From: Denis on
This is my understanding so far, feel free to correct me if I am wrong.
Looking at my issue and others similar to mine as well as all the documentation I read so far.
That is in the context of 64 Bit Vista/7

The Logo certification is not mandatory in order to load a USB driver.
In order to load the package must be signed with a KMCS signature.

The KMCS signature is made based on a certification purchased from an authorized CA vendor,
and a Cross Certificate obtain found at:
http://www.microsoft.com/whdc/winlogo/drvsign/crosscert.mspx

Must also use the signtool provided in the latest WDK (such as WDK 7600.16385.0)

Now my situation and dilemma is at this point:
I have bought a VeriSign Authenticode certification.
Convert and import my spc file in my personal store.

Now when I try to sign my driver I am getting this error.

SignTool sign /v /ac C:\Verisign\MSCV-VSClass3.cer /s my /n "DATAWIND NET ACCESS CORPORATION"
/t http://timestamp.verisign.com/scripts/timestamp.dll MyUsb.sys
The following certificate was selected:
Issued to: DATAWIND NET ACCESS CORPORATION
Issued by: VeriSign Class 3 Code Signing 2009-2 CA
Expires: Wed Sep 22 18:59:59 2010
SHA1 hash: 196399AA62717B1430405533474B44BDFD13C947

SignTool Error: An unexpected internal error has occurred.
Error information: "CryptQueryObject" (-2147024893/0x80070003)


I am stuck help if you please?
Denis


From: Gianluca Varenni on
I would probably try removing the cross-signing (/ac
c:\verisign\mscv-vsclass3.cer) and the timestamping (/t http....) and see if
still fails. And then add those two parameters one by one.

Just my two cents
GV

"Denis @ TheOffice" <denisco(a)ica.net> wrote in message
news:%23X9r$ajXKHA.408(a)TK2MSFTNGP04.phx.gbl...
> This is my understanding so far, feel free to correct me if I am wrong.
> Looking at my issue and others similar to mine as well as all the
> documentation I read so far.
> That is in the context of 64 Bit Vista/7
>
> The Logo certification is not mandatory in order to load a USB driver.
> In order to load the package must be signed with a KMCS signature.
>
> The KMCS signature is made based on a certification purchased from an
> authorized CA vendor,
> and a Cross Certificate obtain found at:
> http://www.microsoft.com/whdc/winlogo/drvsign/crosscert.mspx
>
> Must also use the signtool provided in the latest WDK (such as WDK
> 7600.16385.0)
>
> Now my situation and dilemma is at this point:
> I have bought a VeriSign Authenticode certification.
> Convert and import my spc file in my personal store.
>
> Now when I try to sign my driver I am getting this error.
>
> SignTool sign /v /ac C:\Verisign\MSCV-VSClass3.cer /s my /n "DATAWIND NET
> ACCESS CORPORATION"
> /t http://timestamp.verisign.com/scripts/timestamp.dll MyUsb.sys
> The following certificate was selected:
> Issued to: DATAWIND NET ACCESS CORPORATION
> Issued by: VeriSign Class 3 Code Signing 2009-2 CA
> Expires: Wed Sep 22 18:59:59 2010
> SHA1 hash: 196399AA62717B1430405533474B44BDFD13C947
>
> SignTool Error: An unexpected internal error has occurred.
> Error information: "CryptQueryObject" (-2147024893/0x80070003)
>
>
> I am stuck help if you please?
> Denis
>
>


From: David Craig on
Main batch file:
call signem.bat objchk_win7_amd64\amd64 7_X64,Vista_X64,XP_X64
call signem.bat objfre_win7_amd64\amd64 7_X64,Vista_X64,XP_X64
call signem.bat objchk_win7_x86\i386 7_X86,Vista_X86,XP_X86
call signem.bat objfre_win7_x86\i386 7_X86,Vista_X86,XP_X86

signem.bat:
@echo off
set
PATH=%PATH%;c:\WINDDK\7600.16385.0\bin\x86;c:\WINDDK\7600.16385.0\bin\SelfSign
inf2cat /drv:%1 /os:%2 /verbose

@echo ****************************************************************
@echo * Signing catalog files *
@echo ****************************************************************
for /r %1 %%I in (*.cat *.sys) do (
@echo signing %%I
signtool sign /v /ac C:\Depot\dk\win\verisign\MSCV-VSClass3.cer /s my /n
"My Company" /t http://timestamp.verisign.com/scripts/timestamp.dll %%I
)


I don't see any attempt to sign or create a cat file. It does a lot of
checking in the inf2cat program that may catch some errors in the inf.


