How can I check if a powershell script is signed from the managed API?

Question

I want to execute a powershell using the .net Powershell SDK. I have this working fine. Before I execute it I want to check that the script has been signed by my code signing certificate - this is easy enough to do from within powershell itself using Get-AuthenticodeSignature but I would like to do this in code before choosing to execute this script.

Solution:

        Runspace runSpace = RunspaceFactory.CreateRunspace();
        runSpace.Open();

        Pipeline shell = runSpace.CreatePipeline();
        shell.Commands.AddScript(String.Format("Get-AuthenticodeSignature '{0}'", Filename));

        Signature sig = (shell.Invoke()[0]).BaseObject as Signature;
        bool isValid = sig.Status == SignatureStatus.Valid;

Answer 1

The easiest way I can think is to still use powershell, but from within managed code:

using System.Management.Automation;

void Foo(string path) {
   PowerShell shell = PowerShell.Create();
   shell.AddScript(String.Format("Get-AuthenticodeSignature {0}", path));

   Signature sig = shell.Invoke()[0] as Signature; // returns collection
   bool isValid = sig.Valid;
}

(from memory, so may not be entirely syntactically correct)