We are currently working on a Windows device driver based on Jungo’s WinDriver (not really the important part) framework. We have a VeriSign certificate and no issues with the signing process or the driver functionality.
However, during installation testing (on Windows 7) we are seeing some odd behavior regarding the Windows Security dialog that asks for install confirmation during the driver install.
In that dialog 3 fields seem to be displayed (ASCII’fied quote):
±---------------------------------------------------------------------+
| Windows Security |
±---------------------------------------------------------------------|
| Would you like to install this device software? |
| |
| Name: |
| Publisher: |
| |
±---------------------------------------------------------------------+
| <> Always trust software from “” [INSTALL] [DON’T INSTALL] |
±---------------------------------------------------------------------|
| Security info / warning etc. |
±---------------------------------------------------------------------+
Now for some reason and are the same text. Which makes the dialog look kind of weird. This information comes from the INF file (at least that’s what I believe right now) but so far I couldn’t find detailed information on where it takes it from.
Right now it looks like it repeats the content of the “Provider” information in the INF file twice for some unknown (at least to me) reason.
Has anyone with more experience in this area (INF files, driver installs etc.) an idea what could cause this behavior?
Or maybe a link to some more information on what information from the INF file gets used in these dialog’s?
Thanks for taking the time to read this and any advise regarding the issue.
-T
[Small update] Only the first value () seems to come out of the INF. Where does the other one come from? I the resource file used to create the *.SYS file and it doesn’t look like it’s from there.
Building a driver with Jungo is a bad idea, rewrite it with KMDF.
Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
“xxxxx@web.de” wrote in message
news:xxxxx@ntdev:
> We are currently working on a Windows device driver based on Jungo’s WinDriver (not really the important part) framework. We have a VeriSign certificate and no issues with the signing process or the driver functionality.
>
> However, during installation testing (on Windows 7) we are seeing some odd behavior regarding the Windows Security dialog that asks for install confirmation during the driver install.
>
> In that dialog 3 fields seem to be displayed (ASCII’fied quote):
>
> ±---------------------------------------------------------------------+
> | Windows Security |
> ±---------------------------------------------------------------------|
> | Would you like to install this device software? |
> | |
> | Name: |
> | Publisher: |
> | |
> ±---------------------------------------------------------------------+
> | <> Always trust software from “” [INSTALL] [DON’T INSTALL] |
> ±---------------------------------------------------------------------|
> | Security info / warning etc. |
> ±---------------------------------------------------------------------+
>
> Now for some reason and are the same text. Which makes the dialog look kind of weird. This information comes from the INF file (at least that’s what I believe right now) but so far I couldn’t find detailed information on where it takes it from.
>
> Right now it looks like it repeats the content of the “Provider” information in the INF file twice for some unknown (at least to me) reason.
>
> Has anyone with more experience in this area (INF files, driver installs etc.) an idea what could cause this behavior?
>
> Or maybe a link to some more information on what information from the INF file gets used in these dialog’s?
>
> Thanks for taking the time to read this and any advise regarding the issue.
> -T
>
> [Small update] Only the first value () seems to come out of the INF. Where does the other one come from? I the resource file used to create the *.SYS file and it doesn’t look like it’s from there.
Basically I agree with Don, dump Jungo as soon as possible and go to KMDF ? but ? that’s NOT the cause for the installation problem. Have you physically looked at your certificate? Do you see the duplicated information in your certificate? Barring that, how about the INF file?
Gary Little
H (952) 223-1349
C (952) 454-4629
xxxxx@comcast.net
On Jan 10, 2012, at 3:38 PM, xxxxx@web.de wrote:
We are currently working on a Windows device driver based on Jungo’s WinDriver (not really the important part) framework. We have a VeriSign certificate and no issues with the signing process or the driver functionality.
However, during installation testing (on Windows 7) we are seeing some odd behavior regarding the Windows Security dialog that asks for install confirmation during the driver install.
In that dialog 3 fields seem to be displayed (ASCII’fied quote):
±---------------------------------------------------------------------+
| Windows Security |
±---------------------------------------------------------------------|
| Would you like to install this device software? |
| |
| Name: |
> | Publisher: |
> | |
> ±---------------------------------------------------------------------+
> | <> Always trust software from “” [INSTALL] [DON’T INSTALL] |
> ±---------------------------------------------------------------------|
> | Security info / warning etc. |
> ±---------------------------------------------------------------------+
>
> Now for some reason and are the same text. Which makes the dialog look kind of weird. This information comes from the INF file (at least that’s what I believe right now) but so far I couldn’t find detailed information on where it takes it from.
>
> Right now it looks like it repeats the content of the “Provider” information in the INF file twice for some unknown (at least to me) reason.
>
> Has anyone with more experience in this area (INF files, driver installs etc.) an idea what could cause this behavior?
>
> Or maybe a link to some more information on what information from the INF file gets used in these dialog’s?
>
> Thanks for taking the time to read this and any advise regarding the issue.
