Windows 10 driver reported by SignTool as having no signature, but is signed

0

I've checked out this USB Device Emulation (UDE) project : https://github.com/microsoft/UDE/tree/master/UDEMbimClientSample

The project built properly the driver for x64 target in Release configuration under Visual Studio 19 Community :

1>------ Début de la régénération globale : Projet : hostude, Configuration : Release x64 ------
2>------ Début de la régénération globale : Projet : hostudetest, Configuration : Release x64 ------
1>Building 'hostude' with toolset 'WindowsKernelModeDriver10.0' and the 'Desktop' target platform.
1>Stamping x64\Release\hostude.inf
1>Stamping [Version] section with DriverVer=06/28/2020,10.49.21.636
1>C:\Users\SCO\source\repos\USB_UDE_Sample\UDEFX_host\driver\hostude.inx(19-19): warning 1324: [Version] section should specify PnpLockdown=1.
1>bulkrwr.c
2>Building 'hostudetest' with toolset 'WindowsApplicationForDrivers10.0' and the 'Universal' target platform.
2>dump.c
1>device.c
2>testapp.c
1>driver.c
2>Génération de code en cours...
1>Interrupt.c
1>ioctl.c
1>Génération de code en cours...
2>hostudetest.vcxproj -> C:\Users\SCO\source\repos\USB_UDE_Sample\UDEFX_host\exe\x64\Release\hostudetest.exe
1>hostude.vcxproj -> C:\Users\SCO\source\repos\USB_UDE_Sample\UDEFX_host\driver\x64\Release\hostude.sys
1>Done Adding Additional Store
1>Successfully signed: C:\Users\SCO\source\repos\USB_UDE_Sample\UDEFX_host\driver\x64\Release\hostude.sys
1>
1>catalog file for x64 release
2>Driver is 'Universal'.
1>.............................................................
1>Signability test complete.
1>
1>Errors:
1>None
1>
1>Warnings:
1>None
1>
1>Catalog generation complete.
1>C:\Users\SCO\source\repos\USB_UDE_Sample\UDEFX_host\driver\x64\Release\kmdfsamples.cat
1>Génération du projet "hostude.vcxproj" terminée.
========== Régénération globale : 2 a réussi, 0 a échoué, 0 a été ignoré ==========

A .cat, .inf and .sys files are generated, as well as a .cer file. I added the latter to Local Machine certificate store in 'root' and 'trusted publishers' using certmgr.msc.

When trying to use devcon to install the driver, I get the indication that "no signature was found in the subject" in the following log devcon lo, then later on that it was not digitally signed :

