Windows biometric framework sample umdf driver: This device cannot start. (Code 10)
I am trying to run a windows biometric driver sample and I am naive to driver development
I have changed the hardware id in the inx file and rebuilt the driver project and installed the resulting driver on my Windows 10 Pro version 1803.
I am using a Fingerprint Morpho Device 1300 E3
Driver got installed successfully but there is one error showing up:
This device cannot start. (Code 10) The specified request is not a valid operation for the target device.
I reviewed the file C:\Windows\INF\setupapi.dev.log
It shows the next warnings:
sig: {_VERIFY_FILE_SIGNATURE} 10:13:03.130
sig: Key = wudfbiousbsample.inf
sig: FilePath = C:\WINDOWS\System32\DriverStore\Temp\{ee9ffca3-751f-0b4e-a7ac-dce2543d995e}\wudfbiousbsample.inf
sig: Catalog = C:\WINDOWS\System32\DriverStore\Temp\{ee9ffca3-751f-0b4e-a7ac-dce2543d995e}\biometrics.cat
! sig: Verifying file against specific (valid) catalog failed.
! sig: Error 0x800b0109: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
!!! dvi: Device not started: Device has problem: 0x0a (CM_PROB_FAILED_START), problem status: 0xc0000450.
But I installed the TestCertificate on the Trusted Root Certification Authorities and Trusted Publishers on the local machine
I also checked the EventViewer: Application and Services Logs > Microsoft\Windows\CodeIntegrity Application and Services Logs > Microsoft\Windows\Biometrics
I tried to debug with wdfverifier.exe following some videos from msdn but the process is not started so I couldn't debug :(
I verified that Visual Studio is not signing the EngineAdapter.dll plugin file so I disabled driver signing and did it manually following this paper. But I get the same error code 10 :(
I also wondered if error code 10 is this the expected behavior because the code of EngineAdapter.dll is not implemented.
UPDATE: I am testing on a Windows 10 Pro Version 1709 Virtual Machine VMWare and I get other error:
This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
!!! dvi: Device not started: Device has problem: 0x1f (CM_PROB_FAILED_ADD), problem status: 0xc0000001.
And the same warnings:
sig: {_VERIFY_FILE_SIGNATURE} 17:19:01.646
sig: Key = wudfbiousbsample.inf
sig: FilePath = C:\Windows\System32\DriverStore\Temp\{85323f79-3f5f-f84c-a52b-639b6ae57db1}\wudfbiousbsample.inf
sig: Catalog = C:\Windows\System32\DriverStore\Temp\{85323f79-3f5f-f84c-a52b-639b6ae57db1}\biometrics.cat
! sig: Verifying file against specific (valid) catalog failed.
! sig: Error 0x800b0109: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
sig: {_VERIFY_FILE_SIGNATURE exit(0x800b0109)} 17:19:01.661
sig: {_VERIFY_FILE_SIGNATURE} 17:19:01.676
sig: Key = wudfbiousbsample.inf
sig: FilePath = C:\Windows\System32\DriverStore\Temp\{85323f79-3f5f-f84c-a52b-639b6ae57db1}\wudfbiousbsample.inf
sig: Catalog = C:\Windows\System32\DriverStore\Temp\{85323f79-3f5f-f84c-a52b-639b6ae57db1}\biometrics.cat
sig: Success: File is signed in Authenticode(tm) catalog.
sig: Error 0xe0000241: The INF was signed with an Authenticode(tm) catalog from a trusted publisher.
sig: {_VERIFY_FILE_SIGNATURE exit(0xe0000241)} 17:19:01.708
sto: {DRIVERSTORE IMPORT VALIDATE: exit(0x00000000)} 17:19:01.739
Full log file here setupapi.dev.log
I tought the driver does not load because the warnings about the certificate or the error could be somewhere else.
If someone could give me a small advice to continue. I am stuck now :(
Many Thanks.
