driver signing howto

Hi,
I am having trouble signing a PNP device for win2k3 64 bits mode.
I have all the required stuff from verisign, I made the cat file and signed
it using signtool.exe
The setting in my win2k3 box is to warn on unsigned drivers.
Now, when I install the driver in the first time, everything looks OK and
the machine seems to agree that the driver is signed.
My INF file contains a CopyINF directive that copies the file into the
\windows\inf directory so in case another device with the appropriate
hardware ID arrives, the machine will use my driver to control this device.
Unfortunately, after the first successful installation, every time a new
device reaches the system, I have to use hardware wizard and the machine
claims that now my driver is unsigned.
I am having great trouble debugging such stuff, one thought was that when
the machine copied the inf file and changed its name, it broke the catalog
file validation since the catalog file contains the inf file name.
Searching the archives and the web didn’t give me too much to work with. Is
there some howto document that describes the process?
I believe that I am not the only developer grappling with such stuff as
vista 64 bits will enforce driver signing, so such a guide will be a very
welcome contribution to the driver writers community.

Thanks,
Eran.

Device installation should copy the INF for you without the CopyINF
directive. It will become c:\windows\inf\oemN.inf where N is a unique
number. This should be sufficient to reach your goal of having the next
device install your driver.

Try that before you go much further.

-p

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
Sent: Wednesday, March 22, 2006 8:44 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] driver signing howto

Hi,
I am having trouble signing a PNP device for win2k3 64 bits mode.
I have all the required stuff from verisign, I made the cat file and
signed it using signtool.exe The setting in my win2k3 box is to warn on
unsigned drivers.
Now, when I install the driver in the first time, everything looks OK
and the machine seems to agree that the driver is signed.
My INF file contains a CopyINF directive that copies the file into the
\windows\inf directory so in case another device with the appropriate
hardware ID arrives, the machine will use my driver to control this
device.
Unfortunately, after the first successful installation, every time a new
device reaches the system, I have to use hardware wizard and the machine
claims that now my driver is unsigned.
I am having great trouble debugging such stuff, one thought was that
when the machine copied the inf file and changed its name, it broke the
catalog file validation since the catalog file contains the inf file
name.
Searching the archives and the web didn’t give me too much to work with.
Is there some howto document that describes the process?
I believe that I am not the only developer grappling with such stuff as
vista 64 bits will enforce driver signing, so such a guide will be a
very welcome contribution to the driver writers community.

Thanks,
Eran.


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Hi,
I did try your suggestion and indeed the OS doesn’t complain about the
driver begin unsigned.
However, each time a new instance of the device appears, the OS still needs
user intervention via device manager/update driver before calling my
Driver’s AddDevice routine for the new device.
Please note that when I choose update driver, the OS automatically use my
driver without further complaints.
I believe that problem is somewhere in my catalog file, here is how my cdf
file looks like:
[CatalogHeader]
Name=tdps.cat
ResultDir=.\
PublicVersion=0x00000001
EncodingType=

[CatalogFiles]
tdps.inf=.\tdps.inf
tdps_r3_0.sys=.\tdps_r3_0.sys

The devices we are talking about are virtual scsi processor device that are
reported to the OS by the machine’s qlogic HBA driver.

Attached below is the setupapi.log messages after a new scsi processor
device appears. (setupapi log level is set to the maximum)

Thanks,
Eran.


[2006/03/23 10:43:33 688.4]
#-198 Command line processed: C:\WINDOWS\system32\services.exe
@ 10:43:33.296 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
(Language = 0409).
[2006/03/23 10:43:33 688.3 Driver Install]
#-019 Searching for hardware ID(s):
scsi\processor___cisco______VIRTUAL_ID3.0_,scsi\processor___cisco______VIRTUAL_ID,scsi\processor___cisco,scsi___cisco______VIRTUAL_ID3
#-018 Searching for compatible ID(s): scsi\processor,scsi\raw
#-198 Command line processed: C:\WINDOWS\system32\services.exe
@ 10:43:33.125 #V005 Opened the PNF file of “C:\WINDOWS\inf\oem1.inf”
(Language = 0409).
#I022 Found “SCSI\Processor___CISCO______SANTAP_CVT” in
C:\WINDOWS\inf\oem1.inf; Device: “VIRTUAL_ID3 control device(Do not disable
or uninstall)”; Driver: “VIRTUAL_ID control device(Do not disable or
uninstall)”; Provider: “Topio Inc.”; Mfg: “Topio”; Section name:
“TDPS_Device”.
#I023 Actual install section: [TDPS_Device.NT]. Rank: 0x00000001. Driver
date: 01/01/1601. Version: 0.
#-166 Device install function: DIF_SELECTBESTCOMPATDRV.
#I063 Selected driver installs from section [TDPS_Device] in
“c:\windows\inf\oem1.inf”.
#I320 Class GUID of device remains: {30CE9DB7-0F79-4BB3-B91B-04F5A925A821}.
#I060 Set selected driver.
#I058 Selected best compatible driver.
#-166 Device install function: DIF_INSTALLDEVICEFILES.
#I124 Doing copy-only install of “SCSI\PROCESSOR&VEN_TOPIO&PROD_VIRTUAL_ID3
&REV_3.0\5&2076D632&0&040”.
@ 10:43:33.343 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
(Language = 0409).
#-011 Installing section [TDPS_Device.NT] from “c:\windows\inf\oem1.inf”.
@ 10:43:33.375 #V005 Opened the PNF file of “C:\WINDOWS\INF\drvindex.inf”
(Language = 0409).
@ 10:43:33.390 #V094 Queued copy from section [TDPS_Device.NT.Copy] in
“c:\windows\inf\oem1.inf”: “TDPS_R3_0.sys” to “TDPS_R3_0.sys” with flags
0x00001024, target directory is “C:\WINDOWS\system32\DRIVERS”.
@ 10:43:33.406 #V095 Source in section [sourcedisksfiles] in
“c:\windows\inf\oem1.inf”; Media=1 Description=“TDPS Device Installation
Disk #1” Tag=“” Path=“”.
@ 10:43:33.515 #V432 A valid signature for file
“C:\WINDOWS\INF\certclas.inf” (key “certclas.inf”) was found in an installed
catalog
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5INF.CAT”.
@ 10:43:33.531 #V005 Opened the PNF file of “C:\WINDOWS\INF\certclas.inf”
(Language = 0409).
@ 10:43:33.546 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
(Language = 0409).
@ 10:43:33.593 #I433 Verifying file “c:\windows\inf\oem1.inf” (key
“tdps.inf”) against an installed catalog
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”
failed. Error 0x800b0109: A certificate chain processed, but terminated in a
root certificate which is not trusted by the trust provider.
#I442 A valid signature for file “c:\windows\inf\oem1.inf” (key “tdps.inf”)
was found in an installed Authenticode™ catalog
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”.
Error 0xe0000242: The publisher of an Authenticode™ signed catalog has
not yet been established as trusted.
#E358 An unsigned, incorrectly signed, or Authenticode™ signed file
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”
for driver “SANTAP CVT control device(Do not disable or uninstall)” blocked
(server install). Error 0xe0000242: The publisher of an Authenticode™
signed catalog has not yet been established as trusted.
#E122 Device install failed. Error 0xe0000243: The publisher of an
Authenticode™ signed catalog was not established as trusted.
#E157 Default installer failed. Error 0xe0000243: The publisher of an
Authenticode™ signed catalog was not established as trusted.

“Peter Wieland” wrote in message
news:xxxxx@ntdev…
Device installation should copy the INF for you without the CopyINF
directive. It will become c:\windows\inf\oemN.inf where N is a unique
number. This should be sufficient to reach your goal of having the next
device install your driver.

Try that before you go much further.

-p

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
Sent: Wednesday, March 22, 2006 8:44 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] driver signing howto

Hi,
I am having trouble signing a PNP device for win2k3 64 bits mode.
I have all the required stuff from verisign, I made the cat file and
signed it using signtool.exe The setting in my win2k3 box is to warn on
unsigned drivers.
Now, when I install the driver in the first time, everything looks OK
and the machine seems to agree that the driver is signed.
My INF file contains a CopyINF directive that copies the file into the
\windows\inf directory so in case another device with the appropriate
hardware ID arrives, the machine will use my driver to control this
device.
Unfortunately, after the first successful installation, every time a new
device reaches the system, I have to use hardware wizard and the machine
claims that now my driver is unsigned.
I am having great trouble debugging such stuff, one thought was that
when the machine copied the inf file and changed its name, it broke the
catalog file validation since the catalog file contains the inf file
name.
Searching the archives and the web didn’t give me too much to work with.
Is there some howto document that describes the process?
I believe that I am not the only developer grappling with such stuff as
vista 64 bits will enforce driver signing, so such a guide will be a
very welcome contribution to the driver writers community.