"Gianluca Varenni" <gianluca.varenni(a)community.nospam> wrote in message
news:%23QgmudqXKHA.4688(a)TK2MSFTNGP06.phx.gbl...
>I would probably try removing the cross-signing (/ac
>c:\verisign\mscv-vsclass3.cer) and the timestamping (/t http....) and see
>if still fails. And then add those two parameters one by one.
>
> Just my two cents
> GV
>
> "Denis @ TheOffice" <denisco(a)ica.net> wrote in message
> news:%23X9r$ajXKHA.408(a)TK2MSFTNGP04.phx.gbl...
>> This is my understanding so far, feel free to correct me if I am wrong.
>> Looking at my issue and others similar to mine as well as all the
>> documentation I read so far.
>> That is in the context of 64 Bit Vista/7
>>
>> The Logo certification is not mandatory in order to load a USB driver.
>> In order to load the package must be signed with a KMCS signature.
>>
>> The KMCS signature is made based on a certification purchased from an
>> authorized CA vendor,
>> and a Cross Certificate obtain found at:
>> http://www.microsoft.com/whdc/winlogo/drvsign/crosscert.mspx
>>
>> Must also use the signtool provided in the latest WDK (such as WDK
>> 7600.16385.0)
>>
>> Now my situation and dilemma is at this point:
>> I have bought a VeriSign Authenticode certification.
>> Convert and import my spc file in my personal store.
>>
>> Now when I try to sign my driver I am getting this error.
>>
>> SignTool sign /v /ac C:\Verisign\MSCV-VSClass3.cer /s my /n "DATAWIND NET
>> ACCESS CORPORATION"
>> /t http://timestamp.verisign.com/scripts/timestamp.dll MyUsb.sys
>> The following certificate was selected:
>> Issued to: DATAWIND NET ACCESS CORPORATION
>> Issued by: VeriSign Class 3 Code Signing 2009-2 CA
>> Expires: Wed Sep 22 18:59:59 2010
>> SHA1 hash: 196399AA62717B1430405533474B44BDFD13C947
>>
>> SignTool Error: An unexpected internal error has occurred.
>> Error information: "CryptQueryObject" (-2147024893/0x80070003)
>>
>>
>> I am stuck help if you please?
>> Denis
>>
>>
>
>


From: Gianluca Varenni on
The OP is actually trying to sign the sys file itself, so inf2cat is not
involved in this case.

GV

"David Craig" <drivers(a)nospam.nospam> wrote in message
news:O4vMh2qXKHA.4688(a)TK2MSFTNGP06.phx.gbl...
> Main batch file:
> call signem.bat objchk_win7_amd64\amd64 7_X64,Vista_X64,XP_X64
> call signem.bat objfre_win7_amd64\amd64 7_X64,Vista_X64,XP_X64
> call signem.bat objchk_win7_x86\i386 7_X86,Vista_X86,XP_X86
> call signem.bat objfre_win7_x86\i386 7_X86,Vista_X86,XP_X86
>
> signem.bat:
> @echo off
> set
> PATH=%PATH%;c:\WINDDK\7600.16385.0\bin\x86;c:\WINDDK\7600.16385.0\bin\SelfSign
> inf2cat /drv:%1 /os:%2 /verbose
>
> @echo ****************************************************************
> @echo * Signing catalog files *
> @echo ****************************************************************
> for /r %1 %%I in (*.cat *.sys) do (
> @echo signing %%I
> signtool sign /v /ac C:\Depot\dk\win\verisign\MSCV-VSClass3.cer /s my
> /n "My Company" /t http://timestamp.verisign.com/scripts/timestamp.dll %%I
> )
>
>
> I don't see any attempt to sign or create a cat file. It does a lot of
> checking in the inf2cat program that may catch some errors in the inf.
>
>
> "Gianluca Varenni" <gianluca.varenni(a)community.nospam> wrote in message
> news:%23QgmudqXKHA.4688(a)TK2MSFTNGP06.phx.gbl...
>>I would probably try removing the cross-signing (/ac
>>c:\verisign\mscv-vsclass3.cer) and the timestamping (/t http....) and see
>>if still fails. And then add those two parameters one by one.
>>
>> Just my two cents
>> GV
>>
>> "Denis @ TheOffice" <denisco(a)ica.net> wrote in message
>> news:%23X9r$ajXKHA.408(a)TK2MSFTNGP04.phx.gbl...
>>> This is my understanding so far, feel free to correct me if I am wrong.
>>> Looking at my issue and others similar to mine as well as all the
>>> documentation I read so far.
>>> That is in the context of 64 Bit Vista/7
>>>
>>> The Logo certification is not mandatory in order to load a USB driver.
>>> In order to load the package must be signed with a KMCS signature.
>>>
>>> The KMCS signature is made based on a certification purchased from an
>>> authorized CA vendor,
>>> and a Cross Certificate obtain found at:
>>> http://www.microsoft.com/whdc/winlogo/drvsign/crosscert.mspx
>>>
>>> Must also use the signtool provided in the latest WDK (such as WDK
>>> 7600.16385.0)
>>>
>>> Now my situation and dilemma is at this point:
>>> I have bought a VeriSign Authenticode certification.
>>> Convert and import my spc file in my personal store.
>>>
>>> Now when I try to sign my driver I am getting this error.
>>>
>>> SignTool sign /v /ac C:\Verisign\MSCV-VSClass3.cer /s my /n "DATAWIND
>>> NET ACCESS CORPORATION"
>>> /t http://timestamp.verisign.com/scripts/timestamp.dll MyUsb.sys
>>> The following certificate was selected:
>>> Issued to: DATAWIND NET ACCESS CORPORATION
>>> Issued by: VeriSign Class 3 Code Signing 2009-2 CA
>>> Expires: Wed Sep 22 18:59:59 2010
>>> SHA1 hash: 196399AA62717B1430405533474B44BDFD13C947
>>>
>>> SignTool Error: An unexpected internal error has occurred.
>>> Error information: "CryptQueryObject" (-2147024893/0x80070003)
>>>
>>>
>>> I am stuck help if you please?
>>> Denis
>>>
>>>
>>
>>
>
>


From: David Craig on
Yes, I saw that but since I KNOW that doing the inf and cat signing works,
maybe it is just a good idea to do it all and take what you need. The batch
files I use do both - note the 'for' loop.

