microsoft.public.development.device.drivers
http://groups.google.com/group/microsoft.public.development.device.drivers?hl=enmicrosoft.public.development.device.drivers@googlegroups.com
Today's topics:
* Will R200 sample in WDK6000 work when VidPN support changed to MMDMM_SUPPORT_
TEST? - 2 messages, 1 author
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/34235baa4de50a41?hl=en
* How to block system copy commands at driver level - 5 messages, 5 authors
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/2c573ec4329d1cbc?hl=en
* nonpnp driver installation fialed in vista - 1 messages, 1 author
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/c326654f1fc5708a?hl=en
* INF for 2008 x64 - 1 messages, 1 author
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/ed6caab66b0fb3c9?hl=en
* 2008 x64 signing - 4 messages, 2 authors
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/a5de999e2d4317f2?hl=en
* Remote Wakeup via USB Device Doesn't Wake Monitor Options - 1 messages, 1
author
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/27ba453c5b3cc3f9?hl=en
* IPrintOemDriverPS::DrvGetDriverSetting example - 1 messages, 1 author
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/19a2276942e2b533?hl=en
* LEGACY_DRIVER question - 1 messages, 1 author
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/cdcef8cb8419d52b?hl=en
* How to show an cn n system tray of win XP when a USB devce is plug - 5
messages, 2 authors
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/3e304b56effd0976?hl=en
* Where can I get a Full-Speed USB 2.0 Compliance test board? - 1 messages, 1
author
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/3911137b2b7cac9e?hl=en
* Jump to label - 2 messages, 2 authors
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/198317ef7afe42df?hl=en
* Register to wmi via wdf driver - 1 messages, 1 author
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/9df7f374843c9e91?hl=en
==============================================================================
TOPIC: Will R200 sample in WDK6000 work when VidPN support changed to MMDMM_
SUPPORT_TEST?
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/34235baa4de50a41?hl=en
==============================================================================
== 1 of 2 ==
Date: Fri, May 23 2008 12:17 am
From: jerry lee
In line 1887 of source file miniport.c, if changing the
dwMMDMMSupportType from MMDMM_SUPPORT_XDDM_PARITY to
MMDMM_SUPPORT_TEST, it seems that the built driver will light only
one of two pixel in VGA monitor and the rest be black. If changed
back to MMDMM_SUPPORT_XDDM_PARITY, then everything will be OK. I am
using a Radeon 8500 with 64M DDR installed.
Anyone encounter such probelm?
== 2 of 2 ==
Date: Fri, May 23 2008 4:23 am
From: jerry lee
After some tracing work, It seems all of the 4 source mode IDs used in
the VidPN test path are not included in correspoding XDDM version. Why
DDK provide VidPN test in this way?
==============================================================================
TOPIC: How to block system copy commands at driver level
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/2c573ec4329d1cbc?hl=en
==============================================================================
== 1 of 5 ==
Date: Fri, May 23 2008 12:21 am
From: "David Craig"
This question has been asked and answered many times in the last few months.
I guess there is someone out there hiring companies to implement an
anti-copy driver. Maybe they are offering a large completion payment with
nothing until it is done. The answer is NO. Until you learn how Windows
works, you cannot prevent copying and you can't understand why it cannot be
done. I can think of only one solution for Windows and it is not practical.
The other choice is to write your own OS that has different rules.
Put the data to be protected in a directory. Encrypt that directory's files
with a symmetric key or multiple keys. Store those keys on a SmartCard
protected with the public key used to encrypt them before they are added.
Issue a CD/DVD/USB drive with the files on it, a SmartCard reader, & the
fully initialized SmartCard. Write an application that permits the files to
be viewed, but does not respond to any key strokes that might copy the data
in the viewer. That still won't protect against cameras or screen capture
programs, but it is about as good as it can be done. You need a separate
encryption key for each copy of the files to provide post compromise
security. If you try and use normal programs such as Notepad, Wordpad, or
Word the data must be placed in plaintext in the buffers where another
driver can obtain access easily. The Windows filesystems just don't work if
encryption is done closer to the application unless it is within the
application's context as part of its code or an injected DLL.
"Bipin Mistry" <bpnmistry@gmail.com> wrote in message
news:6a3688db-4c57-4671-a27c-30043ef6aa32@s33g2000pri.googlegroups.com...
> Hello,
>
> How can I trace following System Copy commands and block them, so as
> secured folder/drive do not react to these commands.
>
> 1. [Ctrl + C],
> 2. Right Click Menu -> Copy
> 3. File Menu -> Copy
> 4. Command prompt copy
>
> As per me all above command will be calling a single rutine process at
> driver level.
> I am unable to identify which rutine dose it call & how can I identify
> that the any of above 4 are triggered.
>
> During my RnD till now I reached till IRP_MJ_READ & WRITE where by
> related parameters and their properties do not describe about COPY in
> specifically.
>
> Some place I read about this can be posible with keeping watch on
> Clipboard, dont know how much this will be useful, as there was no
> extra informaiton was provided.
>
> If any one can help me out for this situation then please do share
> your knowledge with me.
>
> Best regards,
> Bipin
== 2 of 5 ==
Date: Fri, May 23 2008 12:49 am
From: Bipin Mistry
Hello David,
Up to the extent I agree with you that this task can not be done
unless we know how Windows works with these events at low level.
> Put the data to be protected in a directory. Encrypt that directory's files
> with a symmetric key or multiple keys. Store those keys on a SmartCard
> protected with the public key used to encrypt them before they are added.