> -T
>
> [Small update] Only the first value () seems to come out of the INF. Where does the other one come from? I the resource file used to create the *.SYS file and it doesn’t look like it’s from there.
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
Hi Don,
And thanks for taking a look at the question. I understand the argument for trying to avoid 3rd party middleware solutions when possible. However, this kind of decision is not always in the power of the developer. And also often has to do with considerations regarding time-to-market and internally available experience/skill levels with driver development “from scratch” in general 
However, the issue at hand seems to be more related to the INF file and less with the underlying framework.
Below is a copy of the INF file in question just in case (<…> are edits for content):
[Version]
Signature=$CHICAGO$
Provider=%PROVIDERNAME%
CatalogFile.NTamd64=.cat
DriverVer=,
Class=
ClassGuid={}
;---------------------------------------------------------------;
; Driver Information
;---------------------------------------------------------------;
[Manufacturer]
%PROVIDERNAME%=DeviceList,NTamd64
; x86 platform, Win9x, Windows 2000 and later
[DeviceList]
%DESCRIPTION%=DriverInstall,
; x64 platform, Windows XP x64 edition and later
[DeviceList.NTamd64]
%DESCRIPTION%=DriverInstall,
;---------------------------------------------------------------;
;---------------------------------------------------------------;
; Source/Destination Information
;---------------------------------------------------------------;
[DestinationDirs]
DefaultDestDir=10,System32\Drivers
[SourceDisksFiles]
.sys=1
[SourceDisksNames]
;1=%INSTDISK%,.
;Delete the above line and uncomment the next line for WHQL
1 = %INSTDISK%,.cat,
;---------------------------------------------------------------;
;---------------------------------------------------------------;
; Installation Section
;---------------------------------------------------------------;
; Installation script for Windows 2000 and later
[DriverInstall.NT]
CopyFiles=DriverCopyFiles
[DriverCopyFiles]
.sys,0x22 ; COPYFLG_NOSKIP | COPYFLG_NO_VERSION_DIALOG
[DriverInstall.NT.hw]
AddReg=DriverHwAddReg
[DriverHwAddReg]
HKR,SampleInfo,“”
; Register a new class in Windows 2000 and later
[ClassInstall32] ; Register a new class in Windows 2000 and later
AddReg=UpDateRegistry
[UpDateRegistry]
HKR,
HKR,Icon,-5
; Add device driver service
[DriverInstall.NT.Services]
AddService=, 0x00000002, DriverService
[DriverService]
ServiceType = 1 ; SERVICE_KERNEL_DRIVER
StartType = 3 ; SERVICE_DEMAND_START
ErrorControl = 1 ; SERVICE_ERROR_NORMAL
ServiceBinary = %10%\system32\drivers<our driver name>.sys
;------------------------------------------------------------------------------
; String Definitions
;------------------------------------------------------------------------------
[Strings]
PROVIDERNAME=
DESCRIPTION=
INSTDISK=“Driver Installation Disk”
Hi Gary,
Thanks for taking a look at the question. As for the certificate content: The SUBJECT entry in the certificate holds the parts of the string that shows up in .
However if it is taken from there the algorithm seems to be not exactly straight forward.
Given the SUBJECT information
CN =
OU =
OU = Digital ID Class 3 - Microsoft Software Validation v2
O =
L =
S =
C =
The content of would then be a combination in the following way:
“<1st word of CN or O entry> <1st and 2nd word of OU line one>”
(Note: does not to be “cut off”)
>dialog look kind of weird. This information comes from the INF file (at least that’s what I believe right
I think this is the device description and the setup class name.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
Thanks for the reply Maxim.
Together with Maxim’s input and some digging in the registry we believe we were finally able to resolve the origin of the dialog content. Here are the details to safe other some time.
Using the dialog example again:
±---------------------------------------------------------------------+
| Windows Security |
±---------------------------------------------------------------------|
| Would you like to install this device software? |
| |
| Name: |
| Publisher: |
| |
±---------------------------------------------------------------------+
| <> Always trust software from “” [INSTALL] [DON’T INSTALL] |
±---------------------------------------------------------------------|
| Security info / warning etc. |
±---------------------------------------------------------------------+
The fields are resolved as follows:
Equals the value under “Provider” in you INF file
Seems to have multiple cases:
- In cases where the device class already exists this value equals the value of “ClassDesc” in the appropriate registry key. (Found under: HKLM\SYSTEM\ControlSet001\Control\Class<the guid of your device class>)
- However, for system internal device classes the value appears not to be displayed although “ClassDesc” is not empty. It could also be that the value is not resolved correctly or just ignored “by choice” in these cases.
- Nothing will be displayed if this particular installation is the first time this device class is introduced to the system.
Seems to simple equal the CN value from the certificate used to sign the driver.
Maybe there is still a little more to it but hopefully this will at least help point somebody looking for the same information into the right direction.
Hi,
? your research is valuable and consistent with what I see. I happen to have a provider name + class name which don’t fit into the whole space alloted for the static text.
Thanks,
? Calin