The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
Can we find the digital signature of the user-mode app inside our kernel mode WDM dispatch function, and check it to make sure the executable file of the user-mode process has our own certificate/signature or not? If so, how can i do this in kernel mode inside my dispatch function? for example inside the handler for irp_mj_device_control, how can i check the digital signature of the user mode app that is sending me the ICOTL?
Therefore make sure that only a executable with our own digital signature can communicate with us.
|Upcoming OSR Seminars|
|OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!|
|Internals & Software Drivers||15 November 2021||Live, Online|
|Writing WDF Drivers||TBD||Live, Online|
|Developing Minifilters||7 February 2022||Live, Online|
|Kernel Debugging||21 March 2022||Live, Online|