I have some signed .ps1 script, I need to verify they are properly signed from a C# project, is there any algorithm or library to do this?
Thanks!
I have some signed .ps1 script, I need to verify they are properly signed from a C# project, is there any algorithm or library to do this?
Thanks!
If the Get-AuthenticodeSignature
cmdlet verifies correctly (i.e. it reports an error if not valid) and PSH is available on the target system, you can run PSH within your C# application.
You could host the PowerShell engine to check this using the Get-AuthenticodeSignature cmdlet e.g.:
using System.Collections.ObjectModel;
using System.Management.Automation;
using System.Management.Automation.Runspaces;
private bool VerifyPowerShellScriptSignature()
{
using (var runspaceInvoke = new RunspaceInvoke())
{
string path = "C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\" +
"Modules\\PSDiagnostics\\PSDiagnostics.psm1";
Collection<PSObject> results =
runspaceInvoke.Invoke("Get-AuthenticodeSignature " + path);
Signature signature = results[0].BaseObject as Signature;
return signature == null ? false :
(signature.Status == SignatureStatus.Valid);
}
}