Thanks,
Eran.


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Well this looks suspicious:

Error 0xe0000242: The publisher of an Authenticode™ signed catalog has
not yet been established as trusted.

If you open your .cat file from the command line it will show you the certificate path & you can walk through that to try and figure out which cert in the path isn’t trusted.

-p


From: xxxxx@lists.osr.com on behalf of Eran Borovik
Sent: Thu 3/23/2006 1:10 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] driver signing howto

Hi,
I did try your suggestion and indeed the OS doesn’t complain about the
driver begin unsigned.
However, each time a new instance of the device appears, the OS still needs
user intervention via device manager/update driver before calling my
Driver’s AddDevice routine for the new device.
Please note that when I choose update driver, the OS automatically use my
driver without further complaints.
I believe that problem is somewhere in my catalog file, here is how my cdf
file looks like:
[CatalogHeader]
Name=tdps.cat
ResultDir=.\
PublicVersion=0x00000001
EncodingType=

[CatalogFiles]
tdps.inf=.\tdps.inf
tdps_r3_0.sys=.\tdps_r3_0.sys

The devices we are talking about are virtual scsi processor device that are
reported to the OS by the machine’s qlogic HBA driver.

Attached below is the setupapi.log messages after a new scsi processor
device appears. (setupapi log level is set to the maximum)

Thanks,
Eran.


[2006/03/23 10:43:33 688.4]
#-198 Command line processed: C:\WINDOWS\system32\services.exe
@ 10:43:33.296 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
(Language = 0409).
[2006/03/23 10:43:33 688.3 Driver Install]
#-019 Searching for hardware ID(s):
scsi\processor___cisco______VIRTUAL_ID3.0_,scsi\processor___cisco______VIRTUAL_ID,scsi\processor___cisco,scsi___cisco______VIRTUAL_ID3
#-018 Searching for compatible ID(s): scsi\processor,scsi\raw
#-198 Command line processed: C:\WINDOWS\system32\services.exe
@ 10:43:33.125 #V005 Opened the PNF file of “C:\WINDOWS\inf\oem1.inf”
(Language = 0409).
#I022 Found “SCSI\Processor___CISCO______SANTAP_CVT” in
C:\WINDOWS\inf\oem1.inf; Device: “VIRTUAL_ID3 control device(Do not disable
or uninstall)”; Driver: “VIRTUAL_ID control device(Do not disable or
uninstall)”; Provider: “Topio Inc.”; Mfg: “Topio”; Section name:
“TDPS_Device”.
#I023 Actual install section: [TDPS_Device.NT]. Rank: 0x00000001. Driver
date: 01/01/1601. Version: 0.
#-166 Device install function: DIF_SELECTBESTCOMPATDRV.
#I063 Selected driver installs from section [TDPS_Device] in
“c:\windows\inf\oem1.inf”.
#I320 Class GUID of device remains: {30CE9DB7-0F79-4BB3-B91B-04F5A925A821}.
#I060 Set selected driver.
#I058 Selected best compatible driver.
#-166 Device install function: DIF_INSTALLDEVICEFILES.
#I124 Doing copy-only install of “SCSI\PROCESSOR&VEN_TOPIO&PROD_VIRTUAL_ID3
&REV_3.0\5&2076D632&0&040”.
@ 10:43:33.343 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
(Language = 0409).
#-011 Installing section [TDPS_Device.NT] from “c:\windows\inf\oem1.inf”.
@ 10:43:33.375 #V005 Opened the PNF file of “C:\WINDOWS\INF\drvindex.inf”
(Language = 0409).
@ 10:43:33.390 #V094 Queued copy from section [TDPS_Device.NT.Copy] in
“c:\windows\inf\oem1.inf”: “TDPS_R3_0.sys” to “TDPS_R3_0.sys” with flags
0x00001024, target directory is “C:\WINDOWS\system32\DRIVERS”.
@ 10:43:33.406 #V095 Source in section [sourcedisksfiles] in
“c:\windows\inf\oem1.inf”; Media=1 Description=“TDPS Device Installation
Disk #1” Tag=“” Path=“”.
@ 10:43:33.515 #V432 A valid signature for file
“C:\WINDOWS\INF\certclas.inf” (key “certclas.inf”) was found in an installed
catalog
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5INF.CAT”.
@ 10:43:33.531 #V005 Opened the PNF file of “C:\WINDOWS\INF\certclas.inf”
(Language = 0409).
@ 10:43:33.546 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
(Language = 0409).
@ 10:43:33.593 #I433 Verifying file “c:\windows\inf\oem1.inf” (key
“tdps.inf”) against an installed catalog
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”
failed. Error 0x800b0109: A certificate chain processed, but terminated in a
root certificate which is not trusted by the trust provider.
#I442 A valid signature for file “c:\windows\inf\oem1.inf” (key “tdps.inf”)
was found in an installed Authenticode™ catalog
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”.
Error 0xe0000242: The publisher of an Authenticode™ signed catalog has
not yet been established as trusted.
#E358 An unsigned, incorrectly signed, or Authenticode™ signed file
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”
for driver “SANTAP CVT control device(Do not disable or uninstall)” blocked
(server install). Error 0xe0000242: The publisher of an Authenticode™
signed catalog has not yet been established as trusted.
#E122 Device install failed. Error 0xe0000243: The publisher of an
Authenticode™ signed catalog was not established as trusted.
#E157 Default installer failed. Error 0xe0000243: The publisher of an
Authenticode™ signed catalog was not established as trusted.

“Peter Wieland” wrote in message
news:xxxxx@ntdev…
Device installation should copy the INF for you without the CopyINF
directive. It will become c:\windows\inf\oemN.inf where N is a unique
number. This should be sufficient to reach your goal of having the next
device install your driver.

Try that before you go much further.

-p

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
Sent: Wednesday, March 22, 2006 8:44 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] driver signing howto

Hi,
I am having trouble signing a PNP device for win2k3 64 bits mode.
I have all the required stuff from verisign, I made the cat file and
signed it using signtool.exe The setting in my win2k3 box is to warn on
unsigned drivers.
Now, when I install the driver in the first time, everything looks OK
and the machine seems to agree that the driver is signed.
My INF file contains a CopyINF directive that copies the file into the
\windows\inf directory so in case another device with the appropriate
hardware ID arrives, the machine will use my driver to control this
device.
Unfortunately, after the first successful installation, every time a new
device reaches the system, I have to use hardware wizard and the machine
claims that now my driver is unsigned.
I am having great trouble debugging such stuff, one thought was that
when the machine copied the inf file and changed its name, it broke the
catalog file validation since the catalog file contains the inf file
name.
Searching the archives and the web didn’t give me too much to work with.
Is there some howto document that describes the process?
I believe that I am not the only developer grappling with such stuff as
vista 64 bits will enforce driver signing, so such a guide will be a
very welcome contribution to the driver writers community.

Thanks,
Eran.


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer


Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

Re:[ntdev] driver signing howtoHi,
Thanks for your reply.
I did install our cat file certificate in the test machine. For some reason
I couldn’t install it under “Trusted root certificates authorities” (It gave
me a successful window box but I couldn’t see the certificates in internet
explorer) so I installed it under trusted publishers.
The certificate path I have is:
Verisign Class 3 public primary CA
Verisign Class 3 code signing 2004 CA
Topio Inc.

The first certificate( Verisign Class 3 public primary CA) is under the
“Trusted root certificate authorities” and the remainig two are under
“trusted publishers”.
Even then, I get the same behaviour that the installation doesn’t occur
automatically, but only after I enter hardware wizard and select the “Search
for driver software automatically”.
Is there something wrong with what I did this far?
Also, Is it a requirement to force the user to install our certificate
before installing out drivers?

Thanks,
Eran.

“Peter Wieland” wrote in message
news:xxxxx@ntdev…
Well this looks suspicious:

Error 0xe0000242: The publisher of an Authenticode™ signed catalog has
not yet been established as trusted.

If you open your .cat file from the command line it will show you the
certificate path & you can walk through that to try and figure out which
cert in the path isn’t trusted.

