I plan to modify one of my customer’s drivers. But first, I want to test it. I tried installing it on a VM on my Mac, but it’s not signed. I’ve tried to test-sign it following Microsoft’s online directions to no avail. Does anyone know the steps to go through to test a driver, via signing or other means, using a test machine in a different location than the development machine?
bcdedit -set testsigning on , and reboot.
Turn Driver signing enforcement off to test unsigned drivers. https://www.howtogeek.com/167723/how-to-disable-driver-signature-verification-on-64-bit-windows-8.1-so-that-you-can-install-unsigned-drivers/
You can’t just turn testsigning on. You also have to install your test signing certificate in the root certification authority path on the test machine.
Much easier, since you’re testing this driver: Just hook the kernel debugger up to the (virtual) machine. Use networking or a virtual serial port. You’ll be good to go.
Peter
If it’s your test system and you have a debugger, use .kdfiles command to replace your binary.
Calvin
Something that was not mentioned above is that there still is a 32-bit version of Windows, if you do some part of the testing on that you do not need to sign the drivers (also if you run the test system in a virtual machine I think the 32-bit version use a lot less memory)
One more thing:
PV:> You can’t just turn testsigning on. You also have to install your test signing certificate in the root certification authority path on the test machine.
In my experience Windows 10 will load any SHA-1 testsigned driver if you enable testsigning with bcdedit, is this right? (And I verifyed that it does not load an unsigned driver so that part work as expected)
In my experience Windows 10 will load any SHA-1 testsigned driver if you enable testsigning with bcdedit, is this right?
Hat has not been my experience, no.
Peter
Hi. Check this page.
- https://docs.microsoft.com/en-us/windows-hardware/drivers/install/the-testsigning-boot-configuration-option
- https://docs.microsoft.com/en-us/windows-hardware/drivers/install/test-signing
You can load test signed driver on windows 10 64bit.
- TESTSIGNING ON flag
- Attach kernel debugger.
- Advanced Boot Option → disable driver signature enforcement.
On the page that lucidmaj7 links to it says:
“The operating system loader and the kernel load drivers that are signed by any certificate. The certificate validation is not required to chain up to a trusted root certification authority. However, each driver image file must have a digital signature.”
This is consistent with my observation and in oposite to what has been claimed above.