Get-AuthenticodeSignature
Gets information about the Authenticode signature for a file.
语法
ByPath (默认值)
Get-AuthenticodeSignature
[-FilePath] <String[]>
[<CommonParameters>]
ByLiteralPath
Get-AuthenticodeSignature
-LiteralPath <String[]>
[<CommonParameters>]
ByContent
Get-AuthenticodeSignature
-SourcePathOrExtension <String[]>
-Content <Byte[]>
[<CommonParameters>]
说明
This cmdlet is only available on the Windows platform.
The Get-AuthenticodeSignature cmdlet gets information about the Authenticode signature for a
file or file content as a byte array. If the file is both embedded signed and Windows catalog
signed, the Windows catalog signature is used. If the file is not signed, the information is
retrieved, but the fields are blank.
示例
Example 1: Get the Authenticode signature for a file
Get-AuthenticodeSignature -FilePath "C:\Test\NewScript.ps1"
This command gets information about the Authenticode signature in the NewScript.ps1 file. It uses the FilePath parameter to specify the file.
Example 2: Get the Authenticode signature for multiple files
Get-AuthenticodeSignature test.ps1, test1.ps1, sign-file.ps1, makexml.ps1
This command gets information about the Authenticode signature for the four files listed at the command line. In this example, the name of the FilePath parameter, which is optional, is omitted.
Example 3: Get only valid Authenticode signatures for multiple files
Get-ChildItem $PSHOME\*.* | ForEach-Object {Get-AuthenticodeSignature $_} |
Where-Object {$_.Status -eq "Valid"}
This command lists all of the files in the $PSHOME directory that have a valid Authenticode
signature. The $PSHOME automatic variable contains the path to the PowerShell installation
directory.
The command uses the Get-ChildItem cmdlet to get the files in the $PSHOME directory. It uses a
pattern of . to exclude directories (although it also excludes files without a dot in the
filename).
The command uses a pipeline operator (|) to send the files in $PSHOME to the ForEach-Object
cmdlet, where Get-AuthenticodeSignature is called for each file.
The results of the Get-AuthenticodeSignature command are sent to a Where-Object command that
selects only the signature objects with a status of Valid.
Example 4: Get the Authenticode signature for a file content specified as byte array
$authenticodeSignatureParams = @{
Content = (Get-Content foo.ps1 -AsByteStream)
SourcePathorExtension = "ps1"
}
Get-AuthenticodeSignature @authenticodeSignatureParams
This command gets information about the Authenticode signature for the content of a file. In this example, the file extension is specified along with the content of the file.
参数
-Content
Contents of a file as a byte array for which the Authenticode signature is retrieved. This parameter must be used with SourcePathOrExtension parameter. Prior to PowerShell 7.4, the contents of the file must be in Unicode (UTF-16LE) format.
参数属性
| 类型: | Byte[] |
| 默认值: | None |
| 支持通配符: | False |
| 不显示: | False |
参数集
ByContent
| Position: | Named |
| 必需: | True |
| 来自管道的值: | False |
| 来自管道的值(按属性名称): | True |
| 来自剩余参数的值: | False |
-FilePath
Specifies the path to the file to examine. Wildcards are permitted, but they must lead to a single file. It is not necessary to type FilePath at the command line when you specify a value for this parameter.
参数属性
| 类型: | String[] |
| 默认值: | None |
| 支持通配符: | True |
| 不显示: | False |
参数集
ByPath
| Position: | 0 |
| 必需: | True |
| 来自管道的值: | True |
| 来自管道的值(按属性名称): | True |
| 来自剩余参数的值: | False |
-LiteralPath
Specifies the path to the file being examined. Unlike FilePath, the value of the LiteralPath parameter is used exactly as it is typed. No characters are interpreted as wildcards. If the path includes an escape character, enclose it in single quotation marks. Single quotation marks tell PowerShell not to interpret any characters as escape characters.
参数属性
| 类型: | String[] |
| 默认值: | None |
| 支持通配符: | False |
| 不显示: | False |
| 别名: | PSPath, LP |
参数集
ByLiteralPath
| Position: | Named |
| 必需: | True |
| 来自管道的值: | False |
| 来自管道的值(按属性名称): | True |
| 来自剩余参数的值: | False |
-SourcePathOrExtension
Path to the file or file type of the content for which the Authenticode signature is retrieved. This parameter is used with Content where file content is passed as a byte array.
参数属性
| 类型: | String[] |
| 默认值: | None |
| 支持通配符: | False |
| 不显示: | False |
参数集
ByContent
| Position: | Named |
| 必需: | True |
| 来自管道的值: | True |
| 来自管道的值(按属性名称): | True |
| 来自剩余参数的值: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
输入
String
You can pipe a string that contains a file path to this cmdlet.
输出
Signature
This cmdlet returns a signature object for each signature that it gets.
备注
This cmdlet is only available on Windows platforms.
For information about Authenticode signatures in PowerShell, see about_Signing.