-p

From: xxxxx@lists.osr.com on behalf of Eran Borovik
Sent: Thu 3/23/2006 1:10 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] driver signing howto

Hi,
I did try your suggestion and indeed the OS doesn’t complain about the
driver begin unsigned.
However, each time a new instance of the device appears, the OS still needs
user intervention via device manager/update driver before calling my
Driver’s AddDevice routine for the new device.
Please note that when I choose update driver, the OS automatically use my
driver without further complaints.
I believe that problem is somewhere in my catalog file, here is how my cdf
file looks like:
[CatalogHeader]
Name=tdps.cat
ResultDir=.<br>PublicVersion=0x00000001
EncodingType=

[CatalogFiles]
tdps.inf=.\tdps.inf
tdps_r3_0.sys=.\tdps_r3_0.sys

The devices we are talking about are virtual scsi processor device that are
reported to the OS by the machine’s qlogic HBA driver.

Attached below is the setupapi.log messages after a new scsi processor
device appears. (setupapi log level is set to the maximum)

Thanks,
Eran.

-------------------------------------------------------------------------------------------
[2006/03/23 10:43:33 688.4]
#-198 Command line processed: C:\WINDOWS\system32\services.exe
@ 10:43:33.296 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
(Language = 0409).
[2006/03/23 10:43:33 688.3 Driver Install]
#-019 Searching for hardware ID(s):
scsi\processor cisco___ VIRTUAL_ID3.0_,scsi\processor cisco___ VIRTUAL_ID,scsi\processor cisco,scsi cisco______VIRTUAL_ID3
#-018 Searching for compatible ID(s): scsi\processor,scsi\raw
#-198 Command line processed: C:\WINDOWS\system32\services.exe
@ 10:43:33.125 #V005 Opened the PNF file of “C:\WINDOWS\inf\oem1.inf”
(Language = 0409).
#I022 Found “SCSI\Processor___CISCO ______ SANTAP_CVT” in
C:\WINDOWS\inf\oem1.inf; Device: “VIRTUAL_ID3 control device(Do not disable
or uninstall)”; Driver: “VIRTUAL_ID control device(Do not disable or
uninstall)”; Provider: “Topio Inc.”; Mfg: “Topio”; Section name:
“TDPS_Device”.
#I023 Actual install section: [TDPS_Device.NT]. Rank: 0x00000001. Driver
date: 01/01/1601. Version: 0.
#-166 Device install function: DIF_SELECTBESTCOMPATDRV.
#I063 Selected driver installs from section [TDPS_Device] in
“c:\windows\inf\oem1.inf”.
#I320 Class GUID of device remains: {30CE9DB7-0F79-4BB3-B91B-04F5A925A821}.
#I060 Set selected driver.
#I058 Selected best compatible driver.
#-166 Device install function: DIF_INSTALLDEVICEFILES.
#I124 Doing copy-only install of “SCSI\PROCESSOR&VEN_TOPIO&PROD_VIRTUAL_ID3
&REV_3.0\5&2076D632&0&040”.
@ 10:43:33.343 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
(Language = 0409).
#-011 Installing section [TDPS_Device.NT] from “c:\windows\inf\oem1.inf”.
@ 10:43:33.375 #V005 Opened the PNF file of “C:\WINDOWS\INF\drvindex.inf”
(Language = 0409).
@ 10:43:33.390 #V094 Queued copy from section [TDPS_Device.NT.Copy] in
“c:\windows\inf\oem1.inf”: “TDPS_R3_0.sys” to “TDPS_R3_0.sys” with flags
0x00001024, target directory is “C:\WINDOWS\system32\DRIVERS”.
@ 10:43:33.406 #V095 Source in section [sourcedisksfiles] in
“c:\windows\inf\oem1.inf”; Media=1 Description=“TDPS Device Installation
Disk #1” Tag=“” Path=“”.
@ 10:43:33.515 #V432 A valid signature for file
“C:\WINDOWS\INF\certclas.inf” (key “certclas.inf”) was found in an installed
catalog
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5INF.CAT”.
@ 10:43:33.531 #V005 Opened the PNF file of “C:\WINDOWS\INF\certclas.inf”
(Language = 0409).
@ 10:43:33.546 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
(Language = 0409).
@ 10:43:33.593 #I433 Verifying file “c:\windows\inf\oem1.inf” (key
“tdps.inf”) against an installed catalog
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”
failed. Error 0x800b0109: A certificate chain processed, but terminated in a
root certificate which is not trusted by the trust provider.
#I442 A valid signature for file “c:\windows\inf\oem1.inf” (key “tdps.inf”)
was found in an installed Authenticode™ catalog
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”.
Error 0xe0000242: The publisher of an Authenticode™ signed catalog has
not yet been established as trusted.
#E358 An unsigned, incorrectly signed, or Authenticode™ signed file
“C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”
for driver “SANTAP CVT control device(Do not disable or uninstall)” blocked
(server install). Error 0xe0000242: The publisher of an Authenticode™
signed catalog has not yet been established as trusted.
#E122 Device install failed. Error 0xe0000243: The publisher of an
Authenticode™ signed catalog was not established as trusted.
#E157 Default installer failed. Error 0xe0000243: The publisher of an
Authenticode™ signed catalog was not established as trusted.

“Peter Wieland” wrote in message
news:xxxxx@ntdev…
Device installation should copy the INF for you without the CopyINF
directive. It will become c:\windows\inf\oemN.inf where N is a unique
number. This should be sufficient to reach your goal of having the next
device install your driver.

Try that before you go much further.

-p

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
Sent: Wednesday, March 22, 2006 8:44 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] driver signing howto

Hi,
I am having trouble signing a PNP device for win2k3 64 bits mode.
I have all the required stuff from verisign, I made the cat file and
signed it using signtool.exe The setting in my win2k3 box is to warn on
unsigned drivers.
Now, when I install the driver in the first time, everything looks OK
and the machine seems to agree that the driver is signed.
My INF file contains a CopyINF directive that copies the file into the
\windows\inf directory so in case another device with the appropriate
hardware ID arrives, the machine will use my driver to control this
device.
Unfortunately, after the first successful installation, every time a new
device reaches the system, I have to use hardware wizard and the machine
claims that now my driver is unsigned.
I am having great trouble debugging such stuff, one thought was that
when the machine copied the inf file and changed its name, it broke the
catalog file validation since the catalog file contains the inf file
name.
Searching the archives and the web didn’t give me too much to work with.
Is there some howto document that describes the process?
I believe that I am not the only developer grappling with such stuff as
vista 64 bits will enforce driver signing, so such a guide will be a
very welcome contribution to the driver writers community.

Thanks,
Eran.


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer


Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

Hi,
I finally managed to make the machine call my AddDevice routine by using the
mmc.exe console (Certificate snap-in) and import my spc file into the
trusted publisher certificates.
Is it reasonable to demand the user to install my spc file before installing
my signed driver?

Thanks,
Eran.

