Dear Tim,
Unfortunaly, the driver isn't always recognized as digitally signed.
I use this commands:
build -cef -amd64
copy /Y C:\WinDDK\7600.16385.1\redist\wdf\amd64\WdfCoInstaller01009.dll Install
copy /Y objfre_win7_amd64\amd64\*.sys Install
copy /Y objfre_win7_amd64\amd64\*.inf Install
signtool sign /v /ac "Install\MSCV-VSClass3.cer" /f Install\CertificatETEP2011.pfx /p delphine /t http://timestamp.verisign.com/scripts/timstamp.dll "Install\WdfCoInstaller01009.dll"
signtool sign /v /ac "Install\MSCV-VSClass3.cer" /f Install\CertificatETEP2011.pfx /p delphine /t http://timestamp.verisign.com/scripts/timstamp.dll "Install\WDFetep515.sys"
del Install\*.cat
Inf2Cat /driver:Install /os:7_X64
signtool sign /v /ac "Install\MSCV-VSClass3.cer" /f Install\CertificatETEP2011.pfx /p delphine /t http://timestamp.verisign.com/scripts/timstamp.dll "Install\etep.cat"
Result isfor each file: .sys .cat .dll:
The following certificate was selected:
Issued to: ETEP
Issued by: VeriSign Class 3 Code Signing 2010 CA
Expires: Fri Aug 31 01:59:59 2012
SHA1 hash: 632716F52DB58438E466EAD643D41B927EBA2492
Cross certificate chain (using machine store):
Issued to: Microsoft Code Verification Root
Issued by: Microsoft Code Verification Root
Expires: Sat Nov 01 15:54:03 2025
SHA1 hash: 8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: Microsoft Code Verification Root
Expires: Mon Feb 22 21:35:17 2021
SHA1 hash: 57534CCC33914C41F70E2CBB2103A1DB18817D8B
Issued to: VeriSign Class 3 Code Signing 2010 CA
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Sat Feb 08 01:59:59 2020
SHA1 hash: 495847A93187CFB8C71F840CB7B41497AD95C64F
Issued to: ETEP
Issued by: VeriSign Class 3 Code Signing 2010 CA
Expires: Fri Aug 31 01:59:59 2012
SHA1 hash: 632716F52DB58438E466EAD643D41B927EBA2492
Done Adding Additional Store
Successfully signed and timestamped: Install\etep.cat
Number of files successfully Signed: 1
Number of warnings: 0
Number of errors: 0
When I verify if driver is signed, no error appears:
C:\WinDDK\7600.16385.1\etep\etep515>SignTool verify /v /kp Install\WDFetep515.sys
Verifying: Install\WDFetep515.sys
Hash of file (sha1): D05F8259B862DCB2CA91A3675288094E48AD608A
Signing Certificate Chain:
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Thu Jul 17 01:59:59 2036
SHA1 hash: 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Issued to: VeriSign Class 3 Code Signing 2010 CA
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Sat Feb 08 01:59:59 2020
SHA1 hash: 495847A93187CFB8C71F840CB7B41497AD95C64F
Issued to: ETEP
Issued by: VeriSign Class 3 Code Signing 2010 CA
Expires: Fri Aug 31 01:59:59 2012
SHA1 hash: 632716F52DB58438E466EAD643D41B927EBA2492
The signature is timestamped: Tue Sep 06 09:25:52 2011
Timestamp Verified by:
Issued to: Thawte Timestamping CA
Issued by: Thawte Timestamping CA
Expires: Fri Jan 01 01:59:59 2021
SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656
Issued to: VeriSign Time Stamping Services CA
Issued by: Thawte Timestamping CA
Expires: Wed Dec 04 01:59:59 2013
SHA1 hash: F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
Issued to: VeriSign Time Stamping Services Signer - G2
Issued by: VeriSign Time Stamping Services CA
Expires: Fri Jun 15 01:59:59 2012
SHA1 hash: ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
Cross Certificate Chain:
Issued to: Microsoft Code Verification Root
Issued by: Microsoft Code Verification Root
Expires: Sat Nov 01 15:54:03 2025
SHA1 hash: 8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3
Issued to: VeriSign Class 3 Public Primary Certification Authority - G5
Issued by: Microsoft Code Verification Root
Expires: Mon Feb 22 21:35:17 2021
SHA1 hash: 57534CCC33914C41F70E2CBB2103A1DB18817D8B
Issued to: VeriSign Class 3 Code Signing 2010 CA
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Expires: Sat Feb 08 01:59:59 2020
SHA1 hash: 495847A93187CFB8C71F840CB7B41497AD95C64F
Issued to: ETEP
Issued by: VeriSign Class 3 Code Signing 2010 CA
Expires: Fri Aug 31 01:59:59 2012
SHA1 hash: 632716F52DB58438E466EAD643D41B927EBA2492
Successfully verified: Install\WDFetep515.sys
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
When Update Driver for my PCIE board, first time 64-bits Windows 7 ask me if I want always trust in ETEP company. I accept. The driver is also installed the first time, whithout any error message. But when I reboot, The driver isn't lauched: code error 10.
When I verify details: the file WDFetep515.sys is considered as not digitally signed. When I verify the status of this file WDFetep515.sys on Windows XP PRO, in the properties of the file it appears the file is digitally signed !!!!
WHY Windows 7 doesn't never recognize this file as digitally signed???Delphine GARRO