Can I digitally sign JScript (.js) or VBScript (.vbs) files?

Question

I know that one can sign a Windows binary executable file using signtool. So all this time I was under assumption that one cannot sign any of the files interpreted by Windows Script Host, such as JScript (.js) or VBScript (.vbs) because those are mere text files.

But today, while opening a .js file that I downloaded off my web site, I was greeted by this warning:

So does this mean that there's a way to sign those .js/.vbs files? If so, then how?

Answer 1

Just to finalize my original question. The answer is yes. To the best of my knowledge, one can sign the following files using Microsoft's SignTool:

• Obviously Windows executables: .exe, .dll, .com (for old DOS format), .scr (for screensaver), .ocx (for ActiveX control), .cpl (for Control Panel executable.)

• Windows installer files: .msi, .msp

• Text-based scripts: .js (for JScript), .vbs (for VBScript), .jse (for encoded JScript), .vbe (for encoded VBScript)

• PowerShell scripts: .ps1 , .psm1, .ps1xml

• Windows Script Files: .wsf (with mixed content)

Answer 2

The Scripting.Signer Object can sign a script with a digital signature.

Dim filespec : Set filespec = "my_script.vbs"
Dim cert : Set cert = "my" ' the default private certificate
Dim oSign : Set oSign = CreateObject("Scripting.Signer")
Dim fso : Set fso = CreateObject("Scripting.FileSystemObject")
Dim file : Set file = fso.GetFile(filespec)

oSign.SignFile file.Path, cert