“Eran Borovik” wrote in message news:xxxxx@ntdev…
> Re:[ntdev] driver signing howtoHi,
> Thanks for your reply.
> I did install our cat file certificate in the test machine. For some
> reason I couldn’t install it under “Trusted root certificates authorities”
> (It gave me a successful window box but I couldn’t see the certificates in
> internet explorer) so I installed it under trusted publishers.
> The certificate path I have is:
> Verisign Class 3 public primary CA
> Verisign Class 3 code signing 2004 CA
> Topio Inc.
>
> The first certificate( Verisign Class 3 public primary CA) is under the
> “Trusted root certificate authorities” and the remainig two are under
> “trusted publishers”.
> Even then, I get the same behaviour that the installation doesn’t occur
> automatically, but only after I enter hardware wizard and select the
> “Search for driver software automatically”.
> Is there something wrong with what I did this far?
> Also, Is it a requirement to force the user to install our certificate
> before installing out drivers?
>
> Thanks,
> Eran.
>
>
>
> “Peter Wieland” wrote in message
> news:xxxxx@ntdev…
> Well this looks suspicious:
>
> Error 0xe0000242: The publisher of an Authenticode™ signed catalog has
> not yet been established as trusted.
>
> If you open your .cat file from the command line it will show you the
> certificate path & you can walk through that to try and figure out which
> cert in the path isn’t trusted.
>
> -p
>
>
>
> From: xxxxx@lists.osr.com on behalf of Eran Borovik
> Sent: Thu 3/23/2006 1:10 AM
> To: Windows System Software Devs Interest List
> Subject: Re:[ntdev] driver signing howto
>
>
> Hi,
> I did try your suggestion and indeed the OS doesn’t complain about the
> driver begin unsigned.
> However, each time a new instance of the device appears, the OS still
> needs
> user intervention via device manager/update driver before calling my
> Driver’s AddDevice routine for the new device.
> Please note that when I choose update driver, the OS automatically use my
> driver without further complaints.
> I believe that problem is somewhere in my catalog file, here is how my cdf
> file looks like:
> [CatalogHeader]
> Name=tdps.cat
> ResultDir=.<br>> PublicVersion=0x00000001
> EncodingType=
>
> [CatalogFiles]
> tdps.inf=.\tdps.inf
> tdps_r3_0.sys=.\tdps_r3_0.sys
>
> The devices we are talking about are virtual scsi processor device that
> are
> reported to the OS by the machine’s qlogic HBA driver.
>
> Attached below is the setupapi.log messages after a new scsi processor
> device appears. (setupapi log level is set to the maximum)
>
> Thanks,
> Eran.
>
> -------------------------------------------------------------------------------------------
> [2006/03/23 10:43:33 688.4]
> #-198 Command line processed: C:\WINDOWS\system32\services.exe
> @ 10:43:33.296 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
> (Language = 0409).
> [2006/03/23 10:43:33 688.3 Driver Install]
> #-019 Searching for hardware ID(s):
> scsi\processor cisco___ VIRTUAL_ID3.0_,scsi\processor cisco___ VIRTUAL_ID,scsi\processor cisco,scsi cisco______VIRTUAL_ID3
> #-018 Searching for compatible ID(s): scsi\processor,scsi\raw
> #-198 Command line processed: C:\WINDOWS\system32\services.exe
> @ 10:43:33.125 #V005 Opened the PNF file of “C:\WINDOWS\inf\oem1.inf”
> (Language = 0409).
> #I022 Found “SCSI\Processor___CISCO ______ SANTAP_CVT” in
> C:\WINDOWS\inf\oem1.inf; Device: “VIRTUAL_ID3 control device(Do not
> disable
> or uninstall)”; Driver: “VIRTUAL_ID control device(Do not disable or
> uninstall)”; Provider: “Topio Inc.”; Mfg: “Topio”; Section name:
> “TDPS_Device”.
> #I023 Actual install section: [TDPS_Device.NT]. Rank: 0x00000001. Driver
> date: 01/01/1601. Version: 0.
> #-166 Device install function: DIF_SELECTBESTCOMPATDRV.
> #I063 Selected driver installs from section [TDPS_Device] in
> “c:\windows\inf\oem1.inf”.
> #I320 Class GUID of device remains:
> {30CE9DB7-0F79-4BB3-B91B-04F5A925A821}.
> #I060 Set selected driver.
> #I058 Selected best compatible driver.
> #-166 Device install function: DIF_INSTALLDEVICEFILES.
> #I124 Doing copy-only install of
> “SCSI\PROCESSOR&VEN_TOPIO&PROD_VIRTUAL_ID3
> &REV_3.0\5&2076D632&0&040”.
> @ 10:43:33.343 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
> (Language = 0409).
> #-011 Installing section [TDPS_Device.NT] from “c:\windows\inf\oem1.inf”.
> @ 10:43:33.375 #V005 Opened the PNF file of “C:\WINDOWS\INF\drvindex.inf”
> (Language = 0409).
> @ 10:43:33.390 #V094 Queued copy from section [TDPS_Device.NT.Copy] in
> “c:\windows\inf\oem1.inf”: “TDPS_R3_0.sys” to “TDPS_R3_0.sys” with flags
> 0x00001024, target directory is “C:\WINDOWS\system32\DRIVERS”.
> @ 10:43:33.406 #V095 Source in section [sourcedisksfiles] in
> “c:\windows\inf\oem1.inf”; Media=1 Description=“TDPS Device Installation
> Disk #1” Tag=“” Path=“”.
> @ 10:43:33.515 #V432 A valid signature for file
> “C:\WINDOWS\INF\certclas.inf” (key “certclas.inf”) was found in an
> installed
> catalog
> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5INF.CAT”.
> @ 10:43:33.531 #V005 Opened the PNF file of “C:\WINDOWS\INF\certclas.inf”
> (Language = 0409).
> @ 10:43:33.546 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
> (Language = 0409).
> @ 10:43:33.593 #I433 Verifying file “c:\windows\inf\oem1.inf” (key
> “tdps.inf”) against an installed catalog
> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”
> failed. Error 0x800b0109: A certificate chain processed, but terminated in
> a
> root certificate which is not trusted by the trust provider.
> #I442 A valid signature for file “c:\windows\inf\oem1.inf” (key
> “tdps.inf”)
> was found in an installed Authenticode™ catalog
> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”.
> Error 0xe0000242: The publisher of an Authenticode™ signed catalog has
> not yet been established as trusted.
> #E358 An unsigned, incorrectly signed, or Authenticode™ signed file
> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT”
> for driver “SANTAP CVT control device(Do not disable or uninstall)”
> blocked
> (server install). Error 0xe0000242: The publisher of an Authenticode™
> signed catalog has not yet been established as trusted.
> #E122 Device install failed. Error 0xe0000243: The publisher of an
> Authenticode™ signed catalog was not established as trusted.
> #E157 Default installer failed. Error 0xe0000243: The publisher of an
> Authenticode™ signed catalog was not established as trusted.
>
>
>
>
>
> “Peter Wieland” wrote in message
> news:xxxxx@ntdev…
> Device installation should copy the INF for you without the CopyINF
> directive. It will become c:\windows\inf\oemN.inf where N is a unique
> number. This should be sufficient to reach your goal of having the next
> device install your driver.
>
> Try that before you go much further.
>
> -p
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
> Sent: Wednesday, March 22, 2006 8:44 AM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] driver signing howto
>
> Hi,
> I am having trouble signing a PNP device for win2k3 64 bits mode.
> I have all the required stuff from verisign, I made the cat file and
> signed it using signtool.exe The setting in my win2k3 box is to warn on
> unsigned drivers.
> Now, when I install the driver in the first time, everything looks OK
> and the machine seems to agree that the driver is signed.
> My INF file contains a CopyINF directive that copies the file into the
> \windows\inf directory so in case another device with the appropriate
> hardware ID arrives, the machine will use my driver to control this
> device.
> Unfortunately, after the first successful installation, every time a new
> device reaches the system, I have to use hardware wizard and the machine
> claims that now my driver is unsigned.
> I am having great trouble debugging such stuff, one thought was that
> when the machine copied the inf file and changed its name, it broke the
> catalog file validation since the catalog file contains the inf file
> name.
> Searching the archives and the web didn’t give me too much to work with.
> Is there some howto document that describes the process?
> I believe that I am not the only developer grappling with such stuff as
> vista 64 bits will enforce driver signing, so such a guide will be a
> very welcome contribution to the driver writers community.
>
> Thanks,
> Eran.
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>

Which OS is this targeted at and what type of driver is it?

Support for self-signed drivers is OS release specific.

=====================
Mark Roddy DDK MVP
Windows 2003/XP/2000 Consulting
Hollis Technology Solutions 603-321-1032
www.hollistech.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
Sent: Monday, March 27, 2006 2:23 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] driver signing howto

Hi,
I finally managed to make the machine call my AddDevice
routine by using the mmc.exe console (Certificate snap-in)
and import my spc file into the trusted publisher certificates.
Is it reasonable to demand the user to install my spc file
before installing my signed driver?

Thanks,
Eran.

