M
MatthiasBu
Guest
Hi,
I have an relatively old USB WDM kernel driver that needs to run on windows 10 (actually it does, but what if....?)
(Question part 1)
Regarding the fact that WDM drivers were and are forward-compatible drivers I assume that there is no need to change something in the future, is this right?
Further, as long as the signed package is not changed, I assume there is no need to re-sign this package in the future, correct?
Then I read that there is a change in 2021 (Microsoft sunsetting support for cross-signed root certificates with kernel-mode signing capabilities):
"Starting in 2021, Microsoft will be the sole provider of production kernel-mode code signatures."
Does this somehow influence the previously described driver package and signature behaviour?
(Question part 2)
I need to adapt the functionality of this WDM driver.
This means that (at the moment) I just could use an EV cert to sign the changed driver and that's it, right?
But what about the coming changes in 2021? Do I understand it right that I just need to upload the driver to get it signed if I make changes after microsoft forces the upload but not if I change the driver before?
Do I have to fear that I run into any problems regarding the "old" WDM driver?
Thanks for any helpful answers,
Matthias
Continue reading...
I have an relatively old USB WDM kernel driver that needs to run on windows 10 (actually it does, but what if....?)
(Question part 1)
Regarding the fact that WDM drivers were and are forward-compatible drivers I assume that there is no need to change something in the future, is this right?
Further, as long as the signed package is not changed, I assume there is no need to re-sign this package in the future, correct?
Then I read that there is a change in 2021 (Microsoft sunsetting support for cross-signed root certificates with kernel-mode signing capabilities):
"Starting in 2021, Microsoft will be the sole provider of production kernel-mode code signatures."
Does this somehow influence the previously described driver package and signature behaviour?
(Question part 2)
I need to adapt the functionality of this WDM driver.
This means that (at the moment) I just could use an EV cert to sign the changed driver and that's it, right?
But what about the coming changes in 2021? Do I understand it right that I just need to upload the driver to get it signed if I make changes after microsoft forces the upload but not if I change the driver before?
Do I have to fear that I run into any problems regarding the "old" WDM driver?
Thanks for any helpful answers,
Matthias
Continue reading...