PowerShell Commands

Get-AuthenticodeSignature

Get-AuthenticodeSignature -Content* <Byte[]> -SourcePathOrExtension* <String[]> [<CommonParameters>]
Get-AuthenticodeSignature [-FilePath*] <String[]> [<CommonParameters>]
Get-AuthenticodeSignature -LiteralPath* <String[]> [<CommonParameters>]

The Get-AuthenticodeSignature cmdlet gets information about the Authenticode signature for a file. If the file is not signed, the information is retrieved, but the fields are blank.

Parameters

-Content <Byte[]>

  • This value is required
  • Default value is None
  • Accepts pipeline input ByPropertyName

@{Text=}

-FilePath <String[]>

  • This value is required
  • Default value is None
  • Accepts pipeline input ByPropertyName

Specifies the path to the file to examine. Wildcards are permitted, but they must lead to a single file. It is not necessary to type `-FilePath` at the command line when you specify a value for this parameter.

-LiteralPath <String[]>

  • This value is required
  • Default value is None
  • Accepts pipeline input ByPropertyName

Specifies the path to the file being examined. Unlike FilePath , the value of the LiteralPath parameter is used exactly as it is typed. No characters are interpreted as wildcards. If the path includes an escape character, enclose it in single quotation marks. Single quotation marks tell Windows PowerShell not to interpret any characters as escape characters.

-SourcePathOrExtension <String[]>

  • This value is required
  • Default value is None
  • Accepts pipeline input ByPropertyName

@{Text=}

<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,ErrorAction, ErrorVariable, WarningAction, WarningVariable,OutBuffer, PipelineVariable, and OutVariable.

Inputs
System.String
You can pipe a string that contains a file path to Get-AuthenticodeSignature .
Outputs
System.Management.Automation.Signature
Get-AuthenticodeSignature returns a signature object for each signature that it gets.
Examples
  1. Get the Authenticode signature for a file:
    PS C:\> Get-AuthenticodeSignature -FilePath "C:\Test\NewScript.ps1"
    

    This command gets information about the Authenticode signature in the NewScript.ps1 file. It uses the FilePath parameter to specify the file.

  2. Get the Authenticode signature for multiple files:
    PS C:\> Get-AuthenticodeSignature test.ps1, test1.ps1, sign-file.ps1, makexml.ps1
    

    This command gets information about the Authenticode signature for the four files listed at the command line. In this example, the name of the FilePath parameter, which is optional, is omitted.

  3. Get only valid Authenticode signatures for multiple files:
    PS C:\> Get-ChildItem $pshome\*.* | ForEach-object {Get-AuthenticodeSignature $_} | where {$_.status -eq "Valid"}
    

    This command lists all of the files in the $pshome directory that have a valid Authenticode signature. The $pshome automatic variable contains the path to the Windows PowerShell installation directory.

    The command uses the Get-ChildItem cmdlet to get the files in the $pshome directory. It uses a pattern of . to exclude directories (although it also excludes files without a dot in the filename).

    The command uses a pipeline operator (|) to send the files in $pshome to the ForEach-Object cmdlet, where Get-AuthenticodeSignature is called for each file.

    The results of the Get-AuthenticodeSignature command are sent to a Where-Object command that selects only the signature objects with a status of Valid.

Additional Notes
 * For information about Authenticode signatures in Windows PowerShell, see about_Signing.

 *

This work is licensed under a Creative Commons Attribution 4.0 International. It is attributed to Microsoft Corporation and can be found here.

PowerShell Commands