“Eran Borovik” wrote in message
> news:xxxxx@ntdev…
> > Re:[ntdev] driver signing howtoHi,
> > Thanks for your reply.
> > I did install our cat file certificate in the test machine.
> For some
> > reason I couldn’t install it under “Trusted root
> certificates authorities”
> > (It gave me a successful window box but I couldn’t see the
> > certificates in internet explorer) so I installed it under
> trusted publishers.
> > The certificate path I have is:
> > Verisign Class 3 public primary CA
> > Verisign Class 3 code signing 2004 CA
> > Topio Inc.
> >
> > The first certificate( Verisign Class 3 public primary CA) is under
> > the “Trusted root certificate authorities” and the remainig two are
> > under “trusted publishers”.
> > Even then, I get the same behaviour that the installation doesn’t
> > occur automatically, but only after I enter hardware wizard
> and select
> > the “Search for driver software automatically”.
> > Is there something wrong with what I did this far?
> > Also, Is it a requirement to force the user to install our
> certificate
> > before installing out drivers?
> >
> > Thanks,
> > Eran.
> >
> >
> >
> > “Peter Wieland” wrote in message
> > news:xxxxx@ntdev…
> > Well this looks suspicious:
> >
> > Error 0xe0000242: The publisher of an Authenticode™
> signed catalog
> > has not yet been established as trusted.
> >
> > If you open your .cat file from the command line it will
> show you the
> > certificate path & you can walk through that to try and figure out
> > which cert in the path isn’t trusted.
> >
> > -p
> >
> >
> >
> > From: xxxxx@lists.osr.com on behalf of Eran Borovik
> > Sent: Thu 3/23/2006 1:10 AM
> > To: Windows System Software Devs Interest List
> > Subject: Re:[ntdev] driver signing howto
> >
> >
> > Hi,
> > I did try your suggestion and indeed the OS doesn’t
> complain about the
> > driver begin unsigned.
> > However, each time a new instance of the device appears,
> the OS still
> > needs user intervention via device manager/update driver before
> > calling my Driver’s AddDevice routine for the new device.
> > Please note that when I choose update driver, the OS
> automatically use
> > my driver without further complaints.
> > I believe that problem is somewhere in my catalog file,
> here is how my
> > cdf file looks like:
> > [CatalogHeader]
> > Name=tdps.cat
> > ResultDir=.<br>> > PublicVersion=0x00000001
> > EncodingType=
> >
> > [CatalogFiles]
> > tdps.inf=.\tdps.inf
> > tdps_r3_0.sys=.\tdps_r3_0.sys
> >
> > The devices we are talking about are virtual scsi processor device
> > that are reported to the OS by the machine’s qlogic HBA driver.
> >
> > Attached below is the setupapi.log messages after a new
> scsi processor
> > device appears. (setupapi log level is set to the maximum)
> >
> > Thanks,
> > Eran.
> >
> >
> ----------------------------------------------------------------------
> > ---------------------
> > [2006/03/23 10:43:33 688.4]
> > #-198 Command line processed: C:\WINDOWS\system32\services.exe @
> > 10:43:33.296 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
> > (Language = 0409).
> > [2006/03/23 10:43:33 688.3 Driver Install]
> > #-019 Searching for hardware ID(s):
> >
> scsi\processor cisco___ VIRTUAL_ID3.0_,scsi\processor cisco__
> > _VIRTUAL_ID,scsi\processor cisco,scsi cisco______VIRTUAL_ID3
> > #-018 Searching for compatible ID(s): scsi\processor,scsi\raw
> > #-198 Command line processed: C:\WINDOWS\system32\services.exe @
> > 10:43:33.125 #V005 Opened the PNF file of “C:\WINDOWS\inf\oem1.inf”
> > (Language = 0409).
> > #I022 Found “SCSI\Processor___CISCO ______ SANTAP_CVT” in
> > C:\WINDOWS\inf\oem1.inf; Device: “VIRTUAL_ID3 control device(Do not
> > disable or uninstall)”; Driver: “VIRTUAL_ID control device(Do not
> > disable or uninstall)”; Provider: “Topio Inc.”; Mfg:
> “Topio”; Section
> > name:
> > “TDPS_Device”.
> > #I023 Actual install section: [TDPS_Device.NT]. Rank: 0x00000001.
> > Driver
> > date: 01/01/1601. Version: 0.
> > #-166 Device install function: DIF_SELECTBESTCOMPATDRV.
> > #I063 Selected driver installs from section [TDPS_Device] in
> > “c:\windows\inf\oem1.inf”.
> > #I320 Class GUID of device remains:
> > {30CE9DB7-0F79-4BB3-B91B-04F5A925A821}.
> > #I060 Set selected driver.
> > #I058 Selected best compatible driver.
> > #-166 Device install function: DIF_INSTALLDEVICEFILES.
> > #I124 Doing copy-only install of
> > “SCSI\PROCESSOR&VEN_TOPIO&PROD_VIRTUAL_ID3
> > &REV_3.0\5&2076D632&0&040”.
> > @ 10:43:33.343 #V005 Opened the PNF file of
> “c:\windows\inf\oem1.inf”
> > (Language = 0409).
> > #-011 Installing section [TDPS_Device.NT] from
> “c:\windows\inf\oem1.inf”.
> > @ 10:43:33.375 #V005 Opened the PNF file of
> “C:\WINDOWS\INF\drvindex.inf”
> > (Language = 0409).
> > @ 10:43:33.390 #V094 Queued copy from section
> [TDPS_Device.NT.Copy] in
> > “c:\windows\inf\oem1.inf”: “TDPS_R3_0.sys” to “TDPS_R3_0.sys” with
> > flags 0x00001024, target directory is “C:\WINDOWS\system32\DRIVERS”.
> > @ 10:43:33.406 #V095 Source in section [sourcedisksfiles] in
> > “c:\windows\inf\oem1.inf”; Media=1 Description=“TDPS Device
> > Installation Disk #1” Tag=“” Path=“”.
> > @ 10:43:33.515 #V432 A valid signature for file
> > “C:\WINDOWS\INF\certclas.inf” (key “certclas.inf”) was found in an
> > installed catalog
> >
> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
> 95EE}\NT5INF.CAT”.
> > @ 10:43:33.531 #V005 Opened the PNF file of
> “C:\WINDOWS\INF\certclas.inf”
> > (Language = 0409).
> > @ 10:43:33.546 #V005 Opened the PNF file of
> “c:\windows\inf\oem1.inf”
> > (Language = 0409).
> > @ 10:43:33.593 #I433 Verifying file “c:\windows\inf\oem1.inf” (key
> > “tdps.inf”) against an installed catalog
> >
> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
> 95EE}\oem1.CAT”
> > failed. Error 0x800b0109: A certificate chain processed, but
> > terminated in a root certificate which is not trusted by the trust
> > provider.
> > #I442 A valid signature for file “c:\windows\inf\oem1.inf” (key
> > “tdps.inf”)
> > was found in an installed Authenticode™ catalog
> >
> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
> 95EE}\oem1.CAT”.
> > Error 0xe0000242: The publisher of an Authenticode™
> signed catalog
> > has not yet been established as trusted.
> > #E358 An unsigned, incorrectly signed, or Authenticode™
> signed file
> >
> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
> 95EE}\oem1.CAT”
> > for driver “SANTAP CVT control device(Do not disable or uninstall)”
> > blocked
> > (server install). Error 0xe0000242: The publisher of an
> > Authenticode™ signed catalog has not yet been
> established as trusted.
> > #E122 Device install failed. Error 0xe0000243: The publisher of an
> > Authenticode™ signed catalog was not established as trusted.
> > #E157 Default installer failed. Error 0xe0000243: The
> publisher of an
> > Authenticode™ signed catalog was not established as trusted.
> >
> >
> >
> >
> >
> > “Peter Wieland” wrote in message
> > news:xxxxx@ntdev…
> > Device installation should copy the INF for you without the CopyINF
> > directive. It will become c:\windows\inf\oemN.inf where N
> is a unique
> > number. This should be sufficient to reach your goal of having the
> > next device install your driver.
> >
> > Try that before you go much further.
> >
> > -p
> >
> > -----Original Message-----
> > From: xxxxx@lists.osr.com
> > [mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
> > Sent: Wednesday, March 22, 2006 8:44 AM
> > To: Windows System Software Devs Interest List
> > Subject: [ntdev] driver signing howto
> >
> > Hi,
> > I am having trouble signing a PNP device for win2k3 64 bits mode.
> > I have all the required stuff from verisign, I made the cat
> file and
> > signed it using signtool.exe The setting in my win2k3 box
> is to warn
> > on unsigned drivers.
> > Now, when I install the driver in the first time,
> everything looks OK
> > and the machine seems to agree that the driver is signed.
> > My INF file contains a CopyINF directive that copies the
> file into the
> > \windows\inf directory so in case another device with the
> appropriate
> > hardware ID arrives, the machine will use my driver to control this
> > device.
> > Unfortunately, after the first successful installation,
> every time a
> > new device reaches the system, I have to use hardware
> wizard and the
> > machine claims that now my driver is unsigned.
> > I am having great trouble debugging such stuff, one thought
> was that
> > when the machine copied the inf file and changed its name, it broke
> > the catalog file validation since the catalog file contains the inf
> > file name.
> > Searching the archives and the web didn’t give me too much
> to work with.
> > Is there some howto document that describes the process?
> > I believe that I am not the only developer grappling with
> such stuff
> > as vista 64 bits will enforce driver signing, so such a
> guide will be
> > a very welcome contribution to the driver writers community.
> >
> > Thanks,
> > Eran.
> >
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
> >
> >
> >
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> > http://www.osronline.com/article.cfm?id=256
> >
> > To unsubscribe, visit the List Server section of OSR Online at
> > http://www.osronline.com/page.cfm?name=ListServer
> >
> >
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online
> at http://www.osronline.com/page.cfm?name=ListServer
>

Hi,
The target OS is win2k3 SP1 64 bits. The driver is a PNP driver. One of its
hardware ID(Listed in the inf file) is the hardware ID of virtual SCSI
processor devices that are discoverd by the HBA in the SAN.

Thanks,
Eran.