> Issue a CD/DVD/USB drive with the files on it, a SmartCard reader, & the
> fully initialized SmartCard. Write an application that permits the files to
> be viewed, but does not respond to any key strokes that might copy the data
> in the viewer.
I also do agree as am currently working on bit similer system, now
requirements dose says that copy protection for basic copy commands
need to be ignored/blocked when such restricted data are concerned.
If you have / come accross to know about any thing that can help me
then please do post it, so as I can work arround & complete my task.
Bipin
On May 23, 4:21 pm, "David Craig" <driv...@nowhere.us> wrote:
> This question has been asked and answered many times in the last few months.
> I guess there is someone out there hiring companies to implement an
> anti-copy driver. Maybe they are offering a large completion payment with
> nothing until it is done. The answer is NO. Until you learn how Windows
> works, you cannot prevent copying and you can't understand why it cannot be
> done. I can think of only one solution for Windows and it is not practical.
> The other choice is to write your own OS that has different rules.
>
> Put the data to be protected in a directory. Encrypt that directory's files
> with a symmetric key or multiple keys. Store those keys on a SmartCard
> protected with the public key used to encrypt them before they are added.
> Issue a CD/DVD/USB drive with the files on it, a SmartCard reader, & the
> fully initialized SmartCard. Write an application that permits the files to
> be viewed, but does not respond to any key strokes that might copy the data
> in the viewer. That still won't protect against cameras or screen capture
> programs, but it is about as good as it can be done. You need a separate
> encryption key for each copy of the files to provide post compromise
> security. If you try and use normal programs such as Notepad, Wordpad, or
> Word the data must be placed in plaintext in the buffers where another
> driver can obtain access easily. The Windows filesystems just don't work if
> encryption is done closer to the application unless it is within the
> application's context as part of its code or an injected DLL.
>
> "Bipin Mistry" <bpnmis...@gmail.com> wrote in message
>
> news:6a3688db-4c57-4671-a27c-30043ef6aa32@s33g2000pri.googlegroups.com...
>
>
>
> > Hello,
>
> > How can I trace following System Copy commands and block them, so as
> > secured folder/drive do not react to these commands.
>
> > 1. [Ctrl + C],
> > 2. Right Click Menu -> Copy
> > 3. File Menu -> Copy
> > 4. Command prompt copy
>
> > As per me all above command will be calling a single rutine process at
> > driver level.
> > I am unable to identify which rutine dose it call & how can I identify
> > that the any of above 4 are triggered.
>
> > During my RnD till now I reached till IRP_MJ_READ & WRITE where by
> > related parameters and their properties do not describe about COPY in
> > specifically.
>
> > Some place I read about this can be posible with keeping watch on
> > Clipboard, dont know how much this will be useful, as there was no
> > extra informaiton was provided.
>
> > If any one can help me out for this situation then please do share
> > your knowledge with me.
>
> > Best regards,
> > Bipin- Hide quoted text -
>
> - Show quoted text -
== 3 of 5 ==
Date: Fri, May 23 2008 5:01 am
From: "Don Burn"
And the answer is there are no basic copy commands. All you are going to
see are reads and writes, there is no concept of copying at the kernel
level. So unless you want to make a file so it cannot be read (which makes
it rather useless) you cannot stop copying. Go to http://www.osronline.com/
and join the NTFSD newsgroup, and then start reading the archives, this has
been discussed way too many times.
--
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
Remove StopSpam to reply
"Bipin Mistry" <bpnmistry@gmail.com> wrote in message
news:7b8f425d-e3c1-41c5-a321-5cb18c07899b@l17g2000pri.googlegroups.com...
Hello David,
Up to the extent I agree with you that this task can not be done
unless we know how Windows works with these events at low level.
> Put the data to be protected in a directory. Encrypt that directory's
> files
> with a symmetric key or multiple keys. Store those keys on a SmartCard
> protected with the public key used to encrypt them before they are added.
> Issue a CD/DVD/USB drive with the files on it, a SmartCard reader, & the
> fully initialized SmartCard. Write an application that permits the files
> to
> be viewed, but does not respond to any key strokes that might copy the
> data
> in the viewer.
I also do agree as am currently working on bit similer system, now
requirements dose says that copy protection for basic copy commands
need to be ignored/blocked when such restricted data are concerned.
If you have / come accross to know about any thing that can help me
then please do post it, so as I can work arround & complete my task.
Bipin
On May 23, 4:21 pm, "David Craig" <driv...@nowhere.us> wrote:
> This question has been asked and answered many times in the last few
> months.
> I guess there is someone out there hiring companies to implement an
> anti-copy driver. Maybe they are offering a large completion payment with
> nothing until it is done. The answer is NO. Until you learn how Windows
> works, you cannot prevent copying and you can't understand why it cannot
> be
> done. I can think of only one solution for Windows and it is not
> practical.
> The other choice is to write your own OS that has different rules.
>
> Put the data to be protected in a directory. Encrypt that directory's
> files
> with a symmetric key or multiple keys. Store those keys on a SmartCard
> protected with the public key used to encrypt them before they are added.
> Issue a CD/DVD/USB drive with the files on it, a SmartCard reader, & the
> fully initialized SmartCard. Write an application that permits the files
> to
> be viewed, but does not respond to any key strokes that might copy the
> data
> in the viewer. That still won't protect against cameras or screen capture
> programs, but it is about as good as it can be done. You need a separate
> encryption key for each copy of the files to provide post compromise
> security. If you try and use normal programs such as Notepad, Wordpad, or
> Word the data must be placed in plaintext in the buffers where another
> driver can obtain access easily. The Windows filesystems just don't work
> if
> encryption is done closer to the application unless it is within the
> application's context as part of its code or an injected DLL.
