Forum Discussion

vex's avatar
vex
Contributor
13 years ago

Testcomplete and powershell commands

I have a need to write a vbscript (or powershell script) that will read the details of the digital signing certificate of a file - not only if it's valid or not, but like to sure that it's signed, ensure there is a signing timestamp, etc.



Is there a way to do this in vbscript or through test complete?  I can do it in powershell, but I'm unfamiliar on how to have powershell integrated into TC.



For ref, a powershell script example to do part of what i'm talking about is like...





dir <filename> | Get-AuthenticodeSignature | % {if($_.TimeStamperCertificate -eq $null){write-warning "Warning: This file has no time stamp!!!"};$_}


5 Replies

  • HKosova's avatar
    HKosova
    SmartBear Alumni (Retired)
    Hi Vince,



    You can get a file's certificate information using the aqFileSystem.GetFileInfo(path).CertificateInfo object. An example is included in the linked article.



    If the information provided by TestComplete's CertificateInfo object isn't enough, you can use other scripting APIs such as the CAPICOM.SignedCode object. You can find an example of using this object in VBScript here.



    Hope this helps!
  • vex's avatar
    vex
    Contributor
    Helen,



    This sorta helps, but that is missing one key piece of information.  While it will tell you the valid from and valid too dates, it doesn't seem to pull the actual timestamp of the certification.  If I'm wrong, please correct me.  Specifically, what I'm talking about is if you go to the file properties of a file, click "Digital Signatures" tab, and you'll see a timestamp there.  That value is what I need to check for. 



    This can be done in powershell with the code in the original post, but I need to incorporate that into TestComplete.



    The goal I'm trying to test for here is to check if a file is signed, and then to make sure the signing timestamp is != NULL.  Also, using Capicom is unfortunately out of the question - I did see a lot of detail around that but that is very depreciated by Microsoft and our company policies will not let us build up automation relying on that component.
  • HKosova's avatar
    HKosova
    SmartBear Alumni (Retired)
    Hi Vince,



    You're right, TestComplete's CertificateInfo object doesn't contain the timestamp info. I've filed a feature request for it on your behalf.



    Meanwhile, if CAMICOM isn't an option, you can use PowerShell as you originally suggested.

    The PowerShell engine is available as .NET class System.Management.Automation.PowerShell, and you can script it from TestComplete via the dotNET object. For this purpose, you need to add the System.Management.Automation assembly to Tools > Current Project Properties > CLR Bridge and, of course, you must have PowerShell installed on the computer.



    Here's a TestComplete VBScript equivalent of your PowerShell script (it's a bit lengthy but should do what you need :))

    Sub Test

      Dim fileName, sig



      fileName = Sys.Process("TestComplete").Path ' Replace this expression with your file name

      Set sig = GetAuthenticodeSignature(fileName)



      If sig.TimeStamperCertificate Is Nothing Then

        Log.Warning "The file has no time stamp!"

      Else

        Log.Message "The file is timestamped. See Additional Info for time stamper's certificate info.", sig.TimeStamperCertificate.ToString.OleValue

      End If

    End Sub



    ' Returns the System.Management.Automation.Signature object

    ' corresponding to the file's digital signature

    ' http://msdn.microsoft.com/en-us/library/system.management.automation.signature.aspx

    Function GetAuthenticodeSignature(strFileName)

      Dim powerShell, res



      Set powerShell = dotNET.System_Management_Automation.PowerShell.Create

      powerShell.AddScript "Get-AuthenticodeSignature """ & strFileName & """"



      Set res = powerShell.Invoke_3(Nothing)

      Set GetAuthenticodeSignature = res.Item(0).BaseObject

    End Function
  • vex's avatar
    vex
    Contributor
    Oh goodness, I had -NO- idea Powershell was available as a VBScript object, that solves all my problems!  Thank you Helen! :)
  • vex's avatar
    vex
    Contributor
    nevermind, misread what you said.  Works, and looks great.