“Mark Roddy” wrote in message news:xxxxx@ntdev…
> Which OS is this targeted at and what type of driver is it?
>
> Support for self-signed drivers is OS release specific.
>
> =====================
> Mark Roddy DDK MVP
> Windows 2003/XP/2000 Consulting
> Hollis Technology Solutions 603-321-1032
> www.hollistech.com
>
>> -----Original Message-----
>> From: xxxxx@lists.osr.com
>> [mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
>> Sent: Monday, March 27, 2006 2:23 AM
>> To: Windows System Software Devs Interest List
>> Subject: Re:[ntdev] driver signing howto
>>
>> Hi,
>> I finally managed to make the machine call my AddDevice
>> routine by using the mmc.exe console (Certificate snap-in)
>> and import my spc file into the trusted publisher certificates.
>> Is it reasonable to demand the user to install my spc file
>> before installing my signed driver?
>>
>> Thanks,
>> Eran.
>>
>> “Eran Borovik” wrote in message
>> news:xxxxx@ntdev…
>> > Re:[ntdev] driver signing howtoHi,
>> > Thanks for your reply.
>> > I did install our cat file certificate in the test machine.
>> For some
>> > reason I couldn’t install it under “Trusted root
>> certificates authorities”
>> > (It gave me a successful window box but I couldn’t see the
>> > certificates in internet explorer) so I installed it under
>> trusted publishers.
>> > The certificate path I have is:
>> > Verisign Class 3 public primary CA
>> > Verisign Class 3 code signing 2004 CA
>> > Topio Inc.
>> >
>> > The first certificate( Verisign Class 3 public primary CA) is under
>> > the “Trusted root certificate authorities” and the remainig two are
>> > under “trusted publishers”.
>> > Even then, I get the same behaviour that the installation doesn’t
>> > occur automatically, but only after I enter hardware wizard
>> and select
>> > the “Search for driver software automatically”.
>> > Is there something wrong with what I did this far?
>> > Also, Is it a requirement to force the user to install our
>> certificate
>> > before installing out drivers?
>> >
>> > Thanks,
>> > Eran.
>> >
>> >
>> >
>> > “Peter Wieland” wrote in message
>> > news:xxxxx@ntdev…
>> > Well this looks suspicious:
>> >
>> > Error 0xe0000242: The publisher of an Authenticode™
>> signed catalog
>> > has not yet been established as trusted.
>> >
>> > If you open your .cat file from the command line it will
>> show you the
>> > certificate path & you can walk through that to try and figure out
>> > which cert in the path isn’t trusted.
>> >
>> > -p
>> >
>> >
>> >
>> > From: xxxxx@lists.osr.com on behalf of Eran Borovik
>> > Sent: Thu 3/23/2006 1:10 AM
>> > To: Windows System Software Devs Interest List
>> > Subject: Re:[ntdev] driver signing howto
>> >
>> >
>> > Hi,
>> > I did try your suggestion and indeed the OS doesn’t
>> complain about the
>> > driver begin unsigned.
>> > However, each time a new instance of the device appears,
>> the OS still
>> > needs user intervention via device manager/update driver before
>> > calling my Driver’s AddDevice routine for the new device.
>> > Please note that when I choose update driver, the OS
>> automatically use
>> > my driver without further complaints.
>> > I believe that problem is somewhere in my catalog file,
>> here is how my
>> > cdf file looks like:
>> > [CatalogHeader]
>> > Name=tdps.cat
>> > ResultDir=.<br>>> > PublicVersion=0x00000001
>> > EncodingType=
>> >
>> > [CatalogFiles]
>> > tdps.inf=.\tdps.inf
>> > tdps_r3_0.sys=.\tdps_r3_0.sys
>> >
>> > The devices we are talking about are virtual scsi processor device
>> > that are reported to the OS by the machine’s qlogic HBA driver.
>> >
>> > Attached below is the setupapi.log messages after a new
>> scsi processor
>> > device appears. (setupapi log level is set to the maximum)
>> >
>> > Thanks,
>> > Eran.
>> >
>> >
>> ----------------------------------------------------------------------
>> > ---------------------
>> > [2006/03/23 10:43:33 688.4]
>> > #-198 Command line processed: C:\WINDOWS\system32\services.exe @
>> > 10:43:33.296 #V005 Opened the PNF file of “c:\windows\inf\oem1.inf”
>> > (Language = 0409).
>> > [2006/03/23 10:43:33 688.3 Driver Install]
>> > #-019 Searching for hardware ID(s):
>> >
>> scsi\processor cisco___ VIRTUAL_ID3.0_,scsi\processor cisco__
>> > _VIRTUAL_ID,scsi\processor cisco,scsi cisco______VIRTUAL_ID3
>> > #-018 Searching for compatible ID(s): scsi\processor,scsi\raw
>> > #-198 Command line processed: C:\WINDOWS\system32\services.exe @
>> > 10:43:33.125 #V005 Opened the PNF file of “C:\WINDOWS\inf\oem1.inf”
>> > (Language = 0409).
>> > #I022 Found “SCSI\Processor___CISCO ______ SANTAP_CVT” in
>> > C:\WINDOWS\inf\oem1.inf; Device: “VIRTUAL_ID3 control device(Do not
>> > disable or uninstall)”; Driver: “VIRTUAL_ID control device(Do not
>> > disable or uninstall)”; Provider: “Topio Inc.”; Mfg:
>> “Topio”; Section
>> > name:
>> > “TDPS_Device”.
>> > #I023 Actual install section: [TDPS_Device.NT]. Rank: 0x00000001.
>> > Driver
>> > date: 01/01/1601. Version: 0.
>> > #-166 Device install function: DIF_SELECTBESTCOMPATDRV.
>> > #I063 Selected driver installs from section [TDPS_Device] in
>> > “c:\windows\inf\oem1.inf”.
>> > #I320 Class GUID of device remains:
>> > {30CE9DB7-0F79-4BB3-B91B-04F5A925A821}.
>> > #I060 Set selected driver.
>> > #I058 Selected best compatible driver.
>> > #-166 Device install function: DIF_INSTALLDEVICEFILES.
>> > #I124 Doing copy-only install of
>> > “SCSI\PROCESSOR&VEN_TOPIO&PROD_VIRTUAL_ID3
>> > &REV_3.0\5&2076D632&0&040”.
>> > @ 10:43:33.343 #V005 Opened the PNF file of
>> “c:\windows\inf\oem1.inf”
>> > (Language = 0409).
>> > #-011 Installing section [TDPS_Device.NT] from
>> “c:\windows\inf\oem1.inf”.
>> > @ 10:43:33.375 #V005 Opened the PNF file of
>> “C:\WINDOWS\INF\drvindex.inf”
>> > (Language = 0409).
>> > @ 10:43:33.390 #V094 Queued copy from section
>> [TDPS_Device.NT.Copy] in
>> > “c:\windows\inf\oem1.inf”: “TDPS_R3_0.sys” to “TDPS_R3_0.sys” with
>> > flags 0x00001024, target directory is “C:\WINDOWS\system32\DRIVERS”.
>> > @ 10:43:33.406 #V095 Source in section [sourcedisksfiles] in
>> > “c:\windows\inf\oem1.inf”; Media=1 Description=“TDPS Device
>> > Installation Disk #1” Tag=“” Path=“”.
>> > @ 10:43:33.515 #V432 A valid signature for file
>> > “C:\WINDOWS\INF\certclas.inf” (key “certclas.inf”) was found in an
>> > installed catalog
>> >
>> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
>> 95EE}\NT5INF.CAT”.
>> > @ 10:43:33.531 #V005 Opened the PNF file of
>> “C:\WINDOWS\INF\certclas.inf”
>> > (Language = 0409).
>> > @ 10:43:33.546 #V005 Opened the PNF file of
>> “c:\windows\inf\oem1.inf”
>> > (Language = 0409).
>> > @ 10:43:33.593 #I433 Verifying file “c:\windows\inf\oem1.inf” (key
>> > “tdps.inf”) against an installed catalog
>> >
>> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
>> 95EE}\oem1.CAT”
>> > failed. Error 0x800b0109: A certificate chain processed, but
>> > terminated in a root certificate which is not trusted by the trust
>> > provider.
>> > #I442 A valid signature for file “c:\windows\inf\oem1.inf” (key
>> > “tdps.inf”)
>> > was found in an installed Authenticode™ catalog
>> >
>> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
>> 95EE}\oem1.CAT”.
>> > Error 0xe0000242: The publisher of an Authenticode™
>> signed catalog
>> > has not yet been established as trusted.
>> > #E358 An unsigned, incorrectly signed, or Authenticode™
>> signed file
>> >
>> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
>> 95EE}\oem1.CAT”
>> > for driver “SANTAP CVT control device(Do not disable or uninstall)”
>> > blocked
>> > (server install). Error 0xe0000242: The publisher of an
>> > Authenticode™ signed catalog has not yet been
>> established as trusted.
>> > #E122 Device install failed. Error 0xe0000243: The publisher of an
>> > Authenticode™ signed catalog was not established as trusted.
>> > #E157 Default installer failed. Error 0xe0000243: The
>> publisher of an
>> > Authenticode™ signed catalog was not established as trusted.
>> >
>> >
>> >
>> >
>> >
>> > “Peter Wieland” wrote in message
>> > news:xxxxx@ntdev…
>> > Device installation should copy the INF for you without the CopyINF
>> > directive. It will become c:\windows\inf\oemN.inf where N
>> is a unique
>> > number. This should be sufficient to reach your goal of having the
>> > next device install your driver.
>> >
>> > Try that before you go much further.
>> >
>> > -p
>> >
>> > -----Original Message-----
>> > From: xxxxx@lists.osr.com
>> > [mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
>> > Sent: Wednesday, March 22, 2006 8:44 AM
>> > To: Windows System Software Devs Interest List
>> > Subject: [ntdev] driver signing howto
>> >
>> > Hi,
>> > I am having trouble signing a PNP device for win2k3 64 bits mode.
>> > I have all the required stuff from verisign, I made the cat
>> file and
>> > signed it using signtool.exe The setting in my win2k3 box
>> is to warn
>> > on unsigned drivers.
>> > Now, when I install the driver in the first time,
>> everything looks OK
>> > and the machine seems to agree that the driver is signed.
>> > My INF file contains a CopyINF directive that copies the
>> file into the
>> > \windows\inf directory so in case another device with the
>> appropriate
>> > hardware ID arrives, the machine will use my driver to control this
>> > device.
>> > Unfortunately, after the first successful installation,
>> every time a
>> > new device reaches the system, I have to use hardware
>> wizard and the
>> > machine claims that now my driver is unsigned.
>> > I am having great trouble debugging such stuff, one thought
>> was that
>> > when the machine copied the inf file and changed its name, it broke
>> > the catalog file validation since the catalog file contains the inf
>> > file name.
>> > Searching the archives and the web didn’t give me too much
>> to work with.
>> > Is there some howto document that describes the process?
>> > I believe that I am not the only developer grappling with
>> such stuff
>> > as vista 64 bits will enforce driver signing, so such a
>> guide will be
>> > a very welcome contribution to the driver writers community.
>> >
>> > Thanks,
>> > Eran.
>> >
>> >
>> >
>> > —
>> > Questions? First check the Kernel Driver FAQ at
>> > http://www.osronline.com/article.cfm?id=256
>> >
>> > To unsubscribe, visit the List Server section of OSR Online at
>> > http://www.osronline.com/page.cfm?name=ListServer
>> >
>> >
>> >
>> >
>> >
>> > —
>> > Questions? First check the Kernel Driver FAQ at
>> > http://www.osronline.com/article.cfm?id=256
>> >
>> > To unsubscribe, visit the List Server section of OSR Online at
>> > http://www.osronline.com/page.cfm?name=ListServer
>> >
>> >
>>
>>
>>
>> —
>> Questions? First check the Kernel Driver FAQ at
>> http://www.osronline.com/article.cfm?id=256
>>
>> To unsubscribe, visit the List Server section of OSR Online
>> at http://www.osronline.com/page.cfm?name=ListServer
>>
>
>
>
>

