Re: DIFx Framework - HOWTO

From: Ivan Dimitrov (i_dimitrov_at_prosyst.bg)
Date: 08/18/04 

Date: Wed, 18 Aug 2004 16:08:00 +0300

Erik,

Thank you very much for your reply.

The certificate was not installed on the machine, that's s why I did exactly
what you recommended but I got the same error.

To make some clarifications related to the signing process (I work on
Windows 2000 5.00.2195, SP 4 machine):

1. The test certificate is obtained through the commands:
prompt>makecert -sk TestPrvKey_10 -r -n "CN=CBMA,OU=Citizen,O=Citizen" -ss
Test TestCert_10.cer
Succeeded

prompt>cert2spc TestCert_10.cer TestCert_10.spc
Succeeded

2. I've successfully installed the certificate into the physical store
"Trusted Root Certification Authorities - Local Computer"

3. I've successfully created the unsinged cat file using:
promps>makecat -r -v CBMA.cdf
opened: CBMA.cdf
processing: CBM.dll
processing: OEMUI.dll
processing: OEMUNI.dll
processing: CBM.ini
processing: CBM_CT1000II.INF
processing: CBM_CTS300.INF
processing: CBM_PPU700.INF
processing: CBM1000II.GPD
processing: CTS300.GPD
processing: PPU700.GPD
processing: ttfsub.GPD
processing: CBMA.HLP
processing: eula.txt
Succeeded

4. I've signed the .cat file with signcode.exe using the
TestCertificate_10.spc with TestPrvKey_10 private key

5. Then I have checked the signed cat file with:
prompt>chktrust -q CBMA.cat
CBMA.cat: Succeeded
___________________________________________
Best regards,
Ivan Dimitrov

"Erik[MSFT]" <erik@online.microsoft.com> wrote in message
news:41229e2c$1@news.microsoft.com...
> Since you are using the test certificate, did you check if it is installed
> on your test machine?
>
> (To install the cert, just double click on it. I normally put it into the
> physical store "Trusted Root Certification Authorities - Local Computer".)
>
>
> --
> This posting is provided "AS IS" with no warranty, and confers no rights.
>
>
> "Ivan Dimitrov" <i_dimitrov@prosyst.bg> wrote in message
> news:u9xHJbGhEHA.3264@tk2msftngp13.phx.gbl...
> > Hi All,
> >
> > First, I have only a basic understanding of the certificates, signing,
> etc.
> > so please excuse me if some question appears to be a stupid one :-)
> >
> > I'm evaluating the MS DIFx framework as to make a single file
installation
> > of the driver I've made. In connection with this I have tried to set-up
an
> > installation through DIFx framework but have some troubles with it. I
get
> > the following error in DpInst.log file for every INF file in the driver:
> > "ERROR: driver package 'drive:\path\INFFILE.INF' is unsigned. Error code
> > 0x800B0100, No signature was present in the subject."
> >
> > Could somebody explain me what is the right way to set-up the
> installation.
> > - As far as I know only the cat file should be signed not all the
> files
> > in the driver package...
> >
> > Follows a short description of how I've tried to make the installation:
> >
> > In the INF file I have included the requested CatalogFile and
> > DriverPackageType sections:
> > CatalogFile=CBMA.cat
> > DriverPackageType=PlugAndPlay
> >
> > The content of CBMA.cdf file is:
> >
> > [CatalogHeader]
> > name=CBMA.cat
> >
> > [CatalogFiles]
> > CBM.dll=CBM.dll
> > OEMUI.dll=OEMUI.dll
> > OEMUNI.dll=OEMUNI.dll
> > CBM.ini=CBM.ini
> > CBM_CT1000II.INF=CBM_CT1000II.INF
> > CBM_CTS300.INF=CBM_CTS300.INF
> > CBM_PPU700.INF=CBM_PPU700.INF
> > CBM1000II.GPD=CBM1000II.GPD
> > CTS300.GPD=CTS300.GPD
> > PPU700.GPD=PPU700.GPD
> > ttfsub.GPD=ttfsub.GPD
> > CBMA.HLP=CBMA.HLP
> > eula.txt=eula.txt
> >
> > From this file I have successfully created .cat file and subsequently
> signed
> > it with a test certificate obtained through makecert.exe and
> cert2spc.exe...
> > After that I copied DpInst.exe in the driver directory and made eula.txt
> and
> > dpinst.xml files. Subsequently when I ran DpInst.exe I received the
> > described error.
> >
> > Any help will be appreciated!
> > 10x
> > ___________________________________________
> > Best regards,
> > Ivan Dimitrov
> >
> >
>
>

Relevant Pages

  • Signing drivers with signtool for XP 64-bit -- suppressing the war
    ... Ineed to suppress the unsigned driver installation dialog for an automation ... article "Driver signing policy is automatically elevated for unsigned ... I need to sign our drivers for unattended installation via ... Signing Certificate Chain: ...
    (microsoft.public.development.device.drivers)
  • Re: client installation error
    ... The certificate is TRUST_E_TIME_STAMP however I do not think that will help. ... This posting is provided "AS IS" with no warranties, ... the installation stop at this error "Error 0x80096005: ... >> Jeff Harbaugh [MSFT] ...
    (microsoft.public.sms.setup)
  • Re: recovering files encrypted using EFS
    ... > same name and password as the old WinXP installation, ... > intact backup of the old harddisk on COMP2, ... > didn't export the EFS certificate, ... I could of course restore ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Dear "Well Known National Alarm Company":
    ... I believe it 's only until recent years that a dedicated circuit is required for the communicator. ... certificate was issued in 2006 and should be valid until 2011. ... The first "inspection" was signed off one month after installation. ... ULC requires that you monitor the supervisory output. ...
    (alt.security.alarms)
  • Re: Problems with signed driver
    ... Try to issue a testcertificate and sign the driver with it. ... the installation will behave as an installation of a ... If the signing and the installation of the driver with test certificate ...
    (microsoft.public.development.device.drivers)