1

I want to check files for integrity with a checksum. To make it easier I put the hash into an alternate data stream of the file. When someone alters the file I can verify this with the checksum.

However, when I add a data stream the file's LastWriteTime gets updated, so I added functionality to reverse it.

It works like a charm - mostly. But it fails with some files, about 5%. I have no idea why. It looks like it fails with file names that contain spaces or extra dots, but many other that have spaces and multiple dots in the file name work just fine.

Does anyone know what's going on, how to prevent these failures or how to improve the code? Thanks!

The code:

$filenames = Get-ChildItem *.xl* -Recurse | % { $_.FullName }

foreach( $filename in $filenames ) { ForEach-Object { $timelwt = Get-ItemProperty $filename | select -expand LastWriteTime | select -expand ticks } {add-content -stream MD5 -value (Get-FileHash -a md5 $filename).hash $filename } { Set-ItemProperty $filename -Name LastWriteTime -Value $timelwt}}```
specialsymbol
  • 11
  • 2
  • 2
    What specifically is failing? Writing to the alternate stream? Updating the write time? or both? – zdan Apr 27 '22 at 23:31
  • 1
    Could you explain the reasoning behind your inner `ForEach-Object` ? aside from overhead – Santiago Squarzon Apr 27 '22 at 23:38
  • You honestly just need `Add-Content` and `Set-ItemProperty`, no need to make another call to the same object you reduced to just file paths. Keep the entirety of the object from `Get-ChildItem` as it already has the `Ticks` property. No need for `Foreach-Object` either. If you think it's failing because of the spaces or dots in the name, try `-LiteralPath` instead as a safety measure but, shouldn't be needed. – Abraham Zinala Apr 27 '22 at 23:42
  • @Santiago - I added it because it worked. I will leave it out and see if it still runs all the commands. – specialsymbol Apr 28 '22 at 11:19
  • @zdan it says it can't find the specific file. There are about 1300 excel files in various subdirectories and some it simply can't find (about 20-50). So nothing is changed, it will not add the stream, thus it will not change the date. Or it does change the date but my script restores it, but I think this is unlikely. Anyway, dates are identical to prior and no stream is added so I expect it to stay untouched. – specialsymbol Apr 28 '22 at 11:20

1 Answers1

2

Your code can be reduced to this:

Get-ChildItem *.xl* -Recurse | ForEach-Object {
    $lastWriteTime = $_.LastWriteTime
    $_ | Add-Content -Stream MD5 -Value ($_ | Get-FileHash -a md5).Hash
    $_.LastWriteTime = $lastWriteTime
}

Get-ChildItem with the -Filter you have in place will return FileInfo objects, which have a settable LastWriteTime property, there is no reason for using Get-ItemProperty nor Set-ItemProperty over them.

As for, why your code could be failing, the likeable explanation is that you have some file paths with wildcard metacharacters, and since you're not using -LiteralPath, the cmdlets are defaulting to the -Path parameter (which allows wildcard metacharacters).

As aside, I would personally recommend you to create a separate checksum file for the files instead of adding an alternative data stream.

Santiago Squarzon
  • 41,465
  • 5
  • 14
  • 37
  • Thank you for the clean-up! I already suspected that literal-path could help, but couldn't find any hints on how to implement this. I will look into it again. I used separate files for the checksums before, but they tend to get lost, deleted or overwritten. This is for me an easy way to see which files were altered. I am not admin on the server, I just want to keep track of the files and changes. – specialsymbol Apr 28 '22 at 11:26