"Gianluca Varenni" <gianluca.varenni(a)community.nospam> wrote in message
news:etkJwiwXKHA.5368(a)TK2MSFTNGP02.phx.gbl...
> The OP is actually trying to sign the sys file itself, so inf2cat is not
> involved in this case.
>
> GV
>
> "David Craig" <drivers(a)nospam.nospam> wrote in message
> news:O4vMh2qXKHA.4688(a)TK2MSFTNGP06.phx.gbl...
>> Main batch file:
>> call signem.bat objchk_win7_amd64\amd64 7_X64,Vista_X64,XP_X64
>> call signem.bat objfre_win7_amd64\amd64 7_X64,Vista_X64,XP_X64
>> call signem.bat objchk_win7_x86\i386 7_X86,Vista_X86,XP_X86
>> call signem.bat objfre_win7_x86\i386 7_X86,Vista_X86,XP_X86
>>
>> signem.bat:
>> @echo off
>> set
>> PATH=%PATH%;c:\WINDDK\7600.16385.0\bin\x86;c:\WINDDK\7600.16385.0\bin\SelfSign
>> inf2cat /drv:%1 /os:%2 /verbose
>>
>> @echo ****************************************************************
>> @echo * Signing catalog files *
>> @echo ****************************************************************
>> for /r %1 %%I in (*.cat *.sys) do (
>> @echo signing %%I
>> signtool sign /v /ac C:\Depot\dk\win\verisign\MSCV-VSClass3.cer /s my
>> /n "My Company" /t http://timestamp.verisign.com/scripts/timestamp.dll
>> %%I
>> )
>>
>>
>> I don't see any attempt to sign or create a cat file. It does a lot of
>> checking in the inf2cat program that may catch some errors in the inf.
>>
>>
>> "Gianluca Varenni" <gianluca.varenni(a)community.nospam> wrote in message
>> news:%23QgmudqXKHA.4688(a)TK2MSFTNGP06.phx.gbl...
>>>I would probably try removing the cross-signing (/ac
>>>c:\verisign\mscv-vsclass3.cer) and the timestamping (/t http....) and see
>>>if still fails. And then add those two parameters one by one.
>>>
>>> Just my two cents
>>> GV
>>>
>>> "Denis @ TheOffice" <denisco(a)ica.net> wrote in message
>>> news:%23X9r$ajXKHA.408(a)TK2MSFTNGP04.phx.gbl...
>>>> This is my understanding so far, feel free to correct me if I am wrong.
>>>> Looking at my issue and others similar to mine as well as all the
>>>> documentation I read so far.
>>>> That is in the context of 64 Bit Vista/7
>>>>
>>>> The Logo certification is not mandatory in order to load a USB driver.
>>>> In order to load the package must be signed with a KMCS signature.
>>>>
>>>> The KMCS signature is made based on a certification purchased from an
>>>> authorized CA vendor,
>>>> and a Cross Certificate obtain found at:
>>>> http://www.microsoft.com/whdc/winlogo/drvsign/crosscert.mspx
>>>>
>>>> Must also use the signtool provided in the latest WDK (such as WDK
>>>> 7600.16385.0)
>>>>
>>>> Now my situation and dilemma is at this point:
>>>> I have bought a VeriSign Authenticode certification.
>>>> Convert and import my spc file in my personal store.
>>>>
>>>> Now when I try to sign my driver I am getting this error.
>>>>
>>>> SignTool sign /v /ac C:\Verisign\MSCV-VSClass3.cer /s my /n "DATAWIND
>>>> NET ACCESS CORPORATION"
>>>> /t http://timestamp.verisign.com/scripts/timestamp.dll MyUsb.sys
>>>> The following certificate was selected:
>>>> Issued to: DATAWIND NET ACCESS CORPORATION
>>>> Issued by: VeriSign Class 3 Code Signing 2009-2 CA
>>>> Expires: Wed Sep 22 18:59:59 2010
>>>> SHA1 hash: 196399AA62717B1430405533474B44BDFD13C947
>>>>
>>>> SignTool Error: An unexpected internal error has occurred.
>>>> Error information: "CryptQueryObject" (-2147024893/0x80070003)
>>>>
>>>>
>>>> I am stuck help if you please?
>>>> Denis
>>>>
>>>>
>>>
>>>
>>
>>
>
>


 |  Next  |  Last
Pages: 1 2
Prev: WinUsb and WHQL signing
Next: USB device emulation