-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathUtility_BulkPSFileSigner.ps1
41 lines (33 loc) · 1.58 KB
/
Utility_BulkPSFileSigner.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
$certFriendlyName = ""
$codeSigningCertificateThumbprint = ""
$certSubject = ""
if(($null -eq $codeSigningCertificateThumbprint) -or ($codeSigningCertificateThumbprint -eq "")){
$retrievedthumbprint = Get-ChildItem cert: -Recurse | Where-Object{ $_.Subject –like $certSubject } | Select-Object Thumbprint -Unique
$codeSigningCertificateThumbprint = $retrievedthumbprint.Thumbprint
}
$cert = Get-ChildItem Cert:\CurrentUser\My\$codeSigningCertificateThumbprint -CodeSigningCert
$timeStampURL = "http://timestamp.comodoca.com/authenticode"
function Sign_PowerShellFiles($pathToSign){
$counter = 1
$filestosignpath = Get-ChildItem $pathToSign -Recurse -Include *.ps1, *.psm1
$filesCount = ($filestosignpath | Measure-Object).Count
foreach($file in $filestosignpath){
Write-Progress -Activity "Working on $counter of $filesCount" -status "Signing $file" -PercentComplete (($counter / $filesCount)*100)
if($cert) {
Set-AuthenticodeSignature -filepath $file -cert $cert -IncludeChain All -TimeStampServer $timeStampURL
}
else {
throw "Did not find certificate with friendly name of `"$certFriendlyName`""
}
if($filesCount -gt 1){
Start-Sleep -Seconds 15 #To not blow up their time server
}
$counter++
}
}
[string]$powershellFileLoc = Read-Host -Prompt 'Root of the PowerShell files?'
$powershellFileLoc = $powershellFileLoc.Replace('"',"")
if(Test-Path $powershellFileLoc){
Sign_PowerShellFiles $powershellFileLoc
}
$pauser = Read-Host -Prompt 'Press any key to continue...'