OK - I could be wrong - but I think that on that OS you have to install your
certificate either as part of the OS install process or on a domain server
availble to your test machine.

=====================
Mark Roddy DDK MVP
Windows 2003/XP/2000 Consulting
Hollis Technology Solutions 603-321-1032
www.hollistech.com

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
Sent: Wednesday, March 29, 2006 5:04 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] driver signing howto

Hi,
The target OS is win2k3 SP1 64 bits. The driver is a PNP
driver. One of its hardware ID(Listed in the inf file) is
the hardware ID of virtual SCSI processor devices that are
discoverd by the HBA in the SAN.

Thanks,
Eran.

“Mark Roddy” wrote in message
> news:xxxxx@ntdev…
> > Which OS is this targeted at and what type of driver is it?
> >
> > Support for self-signed drivers is OS release specific.
> >
> > =====================
> > Mark Roddy DDK MVP
> > Windows 2003/XP/2000 Consulting
> > Hollis Technology Solutions 603-321-1032 www.hollistech.com
> >
> >> -----Original Message-----
> >> From: xxxxx@lists.osr.com
> >> [mailto:xxxxx@lists.osr.com] On Behalf Of Eran Borovik
> >> Sent: Monday, March 27, 2006 2:23 AM
> >> To: Windows System Software Devs Interest List
> >> Subject: Re:[ntdev] driver signing howto
> >>
> >> Hi,
> >> I finally managed to make the machine call my AddDevice routine by
> >> using the mmc.exe console (Certificate snap-in) and import my spc
> >> file into the trusted publisher certificates.
> >> Is it reasonable to demand the user to install my spc file before
> >> installing my signed driver?
> >>
> >> Thanks,
> >> Eran.
> >>
> >> “Eran Borovik” wrote in message
> >> news:xxxxx@ntdev…
> >> > Re:[ntdev] driver signing howtoHi,
> >> > Thanks for your reply.
> >> > I did install our cat file certificate in the test machine.
> >> For some
> >> > reason I couldn’t install it under “Trusted root
> >> certificates authorities”
> >> > (It gave me a successful window box but I couldn’t see the
> >> > certificates in internet explorer) so I installed it under
> >> trusted publishers.
> >> > The certificate path I have is:
> >> > Verisign Class 3 public primary CA
> >> > Verisign Class 3 code signing 2004 CA
> >> > Topio Inc.
> >> >
> >> > The first certificate( Verisign Class 3 public primary
> CA) is under
> >> > the “Trusted root certificate authorities” and the
> remainig two are
> >> > under “trusted publishers”.
> >> > Even then, I get the same behaviour that the
> installation doesn’t
> >> > occur automatically, but only after I enter hardware wizard
> >> and select
> >> > the “Search for driver software automatically”.
> >> > Is there something wrong with what I did this far?
> >> > Also, Is it a requirement to force the user to install our
> >> certificate
> >> > before installing out drivers?
> >> >
> >> > Thanks,
> >> > Eran.
> >> >
> >> >
> >> >
> >> > “Peter Wieland” wrote
> in message
> >> > news:xxxxx@ntdev…
> >> > Well this looks suspicious:
> >> >
> >> > Error 0xe0000242: The publisher of an Authenticode™
> >> signed catalog
> >> > has not yet been established as trusted.
> >> >
> >> > If you open your .cat file from the command line it will
> >> show you the
> >> > certificate path & you can walk through that to try and
> figure out
> >> > which cert in the path isn’t trusted.
> >> >
> >> > -p
> >> >
> >> >
> >> >
> >> > From: xxxxx@lists.osr.com on behalf of Eran Borovik
> >> > Sent: Thu 3/23/2006 1:10 AM
> >> > To: Windows System Software Devs Interest List
> >> > Subject: Re:[ntdev] driver signing howto
> >> >
> >> >
> >> > Hi,
> >> > I did try your suggestion and indeed the OS doesn’t
> >> complain about the
> >> > driver begin unsigned.
> >> > However, each time a new instance of the device appears,
> >> the OS still
> >> > needs user intervention via device manager/update driver before
> >> > calling my Driver’s AddDevice routine for the new device.
> >> > Please note that when I choose update driver, the OS
> >> automatically use
> >> > my driver without further complaints.
> >> > I believe that problem is somewhere in my catalog file,
> >> here is how my
> >> > cdf file looks like:
> >> > [CatalogHeader]
> >> > Name=tdps.cat
> >> > ResultDir=.<br>> >> > PublicVersion=0x00000001
> >> > EncodingType=
> >> >
> >> > [CatalogFiles]
> >> > tdps.inf=.\tdps.inf
> >> > tdps_r3_0.sys=.\tdps_r3_0.sys
> >> >
> >> > The devices we are talking about are virtual scsi
> processor device
> >> > that are reported to the OS by the machine’s qlogic HBA driver.
> >> >
> >> > Attached below is the setupapi.log messages after a new
> >> scsi processor
> >> > device appears. (setupapi log level is set to the maximum)
> >> >
> >> > Thanks,
> >> > Eran.
> >> >
> >> >
> >>
> ---------------------------------------------------------------------
> >> -
> >> > ---------------------
> >> > [2006/03/23 10:43:33 688.4]
> >> > #-198 Command line processed: C:\WINDOWS\system32\services.exe @
> >> > 10:43:33.296 #V005 Opened the PNF file of
> “c:\windows\inf\oem1.inf”
> >> > (Language = 0409).
> >> > [2006/03/23 10:43:33 688.3 Driver Install]
> >> > #-019 Searching for hardware ID(s):
> >> >
> >>
> scsi\processor cisco___ VIRTUAL_ID3.0_,scsi\processor cisco_
> >> _
> >> > _VIRTUAL_ID,scsi\processor cisco,scsi cisco______VIRTUAL_ID3
> >> > #-018 Searching for compatible ID(s): scsi\processor,scsi\raw
> >> > #-198 Command line processed: C:\WINDOWS\system32\services.exe @
> >> > 10:43:33.125 #V005 Opened the PNF file of
> “C:\WINDOWS\inf\oem1.inf”
> >> > (Language = 0409).
> >> > #I022 Found “SCSI\Processor___CISCO ______ SANTAP_CVT” in
> >> > C:\WINDOWS\inf\oem1.inf; Device: “VIRTUAL_ID3 control
> device(Do not
> >> > disable or uninstall)”; Driver: “VIRTUAL_ID control
> device(Do not
> >> > disable or uninstall)”; Provider: “Topio Inc.”; Mfg:
> >> “Topio”; Section
> >> > name:
> >> > “TDPS_Device”.
> >> > #I023 Actual install section: [TDPS_Device.NT]. Rank: 0x00000001.
> >> > Driver
> >> > date: 01/01/1601. Version: 0.
> >> > #-166 Device install function: DIF_SELECTBESTCOMPATDRV.
> >> > #I063 Selected driver installs from section [TDPS_Device] in
> >> > “c:\windows\inf\oem1.inf”.
> >> > #I320 Class GUID of device remains:
