我正在了解WFP / Inspect kmdf。我正在使用VS2017。到目前为止,我已经成功构建了自己的kmdf:
------ Rebuild All started: Project: inspect, Configuration: Win10 Debug x64 ------
Building 'inspect' with toolset 'WindowsKernelModeDriver10.0' and the 'Desktop' target platform.
Stamping x64\Win10Debug\inspect.inf
Stamping [Version] section with DriverVer=08/25/2018,20.7.57.345
...
inspect.vcxproj -> D:\sys\x64\Win10Debug\inspect.sys
Done Adding Additional Store
Successfully signed: D:\sys\x64\Win10Debug\inspect.sys
........................
Signability test complete.
Errors:
None
Warnings:
None
Catalog generation complete.
D:\sys\x64\Win10Debug\inspect\inspect.cat
Done Adding Additional Store
Successfully signed: x64\Win10Debug\inspect\inspect.cat
Done building project "inspect.vcxproj".
========== Rebuild All: 1 succeeded, 0 failed, 0 skipped ==========
在VS中的“驱动程序签名->常规”选项中,我有以下内容(附有屏幕截图):
Sign mode : Test Sign
Test Certificate : here I have generated Test certificate
Cross-Signing Certificate: cert AddTrust External CA Root obtained from https://docs.microsoft.com/pl-pl/windows-hardware/drivers/install/cross-certificates-for-kernel-mode-code-signing
File Digest Algorithm: SHA256
所以我有4个文件
25.08.2018 20:08 2 332 inspect.cat
25.08.2018 20:08 792 inspect.cer
25.08.2018 20:07 2 312 inspect.inf
25.08.2018 20:08 100 344 inspect.sys
c:\Program Files (x86)\Windows Kits\10\bin\x64>certmgr.exe /add D:\sys\x64\Win10Debug\inspect\inspect.cer /s /r localMachine root
CertMgr Succeeded
c:\Program Files (x86)\Windows Kits\10\bin\x64>certmgr.exe /add D:\sys\x64\Win10Debug\inspect\inspect.cer /s /r localMachine trustedpublisher
CertMgr Succeeded
我正在安装(rmb-> install)inspect.inf。之后,当我跑步时:
net start inspect
我要
Windows无法验证此文件的数字签名。最近的硬件或软件更改可能安装了签名错误或损坏的文件,或者可能是来自未知来源的恶意软件。
由于我是该领域的新手(KMDF),有人可以指出我在哪里可以找到问题吗?我忘了做某事吗?