>>>  [Device Install (UpdateDriverForPlugAndPlayDevices) - USB\VID_1209&PID_0887]
>>>  Section start 2020/06/28 09:34:27.873
      cmd: devcon.exe  install hostude.inf "USB\VID_1209&PID_0887"
     ndv: INF path: C:\Users\SCO\source\repos\USB_UDE_Sample\generes\hostude.inf
     ndv: Install flags: 0x00000001
     ndv: {Update Device Driver - ROOT\SAMPLE\0000}
     ndv:      Search options: 0x00000080
     ndv:      Searching single INF 'C:\Users\SCO\source\repos\USB_UDE_Sample\generes\hostude.inf'
     dvi:      {Build Driver List} 09:34:27.906
     dvi:           Searching for hardware ID(s):
     dvi:                usb\vid_1209&pid_0887
     sig:           {_VERIFY_FILE_SIGNATURE} 09:34:27.938
     sig:                Key      = hostude.inf
     sig:                FilePath = c:\users\SCO\source\repos\usb_ude_sample\generes\hostude.inf
     sig:                Catalog  = c:\users\SCO\source\repos\usb_ude_sample\generes\KmdfSamples.cat
!    sig:                Verifying file against specific (valid) catalog failed.
!    sig:                Error 0x800b0100: No signature was present in the subject.
     sig:           {_VERIFY_FILE_SIGNATURE exit(0x800b0100)} 09:34:27.968
     sig:           {_VERIFY_FILE_SIGNATURE} 09:34:27.969
     sig:                Key      = hostude.inf
     sig:                FilePath = c:\users\SCO\source\repos\usb_ude_sample\generes\hostude.inf
     sig:                Catalog  = c:\users\SCO\source\repos\usb_ude_sample\generes\KmdfSamples.cat
!    sig:                Verifying file against specific Authenticode(tm) catalog failed.
!    sig:                Error 0x800b0100: No signature was present in the subject.
     sig:           {_VERIFY_FILE_SIGNATURE exit(0x800b0100)} 09:34:27.972
     dvi:           Created Driver Node:
     dvi:                HardwareID   - USB\VID_1209&PID_0887
     dvi:                InfName      - c:\users\SCO\source\repos\usb_ude_sample\generes\hostude.inf
     dvi:                DevDesc      - Virtual USB Device for UDE sample
     dvi:                Section      - lxhostude.Dev.NT
     dvi:                Rank         - 0x80ff0000
     dvi:                Signer Score - Not digitally signed
     dvi:                DrvDate      - 06/28/2020
     dvi:                Version      - 9.0.23.397
     dvi:      {Build Driver List - exit(0x00000000)} 09:34:27.976
     dvi:      {DIF_SELECTBESTCOMPATDRV} 09:34:27.977
     dvi:           Default installer: Enter 09:34:27.977
     dvi:                {Select Best Driver}
     dvi:                     Class GUID of device changed to: {78a1c341-4539-11d3-b88d-00c04fad5171}.
     dvi:                     Selected Driver:
     dvi:                          Description - Virtual USB Device for UDE sample
     dvi:                          InfFile     - c:\users\SCO\source\repos\usb_ude_sample\generes\hostude.inf
     dvi:                          Section     - lxhostude.Dev
     dvi:                {Select Best Driver - exit(0x00000000)}
     dvi:           Default installer: Exit
     dvi:      {DIF_SELECTBESTCOMPATDRV - exit(0x00000000)} 09:34:27.981
     ndv:      Force Installing Driver:
     ndv:           Inf Name       - hostude.inf
     ndv:           Driver Date    - 06/28/2020
     ndv:           Driver Version - 9.0.23.397
     sto:      {Setup Import Driver Package: c:\users\SCO\source\repos\usb_ude_sample\generes\hostude.inf} 09:34:27.984
     inf:           Provider: TODO-Set-Provider
     inf:           Class GUID: {78A1C341-4539-11d3-B88D-00C04FAD5171}
     inf:           Driver Version: 06/28/2020,9.0.23.397
     inf:           Catalog File: KmdfSamples.cat
     sto:           {Copy Driver Package: c:\users\SCO\source\repos\usb_ude_sample\generes\hostude.inf} 09:34:27.990
     sto:                Driver Package = c:\users\SCO\source\repos\usb_ude_sample\generes\hostude.inf
