Hi Everyone,
First of all, I would like to thank this great community which helped me learn driver development and had answers to many question I couldn’t figure out. Unfortunately I’m struggling with a new problem and I couldn’t find any answers to it after searching thoroughly and hence my first question submission.
For our new project, we are designing an APO to be installed with our software. Equalizer APO helped me a lot in designing and coding our APO: https://sourceforge.net/projects/equalizerapo/
So our APO is quite similar to that.
I wanted to make our APO work in Vista and later operating systems so the APO will run as LFX/GFX APO since SFX/MFX/EFX isn’t avaiable earliear than 8.1. Everything works fine during development by using DisableProtectedAudioDG = 0 flag in registry. Only problem left now is the installation where I started to get problems. Let me summarize my installation+signing steps:
- Build APO dll for x86 and x64 OS.
- Sign DLLs with our company’s EV certificate, build a cab file, get the microsoft do the attestation signing. (To be honest I have no idea how that should be done, for our filter drivers these are the steps I follow, so I assumed it would be similar).
- Now the DLL is signed, for the installation I simply copy the DLL to our program’s folder. Use regsvr32 to register the DLL.
- In the settings of our applications, users can choose the devices they want to use the APO with. This updates MMDevice registry settings to put our APO as GFX to chosen device.
Now if I have DisableProtectedAudioDG = 0 , it works without any issues. But once I remove this flag and restart, audio engine can’t load our DLL. No sound comes for a couple of seconds and then I think it ignores APO from there on. I’ve tried to trace the problem. In the event viewer security logs, I saw an error message (6281):
Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification.
I think the issue might be with the signatures or how the dll is installed. INF file of the DLL:
[Version]
Class=MEDIA
ClassGUID={4d36e96c-e325-11ce-bfc1-08002be10318}
signature="$Windows NT$"
Provider = %Provider%
DriverVer=04/29/2019,1.0.0
CatalogFile=myapo32.cat
[SourceDisksNames]
1 = %DiskId1%,,,""
[SourceDisksFiles]
myapo32.dll = 1,,
[SignatureAttributes]
myapo32.dll=SignatureAttributes.PETrust
myapo32.dll=SignatureAttributes.DRM
[SignatureAttributes.DRM]
DRMLevel=1300
[SignatureAttributes.PETrust]
PETrust=true
[DestinationDirs]
DefaultDestDir = 11
[Manufacturer]
%MfgName%=testing.section
[testing.section]
[Strings]
Provider = "Testing"
MfgName="Testing"
DiskId1 = ""
As you can see, INF file is quite simple. I only used INF file to create a submission for attestation signing. Maybe I should use it to install the DLL, but I’m not sure how. For our other kernel mode drivers, we have DDInstall etc. in the INF file which we use through SetupAPI to install. But I’m not sure how to install from Manufacturer (testing.section) by using SetupAPI functions, as the right click and choosing “Install” from INF file isn’t supported without DDInstall section or something along these lines I guess?
Any help, suggestion is much appreciated, thank you for all your time and reading my post.
Regards,
Yusuf Tas