search

protaskin / LowCDC-Win10x64

A lowcdc.sys driver package for Windows 10 x64. Supports AVR-CDC and Digispark devices.
GNU General Public License v2.0
23 stars 5 forks source link

SignTool can't sign the driver #1

Closed std66 closed 7 years ago

std66 commented 7 years ago

Hello!

First, I'd like to say thanks for your work, it works fine for me. I've successfully installed the driver while Windows 10 (version 1607 x64, build 14393.187) was started without requiring signature verification. But on the next restart the Windows disabled it because it is not signed. So I installed WDK10 in order to run createcat.bat you provided, but it gives me the output that you can find in the attached file. I ran it with administrator rights from the command prompt. Do you have any ideas to solve this issue?

Thank you in advance, Tamás

out.txt

protaskin commented 7 years ago

Hello, Tamás.

C:\Program Files (x86)\Windows Kits\10\bin\x64>if 0 EQU 1 (if not exist "C:\Users\Tam s\Desktop\LowCDC-Win10x64\certcopy.cer" (

SignTool Error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

I presume that you have ran createcat.bat at least twice, and the first one without the administrator privileges. So the script successfully created your certificate, but could not add it to the Trusted Root Certification Authorities. Once the file certcopy.cer (a copy of the created certificate) is exist, the script assumes that the certificate has been installed properly.

Run Certificate Manager (win+r, certmgr.msc), Action → Find Certificates, type "protaskin" in the "Contains" field, submit the form.

If the certificate is installed you should see something like this: Certificate Manager

If not, you can install it manually: run certcopy.cer, "Install Certificate...", choose Store Location (i would prefer Local Machine), select Trusted Root Certification Authorities, finish the import. Repeat that procedure for Trusted Publishers.

Certificate Import Wizard

Run lowcdc.cat, check the status:

Security Catalog Properties

P. S. Sorry for my English, I'm not good at writing.

protaskin commented 7 years ago

Also, I'm not quite sure how you were able to install the driver without the signature on Win10 x64.

Windows just complains that the INF file does not contain signature information, regardless of TESTSIGNING value: Without signature

A test-signed driver (TESTSIGNING=OFF): Test-signed driver (TESTSIGNING=OFF)

A test-signed driver (TESTSIGNING=ON): Test-signed driver (TESTSIGNING=ON)

At last we can install the driver!

std66 commented 7 years ago

Oh, you're right, I ran the createcat.bat script without administrator privileges at my first attempt. As I see you also mentioned it in the Russian readme. Sorry, I should have read it more carefully. I'll try your advices at the weekend. Thank you!

protaskin commented 7 years ago

No problem. Will be waiting for your feedback.

std66 commented 7 years ago

Thank you for the help. It works properly now.

protaskin commented 7 years ago

I have added checking for administrative privileges (4ff667e), so the problem will not occur henceforth.

Also, have you used the driver for communication with a real device? Could you make a screenshot?

std66 commented 7 years ago

Yes, I'm using this driver with an STK500 compatible AVR programmer as a physical device: https://s17.postimg.org/5ftzrv8xr/stk500_device.png

As you can see, the driver is accepted by Windows: https://s17.postimg.org/wcdz06rr3/devmgmt.png

And the AVR Studio can use the programmer to read and write program from/to the ATmega8: https://s17.postimg.org/gcvbgmvpb/avrstudio.png

protaskin commented 7 years ago

Thanks! I will add them to the readme's screenshot section someday.