     sto:                Flags          = 0x00000007
     sto:                Destination    = C:\Users\ADM160~1\AppData\Local\Temp\{c575c0d5-20a9-eb43-ba83-57838dc44c4f}
     sto:                Copying driver package files to 'C:\Users\ADM160~1\AppData\Local\Temp\{c575c0d5-20a9-eb43-ba83-57838dc44c4f}'.
     flq:                Copying 'c:\users\SCO\source\repos\usb_ude_sample\generes\KmdfSamples.cat' to 'C:\Users\ADM160~1\AppData\Local\Temp\{c575c0d5-20a9-eb43-ba83-57838dc44c4f}\KmdfSamples.cat'.
     flq:                Copying 'c:\users\SCO\source\repos\usb_ude_sample\generes\hostude.inf' to 'C:\Users\ADM160~1\AppData\Local\Temp\{c575c0d5-20a9-eb43-ba83-57838dc44c4f}\hostude.inf'.
     flq:                Copying 'c:\users\SCO\source\repos\usb_ude_sample\generes\hostude.sys' to 'C:\Users\ADM160~1\AppData\Local\Temp\{c575c0d5-20a9-eb43-ba83-57838dc44c4f}\hostude.sys'.
     sto:           {Copy Driver Package: exit(0x00000000)} 09:34:28.010
     pol:           {Driver package policy check} 09:34:28.069
     pol:           {Driver package policy check - exit(0x00000000)} 09:34:28.070
     sto:           {Stage Driver Package: C:\Users\ADM160~1\AppData\Local\Temp\{c575c0d5-20a9-eb43-ba83-57838dc44c4f}\hostude.inf} 09:34:28.070
     inf:                {Query Configurability: C:\Users\ADM160~1\AppData\Local\Temp\{c575c0d5-20a9-eb43-ba83-57838dc44c4f}\hostude.inf} 09:34:28.076
     inf:                     Driver package uses WDF.
     inf:                     Driver package 'hostude.inf' is configurable.
     inf:                {Query Configurability: exit(0x00000000)} 09:34:28.078
     flq:                Copying 'C:\Users\ADM160~1\AppData\Local\Temp\{c575c0d5-20a9-eb43-ba83-57838dc44c4f}\KmdfSamples.cat' to 'C:\WINDOWS\System32\DriverStore\Temp\{7caccbd7-e000-8346-9111-8852dc2b1d25}\KmdfSamples.cat'.
     flq:                Copying 'C:\Users\ADM160~1\AppData\Local\Temp\{c575c0d5-20a9-eb43-ba83-57838dc44c4f}\hostude.inf' to 'C:\WINDOWS\System32\DriverStore\Temp\{7caccbd7-e000-8346-9111-8852dc2b1d25}\hostude.inf'.
     flq:                Copying 'C:\Users\ADM160~1\AppData\Local\Temp\{c575c0d5-20a9-eb43-ba83-57838dc44c4f}\hostude.sys' to 'C:\WINDOWS\System32\DriverStore\Temp\{7caccbd7-e000-8346-9111-8852dc2b1d25}\hostude.sys'.
     sto:                {DRIVERSTORE IMPORT VALIDATE} 09:34:28.096
     sig:                     {_VERIFY_FILE_SIGNATURE} 09:34:28.125
     sig:                          Key      = hostude.inf
     sig:                          FilePath = C:\WINDOWS\System32\DriverStore\Temp\{7caccbd7-e000-8346-9111-8852dc2b1d25}\hostude.inf
     sig:                          Catalog  = C:\WINDOWS\System32\DriverStore\Temp\{7caccbd7-e000-8346-9111-8852dc2b1d25}\KmdfSamples.cat
!    sig:                          Verifying file against specific (valid) catalog failed.
!    sig:                          Error 0x800b0100: No signature was present in the subject.
     sig:                     {_VERIFY_FILE_SIGNATURE exit(0x800b0100)} 09:34:28.129
     sig:                     {_VERIFY_FILE_SIGNATURE} 09:34:28.130
     sig:                          Key      = hostude.inf
     sig:                          FilePath = C:\WINDOWS\System32\DriverStore\Temp\{7caccbd7-e000-8346-9111-8852dc2b1d25}\hostude.inf
     sig:                          Catalog  = C:\WINDOWS\System32\DriverStore\Temp\{7caccbd7-e000-8346-9111-8852dc2b1d25}\KmdfSamples.cat
!    sig:                          Verifying file against specific Authenticode(tm) catalog failed.
!    sig:                          Error 0x800b0100: No signature was present in the subject.
     sig:                     {_VERIFY_FILE_SIGNATURE exit(0x800b0100)} 09:34:28.133
!!!  sig:                     Driver package catalog file does not contain a signature, and Code Integrity is enforced.