>
> "Bipin Mistry" <bpnmis...@gmail.com> wrote in message
>
> news:6a3688db-4c57-4671-a27c-30043ef6aa32@s33g2000pri.googlegroups.com...
>
>
>
> > Hello,
>
> > How can I trace following System Copy commands and block them, so as
> > secured folder/drive do not react to these commands.
>
> > 1. [Ctrl + C],
> > 2. Right Click Menu -> Copy
> > 3. File Menu -> Copy
> > 4. Command prompt copy
>
> > As per me all above command will be calling a single rutine process at
> > driver level.
> > I am unable to identify which rutine dose it call & how can I identify
> > that the any of above 4 are triggered.
>
> > During my RnD till now I reached till IRP_MJ_READ & WRITE where by
> > related parameters and their properties do not describe about COPY in
> > specifically.
>
> > Some place I read about this can be posible with keeping watch on
> > Clipboard, dont know how much this will be useful, as there was no
> > extra informaiton was provided.
>
> > If any one can help me out for this situation then please do share
> > your knowledge with me.
>
> > Best regards,
> > Bipin- Hide quoted text -
>
> - Show quoted text -
== 4 of 5 ==
Date: Fri, May 23 2008 7:13 am
From: "Alexander Grigoriev"
No can do. Sorry. If you can read the file, you can copy it. If you cannot
read the file, you cannot copy it, then the file just like it does not exist
for you, you can't see its contents. No File, no copy. Have file, can read
it, can copy. So simple.
The best thing you can do is to disable write to removeable devices, or to
disable them altogether. Search MS Kludge^H^H^H^H^^HKnowlegebase for that.
And only enable launch of approved applications.
Customers who order such kind of things again and again just don't
understand it. They just ask to implement wrong solution for a problem.
"Bipin Mistry" <bpnmistry@gmail.com> wrote in message
news:6a3688db-4c57-4671-a27c-30043ef6aa32@s33g2000pri.googlegroups.com...
> Hello,
>
> How can I trace following System Copy commands and block them, so as
> secured folder/drive do not react to these commands.
>
> 1. [Ctrl + C],
> 2. Right Click Menu -> Copy
> 3. File Menu -> Copy
> 4. Command prompt copy
>
> As per me all above command will be calling a single rutine process at
> driver level.
> I am unable to identify which rutine dose it call & how can I identify
> that the any of above 4 are triggered.
>
> During my RnD till now I reached till IRP_MJ_READ & WRITE where by
> related parameters and their properties do not describe about COPY in
> specifically.
>
> Some place I read about this can be posible with keeping watch on
> Clipboard, dont know how much this will be useful, as there was no
> extra informaiton was provided.
>
> If any one can help me out for this situation then please do share
> your knowledge with me.
>
> Best regards,
> Bipin
== 5 of 5 ==
Date: Fri, May 23 2008 9:08 am
From: "Eugene Mayevski"
Hello!
You wrote on Fri, 23 May 2008 00:49:11 -0700 (PDT):
BM> I also do agree as am currently working on bit similer system, now
BM> requirements dose says that copy protection for basic copy commands
BM> need to be ignored/blocked when such restricted data are concerned.
BM> If you have / come accross to know about any thing that can help me
BM> then please do post it, so as I can work arround & complete my task.
While you can't restrict copying, you can control, what processes are
allowed to open the file and so restrict copying.
Check this article: http://eldos.com/solfs/articles/5016.php
With best regards,
Eugene Mayevski
http://mayevski.blogspot.com/
==============================================================================
TOPIC: nonpnp driver installation fialed in vista
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/c326654f1fc5708a?hl=en
==============================================================================
== 1 of 1 ==
Date: Fri, May 23 2008 12:50 am
From: vijay
hi
> did you instal KMDF v1.7 on the machine before starting the exe?
yes i have instaled(on target system) wdk which using "KMDF lib
version Major 0x1, minor 0x7 ".
and stil i am geting "Service open failed with error code=1060"
any more i need to do in the target system
> Please do not send e-mail directly to this alias. this alias is for
> newsgroup purposes only.
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
> "vijay" <vijaykati...@gmail.com> wrote in message
>
> news:19c48936-4f59-4029-90fc-160e51b28d8c@t12g2000prg.googlegroups.com...
>
>
>
> > Hello everyone
> > I am using "WinDDK\6001.17121" and trying to install nonpnpdriver
> > given in the sample "\src\kmdf\nonpnp" in WDK onVISTAusing
> > application given in "\src\kmdf\nonpnp\exe" and it is giving error
> > ---------
> > "Service open failed with error code=1060" and DriverEntry is not
> > called.
> > i think problem is in "service(DriverType)" creation and open it.
> > i don't know why it is happening inVISTA.......????
> > [ while it is working fine in WINXP].
>
> > thanks
> > vijay- Hide quoted text -
>
> - Show quoted text -
==============================================================================
TOPIC: INF for 2008 x64
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/ed6caab66b0fb3c9?hl=en
==============================================================================
== 1 of 1 ==
Date: Fri, May 23 2008 1:06 am
From: "muriwai"
It was because of Windows failing to install drivers from Z:\ mapped to
VMWare's \\.host. Once copied to a local drive, the INF file is displayed as
signed with Authenticode and installs.
"muriwai" <muriwai@nospam.nospam> wrote in message
news:%23KhWGazuIHA.1220@TK2MSFTNGP04.phx.gbl...
> Hi,
>
> I have an INF file for a 32/64-bit driver which works fine on 2003 x86/x64
> and 2008 x86. Server 2008 x64 does not recognize the INF saying that the
> folder does not contain a compatible software driver for my device. I
> enabled TESTSIGNING and signed the CAT with a WHQL test signature, but
> that didn't help. Is there a magical word I need to put into INF specially
> for Server 2008 x64?
>
> Thank you
==============================================================================
TOPIC: 2008 x64 signing
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/a5de999e2d4317f2?hl=en
==============================================================================
== 1 of 4 ==
Date: Fri, May 23 2008 1:05 am
From: "muriwai"
Thank you Gianluca.
The problem of the INF file not being recognized was because of Windows
failing to install drivers from Z:\ mapped to VMWare's \\.host. Once copied
to a local drive, the INF file is displayed as signed with Authenticode and
installs. It took hours to figure out what was happening.
However, the driver still won't start. I will post an updated question
separately.
Cheers
"Gianluca Varenni" <gianluca.varenni@community.nospam> wrote in message
news:%23MNk341uIHA.5472@TK2MSFTNGP06.phx.gbl...
>
> "muriwai" <muriwai@nospam.nospam> wrote in message
> news:edL9JKsuIHA.1220@TK2MSFTNGP04.phx.gbl...
>> Hi,
>>
>> I had the impression that I need to get a WHQL signature to have my
>> driver loaded on Server 2008 x64.
>>
>> After carefully studying the latest DDK documentation along with the
>> white paper
>> http://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/kmsigning.doc I
>> started to think that an SPC from Verisign with a cross-certificate is
>> enough, as long as the Windows Logo is not required, even for the drivers
>> for which there's a WHQL test.
>>
>> ms-help://MS.WDK.v10.6001.071220/DevInst_d/hh/DevInst_d/driver-signing-over_838ed908-96ff-411c-a5f3-c253e7e7cb53.xml.htm
>>
>> "To be considered signed by PnP device installation, the catalog file of
>> the driver must be signed by WHQL ***or*** signed by a third-party
>> release certificate (a Software Publisher Certificate (SPC) or a
>> commercial release certificate). A WHQL release signature ***should***
>> (not MUST) be used if one can be obtained. "
>>
>> "Note also that for 64-bit versions of Windows Server 2008 and Windows
>> Vista, the kernel-mode code signing policy further requires that a
>> kernel-mode driver be signed by WHQL ***or*** by an SPC"
>>
>> I did a quick test and my non-boot driver doesn't get loaded on Windows
>> 2008 x64 even when it has an embedded SPC signature and an SPC-signed
>> .CAT file, both with the cross certificate. 2008 x64 doesn't even
>> recognize the INF as valid (it works fine on 2003 x64).
>>
>> Where's the truth?
>
> On vista x64 and 2k8 x64, drivers should either be WHQL signed or signed
> with a third certificate+cross signing. I have at least a couple of
> drivers that are in the latter way.
> Did you follow the instructions at
> http://www.microsoft.com/whdc/winlogo/drvsign/kmcs_walkthrough.mspx to
> sign your driver?
> It's my understanding that you signed both the binary and the CAT file.
> You need to sign just one of them. If you sign both (binary and CAT) you
> need to be careful to generate the CAT file *after* you have signed the
> binary, otherwise the CAT file does not contain the right hash for the
> binary.
>
> Have a nice day
> GV
>
> --
> Gianluca Varenni, Windows DDK MVP
>
> CACE Technologies
> http://www.cacetech.com
>
>
>>
>> Thanks
>
>
== 2 of 4 ==
Date: Fri, May 23 2008 3:29 am
From: "muriwai"
"Gianluca Varenni" <gianluca.varenni@community.nospam> wrote in message
news:%23MNk341uIHA.5472@TK2MSFTNGP06.phx.gbl...
> On vista x64 and 2k8 x64, drivers should either be WHQL signed or signed
> with a third certificate+cross signing. I have at least a couple of
> drivers that are in the latter way.
Well, it does not seem to be the case. During installation, my tape driver
is displayed as signed by my company.
Once installed, the driver fails to start - "Windows cannot load the device
driver for this hardware. The driver may be corrupted or missing (Code 39)".
The CodeIntegrity log displays "3004 Windows is unable to verify the image
integrity of the file
\Device\HarddiskVolume1\Windows\System32\drivers\MyDriver.sys because file
hash could not be found on the system. A recent hardware or software change
might have installed a file that is signed incorrectly or damaged, or that
might be malicious software from an unknown source."
When I do "bcdedit -set TESTSIGNING ON" and restart, the driver starts up
OK.
When I do "bcdedit -set TESTSIGNING OFF" and restart, the driver fails to
start.
In both cases, Windows displays "Digital signer: My Company" in the driver's
properties.
I sign the CAT file with:
c:\winddk\6001.18001\BIN\catalog\signtool.exe sign /ac
c:\CrossCertificates\MSCV-VSClass3.cer /du "http://www.company.com"
/n "Company Name" /t "http://timestamp.verisign.com/scripts/timstamp.dll"
MyDriver.cat
I verify the signature with:
SignTool verify /kp /v /c MyDriver.cat MyDriver.sys
It looks like it wants ONLY WHQL-signed drivers.
I also suspect that the cross-certificate doesn't get embedded into the
signature. SignTool produces a file of the same length regardless of whether
the "/ac MSCV-VSClass3.cer" option is specified or not. How do I verify the
cross-certificate is there?
Thanks,
Andrew
"Gianluca Varenni" <gianluca.varenni@community.nospam> wrote in message
news:%23MNk341uIHA.5472@TK2MSFTNGP06.phx.gbl...
>
> "muriwai" <muriwai@nospam.nospam> wrote in message
> news:edL9JKsuIHA.1220@TK2MSFTNGP04.phx.gbl...
>> Hi,
>>
>> I had the impression that I need to get a WHQL signature to have my
>> driver loaded on Server 2008 x64.
>>
>> After carefully studying the latest DDK documentation along with the
>> white paper
>> http://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/kmsigning.doc I
>> started to think that an SPC from Verisign with a cross-certificate is
>> enough, as long as the Windows Logo is not required, even for the drivers
>> for which there's a WHQL test.
>>
>> ms-help://MS.WDK.v10.6001.071220/DevInst_d/hh/DevInst_d/driver-signing-over_838ed908-96ff-411c-a5f3-c253e7e7cb53.xml.htm
>>
>> "To be considered signed by PnP device installation, the catalog file of
>> the driver must be signed by WHQL ***or*** signed by a third-party
>> release certificate (a Software Publisher Certificate (SPC) or a
>> commercial release certificate). A WHQL release signature ***should***
>> (not MUST) be used if one can be obtained. "
>>
>> "Note also that for 64-bit versions of Windows Server 2008 and Windows
>> Vista, the kernel-mode code signing policy further requires that a
>> kernel-mode driver be signed by WHQL ***or*** by an SPC"
>>
>> I did a quick test and my non-boot driver doesn't get loaded on Windows
>> 2008 x64 even when it has an embedded SPC signature and an SPC-signed
>> .CAT file, both with the cross certificate. 2008 x64 doesn't even
>> recognize the INF as valid (it works fine on 2003 x64).
>>
>> Where's the truth?
>
> On vista x64 and 2k8 x64, drivers should either be WHQL signed or signed
> with a third certificate+cross signing. I have at least a couple of
> drivers that are in the latter way.
> Did you follow the instructions at
> http://www.microsoft.com/whdc/winlogo/drvsign/kmcs_walkthrough.mspx to
> sign your driver?
> It's my understanding that you signed both the binary and the CAT file.
> You need to sign just one of them. If you sign both (binary and CAT) you
> need to be careful to generate the CAT file *after* you have signed the
> binary, otherwise the CAT file does not contain the right hash for the
> binary.
>
> Have a nice day
> GV
>
> --
> Gianluca Varenni, Windows DDK MVP
>
> CACE Technologies
> http://www.cacetech.com
>
>
>>
>> Thanks
>
>
== 3 of 4 ==
Date: Fri, May 23 2008 7:00 am
From: "Maxim S. Shatskih"
Try signing the binary itself instead of the CAT file.
--
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
maxim@storagecraft.com
http://www.storagecraft.com
"muriwai" <muriwai@nospam.nospam> wrote in message
news:uM0oa$LvIHA.4876@TK2MSFTNGP02.phx.gbl...
> "Gianluca Varenni" <gianluca.varenni@community.nospam> wrote in message
> news:%23MNk341uIHA.5472@TK2MSFTNGP06.phx.gbl...
> > On vista x64 and 2k8 x64, drivers should either be WHQL signed or signed
> > with a third certificate+cross signing. I have at least a couple of
> > drivers that are in the latter way.
>
> Well, it does not seem to be the case. During installation, my tape driver
> is displayed as signed by my company.
>
> Once installed, the driver fails to start - "Windows cannot load the device
> driver for this hardware. The driver may be corrupted or missing (Code 39)".
>
> The CodeIntegrity log displays "3004 Windows is unable to verify the image
> integrity of the file
> \Device\HarddiskVolume1\Windows\System32\drivers\MyDriver.sys because file
> hash could not be found on the system. A recent hardware or software change
> might have installed a file that is signed incorrectly or damaged, or that
> might be malicious software from an unknown source."
>
> When I do "bcdedit -set TESTSIGNING ON" and restart, the driver starts up
> OK.
>
> When I do "bcdedit -set TESTSIGNING OFF" and restart, the driver fails to
> start.
>
> In both cases, Windows displays "Digital signer: My Company" in the driver's
> properties.
>
> I sign the CAT file with:
> c:\winddk\6001.18001\BIN\catalog\signtool.exe sign /ac
> c:\CrossCertificates\MSCV-VSClass3.cer /du "http://www.company.com"
> /n "Company Name" /t "http://timestamp.verisign.com/scripts/timstamp.dll"
> MyDriver.cat
>
> I verify the signature with:
> SignTool verify /kp /v /c MyDriver.cat MyDriver.sys
>
> It looks like it wants ONLY WHQL-signed drivers.
>
> I also suspect that the cross-certificate doesn't get embedded into the
> signature. SignTool produces a file of the same length regardless of whether
> the "/ac MSCV-VSClass3.cer" option is specified or not. How do I verify the
> cross-certificate is there?
>
>
> Thanks,
>
> Andrew
>
>
>
>
>
> "Gianluca Varenni" <gianluca.varenni@community.nospam> wrote in message
> news:%23MNk341uIHA.5472@TK2MSFTNGP06.phx.gbl...
> >
> > "muriwai" <muriwai@nospam.nospam> wrote in message
> > news:edL9JKsuIHA.1220@TK2MSFTNGP04.phx.gbl...
> >> Hi,
> >>
> >> I had the impression that I need to get a WHQL signature to have my
> >> driver loaded on Server 2008 x64.
> >>
> >> After carefully studying the latest DDK documentation along with the
> >> white paper
> >>
http://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/kmsigning.doc I
> >> started to think that an SPC from Verisign with a cross-certificate is
> >> enough, as long as the Windows Logo is not required, even for the drivers
> >> for which there's a WHQL test.
> >>
> >>
ms-help://MS.WDK.v10.6001.071220/DevInst_d/hh/DevInst_d/driver-signing-over_838
ed908-96ff-411c-a5f3-c253e7e7cb53.xml.htm
> >>
> >> "To be considered signed by PnP device installation, the catalog file of
> >> the driver must be signed by WHQL ***or*** signed by a third-party
> >> release certificate (a Software Publisher Certificate (SPC) or a
> >> commercial release certificate). A WHQL release signature ***should***
> >> (not MUST) be used if one can be obtained. "
> >>
> >> "Note also that for 64-bit versions of Windows Server 2008 and Windows
> >> Vista, the kernel-mode code signing policy further requires that a
> >> kernel-mode driver be signed by WHQL ***or*** by an SPC"
> >>
> >> I did a quick test and my non-boot driver doesn't get loaded on Windows
> >> 2008 x64 even when it has an embedded SPC signature and an SPC-signed
> >> .CAT file, both with the cross certificate. 2008 x64 doesn't even
> >> recognize the INF as valid (it works fine on 2003 x64).
> >>
> >> Where's the truth?
> >
> > On vista x64 and 2k8 x64, drivers should either be WHQL signed or signed
> > with a third certificate+cross signing. I have at least a couple of
> > drivers that are in the latter way.
> > Did you follow the instructions at
> > http://www.microsoft.com/whdc/winlogo/drvsign/kmcs_walkthrough.mspx to
> > sign your driver?
> > It's my understanding that you signed both the binary and the CAT file.
> > You need to sign just one of them. If you sign both (binary and CAT) you
> > need to be careful to generate the CAT file *after* you have signed the
> > binary, otherwise the CAT file does not contain the right hash for the
> > binary.
> >
> > Have a nice day
> > GV
> >
> > --
> > Gianluca Varenni, Windows DDK MVP
> >
> > CACE Technologies
> > http://www.cacetech.com
> >
> >
> >>
> >> Thanks
> >
> >
>
== 4 of 4 ==
Date: Fri, May 23 2008 12:19 pm
From: "muriwai"
It doesn't help to sign the binaries.
I can't see "Microsoft Root" in the signature. It looks like the
cross-certificate is not embedded. /ac is definitely processed by SignTool
because it fails when I pass an invalid file. I checked that the thumbprint
of the Verisign root certificate matches the cross-certificate. I use a
"Verisign Class 3 Code Signing 2004 CA" certificate issued in March this
year. I tried SignTool from recent both DDK and WDK.
Thanks
"Maxim S. Shatskih" <maxim@storagecraft.com> wrote in message
news:u3qQc1NvIHA.552@TK2MSFTNGP06.phx.gbl...
> Try signing the binary itself instead of the CAT file.
>
> --
> Maxim Shatskih, Windows DDK MVP
> StorageCraft Corporation
> maxim@storagecraft.com
> http://www.storagecraft.com
>
> "muriwai" <muriwai@nospam.nospam> wrote in message
> news:uM0oa$LvIHA.4876@TK2MSFTNGP02.phx.gbl...
>> "Gianluca Varenni" <gianluca.varenni@community.nospam> wrote in message
>> news:%23MNk341uIHA.5472@TK2MSFTNGP06.phx.gbl...
>> > On vista x64 and 2k8 x64, drivers should either be WHQL signed or
>> > signed
>> > with a third certificate+cross signing. I have at least a couple of
>> > drivers that are in the latter way.
>>
>> Well, it does not seem to be the case. During installation, my tape
>> driver
>> is displayed as signed by my company.
>>
>> Once installed, the driver fails to start - "Windows cannot load the
>> device
>> driver for this hardware. The driver may be corrupted or missing (Code
>> 39)".
>>
>> The CodeIntegrity log displays "3004 Windows is unable to verify the
>> image
>> integrity of the file
>> \Device\HarddiskVolume1\Windows\System32\drivers\MyDriver.sys because
>> file
>> hash could not be found on the system. A recent hardware or software
>> change
>> might have installed a file that is signed incorrectly or damaged, or
>> that
>> might be malicious software from an unknown source."
>>
>> When I do "bcdedit -set TESTSIGNING ON" and restart, the driver starts up
>> OK.
>>
>> When I do "bcdedit -set TESTSIGNING OFF" and restart, the driver fails to
>> start.
>>
>> In both cases, Windows displays "Digital signer: My Company" in the
>> driver's
>> properties.
>>
>> I sign the CAT file with:
>> c:\winddk\6001.18001\BIN\catalog\signtool.exe sign /ac
>> c:\CrossCertificates\MSCV-VSClass3.cer /du "http://www.company.com"
>> /n "Company Name" /t "http://timestamp.verisign.com/scripts/timstamp.dll"
>> MyDriver.cat
>>
>> I verify the signature with:
>> SignTool verify /kp /v /c MyDriver.cat MyDriver.sys
>>
>> It looks like it wants ONLY WHQL-signed drivers.
>>
>> I also suspect that the cross-certificate doesn't get embedded into the
>> signature. SignTool produces a file of the same length regardless of
>> whether
>> the "/ac MSCV-VSClass3.cer" option is specified or not. How do I verify
>> the
>> cross-certificate is there?
>>
>>
>> Thanks,
>>
>> Andrew
>>
>>
>>
>>
>>
>> "Gianluca Varenni" <gianluca.varenni@community.nospam> wrote in message
>> news:%23MNk341uIHA.5472@TK2MSFTNGP06.phx.gbl...
>> >
>> > "muriwai" <muriwai@nospam.nospam> wrote in message
>> > news:edL9JKsuIHA.1220@TK2MSFTNGP04.phx.gbl...
>> >> Hi,
>> >>
>> >> I had the impression that I need to get a WHQL signature to have my
>> >> driver loaded on Server 2008 x64.
>> >>
>> >> After carefully studying the latest DDK documentation along with the
>> >> white paper
>> >>
> http://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/kmsigning.doc I
>> >> started to think that an SPC from Verisign with a cross-certificate is
>> >> enough, as long as the Windows Logo is not required, even for the
>> >> drivers
>> >> for which there's a WHQL test.
>> >>
>> >>
> ms-help://MS.WDK.v10.6001.071220/DevInst_d/hh/DevInst_d/driver-signing-over_838
> ed908-96ff-411c-a5f3-c253e7e7cb53.xml.htm
>> >>
>> >> "To be considered signed by PnP device installation, the catalog file
>> >> of
>> >> the driver must be signed by WHQL ***or*** signed by a third-party
>> >> release certificate (a Software Publisher Certificate (SPC) or a
>> >> commercial release certificate). A WHQL release signature ***should***
>> >> (not MUST) be used if one can be obtained. "
>> >>
>> >> "Note also that for 64-bit versions of Windows Server 2008 and Windows
>> >> Vista, the kernel-mode code signing policy further requires that a
>> >> kernel-mode driver be signed by WHQL ***or*** by an SPC"
>> >>
>> >> I did a quick test and my non-boot driver doesn't get loaded on
>> >> Windows
>> >> 2008 x64 even when it has an embedded SPC signature and an SPC-signed
>> >> .CAT file, both with the cross certificate. 2008 x64 doesn't even
>> >> recognize the INF as valid (it works fine on 2003 x64).
>> >>
>> >> Where's the truth?
>> >
>> > On vista x64 and 2k8 x64, drivers should either be WHQL signed or
>> > signed
>> > with a third certificate+cross signing. I have at least a couple of
>> > drivers that are in the latter way.
>> > Did you follow the instructions at
>> > http://www.microsoft.com/whdc/winlogo/drvsign/kmcs_walkthrough.mspx to
>> > sign your driver?
>> > It's my understanding that you signed both the binary and the CAT file.
>> > You need to sign just one of them. If you sign both (binary and CAT)
>> > you
>> > need to be careful to generate the CAT file *after* you have signed the
>> > binary, otherwise the CAT file does not contain the right hash for the
>> > binary.
>> >
>> > Have a nice day
>> > GV
>> >
>> > --
>> > Gianluca Varenni, Windows DDK MVP
>> >
>> > CACE Technologies
>> > http://www.cacetech.com
>> >
>> >
>> >>
>> >> Thanks
>> >
>> >
>>
>
==============================================================================
TOPIC: Remote Wakeup via USB Device Doesn't Wake Monitor Options
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/27ba453c5b3cc3f9?hl=en
==============================================================================
== 1 of 1 ==
Date: Fri, May 23 2008 3:11 am
From: Neo
Hi,
Can any one redirect me to any Knowledge Base for the same.
http://groups.google.co.in/group/microsoft.public.development.device.drivers/browse_thread/thread/33a19660fa2ff339/412401802f45f23d?hl=en&lnk=gst&q=monitor+wake+up#412401802f45f23d
My usb driver supports remote wake up. When I go into stand by mode,
and fore the remote wake up, the device come back up, but the monitor
stays in a suspended state. The only way to "wake up" the monitor is
to push a key on the keyboard?
It seems like windows (XP) is treating suspend like this:
1) Issue Suspend to Driver
2) Power off Monitor
---WAIT 4 REMOTE WAKEUP---
3) Remote wake up issued from microcontroller firmware
4) Driver receives event, and set's power back to D0.
5) Device in on, but monitor is in suspend state.
---PRESS KEY ON KEYBOARD---
6) Monitor wakes back up and displays desktop.
Thanks and Regards,
Neo
==============================================================================
TOPIC: IPrintOemDriverPS::DrvGetDriverSetting example
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/19a2276942e2b533?hl=en
==============================================================================
== 1 of 1 ==
Date: Fri, May 23 2008 3:33 am
From: patricerolland
hi all, i have a pb to use DrvGetDriverSetting it is not working with
some feature like "Orientation", do you have an example ?
thanks in advance
Patrice
==============================================================================
TOPIC: LEGACY_DRIVER question
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/cdcef8cb8419d52b?hl=en
==============================================================================
== 1 of 1 ==
Date: Fri, May 23 2008 3:31 am
From: qwert
I have a legacy driver.
In few systems I see my driver entry in Non plug and play section in device
manager.
But few systems doesnt have my driver in plug and play section.
