2

I am signing some built exe files with the Microsoft signtool. The command line is quite long, and always the same, apart from the target file name at the end. So I'd like to keep most of it in a handy variable:

& "C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe" sign /fd SHA256 /a /t http://timestamp.comodoca.com/authenticode $builtFile

I could store the path to signtool in a simple variable, but I want to include the arguments. How can I do that without getting a parser error?

$signTool = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe" sign /fd SHA256
ParserError: Unexpected token 'sign' in expression or statement.
Improve this question
2
  • 3
    Have you considered using a function instead of a variable? ☝🏼😉 Commented Sep 10 at 10:49
  • Good point. I've just started learning PowerShell, so I did not even know it has user defined functions. Commented Sep 10 at 11:36

3 Answers 3

Reset to default
5

Usually the pattern is to store the binary in one variable and the arguments in another, then you can use the call operator & as you're doing:

$signTool = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe"
$arguments = 'sign', '/fd', 'SHA256'
& $signTool @arguments /a /t http://...
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

4

You can store the call in a scriptblock ({ ... }) and then invoke that:

$command = { & "C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe" sign /fd SHA256 /a /t http://timestamp.comodoca.com/authenticode $builtFile }

# ... later in the script
$builtFile = "file path goes here"

# invoke stored command
& $command

ScriptBlocks are in essence anonymous functions, and PowerShell functions support inline parameter declaration - meaning you can also define $builtFile as a parameter:

$command = { 
  param([string]$builtFile)

  & "C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64\signtool.exe" sign /fd SHA256 /a /t http://timestamp.comodoca.com/authenticode $builtFile 
}

# ... later

& $command -builtFile "path to file"
Improve this answer

3 Comments

I think a named function would be clearer.
You may also use $args[0] in the scriptblock body instead of a named variable/parameter, and then invoke & $command "path to file"
@dan-gph I don't disagree, but OP specifically asked about something assignable to a variable :)
1

an alternate method is to kinda-sorta use the splat concept. Get-Help about_Splatting here's an example using robocopy ...

$SourceComputerName = $env:COMPUTERNAME
$Source = "\\$SourceComputerName\c$\Temp"
    
$DestComputerName = $env:COMPUTERNAME
$Destination = "\\$DestComputerName\d$\Temp\aaa"
    
$FileSpec = '*.*'
    
$TimeStamp = Get-Date -Format 'yyyy-MM-dd_hh-mm-ss'
$Subject = 'RobocopyTest'
$LogFileName = -join ($Subject, '_-_', $TimeStamp, '.log')
$FullLogFileName = Join-Path -Path $env:TEMP -ChildPath $LogFileName
 
$RC_Params = @(
    $Source
    $Destination
    $FileSpec 
    # put your current options below
    "/Log:$FullLogFileName"
    '/NP'
    '/E'
    '/TEE'
    )

# the next line will show just what the parameters are
#$RC_Params

# the following line actually runs robocopy with the desired parameters
robocopy $RC_Params

here's the result on my system just now ...

------------------------------------------------------------------------------

               Total    Copied   Skipped  Mismatch    FAILED    Extras
    Dirs :        20        20         0         0         0         0
   Files :        93        93         0         0         0         0
   Bytes :  137.25 m  137.25 m         0         0         0         0
   Times :   0:00:10   0:00:10                       0:00:00   0:00:00


   Speed :           13,900,142 Bytes/sec.
   Speed :              795.373 MegaBytes/min.
   Ended : Saturday, September 13, 2025 6:53:23 PM
Improve this answer

2 Comments

You're not actually splatting the arguments here, did you perhaps mean robocopy @RC_Params?
i know it aint splatting, exactly. that's why i said kinda-sorta. however it is a close-ish idea - a structure for passing organized parameters and values. plus, it really does work with the $ instead of a @. [grin]

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.