Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results
The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
I've been working off and on for the last year trying to get this driver released. I was setting up the Azure account for the last step in releasing the driver and I made a typo when filling out the company display name and now I can't change it. I can't find where it is in the dashboard. I tried going back to that step and changing it doesn't fix it, it appears to be locked in now.
I tried signing the signablefile.bin and uploading it and it didn't accept it. I think it's because the certificate company name is different than the company name given in the signup process. Though it could be something else.
I'm signing with
signtool sign /v /debig /ac /s My /n /t "http://timestamp.digicert.com" SignableFile.bin
I do need to figure out how I can change the company name in Azure. Does anyone know how to do this?
Upcoming OSR Seminars | ||
---|---|---|
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead! | ||
Kernel Debugging | 13-17 May 2024 | Live, Online |
Developing Minifilters | 1-5 Apr 2024 | Live, Online |
Internals & Software Drivers | 11-15 Mar 2024 | Live, Online |
Writing WDF Drivers | 26 Feb - 1 Mar 2024 | Live, Online |
Comments
Can-t help you about the other issue
Perhaps review https://learn.microsoft.com/en-us/windows-hardware/drivers/dashboard/code-signing-cert-manage.
You haven't explicitly said you're selecting an EV certificate to sign SignableFile.bin with, but that's what we're assuming.
However, in addition, you need to force the digest to SHA256 using the "/fd sha256" switch to signtool.exe, and you also need to use an SHA256 time stamping service using /TR instead of /T.
Some example command lines for you in https://www.digicert.com/kb/code-signing/ev-authenticode-certificates.htm as well.
I too do not expect for company name to require an exact match to provided certificate(s), at least based on past experience.
Yes, it is an EV certificate.
I was away for a few days working on application level software. Got that release out today and came back to the driver. I had already tried /tr, but hadn't tried the /fd SHA256. I added that and the sign file uploaded. I was close, but left out one flag.
I didn't find those links in my searching. In the page where they give you the file to sign, they give you a link to the documentation for the sign tool, but no indication of which flags you're supposed to use. Microsoft frequently provides links that aren't very helpful. It's massively annoying.
Thank you
It took several tries but I finally got the account approved. We had to upload a bunch of documents proving the website was legitimate.