views:

67

answers:

2

so with

$filestosign = (dir -recurse-include *.ps1)
Set-AuthenticodeSignature $filestosign $signingcert

i can sign all my ps1 files in a folder. But is there a quick way to undo this again?

A: 

I suspect this isn't the answer you were hoping for, but I'm pretty sure there isn't a "Remove-AuthenicodeSignauture" cmdlet that is going to help out.

Signing, as I'm sure you know, involves adding a commented section to the script. Removing this commented section should remove the signing. However, that's something you'll need to write yourself.

Martin Peck
+1  A: 

I played a bit around and came to this solution: The signature is appended at the end of a file. I search for the string "SIG # Begin signature block" to know the Linenumbers i don't need any more, display the rest and write this back:

function remove-signature ($signedFile = "D:\ps10\test.ps1")
{
$filecontent = Get-Content $signedFile
$filecontent[0..(((Get-Content $signedFile | select-string "SIG # Begin signature block").LineNumber)-2)] | Set-Content $signedFile
}

Think this should work. My first thought was to find a way to select the area between the two strings: "SIG # Begin" and "SIG # End" . Just for learning purpose i would be interrested how i could have done that.

icnivad