Closed julieen closed 2 years ago
Not so sure about this but just want to make sure if you have disabled the Driver Signing Enforcement https://github.com/SoftU2F/SoftU2F-Win#prerequisites
If that didn’t help, I’ll need the exact environment that you are running on to reproduce the issue you described here.
Hello,
just started to implement and followed installation instrutions. No success. Set TESTSIGNIG OFF. also going other ideas url. Nothing. Here is what the log says:
sig: Driver package catalog is valid.
sig: {_VERIFY_FILE_SIGNATURE} 10:30:57.989
sig: Key = SoftU2F.inf
sig: FilePath = C:\WINDOWS\System32\DriverStore\Temp\{2e8a3dd6-427a-ca45-be4b-a43d9eaca758}\SoftU2F.inf
sig: Catalog = C:\WINDOWS\System32\DriverStore\Temp\{2e8a3dd6-427a-ca45-be4b-a43d9eaca758}\SoftU2F.cat
! sig: Verifying file against specific (valid) catalog failed. sig: {_VERIFY_FILE_SIGNATURE exit(0x800b0109)} 10:30:57.996 sig: {_VERIFY_FILE_SIGNATURE} 10:30:57.999 sig: Key = SoftU2F.inf sig: FilePath = C:\WINDOWS\System32\DriverStore\Temp{2e8a3dd6-427a-ca45-be4b-a43d9eaca758}\SoftU2F.inf sig: Catalog = C:\WINDOWS\System32\DriverStore\Temp{2e8a3dd6-427a-ca45-be4b-a43d9eaca758}\SoftU2F.cat ! sig: Verifying file against specific Authenticode(tm) catalog failed. sig: {_VERIFY_FILE_SIGNATURE exit(0x800b0109)} 10:30:58.003 !!! sig: Driver package catalog file certificate does not belong to Trusted Root Certificates, and Code Integrity is enforced. !!! sig: Driver package failed signature validation. Error = 0xE0000247 sto: {DRIVERSTORE IMPORT VALIDATE: exit(0xe0000247)} 10:30:58.005 !!! sig: Driver package failed signature verification. Error = 0xE0000247 !!! sto: Failed to import driver package into Driver Store. Error = 0xE0000247 sto: {Stage Driver Package: exit(0xe0000247)} 10:30:58.010 dvs: {Driver Setup Import Driver Package - exit (0xe0000247)} 10:30:58.016 !!! dvs: Failed to import driver packages under 'F:\SoftU2F-Driver-2021-03-28\SoftU2F.inf'. Error = 0xe0000247 dvs: {DrvSetupInstallDriver - exit(e0000247)} <<< Section end 2021/04/29 10:30:58.020 <<< [Exit status: FAILURE(0xe0000247)]
Windows Version: 20H2 Build 19042.928.
THX Gerd
hi @mrhell69
what's the output of bcdedit
on your machine?
could you please also try to disable "Secure Boot" from your mother board setup?
it does look like a cert trust issue to me.
also you may find this useful by tuning the registry: https://superuser.com/questions/1113674/how-do-i-allow-cross-signed-kernel-drivers-in-windows-10-version-1607-with-secur
hi @ibigbug,
I disabled Secure Boot in Bios. no success! Added reg key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Policy] "UpgradedSystem"=dword:00000001 no success!
PS C:\WINDOWS\system32> bcdedit /set TESTSIGNING OFF Der Vorgang wurde erfolgreich beendet. PS F:\SoftU2F-Driver-2021-03-28> ./driver-install.ps1 Device node created. Install is complete when drivers are installed... Updating drivers for Root\SoftU2F from F:\SoftU2F-Driver-2021-03-28\SoftU2F.inf. devcon.exe failed.
Some more I could do?
Cheers Gerd
@mrhell69 Please download the latest release from https://github.com/SoftU2F/SoftU2F-Win/releases/tag/2021-04-30
and install the certificates to the "Trusted Store" on your machine.
The cert can be found by right clicking on the .sys file and "View Certificate"
this should work.
@ibigbug I have the exact same problem on Windows 7. Installing certificates from .sys file does not help.
@ibigbug I have the exact same problem on Windows 7. Installing certificates from .sys file does not help.
https://github.com/SoftU2F/SoftU2F-Win/issues/12#issuecomment-1065002646
the latest release should work: https://github.com/SoftU2F/SoftU2F-Win/issues/12#issuecomment-1065002646
A possible reason why adding the certificate doesn't work, might be that there is no trust relationship when adding the certificate directly.
The driver needs to be signed with a (self-made) certificate that is issued by a (self-made) Root CA. Then you need to include the Root CA cert in the driver zip and users will need to install the Root CA cert into the "Trusted Root Certification Authorities". I'm not sure whether it will work, but it might be worth trying..
BTW: "Trusted Store" doesn't exist!
It could also be due to the driver being signed without time counter signature:
All other drivers have it.
Driver Signing Enforcement and Secure Boot both off, certificate installed, driver installed, though perhaps not properly? Daemon won't open, what am I doing wrong?
This issue is stale because it has been open for 30 days with no activity.
This issue was closed because it has been inactive for 14 days since being marked as stale.
I didn't succeed to install he driver correctly. Indeed the driver installation seems to be successful but in the control panel there is a problem :
"Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or corrupted. (Code 19)"
And so, the daemon can't start.