How can I check if a powershell script from a managed API is signed?

Question

How can I check if a powershell script from a managed API is signed?

I want to execute powershell using Powershell SDK.net. It works fine for me. Before executing it, I want to verify that the script was signed with my code signing certificate - this is easy enough to do from powershell itself using Get-AuthenticodeSignature, but I would like to do this in the code before choosing to run this script.

Decision:

        Runspace runSpace = RunspaceFactory.CreateRunspace();
        runSpace.Open();

        Pipeline shell = runSpace.CreatePipeline();
        shell.Commands.AddScript(String.Format("Get-AuthenticodeSignature '{0}'", Filename));

        Signature sig = (shell.Invoke()[0]).BaseObject as Signature;
        bool isValid = sig.Status == SignatureStatus.Valid;

+3

powershell

James berry Apr 30 '10 at 16:45

source share

1 answer

x0n · Accepted Answer · 2010-05-01T14:44:18+0000

The easiest way I can think of is to use powershell, but from within managed code:

using System.Management.Automation;

void Foo(string path) {
   PowerShell shell = PowerShell.Create();
   shell.AddScript(String.Format("Get-AuthenticodeSignature {0}", path));

   Signature sig = shell.Invoke()[0] as Signature; // returns collection
   bool isValid = sig.Valid;
}

(from memory, therefore, it cannot be completely syntactically correct)

How can I check if a powershell script from a managed API is signed?

More articles: