1
我在Windows驅動程序開發中非常非常初學者。我寫了一個簡單的DbgPrint().sys驅動程序。Windows驅動程序 - 無法正確簽署我自己的驅動程序
經過大量搜索後,我發現在x86架構中,.sys驅動程序的簽名是可選的,但在x64中是強制性的。 所以我創建了一個手動證書:
makecert -r -n "CN=MyCompany" -ss MyCompanyCertStore -sr LocalMachine
在那之後,我已經出口它作爲(如)GlobalSign.cer並添加到我的證書列表:
certmgr.exe -add GlobalSign.cer -c -s -r localMachine Root
certmgr.exe -add GlobalSign.cer -c -s -r localMachine TrustedPublisher
然後,我有在c:\MyDriver1文件夾推杆MyDriver1.sys和MyDriver1.inf和創建的目錄文件:
inf2cat /driver:"c:\MyDriver1" /os:7_x64
並已簽名:
SignTool sign /s MyCompanyCertStore /n MyCompany /t http://timestamp.verisign.com/scripts/timestamp.dll c:\MyDriver1\mydriver1.cat
已完成! 但是,當我在OSR Driver Loader程序加載MyDriver1.sys,它顯示了這個錯誤:
---------------------------
OSRLOADER
---------------------------
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
---------------------------
OK
---------------------------
我不知道爲什麼。
注意沒有在目錄文件的安全目錄選項卡僅MyDriver1.inf條目,我不能添加MyDriver1.sys項。
這裏是MyDriver1.inf的內容(原文由Visual Studio產生,但我只是改變了CatalogFile=到CatalogFile=mydriver1.cat)
;
; MyDriver1.inf
;
[Version]
Signature="$WINDOWS NT$"
Class=
ClassGuid=
Provider=
DriverVer=09/21/2017,21.4.29.698
CatalogFile=
[DestinationDirs]
DefaultDestDir = 12
[SourceDisksNames]
1 = %DiskName%,,,""
[SourceDisksFiles]
[Manufacturer]
%ManufacturerName%=Standard,NTamd64
[Standard.NTamd64]
[Strings]
ManufacturerName=""
ClassName=""
DiskName="MyDriver1 Source Disk"