#1
|
||||
|
||||
Have fun (free kcms...)
this is not source but... expires soon.
have fun with the free kernel mode signing certificate. example usage: Code:
"C:\Program Files (x86)\Windows Kits\8.0\bin\x64\signtool.exe" sign C17761DD3B2FCCB2AF39A7A6D888AE6E646637F1 /ac C:\Certs\thawte.cer /ph /fd SHA256 /v /tr http://sha256timestamp.ws.symantec.com/sha256/timestamp
__________________
Best Wishes, Fyyre -- https://github.com/Fyyre Last edited by Fyyre; 03-01-2018 at 11:20. |
The Following 4 Users Say Thank You to Fyyre For This Useful Post: | ||
#2
|
|||
|
|||
This is a code signing certificate, no kernel mode signing certificate.
Code:
signtool sign /ac thawte.cer /ph /fd SHA256 /v /tr http://sha256timestamp.ws.symantec.com/sha256/timestamp driver.sys The following certificate was selected: Issued to: YD Online Corp. Issued by: thawte SHA256 Code Signing CA Expires: Tue May 15 00:59:59 2018 SHA1 hash: C17761DD3B2FCCB2AF39A7A6D888AE6E646637F1 Cross certificate chain (using machine store): Issued to: Microsoft Code Verification Root Issued by: Microsoft Code Verification Root Expires: Sat Nov 01 14:54:03 2025 SHA1 hash: 8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3 Issued to: thawte Primary Root CA Issued by: Microsoft Code Verification Root Expires: Mon Feb 22 20:41:57 2021 SHA1 hash: 5538E9FEC14030B740152349E115A1165D29074A Issued to: thawte SHA256 Code Signing CA Issued by: thawte Primary Root CA Expires: Sun Dec 10 00:59:59 2023 SHA1 hash: D00CFDBF46C98A838BC10DC4E097AE0152C461BC Issued to: YD Online Corp. Issued by: thawte SHA256 Code Signing CA Expires: Tue May 15 00:59:59 2018 SHA1 hash: C17761DD3B2FCCB2AF39A7A6D888AE6E646637F1 Done Adding Additional Store Successfully signed: driver.sys Number of files successfully Signed: 1 Number of warnings: 0 Number of errors: 0 Code:
signtool verify driver.sys Successfully verified: driver.sys Code:
signtool verify /pa driver.sys Successfully verified: driver.sys Code:
signtool verify /kp driver.sys SignTool Error: The signing certificate is not valid for the requested usage. Code:
net start driver System error 577 has occurred. Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. |
The Following User Says Thank You to Kerlingen For This Useful Post: | ||
vic4key (03-04-2018) |
#3
|
|||
|
|||
Code signing certificates are not so hard to obtain. But authenticode/kernel driver signing certificates require a bit of paperwork and checks.
|
#4
|
||||
|
||||
Odd. Loads the drivers I signed with it just fine.
Quote:
__________________
Best Wishes, Fyyre -- https://github.com/Fyyre |
#5
|
|||
|
|||
Certificate only available to VIP ?
|
|
|