Brian_Mc

I have an application with a couple dll's, and inside one of the dll's I have a couple drivers (one 32bit sys, and one 64bit sys). I have a manifest file to run with elevated priviledge levels due to my driver requirements. When I run my app, it checks the OS and determines which driver to deploy. I have verified that the correct driver is being deployed where I need and expect it to be. My app works as expected on other x64 versions of XP and 2003, and appears to work correctly on a couple of the x86 versions of Vista, but Vista x64 is causing me problems.

I've read through the various documents on signing drivers and dll's, and I think I need to sign the drivers, the dll's, and the executable. I have a valid Verisign certificate, and used it to sign all my components, but when I run my app on Vista x64, I get an error (verified in the event viewer) stating the hash signature for the driver is either not correct or has become corrupt. When I check the signature of my driver, it shows it as being valid.

Did I miss something in how I need to sign the various parts of my app Would the elevated execution level requirement cause something like this Does anybody have suggestion on where I should start in trying to resolve this issue

Thanks for your time,

Brian



Re: Application Compatibility for Windows Vista signing of dynamically deployed driver

Bruce N. Baker - MSFT

Is your driver for 64 bit an actual 64 bit driver or are you just using a 32 bit driver Vista only support 64 bit drivers on 64 bit os and they have to be signed.




Re: Application Compatibility for Windows Vista signing of dynamically deployed driver

Brian_Mc

Thanks for the reply Bruce.

My driver is 64 bit, and my app works fine if I hit F8 and select Disable Driver Signing Enforcement, but only for one execution (I can't re-run the app if I close and reopen it). This same driver works fine on XP x64 and 2003 x64.

I tried using my standard Verisign certificate to digitally sign the driver (the same one I use to sign the final .msi package), and if I check the properties of driver while the app is trying to load, it has my signature on it. However, the Event Viewer tells me the hash on the driver is corrupt. I guess I'm trying to figure out if I misunderstood the requirements for signing drivers.

- Brian





Re: Application Compatibility for Windows Vista signing of dynamically deployed driver

Maarten van de Bospoort MSFT

Signing a driver is a little different than just signing a binary. See the WHQL site for more details:

http://www.microsoft.com/whdc/winlogo/drvsign/kmcs_walkthrough.mspx