'Should return "Server Core" if the OS is Windows Server Core' { Mock -CommandName Get-ItemProperty -MockWith { - [PSCustomObject]@{ + [PSCustomObject] @{ InstallationType = 'Server Core' PSPath = 'Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion' PSParentPath = 'Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\software\microsoft\windows nt' @@ -408,7 +408,7 @@ try It 'Should return "Server" if the OS is Full Windows Server' { Mock -CommandName Get-ItemProperty -MockWith { - [PSCustomObject]@{ + [PSCustomObject] @{ InstallationType = 'Server' PSPath = 'Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion' PSParentPath = 'Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\software\microsoft\windows nt' @@ -424,7 +424,7 @@ try It 'Should run without exceptions' { Mock -CommandName Get-ItemProperty -MockWith { - [PSCustomObject]@{ + [PSCustomObject] @{ InstallationType = 'Some other os' PSPath = 'Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion' PSParentPath = 'Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\software\microsoft\windows nt'