> >> > {30CE9DB7-0F79-4BB3-B91B-04F5A925A821}.
> >> > #I060 Set selected driver.
> >> > #I058 Selected best compatible driver.
> >> > #-166 Device install function: DIF_INSTALLDEVICEFILES.
> >> > #I124 Doing copy-only install of
> >> > “SCSI\PROCESSOR&VEN_TOPIO&PROD_VIRTUAL_ID3
> >> > &REV_3.0\5&2076D632&0&040”.
> >> > @ 10:43:33.343 #V005 Opened the PNF file of
> >> “c:\windows\inf\oem1.inf”
> >> > (Language = 0409).
> >> > #-011 Installing section [TDPS_Device.NT] from
> >> “c:\windows\inf\oem1.inf”.
> >> > @ 10:43:33.375 #V005 Opened the PNF file of
> >> “C:\WINDOWS\INF\drvindex.inf”
> >> > (Language = 0409).
> >> > @ 10:43:33.390 #V094 Queued copy from section
> >> [TDPS_Device.NT.Copy] in
> >> > “c:\windows\inf\oem1.inf”: “TDPS_R3_0.sys” to
> “TDPS_R3_0.sys” with
> >> > flags 0x00001024, target directory is
> “C:\WINDOWS\system32\DRIVERS”.
> >> > @ 10:43:33.406 #V095 Source in section [sourcedisksfiles] in
> >> > “c:\windows\inf\oem1.inf”; Media=1 Description=“TDPS Device
> >> > Installation Disk #1” Tag=“” Path=“”.
> >> > @ 10:43:33.515 #V432 A valid signature for file
> >> > “C:\WINDOWS\INF\certclas.inf” (key “certclas.inf”) was
> found in an
> >> > installed catalog
> >> >
> >> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
> >> 95EE}\NT5INF.CAT”.
> >> > @ 10:43:33.531 #V005 Opened the PNF file of
> >> “C:\WINDOWS\INF\certclas.inf”
> >> > (Language = 0409).
> >> > @ 10:43:33.546 #V005 Opened the PNF file of
> >> “c:\windows\inf\oem1.inf”
> >> > (Language = 0409).
> >> > @ 10:43:33.593 #I433 Verifying file
> “c:\windows\inf\oem1.inf” (key
> >> > “tdps.inf”) against an installed catalog
> >> >
> >> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
> >> 95EE}\oem1.CAT”
> >> > failed. Error 0x800b0109: A certificate chain processed, but
> >> > terminated in a root certificate which is not trusted by
> the trust
> >> > provider.
> >> > #I442 A valid signature for file “c:\windows\inf\oem1.inf” (key
> >> > “tdps.inf”)
> >> > was found in an installed Authenticode™ catalog
> >> >
> >> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
> >> 95EE}\oem1.CAT”.
> >> > Error 0xe0000242: The publisher of an Authenticode™
> >> signed catalog
> >> > has not yet been established as trusted.
> >> > #E358 An unsigned, incorrectly signed, or Authenticode™
> >> signed file
> >> >
> >> “C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC2
> >> 95EE}\oem1.CAT”
> >> > for driver “SANTAP CVT control device(Do not disable or
> uninstall)”
> >> > blocked
> >> > (server install). Error 0xe0000242: The publisher of an
> >> > Authenticode™ signed catalog has not yet been
> >> established as trusted.
> >> > #E122 Device install failed. Error 0xe0000243: The
> publisher of an
> >> > Authenticode™ signed catalog was not established as trusted.
> >> > #E157 Default installer failed. Error 0xe0000243: The
> >> publisher of an
> >> > Authenticode™ signed catalog was not established as trusted.
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > “Peter Wieland” wrote
> in message
> >> > news:xxxxx@ntdev…
> >> > Device installation should copy the INF for you without
> the CopyINF
> >> > directive. It will become c:\windows\inf\oemN.inf where N
> >> is a unique
> >> > number. This should be sufficient to reach your goal of
> having the
> >> > next device install your driver.
> >> >
> >> > Try that before you go much further.
> >> >
> >> > -p
> >> >
> >> > -----Original Message-----
> >> > From: xxxxx@lists.osr.com
> >> > [mailto:xxxxx@lists.osr.com] On Behalf Of
> Eran Borovik
> >> > Sent: Wednesday, March 22, 2006 8:44 AM
> >> > To: Windows System Software Devs Interest List
> >> > Subject: [ntdev] driver signing howto
> >> >
> >> > Hi,
> >> > I am having trouble signing a PNP device for win2k3 64 bits mode.
> >> > I have all the required stuff from verisign, I made the cat
> >> file and
> >> > signed it using signtool.exe The setting in my win2k3 box
> >> is to warn
> >> > on unsigned drivers.
> >> > Now, when I install the driver in the first time,
> >> everything looks OK
> >> > and the machine seems to agree that the driver is signed.
> >> > My INF file contains a CopyINF directive that copies the
> >> file into the
> >> > \windows\inf directory so in case another device with the
> >> appropriate
> >> > hardware ID arrives, the machine will use my driver to
> control this
> >> > device.
> >> > Unfortunately, after the first successful installation,
> >> every time a
> >> > new device reaches the system, I have to use hardware
> >> wizard and the
> >> > machine claims that now my driver is unsigned.
> >> > I am having great trouble debugging such stuff, one thought
> >> was that
> >> > when the machine copied the inf file and changed its
> name, it broke
> >> > the catalog file validation since the catalog file
> contains the inf
> >> > file name.
> >> > Searching the archives and the web didn’t give me too much
> >> to work with.
> >> > Is there some howto document that describes the process?
> >> > I believe that I am not the only developer grappling with
> >> such stuff
> >> > as vista 64 bits will enforce driver signing, so such a
> >> guide will be
> >> > a very welcome contribution to the driver writers community.
> >> >
> >> > Thanks,
> >> > Eran.
> >> >
> >> >
> >> >
> >> > —
> >> > Questions? First check the Kernel Driver FAQ at
> >> > http://www.osronline.com/article.cfm?id=256
> >> >
> >> > To unsubscribe, visit the List Server section of OSR Online at
> >> > http://www.osronline.com/page.cfm?name=ListServer
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > —
> >> > Questions? First check the Kernel Driver FAQ at
> >> > http://www.osronline.com/article.cfm?id=256
> >> >
> >> > To unsubscribe, visit the List Server section of OSR Online at
> >> > http://www.osronline.com/page.cfm?name=ListServer
> >> >
> >> >
> >>
> >>
> >>
> >> —
> >> Questions? First check the Kernel Driver FAQ at
> >> http://www.osronline.com/article.cfm?id=256
> >>
> >> To unsubscribe, visit the List Server section of OSR Online at
> >> http://www.osronline.com/page.cfm?name=ListServer
> >>
> >
> >
> >
> >
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online
> at http://www.osronline.com/page.cfm?name=ListServer
>