views:

47

answers:

1

Hi,

How can I sign digitally a string with SHA-2 by PowerShell script, not using OpenSSL? I know how to do it with OpenSSL, but I'm wondering if there is a way to do it with .Net classes.

Thank you.

A: 

The PowerShell Community Extensions module provides easy access to the .NET types that do hashing via SHA-256/385/512 e.g.:

C:\PS> "This is a test" | Get-Hash -Algorithm SHA256


Algorithm: SHA256


Path       :
HashString : 309CB8ABAB6504945ACD10CE99546D2355AD5AE3B4CE99DA8ACCBC4EE7388EF9
Keith Hill
Thank you for responding, @Keith Hill. But how do I use it for digital signature?
Allen L
When I hear SHA-2 I think computing crypographic hashes. When I hear digital signatures, I think authenticode signatures with certificates. Perhaps you need the latter? If so, you can create a self-signed cert on Windows using the MakeCert.exe utility. Then you can use signtool.exe to apply a signature. Both these tools require the Windows SDK. PowerShell also has Set-AuthenticodeSignature for applying a signature to a file.
Keith Hill