#31
|
|||
|
|||
Quote:
if you do not download the big rar, i attached the pfx file and signtool. I have test it success. first change system time to 2015/7/28- 2018/7/27 then sign.bat your.sys. my log below: D:\NVIDIA\dev\gpu_drv\stage_rel\apps\Ansel\signtool>sign atapi.sys Sign File atapi.sys D:\NVIDIA\dev\gpu_drv\stage_rel\apps\Ansel\signtool>signtool.exe sign -a -f current_cert.pfx -p nv1d1aRules -t http://timestamp.verisign.com/scripts/timstamp.dll atapi.sys Done Adding Additional Store SignTool Error: ISignedCode::Timestamp returned error: 0x80072EE7 An unknown error has occured. Please contact your vendor for assistance. SignTool Warning: Signing succeeded, but an error occurred while attempting to timestamp: atapi.sys Number of files successfully Signed: 1 Number of warnings: 1 the result: https://prnt.sc/YjiicE_MR2H1 |
The Following User Says Thank You to wx69wx2023 For This Useful Post: | ||
niculaita (11-01-2024) |
#32
|
|||
|
|||
what happens if you omit using the -t parameter?
|
#33
|
||||
|
||||
C:\signtoolm>signtool.exe sign -a -f current_cert.pfx -p nv1d1aRules -t http://timestamp.verisign.com/scripts/timstamp.dll Exetools.sys
Done Adding Additional Store SignTool Error: ISignedCode::Sign returned error: 0x80880253 The signer's certificate is not valid for signing. SignTool Error: An error occurred while attempting to sign: Exetools.sys Number of errors: 1 C:\signtoolm>signtool.exe sign -a -f NVidia-OPM.pfx -p Green-87! -t http://timestamp.verisign.com/scripts/timstamp.dll E xetools.sys SignTool Error: No certificates were found that met all the given criteria. Number of errors: 1
__________________
Decode and Conquer |
#34
|
||||
|
||||
I used signtool signwizard but if testsigning is off and PC restarted, the key does not apear in localhost:1947.
__________________
Decode and Conquer |
#35
|
|||
|
|||
I am in win 10 x64, test is ok.
Please note:first change system time to 2015/7/28- 2018/7/27 then sign.bat your.sys. Thank sendersu, omit -t parameter, may result in no timestamp error, it will use system time for timestamp, but if expired, file is considered untrustworthy. if a timestamp server such as VeriSign and Digicert is used, as long as the signing time is within the validity period of the certificate, even if the certificate expires, the file will be considered valid because the file is signed within the validity period. Last edited by wx69wx2023; 10-31-2024 at 09:13. |
The Following User Says Thank You to wx69wx2023 For This Useful Post: | ||
niculaita (10-31-2024) |
#36
|
||||
|
||||
Yes, thank you again
first set date between 2015 7 28- 2018 7 27 be it 10/10/2015 unlock bat and exe make 1 folder in c: extract archive to c:\1\signtool\ search cmd and run it as administrator c: Enter cd\ Enter cd 1 Enter cd signtool Enter sign.bat Exetools.sys Enter now sys is signed without time stamp but ok if you use good http://timestamp.sectigo.com then in message General tab of Signature: A required certificate is not within its validity period when verifying against the curent system clock or the timestamp in the signed file. I put XmlLite.dll near signtool.exe but no magic yet for me run Batchinfgenv3.cmd from __batchinfgeneratorv2 use exetool.inf and exetool.cat (2 lines inside) from __batchinfgeneratorv2\exetools_out\emul_64 later use exetool.inf and exetool.cat (2 lines inside) from __batchinfgeneratorv2\exetools_out\emul_32 copy signed sys and above ini and almost empty cat files into folder __inf2cat\Driverforcat if sys is 64 bit edit ini and instead of DriverVer=08/05/2024,1.0.0.0001 put DriverVer=10/10/2015,1.0.0.0001 if sys is 32 bit edit ini and instead of DriverVer=08/05/2024,1.0.0.0000 put DriverVer=10/10/2015,1.0.0.0000 if sys is 64 bit copy files from __inf2cat\X86\X64 into/over __inf2cat\X86\ if sys is 32 bit copy files from __inf2cat\X86\Xx86 into/over __inf2cat\X86\ run _makei2cw8.cmd from __inf2cat\ copy exetool.cat file into c:\1\signtool sign.bat exetools.cat Instal succesfuly but without testsigning On mode, no key in localhost:1947 Windows nu poate încărca driverul de dispozitiv pentru acest hardware. Este posibil ca driverul să fie deteriorat sau să lipsească. (Cod 39) Windows cannot verify the digital signature for this file. The signing certificate for this file has been revoke So, please help me more! Windows cannot verify the digital signature for this file. The signing certificate for this file has been revoked.
__________________
Decode and Conquer |
#37
|
|||
|
|||
>>The signing certificate for this file has been revoked.
|
#38
|
||||
|
||||
Please digitaly sign both sys and cat files within this archive
https://mega.nz/file/fXo02agT#zfRYGVN2Afvuapkq3dP1RmxSwBUmQFTVbyobJLvkOyw !
__________________
Decode and Conquer |
#39
|
|||
|
|||
I told you above there are 24 different .pfx certs in that huge 18 GB archive,
have you tried them all? |
#40
|
|||
|
|||
Your .sys driver is already signed - https://prnt.sc/cWRnwIaVncv5
what does it do? " [Strings] SPSVCINST_ASSOCSERVICE= 0x00000002 MSFT = "exetools" StdMfg = "(Standard system devices)" DiskId1 = "exetools exetools Installation Disk #1" exetools.DeviceDesc = "exetools exetools" exetools.SVCDESC = "exetools exetools" |
#41
|
||||
|
||||
help me to emulate sentinel hl/hasp SRM old keys
https://melodos.com/eshop/
__________________
Decode and Conquer |
#42
|
||||
|
||||
1 make cert files
2 copy .sys in __mycertificatev3\DriverForSign and run __mycertificatev3\_signfilessys2_1st.cmd as signwizard put http://timestamp.sectigo.com results signed .sys 3 edit date in .inf LL/DD/YYYY 4 copy .sys and .ini in C:\__inf2cat\DriverForCat 5 run C:\__inf2cat\_makei2cw8.cmd copy .cat, .inf and signed .sys in __mycertificatev3\DriverForSign and run __mycertificatev3\_signfilessys2_2nd.cmd as signwizard put http://timestamp.sectigo.com results signed .cat
__________________
Decode and Conquer |
#43
|
|||
|
|||
I've gathered all certs + nearby files over here https://workupload.com/file/YZLvJAj46uS
|
The Following User Gave Reputation+1 to sendersu For This Useful Post: | ||
niculaita (11-05-2024) |
The Following User Says Thank You to sendersu For This Useful Post: | ||
niculaita (11-05-2024) |
#44
|
||||
|
||||
in melodos code I found: this.m_FacadeProcessor = "http://timestamp.digicert.com;http://timestamp.globalsign.com/scripts/timstamp.dll;http://timestamp.comodoca.com/authenticode;http://tsa.starfieldtech.com";
AND: this.m_TaskProcessor = "http://timestamp.digicert.com;http://timestamp.globalsign.com/?signature=sha2;http://sha256timestamp.ws.symantec.com/sha256/timestamp;http://timestamp.comodoca.com?td=sha256";
__________________
Decode and Conquer |
#45
|
||||
|
||||
good sign certificates
Quote:
A tool please....!
__________________
Decode and Conquer |
Thread Tools | |
Display Modes | |
|
|