Hi,
How can I sign digitally a string with SHA-2 by PowerShell script, not using OpenSSL? I know how to do it with OpenSSL, but I'm wondering if there is a way to do it with .Net classes.
Thank you.
A:
The PowerShell Community Extensions module provides easy access to the .NET types that do hashing via SHA-256/385/512 e.g.:
C:\PS> "This is a test" | Get-Hash -Algorithm SHA256
Algorithm: SHA256
Path :
HashString : 309CB8ABAB6504945ACD10CE99546D2355AD5AE3B4CE99DA8ACCBC4EE7388EF9
Keith Hill
2010-09-16 14:49:45
Thank you for responding, @Keith Hill. But how do I use it for digital signature?
Allen L
2010-09-19 11:44:31
When I hear SHA-2 I think computing crypographic hashes. When I hear digital signatures, I think authenticode signatures with certificates. Perhaps you need the latter? If so, you can create a self-signed cert on Windows using the MakeCert.exe utility. Then you can use signtool.exe to apply a signature. Both these tools require the Windows SDK. PowerShell also has Set-AuthenticodeSignature for applying a signature to a file.
Keith Hill
2010-09-19 16:48:52