Would you consider signing the drivers?

Anything about GOverlay and the devices supported

Would you consider signing the drivers?

Postby kbal » Sat Sep 29, 2018 9:21 am

Get signer.exe and makecert.exe (from Windows SDK, can copy them some place and remove SDK afterwards as the tools are stand-alone).

https://docs.microsoft.com/en-us/dotnet/framework/tools/signtool-exe
https://docs.microsoft.com/en-us/windows/desktop/seccrypto/makecert

Create a `sign.bat` file:
Code:
Code: Select all
@echo off &title SelfSign helper &pushd %~dp0
dir /b *.sys;*.dll;*.exe;*.inf &echo.

set/p file="Enter filename to self-sign:"

del /f/q _CA.cer >2nul &del /f/q _SS.cer >2nul
makecert -r -pe -b 03/03/2018 -e 03/03/2019 -sky signature -cy authority -ss CA -n "CN=%COMPUTERNAME% %USERNAME% Selfsigning" _CA.cer
makecert -pe -b 03/03/2018 -e 03/03/2019 -sky signature -cy end -is CA -ic _CA.cer -ss CA -n "CN=%COMPUTERNAME% %USERNAME% App" _SS.cer
signtool sign /a /s CA /n "%COMPUTERNAME% %USERNAME% App" /t http://timestamp.verisign.com/scripts/timstamp.dll /d %file% %file%
echo.
echo Press any key to import self-signed certificates now, or click [X] to quit
pause>nul
certutil -addstore -f -user Root _CA.cer
rem certutil -addstore -f -user Intermediate _CA.cer
certutil -addstore -f -user Intermediate _SS.cer
rem certutil -addstore -f -user Personal _SS.cer
echo Done. to manage certificates, use: certmgr.msc
pause
exit

Place all files in the same folder with your unsigned file, run the script as administrator - it will do everything for you, just follow instructions.

Note that depending on your driver you might need to also run the signing tools over the inf/cat (see "catdb" option in documentation for signtool) - but that's usually for vga and storage drivers, you might get away without it.

kbal
 
Posts: 18
Joined: Sat Mar 21, 2015 12:53 pm

Re: Would you consider signing the drivers?

Postby TheLaGmAn » Mon Oct 01, 2018 2:52 pm

Had some issues signing the driver without having the user install certificates, but do contact me to support@goverlay.com if you are willing to shed some light into it
User avatar
TheLaGmAn
Site Admin
 
Posts: 967
Joined: Wed Feb 26, 2014 8:32 pm

Re: Would you consider signing the drivers?

Postby kbal » Wed Oct 03, 2018 8:40 pm

TheLaGmAn wrote:Had some issues signing the driver without having the user install certificates, but do contact me to support@goverlay.com if you are willing to shed some light into it


Hi, I haven't signed any drivers yet.
I think you need to generate .cer file so we can import it before the install. At least this is how I think Fernando at win-raid (Usb 3 modded drivers) does it.
I just saw a thread on mydigitallife about unsigned drivers and I thought I'd mention it here.

kbal
 
Posts: 18
Joined: Sat Mar 21, 2015 12:53 pm

Re: Would you consider signing the drivers?

Postby korenchkin » Thu Dec 06, 2018 4:06 pm

hey!,
is there still reason to sign drivers? i had some troubles first,but then i found it works great with zadig in winusb mode,so why bother?
(its the new 3.5" display,but i would guess it should work with older display?)
i think it should be noted in faq with link to https://zadig.akeo.ie/

or am i missing something?works great for me

korenchkin
 
Posts: 7
Joined: Thu Dec 06, 2018 3:55 pm

Re: Would you consider signing the drivers?

Postby TheLaGmAn » Mon Dec 17, 2018 4:33 am

check this version to see if it allows to install the driver without hassle

viewtopic.php?f=3&t=724
User avatar
TheLaGmAn
Site Admin
 
Posts: 967
Joined: Wed Feb 26, 2014 8:32 pm

Re: Would you consider signing the drivers?

Postby kbal » Sat Jan 12, 2019 8:46 am

TheLaGmAn wrote:check this version to see if it allows to install the driver without hassle

viewtopic.php?f=3&t=724


I'm so sorry for missing your reply. The only PC related thing in the past month, was working on my custom case.

Image

Thank you for your great work, it's appreciated.

kbal
 
Posts: 18
Joined: Sat Mar 21, 2015 12:53 pm


Return to About GOverlay



Who is online

Users browsing this forum: Google [Bot] and 7 guests

cron