Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Driver doesn't load when built from source #11

Open
mark0n opened this issue Jun 27, 2022 · 3 comments
Open

Driver doesn't load when built from source #11

mark0n opened this issue Jun 27, 2022 · 3 comments

Comments

@mark0n
Copy link

mark0n commented Jun 27, 2022

I noticed that when I download the v0.1 binary package everything works fine but when I build the driver ("v0.1" tag) from source it installs happily ("Installation completed successfully") but doesn't seem to load. Here are the steps I followed to build the driver:

  1. Download and install the Windows Driver Kit for Windows 10, version 2004
  2. git clone https://github.com/maharmstone/winmd.git
  3. Build the project by running 
    cd winmd
mkdir build
cd build
cmake ..
cmake --build . --config RelWithDebInfo --parallel
  4. Copy the relevant files into the right place 
    mkdir package\x64
cp .\RelWithDebInfo\* .\package\x64\
cp ..\src\winmd.inf .\package\
  5. Create catalog file 
    Inf2Cat /driver:package /os:10_X64
  6. Sign catalog file 
    signtool sign /sha1 <SHA1 of signing key> /t http://timestamp.comodoca.com/authenticode package\winmd.cat

"Official" information on how to build the driver is very sparse and I'm not a Windows expert. I would appreciate if someone with a little more Windows development experience could give me a hint.
@mark0n mark0n mentioned this issue Jun 27, 2022
Open
@maharmstone
Copy link
Owner

Is this a signing key that Microsoft likes? If not, you'll have to enable test mode for your OS.

@mark0n
Copy link
Author

mark0n commented Jun 29, 2022

Thanks, @maharmstone, I appreciate your help. It seems like there's indeed some sort of a problem with the signature: I'm getting event ID 5038.

I'm positive my signing key works for applications but I'm not sure if it is sufficient for signing a kernel-mode driver. Can anyone point me to the requirements for these signing keys so I can check whether mine fulfills them?

@maharmstone can you confirm that the command I'm using for signing the catalog file (see above) should work?

@maharmstone
Copy link
Owner

As far as I'm aware there's no difference between keys for applications and keys for drivers (which isn't what Microsoft says!). What version of Windows is this?

@maharmstone can you confirm that the command I'm using for signing the catalog file (see above) should work?

It looks okay to me. I don't think I ever automated it for winmd, but if it helps this is my sign.bat for btrfs:

signtool sign /ph /ac "C:\Program Files (x86)\Windows Kits\10\crosscertificates\ctnca.crt" /tr http://timestamp.digicert.com /sha1 D82F44DA9917B64C8A0117E6C3B2AB896F2B6A09 x86\btrfs.sys x86\shellbtrfs.dll x86\ubtrfs.dll x86\mkbtrfs.exe x64\btrfs.sys x64\shellbtrfs.dll x64\ubtrfs.dll x64\mkbtrfs.exe arm\btrfs.sys arm\shellbtrfs.dll arm\ubtrfs.dll arm\mkbtrfs.exe aarch64\btrfs.sys aarch64\shellbtrfs.dll aarch64\ubtrfs.dll aarch64\mkbtrfs.exe
inf2cat /driver:. /os:XP_X86,XP_X64,Vista_X86,Vista_X64,7_X86,7_X64,8_X86,8_X64,8_ARM,6_3_X86,6_3_X64,6_3_ARM,10_X86,10_X64
signtool sign /tr http://timestamp.digicert.com /sha1 D82F44DA9917B64C8A0117E6C3B2AB896F2B6A09 btrfs.cat

It might be that you've not signed the sys file as well as the cat file - I think you need to sign both.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mark0n @maharmstone