G
Giminc
Guest
Singing driver completed, but driver had not been signed by attestation.
We are a developer of a Windows application that has a few kernel mode drivers.
We using Digicert SHA256 certificates.
We have purchased the EV certificate.
We were pass WHLK test. We use our EV certificate to sign this .hlkx file and Sign in to the Partner Center, and then select Submit new hardware.
When we get our driver files back, they will have MS certificate on the file's Properties, Digital Signature, page.
But driver had not been signed by attestation.
Reference weblink: https://docs.microsoft.com/en-us/windows-hardware/drivers/dashboard/get-drivers-signed-by-microsoft-for-multiple-windows-versions
How to validate the Microsoft signature
1. To check the EKU, right-click the .cat file and click Properties. Click the Digital Signatures tab, click the name of the certificate, and then click Details.
2. On the certificate Details tab, click Enhanced Key Usage. There you will see the EKUs and corresponding OID values for the certificate. In this case, the Windows Hardware Driver Verification OID ends with a 5, which means the driver has not been signed by attestation:
To check my .cat file and Properties information include.
Windows Hardware Driver Extended Verification (1.3.6.1.4.1.311.10.3.39)
Windows Hardware Driver Verification (1.3.6.1.4.1.311.10.3.5)
Code Signing (1.3.6.1.5.5.7.3.3)
Is this part of the HLK kit or during the submission to MS? Driver signed completed?
Continue reading...
We are a developer of a Windows application that has a few kernel mode drivers.
We using Digicert SHA256 certificates.
We have purchased the EV certificate.
We were pass WHLK test. We use our EV certificate to sign this .hlkx file and Sign in to the Partner Center, and then select Submit new hardware.
When we get our driver files back, they will have MS certificate on the file's Properties, Digital Signature, page.
But driver had not been signed by attestation.
Reference weblink: https://docs.microsoft.com/en-us/windows-hardware/drivers/dashboard/get-drivers-signed-by-microsoft-for-multiple-windows-versions
How to validate the Microsoft signature
1. To check the EKU, right-click the .cat file and click Properties. Click the Digital Signatures tab, click the name of the certificate, and then click Details.
2. On the certificate Details tab, click Enhanced Key Usage. There you will see the EKUs and corresponding OID values for the certificate. In this case, the Windows Hardware Driver Verification OID ends with a 5, which means the driver has not been signed by attestation:
To check my .cat file and Properties information include.
Windows Hardware Driver Extended Verification (1.3.6.1.4.1.311.10.3.39)
Windows Hardware Driver Verification (1.3.6.1.4.1.311.10.3.5)
Code Signing (1.3.6.1.5.5.7.3.3)
Is this part of the HLK kit or during the submission to MS? Driver signed completed?
Continue reading...