How to check a driver is digitally signed through code?

TheMSsForum.com: The Microsoft Software Forum

Hello,
How does the driverquery.exe obtain info on a driver if it is digitally
signed?

Any help would be appreciated.

Thanks,
~ jiac
Top

Re: How to check a driver is digitally signed through code? by poohc1234

poohc1234
Fri Nov 18 15:16:37 CST 2005

Sorry, I meant to refresh the summit page but didn't know it would
re-sumbit the post.

Top

Re: How to check a driver is digitally signed through code? by Pavel

Pavel
Fri Nov 18 16:25:18 CST 2005

<poohc1234@yahoo.com> wrote in message news:1132347479.561695.49110@g47g2000cwa.googlegroups.com...
> Hello,
> How does the driverquery.exe obtain info on a driver if it is digitally
> signed?

First, it tries to find the INF file of the driver - because only the INF contains
list of all files in the _driver package_ and name of it's CAT file.
When it finds the INF, it calls some SetupAPI function that verifies the signature.
As you can see, all the "legacy" type drivers installed without INFs, are shown as
not signed.

Regards,
--PA


Top

Re: How to check a driver is digitally signed through code? by poohc1234

poohc1234
Fri Nov 18 17:03:31 CST 2005

Hello Pavel A,
Thank you for the reply.
About this comment " it calls some SetupAPI function that verifies the
signature"
Can you be kindly and tell me what they are, I looked over the list of
SetupApi's, and nothing pops up.

Thank you,
~jiac

Top

Re: How to check a driver is digitally signed through code? by pavel_a

pavel_a
Sun Nov 20 05:02:01 CST 2005

"poohc1234@yahoo.com" wrote:
> Hello Pavel A,
> Thank you for the reply.
> About this comment " it calls some SetupAPI function that verifies the
> signature"
> Can you be kindly and tell me what they are, I looked over the list of
> SetupApi's, and nothing pops up.
>
> Thank you,
> ~jiac

SetupVerifyInfFile

Regards,
--PA




Top

Re: How to check a driver is digitally signed through code? by poohc1234

poohc1234
Mon Nov 21 13:10:35 CST 2005

Please tell me what does the windows do for the following comment
gotten from MSDN.

"At driver installation, Windows inspects the INF to determine the name
of the catalog file, then finds the catalog file and verifies the
digital signature. For each file installed as part of the driver
package, the system verifies its checksum against the checksum listed
in the catalog file."

Like, in the device manager it would print out the digital signer. I
just want to get this info for some *.sys files. I don't want to
install the driver.

Thank you,
jiac

Top

Re: How to check a driver is digitally signed through code? by Pavel

Pavel
Mon Nov 21 17:40:13 CST 2005

<poohc1234@yahoo.com> wrote in message news:1132600235.658957.183000@g44g2000cwa.googlegroups.com...
> Please tell me what does the windows do for the following comment
> gotten from MSDN.
>
> "At driver installation, Windows inspects the INF to determine the name
> of the catalog file, then finds the catalog file and verifies the
> digital signature. For each file installed as part of the driver
> package, the system verifies its checksum against the checksum listed
> in the catalog file."

?? This text is quite clear.... just read it again...

> Like, in the device manager it would print out the digital signer. I
> just want to get this info for some *.sys files. I don't want to
> install the driver.

Ok. Again. The sys files carry NO signature on them. The signature is in the catalog (.cat) file.
The whole driver package of a device: INF, all sys and other files are signed by it.
So find the INF and call SetupVerifyInfFile on it.
This is what device manage does.
You can not verify random .sys files.

> Thank you,
> jiac
>


Top