Juan Rojas1 Answer
All started when I was able to install my Biometric Driver but it showed a "Yellow Exclamation Mark" and a generic message "This device cannot start. (Code 10)"
The biometric sample project does not include an example how to sign properly EngineAdapter.dll with Visual Studio I found this resource (page 33-34) where shows How to Sign The EngineAdapter on project properties Build Events -> Post Build Event:
Command Line: signtool sign /v /ac "Path_to_cross_certificate_DigiCert Assured ID Root CA.crt" /tr http://timestamp.digicert.com /td sha256 /fd sha256 /f "path_to_my_certificate_file.pfx" /p mypassword "$(Platform)\$(ConfigurationName)\EngineAdapter.dll"
Use In Build: Yes
Next This first video tutorial shows an example of debugging umdf driver using a tool from the WDK wdfverifier.exe I couldn't attach the debugger to my driver process because the process is not present. But I could debug at startup before the process crashes.
To debug with wdfverifier.exe I took the following steps:
Settings Tab: Check the option "Automatically Launch user-mode debugger when requested", specify 15 seconds in the input "Host Process will wait"
Preferences Tab: Check "Use WinDbg", then
Disable/Enable my device on Device Manager
WinDbg launches and I can check if my driver module was loaded with the next command:
lm m *bio*
//the module is not loaded, use g commant to continue
g
//again see if the module was loaded
lm m *bio*
//module shows up, great!
Now I can set break points but before that I had to specify to WinDbg where are the symbol file (*.pdb) and source code of the driver with the next commands (the paths may be different if you build the package project, I am building the WudfBioUsbSample with a reference to EngineAdapter Project):
.symfix
.srcpath+ C:\Users\myuser\Documents\Windows-driver-samples\biometrics\driver
.sympath+ C:\Users\myuser\Documents\Windows-driver-samples\biometrics\driver\x64\Debug
.reload /f
Next I could set a break point:
//x command is used to search if the method exist
x WudfBioUsbSample!CBiometricDriver::*
x WudfBioUsbSample!CBiometricDevice::*
x WudfBioUsbSample!CBiometricDevice::OnGetAttributes
//examples of breakpoints
bp WudfBioUsbSample!CBiometricDriver::OnDeviceAdd
bp WudfBioUsbSample!CBiometricDevice::OnGetAttributes
bp WudfBioUsbSample!CBiometricDevice::CreateUsbIoTargets
The method CreateUsbIoTargets is where the errors show up. These errors are fixed by JinZhuXing in this github issue
After fixing the driver code and debugging that the method CreateUsbIoTargets runs Ok
Still showed me The Yellow Exclamation Mark but this time the error was in the EngineAdapter.dll. The next error shows in EventViewer: Application and Services Logs > Microsoft\Windows\Biometrics
The module's "Engine Adapter" initialization routine failed with error: 0x80004001
The EngineAdapter project methods were returning E_NOTIMPL I just changed this to return S_OK instead for all methods. And the biometric unit was successfully created.
Also debugging of the Engine Plugin is done with Visual Studio. Here are the steps I followed:
Use wdfverifier.exe to attach WinDbg to the process of my umdf driver and set a break point to OnGetAttributes method (this method is called when I start/restart the Windows Biometric Service)This breakpoint will make the service to wait before it calls the EngineAdapter Plugin code.
x WudfBioUsbSample!CBiometricDevice::OnGetAttributes
bp WudfBioUsbSample!CBiometricDevice::OnGetAttributes
g
Restart or start Windows Biometric Service (WbioSrvc on Task Manager->Services Tab)
Copy The Process ID (PID)
Run Visual Studio as Administrator, Open WBDIsample project
Use Menu Debug -> Attach to Process...
Enter the following values:
Connection Type: Windows User Mode Debugger
Connection Target: Localhost
Check "Show processes from all users"
Filter by Process ID
Select the process and Click Attach button.
Set Breakpoints on WbioQueryEngineInterface, EngineAdapterAttach, EngineAdapterDetach a sample implementation is on msdn
run the command g (Go) on WinDbg
g
After this you can debug the code of the plugin on Visual Studio.
What is left is to implement the code for the Biometric Driver and The necessary plugins for your device
User contributions licensed under CC BY-SA 3.0