kahotv

Forum Replies Created

Viewing 14 posts - 1 through 14 (of 14 total)
  • Author
    Posts
  • in reply to: about hck test #13867
    kahotv
    Participant

      I have made many attempts and finally found that after HCK testing, the. hck file obtained can be selected with these options after submission, which should solve this problem. (Actually, my HCK test failed, so my submission was rejected.)

      Hope it’s helpful to everyone。

      Requested Signatures:

      Windows Server 2008
      Windows Server 2008 X64
      Windows Vista Client
      Windows Vista Client X64
      Windows Server 2003
      Windows Server 2003 X64
      Windows XP
      Windows XP X64
      Windows 2000

      in reply to: about hck test #13861
      kahotv
      Participant

        I made a mistake, actually I used “/fd sha1”

        in reply to: about hck test #13859
        kahotv
        Participant

          Thank you, I may know the reason now. The previous certificate could directly sign the driver and run successfully. But after Microsoft banned it, this method no longer works. I noticed that the certificate used in the ndisrd demo will expire on August 25, 2024. Please try again with a new certificate when possible, and I suspect there will also be a 577 error.

          =======================================================

          The Microsoft Trusted Root Program no longer supports root certificates that have kernel mode signing capabilities.

          The Microsoft Trusted Root Program no longer supports root certificates that have kernel mode signing capabilities.

          For policy requirements, see Windows 10 Kernel Mode Code Signing Requirements.

          Existing cross-signed root certificates with kernel mode code signing capabilities will continue working until expiration. As a result, all software publisher certificates, commercial release certificates, and commercial test certificates that chain back to these root certificates also become invalid on the same schedule. To get your driver signed, first Register for the Windows Hardware Dev Center program.

          in reply to: about hck test #13858
          kahotv
          Participant

            signtool sign /f Mycert.cer /tr http://timestamp.digicert.com /td sha256 /fd sha256 /csp "eToken Base Cryptographic Provider" /k "[{{TokenPasswordHere}}]=KeyContainerNameHere" myfile.exe  

            The command I used to sign sys and cat files failed with error 577. I noticed that the certificate for the ndisrd demo will expire on August 25, 2024. Please try using your new certificate to see if it can run on Windows 7/8. I suspect that my situation is related to ‘The Microsoft Trusted Root Program no longer supports root certificates that have kernel mode significant capabilities’.

            in reply to: about hck test #13856
            kahotv
            Participant

              Excuse me, did the ndisrd demo not use HCK testing? It works successfully on Win7/8, but mine will prompt that the signature is invalid. Error 577 is reported when executing the command ‘sc start ndisrd’.

              in reply to: about hck test #13853
              kahotv
              Participant

                The main reason is that the CA of my certificate is not in the system’s trusted list and needs to be manually imported. I mistakenly thought that HCK testing was needed.

                in reply to: about hck test #13852
                kahotv
                Participant

                  Thank you, I succeeded! I just realized that sha1 signatures can still be used now.I don’t need an HCK test now.

                  in reply to: about hck test #13843
                  kahotv
                  Participant

                    My signature process may be non-standard, can you tell me about your signature process?

                    in reply to: about hck test #13842
                    kahotv
                    Participant

                      The last step cannot be done without additional signatures (only retaining Microsoft signatures)

                       

                      https://partner.microsoft.com/en-us/dashboard/hardware/driver/

                      Select All

                      Requested Signatures
                      Windows 10 Client versions 1506 and 1511 x64 (TH2)
                      Windows 10 Client version 1607 x64 (RS1)
                      Windows 10 Client version 1703 Client x64 (RS2)
                      Windows 10 Client version 1709 Client x64 (RS3)
                      Windows 10 Client version 1709 Client ARM64 (RS3)
                      Windows 10 Client version 1803 Client x64 (RS4)
                      Windows 10 Client version 1803 Client ARM64 (RS4)
                      Windows 10 Client version 1809 Client x64 (RS5)
                      Windows 10 Client version 1809 Client ARM64 (RS5)
                      Windows 10 19H1 Client x64
                      Windows 10 19H1 Client ARM64
                      Windows 10 Client version 2004 x64 (Vb)
                      Windows 10 Client version 2004 ARM64 (Vb)
                      Windows – Client, version 21H2 x64 (Co)
                      Windows – Client, version 21H2 ARM64 (Co)
                      Windows 11 Client, version 22H2 x64 (Ni)
                      Windows 11 Client, version 22H2 ARM64 (Ni)
                      Windows 11 Client, version 24H2 x64 (Ge)
                      Windows 11 Client, version 24H2 ARM64 (Ge)

                      in reply to: about hck test #13841
                      kahotv
                      Participant

                        I have a sha256 EA certificate, and the process is to compile it ->package it into. cab (only sign cab, not sys inside) ->submit it to “partner.microsoft.com”, download it back and attach a signature to sys. Is there a problem with this step? According to this process, netfiltersdk runs well on Win7/8/10/11, but ndisrd only runs on Win10/11, so I suspect HCK testing is needed.

                        in reply to: about hck test #13835
                        kahotv
                        Participant

                          On Win7/8, the sys I compiled myself can run successfully after disabling the system’s signature verification.

                          • This reply was modified 4 months, 1 week ago by kahotv.
                          in reply to: about hck test #13832
                          kahotv
                          Participant

                            The sys provided by you can run successfully

                            • This reply was modified 4 months, 1 week ago by kahotv.
                            in reply to: about hck test #13831
                            kahotv
                            Participant

                              The sys file I compiled myself did not undergo HCK testing and was submitted to Microsoft for signature using. cab. It can run normally on the Windows 10/11 platform, but it prompts that the signature is invalid on Windows 7/8.

                              • This reply was modified 4 months, 1 week ago by kahotv.
                              in reply to: About Developer License #13500
                              kahotv
                              Participant

                                Not renaming, I want to decompile and modify the code to add some features. Of course, it will not be used for secondary distribution, only for my own commercial products.

                              Viewing 14 posts - 1 through 14 (of 14 total)