Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Home NTDEV
Before Posting...
Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


Created a storage adapter for windows biometric framework but unable to install and load.

parvindparvind Member Posts: 3

I have created a storage adapter for windows biometric framework. Added related keys and parameters in the registry at Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\VID_1162&PID_2200\5&376aba2d&0&9\Device Parameters\WinBio\Configurations and Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WbioSrvc\Databases. Copied the dll of my storage adapter in C:\WINDOWS\SYSTEM32\WINBIOPLUGINS directory. Tried to load the storage adapter in the biometric session using winbio.dll's WinBioOpenSession method. Getting the following errors:

1) In biometric event log= "The Windows Biometric Service failed to load an adapter binary: C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\STORAGEADAPTER.DLL.The module was not properly signed".

2) In codeintegrity event log="Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\WinBioPlugIns\StorageAdapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.".

Searched some information on the internet about above errors and found that the dll must be signed to install and load. So tried the test-signing and release-signing(with godaddy's driver signing certificate) both but still getting the same errors. The only thing I failed to do is to sign my dll with a cross certificate and its because I am unable to find the appropriate cross certificate for my driver signing certificate.

Query: Is it necessary to sign the dll with cross certificate and a driver signing certificate both or signing with only a driver signing certificate is sufficient to install it on windows?

Note: Please suggest me if I have missed something here or not following the correct process to load a custom storage adapter in the biometric session.

Comments

  • Tim_RobertsTim_Roberts Member - All Emails Posts: 13,496

    If your computer has "secure boot" set in the BIOS, then you cannot sign your own kernel drivers. You must submit them to Microsoft for their signature, either through the WHQL/HCK/HLK process or through the simpler "attestation signing" process.

    If this is your own computer for testing, then you can turn off "secure boot". Once you do that, drivers signed and cross-signed the traditional way will work.

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

  • parvindparvind Member Posts: 3
    edited March 13

    @Tim_Roberts Thank you for quick reply. I will definitely try these options.

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 30 Mar 2020 OSR Seminar Space
Developing Minifilters 15 Jun 2020 LIVE ONLINE
Writing WDF Drivers 22 June 2020 LIVE ONLINE
Internals & Software Drivers 28 Sept 2020 Dulles, VA