In registry also i dont see Root\LEGACY_MYDRIVER\0000 entry in enum section
of my driver.
ie, HKLMcurrentcontrolset\services\mydriver\enum\
I believe that if only this entry is present in the registry I can see the
driver in non plug and play section in device manager.
who puts this entry in registry.
I see my driver appears in only few systems.
where can I check???
==============================================================================
TOPIC: How to show an cn n system tray of win XP when a USB devce is plug
http://groups.google.com/group/microsoft.public.development.device.drivers/browse_thread/thread/3e304b56effd0976?hl=en
==============================================================================
== 1 of 5 ==
Date: Fri, May 23 2008 6:39 am
From: Electronic75
Hello, I've posted this question to different forums, including "code
project" but nobody answered me. I hope someone here can help me. I have a
USB instrument that uses FT232 USB chip with its own supplied drivers. I want
when I plug in the USB cord, an icon to be displayed in system tray that
shows a text tip message when mouse is over it. and when I unplug the cord
the icon goes away. How should I do this? I suspect that I have to edit .inf
files of driver but I don't know how. can anybody help me or give me a tip.
thanks a lot!
== 2 of 5 ==
Date: Fri, May 23 2008 7:20 am
From: "Kerem Gümrükcü"
Hi,
if your driver does not have a way to communicate to some
sort of user mode interface/application, then you have to write
a backgrounding application that receives Device Notifications
and ceates on device arrival a notification icon in the tray. The
Windows API comes with two API Functions that will help
you here: Shell_NotifyIcon(...) and RegisterDeviceNotification(...)
You also could write some Kernel Code, but if this is the only
requirement, displaying an icon in the tray and a tooltip,...this
usermode approach is sufficient,...
These are your friends:
RegisterDeviceNotification(...)
Shell_NotifyIcon(...)
See MSDN for more Information,...
There are tons of examples out there,...
Regards
Kerem
--
-----------------------
Beste Grüsse / Best regards / Votre bien devoue
Kerem Gümrükcü
Microsoft Live Space: http://kerem-g.spaces.live.com/
Latest Open-Source Projects: http://entwicklung.junetz.de
-----------------------
"This reply is provided as is, without warranty express or implied."
"Electronic75" <Electronic75@discussions.microsoft.com> schrieb im
Newsbeitrag news:070FFF26-5BE9-46CA-BD66-9A97E639A1E8@microsoft.com...
> Hello, I've posted this question to different forums, including "code
> project" but nobody answered me. I hope someone here can help me. I have a
> USB instrument that uses FT232 USB chip with its own supplied drivers. I
> want
> when I plug in the USB cord, an icon to be displayed in system tray that
> shows a text tip message when mouse is over it. and when I unplug the cord
> the icon goes away. How should I do this? I suspect that I have to edit
> .inf
> files of driver but I don't know how. can anybody help me or give me a
> tip.
> thanks a lot!
>
== 3 of 5 ==
Date: Fri, May 23 2008 8:05 am
From: Electronic75
Thanks a million time kerem!
you absolutely helped! I have developed a user mode application with MFC
that manages to communicate with instrument. So can I change text of tip
message from this program ? what function should I look for to change
properties of tray icon.
thanks a lot again
Best regards,
"Kerem Gümrükcü" wrote:
> Hi,
>
> if your driver does not have a way to communicate to some
> sort of user mode interface/application, then you have to write
> a backgrounding application that receives Device Notifications
> and ceates on device arrival a notification icon in the tray. The
> Windows API comes with two API Functions that will help
> you here: Shell_NotifyIcon(...) and RegisterDeviceNotification(...)
> You also could write some Kernel Code, but if this is the only
> requirement, displaying an icon in the tray and a tooltip,...this
> usermode approach is sufficient,...
>
> These are your friends:
>
> RegisterDeviceNotification(...)
> Shell_NotifyIcon(...)
>
> See MSDN for more Information,...
>
> There are tons of examples out there,...
>
> Regards
>
> Kerem
>
> --
> -----------------------
> Beste Grüsse / Best regards / Votre bien devoue
> Kerem Gümrükcü
> Microsoft Live Space: http://kerem-g.spaces.live.com/
> Latest Open-Source Projects: http://entwicklung.junetz.de
> -----------------------
> "This reply is provided as is, without warranty express or implied."
> "Electronic75" <Electronic75@discussions.microsoft.com> schrieb im
> Newsbeitrag news:070FFF26-5BE9-46CA-BD66-9A97E639A1E8@microsoft.com...
> > Hello, I've posted this question to different forums, including "code
> > project" but nobody answered me. I hope someone here can help me. I have a
> > USB instrument that uses FT232 USB chip with its own supplied drivers. I
> > want
> > when I plug in the USB cord, an icon to be displayed in system tray that
> > shows a text tip message when mouse is over it. and when I unplug the cord
> > the icon goes away. How should I do this? I suspect that I have to edit
> > .inf
> > files of driver but I don't know how. can anybody help me or give me a
> > tip.
> > thanks a lot!
> >
>
>
>
== 4 of 5 ==
Date: Fri, May 23 2008 8:14 am
From: Electronic75
Sorry you have mention it shell_notifyicon
I was too excited about a response that I didn't look carefully.
thanks a lot !
god bless you!
I wish you the best in your life!
"Kerem Gümrükcü" wrote:
> Hi,
>
> if your driver does not have a way to communicate to some
> sort of user mode interface/application, then you have to write
> a backgrounding application that receives Device Notifications