!!!  sig:                     Driver package failed signature validation. Error = 0xE0000247
     sto:                {DRIVERSTORE IMPORT VALIDATE: exit(0xe0000247)} 09:34:28.135
!!!  sig:                Driver package failed signature verification. Error = 0xE0000247
!!!  sto:                Failed to import driver package into Driver Store. Error = 0xE0000247
     sto:           {Stage Driver Package: exit(0xe0000247)} 09:34:28.137
     sto:      {Setup Import Driver Package - exit (0xe0000247)} 09:34:28.143
!!!  ndv:      Driver package import failed for device.
!!!  ndv:      Error 0xe0000247: A problem was encountered while attempting to add the driver to the store.
     ndv:      Installing NULL driver.
     dvi:      {Plug and Play Service: Device Install for ROOT\SAMPLE\0000}
!    dvi:           Installing NULL driver!
     dvi:           {DIF_ALLOW_INSTALL} 09:34:28.291
     dvi:                Default installer: Enter 09:34:28.292
     dvi:                Default installer: Exit
     dvi:           {DIF_ALLOW_INSTALL - exit(0xe000020e)} 09:34:28.293
     dvi:           {DIF_REGISTER_COINSTALLERS} 09:34:28.293
     dvi:                Default installer: Enter 09:34:28.294
     dvi:                Default installer: Exit
     dvi:           {DIF_REGISTER_COINSTALLERS - exit(0x00000000)} 09:34:28.294
     dvi:           {DIF_INSTALLDEVICE} 09:34:28.295
     dvi:                Default installer: Enter 09:34:28.295
!    dvi:                     Installing NULL driver!
     dvi:                     Install Null Driver: Removing device sub-tree. 09:34:28.297
     dvi:                     Install Null Driver: Removing device sub-tree completed. 09:34:28.300
     dvi:                     Install Null Driver: Restarting device. 09:34:28.304
     dvi:                     Install Null Driver: Restarting device completed. 09:34:28.306
     dvi:                     Device Status: 0x01802401, Problem: 0x1c (0x00000000)
     dvi:                     Install Device: Starting device 'ROOT\SAMPLE\0000'. 09:34:28.307
     dvi:                     Install Device: Starting device completed. 09:34:28.310
     dvi:                Default installer: Exit
     dvi:           {DIF_INSTALLDEVICE - exit(0x00000000)} 09:34:28.311
     ump:      {Plug and Play Service: Device Install exit(00000000)}
     ndv: {Update Device Driver - exit(e0000247)}
!!!  ndv: Failed to install device instance 'ROOT\SAMPLE\0000'. Error = 0xe0000247
<<<  Section end 2020/06/28 09:34:28.316
<<<  [Exit status: FAILURE(0xe0000247)]

Indeed, using the following signtool command line, shows that the file is not signed :

C:\Users\SCO\source\repos\USB_UDE_Sample\generes>"C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x64\signtool.Exe" verify /v /kp /c kmdfsamples.cat hostude.inf

Verifying: hostude.inf
File is signed in catalog: C:\Users\SCO\source\repos\USB_UDE_Sample\generes\kmdfsamples.cat
Hash of file (sha1): 91E53BD8390C9843F9B856C2138CBF1A6BAFB3EA
SignTool Error: No signature found.
SignTool Error: File not valid: hostude.inf

Number of files successfully Verified: 0
Number of warnings: 0
Number of errors: 1

Unfortunately, when I right click the driver file (hostude.sys), I can see the pane showing the certificate.

enter image description here

What is wrong here ? What could explain the discrepancy ? I'm pretty new into the WDK stuff and can't explain this to me.

windows
driver
code-signing
wdk
asked on Stack Overflow Jun 28, 2020 by SCO

1 Answer

1

It's a test signature and you must enable "test signing" on your machine, using BCDEdit to run your driver.

Test signature is not valid for kernel mode code signing even if you add this to your trusted root.

answered on Stack Overflow Nov 10, 2020 by Sadegh

User contributions licensed under CC BY-SA 3.0