function New-SaferHashRule { param ( [String] $GuidPrefix = "", [Parameter(Mandatory=$true, ValueFromPipeline=$true)] [System.IO.FileInfo] $File ) begin { Add-Type -AssemblyName System.Security; $cryptoSha256 = [System.Security.Cryptography.HashAlgorithm]::Create('SHA256'); $cryptoMd5 = [System.Security.Cryptography.HashAlgorithm]::Create('MD5'); $path = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\Hashes'; if (!(Test-Path $path)) { New-Item -Path $path > $null; } } process { $guid = '{' + $GuidPrefix + [System.Guid]::NewGuid().ToString().Substring($GuidPrefix.Length) + '}'; $fileContent = [System.IO.File]::ReadAllBytes($File.FullName); $pathMd5 = Join-Path $path $guid; New-Item -Path $pathMd5 > $null; New-ItemProperty -Path $pathMd5 -Name 'FriendlyName' -Value $File.Name > $null; New-ItemProperty -Path $pathMd5 -Name 'Description' -Value $File.FullName > $null; New-ItemProperty -Path $pathMd5 -Name 'ItemSize' -Value $File.Length -PropertyType QWord > $null; New-ItemProperty -Path $pathMd5 -Name 'HashAlg' -Value 0x8003 -PropertyType DWord > $null; New-ItemProperty -Path $pathMd5 -Name 'ItemData' -Value $cryptoMd5.ComputeHash($fileContent) -PropertyType Binary > $null; $pathSha256 = Join-Path $pathMd5 'SHA256'; New-Item -Path $pathSha256 > $null; New-ItemProperty -Path $pathSha256 -Name 'HashAlg' -Value 0x800C -PropertyType DWord > $null; New-ItemProperty -Path $pathSha256 -Name 'ItemData' -Value $cryptoSha256.ComputeHash($fileContent) -PropertyType Binary > $null; [pscustomobject] @{ File = $File.Fullname; Key = $pathMd5; } } }