I'm trying to make an USB driver to be installable in Windows 8, this USB driver uses only WinUSB.
According to this post Signed INF driver works on the computer where it was signed, not
others and also this website Practical Windows Code and Driver Signing all I have to do is to generate an .inf file, to generate a .cat file and sign this .cat file, but I'm having trouble with the signing part, the other steps are ok.
The sites I listed above makes clear that to sign a catalog file which the driver uses only WinUSB is not necessary to purchase any certification from any authorized Certification Authority.
The kernel modules you are using have already been signed by Microsoft and you will have no trouble getting them loaded into the kernel after the driver package is installed.
I have the SignTool.exe in a folder along with the mscvr-cross-gdroot-g2.crt. In a subfolder, let's say MyFolder I have my driver package.
MyFolder
├─ remsir.cat
├─ remsir.inf
│
├─┐ amd64\
│ ├ WdfCoInstaller01011.dll
│ ├ WinUSBCoInstaller2.dll
│ ├ WUDFUpdate_01011.dll
│
└─┐ i386\
├ WdfCoInstaller01011.dll
├ WinUSBCoInstaller2.dll
├ WUDFUpdate_01011.dll
So, basically I'm stuck at this point:
SignTool.exe sign /v /ac "mscvr-cross-gdroot-g2.crt" /n "Pololu Corporation" /t http://tsa.starfieldtech.com MyFolder\remsir.cat
This command line was copied from the other questions, but it isn't working for me. I tried to change some of the parameters but still without success, it doesn't matter what I do I always get the error message:
SignTool Error: No certificates were found that met all the given criteria.
First of all, I not really sure if I should change any of the parameters from this command line. They aren't really clear for me what they mean.
So.. Do I have to change any of the parameters in that command line? Do I have to install the mscvr-cross-gdroot-g2.crt or even the Pololu Corporation? If yes, how?
Target:
Install an .inf file that uses WinUSB as kernel-mode code.
Solution:
I solved my problem, not exactly as my initial idea of signing the .cat file.
My answer may be disappointing for most of people and I may receive lots of critics for not using the best practices and etc. It's inelegant and sounds more like an workaround than a really solution. But considering the main business of the company and the hurry for using the driver in Windows 8 I've reached a solution that is satisfactory for the company.
The main difference between Windows 7 to Windows 8 when talking about installing an unsigned driver is that Windows 7 shows an annoying red warning message that recommends the user to not install the unsigned driver, and Windows 8, under normal circumstances just doesn't install it anyway.
We coexisted all this time with this warning in Windows 7, so what I've done is to reconfigure Windows 8 to act like Windows 7.
Step 1:
At the end of my software's installation the installer runs a program that verifies the Windows' version, if it is Windows 8 it prompts a dialog asking for installing the drivers and advices that it will demand to reboot the Windows. If the user agrees, it will run a batch file that does:
Step 2:
When the user logs on it will run the second batch file, that was set to run into the RunOnce. It will do:
At this point the driver will be installed and the original settings are restored. The annoying red warning message remains, just like it was in Windows 7, and life goes on..