Attestation signing a kernel service (non PnP) driver

ie no inf file. How do you submit it for signing?

Sysdev just pointed me back to the stock documentation, which says submit the sys and inf file in a cab file, ie, useless, as always.

So how does one submit it?

Thanks in advance for any help on this.

You can create an inf file even though you don’t use it.

Bill Wandel

-----Original Message-----
From: xxxxx@lists.osr.com
On Behalf Of xxxxx@hotmail.com
Sent: Wednesday, March 14, 2018 5:20 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Attestation signing a kernel service (non PnP) driver

ie no inf file. How do you submit it for signing?

Sysdev just pointed me back to the stock documentation, which says submit
the sys and inf file in a cab file, ie, useless, as always.

So how does one submit it?

Thanks in advance for any help on this.


NTDEV is sponsored by OSR

Visit the list online at:
http:

MONTHLY seminars on crash dump analysis, WDF, Windows internals and software
drivers!
Details at http:

To unsubscribe, visit the List Server section of OSR Online at
http:</http:></http:></http:>

OK, I thought that was probably the way to do it. So I guess this results in a signed cat file rather than signing the sys file itself.

Shame sysdev cant sign sys file on its own without needing an inf file.

Thanks Bill

>So I guess this results in a

signed cat file rather than signing the sys file itself.

BOTH get signed – the CAT and the SYS file.

Shame sysdev cant sign sys file on its own
without needing an inf file.

Why? Then you’d just need to create some OTHER type of infrastructure file that describes the file to be signed. An INF file is already well know and semi-universal.

Note that you CAN use an INF file to install a non-PnP driver:

https:

or see the “nonPNP” sample driver that is/was in the WDK.

Peter
OSR
@OSRDrivers</https:>

xxxxx@hotmail.com wrote:

OK, I thought that was probably the way to do it. So I guess this results in a signed cat file rather than signing the sys file itself.

Shame sysdev cant sign sys file on its own without needing an inf file.

Wrong.  The attestation signing creates a brand new CAT file and signs
it, but it also signs every executable file in your package.


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.