[ofw] Failing Server 2008/Vista mthca.sys driver install

Smith, Stan stan.smith at intel.com
Mon Sep 8 16:14:40 PDT 2008 

Anatoly Greenblatt wrote:
> Hi Stan,
>
> I think you missed Verisign's cross-certificate: MSCV-VSClass3.cer.
>
>         for %%f in ( *.sys ) do (
>             signtool sign /v /ac MSCV-VSClass3.cer /n "Voltaire" %TS%
> %%f

Yes, in order for kernel mode drivers to install, the trust chain needs to terminate @ Microsoft.

Thank you.

Stan.
>
> Regards,
> Anatoly.
>
> -----Original Message-----
> From: ofw-bounces at lists.openfabrics.org
> [mailto:ofw-bounces at lists.openfabrics.org] On Behalf Of Smith, Stan
> Sent: Saturday, September 06, 2008 03:23
> To: ofw at lists.openfabrics.org
> Subject: [ofw] Failing Server 2008/Vista mthca.sys driver install
>
> Hi,
>   Does this error condition make sense to anyone? The driver .sys
> files verifies with the .cat file. Installer thinks everything is OK.
> Deep down in the basement of Event viewer->code integrity I find the
> following.
> Any clues to the real error here; seen this before?
>
> Thanks,
>
> Stan.
>
> PS: Server 2003 & XP install the drivers just fine.
>
>
> Log Name:      Microsoft-Windows-CodeIntegrity/Operational
> Source:        Microsoft-Windows-CodeIntegrity
> Date:          9/5/2008 2:20:57 PM
> Event ID:      3004
> Task Category: (1)
> Level:         Error
> Keywords:
> User:          SYSTEM
> Computer:      CN07
> Description:
> Windows is unable to verify the image integrity of the file
> \Device\HarddiskVolume1\Windows\System32\drivers\mthca.sys
> because file hash could not be found on the system. A recent hardware
> or software change
> might have installed a file that is signed incorrectly or damaged, or
> that might be
> malicious software from an unknown source.
> Event Xml:
> <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
>   <System>
>     <Provider Name="Microsoft-Windows-CodeIntegrity"
> Guid="{4ee76bd8-3cf4-44a0-a0ac-3937643e37a3}" />
>     <EventID>3004</EventID>
>     <Version>0</Version>
>     <Level>2</Level>
>     <Task>1</Task>
>     <Opcode>104</Opcode>
>     <Keywords>0x8000000000000000</Keywords>
>     <TimeCreated SystemTime="2008-09-05T21:20:57.125Z" />
>     <EventRecordID>44</EventRecordID>
>     <Correlation />
>     <Execution ProcessID="4" ThreadID="72" />
>     <Channel>Microsoft-Windows-CodeIntegrity/Operational</Channel>
>     <Computer>CN07</Computer>
>     <Security UserID="S-1-5-18" />
>   </System>
>   <EventData>
>     <Data Name="FileNameLength">58</Data>
>     <Data
> Name="FileNameBuffer">\Device\HarddiskVolume1\Windows\System32\drivers\m
> thca.sys</Data>
>   </EventData>
> </Event>
>
> How mthca.cat was signed.
>
> Cross cert generation: .pvk + .spc + password -->
> WinOF_Software_Pub.pfx
>
> .pfx file added to the Personal certificate store of the local
> computer that signs the driver.
>
> %CD%=wlh\bin\bin\HCA - amd64 contains all files referenced by
> mthca.inf for x64 install
>
> inf2cat /driver:%CD%\amd64 /os:Server2008_X64,Vista_X64
>
> set TS=/t http://timestamp.verisign.com/scripts/timstamp.dll
>
> signtool sign /a /f WinOF_Software_Pub.pfx /p xxx %TS% mthca.cat
>
> signtool verify /kp /v /c mthca.cat mthca.sys
>
> Verifying: mthca.sys
> File is signed in catalog: mthca.cat
> Signing Certificate Chain:
>     Issued to: Class 3 Public Primary Certification Authority
>     Issued by: Class 3 Public Primary Certification Authority
>     Expires:   8/1/2028 4:59:59 PM
>     SHA1 hash: 742C3192E607E424EB4549542BE1BBC53E6174E2
>
>         Issued to: VeriSign Class 3 Code Signing 2004 CA
>         Issued by: Class 3 Public Primary Certification Authority
>         Expires:   7/15/2014 4:59:59 PM
>         SHA1 hash: 197A4AEBDB25F0170079BB8C73CB2D655E0018A4
>
>             Issued to: OpenFabrics Alliance
>             Issued by: VeriSign Class 3 Code Signing 2004 CA
>             Expires:   8/20/2009 4:59:59 PM
>             SHA1 hash: 50AEA9397BD672F24FE4B15CF6461FED5E8EA270
>
> The signature is timestamped: 9/5/2008 11:07:04 AM
> Timestamp Verified by:
>     Issued to: Thawte Timestamping CA
>     Issued by: Thawte Timestamping CA
>     Expires:   12/31/2020 4:59:59 PM
>     SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656
>
>         Issued to: VeriSign Time Stamping Services CA
>         Issued by: Thawte Timestamping CA
>         Expires:   12/3/2013 4:59:59 PM
>         SHA1 hash: F46AC0C6EFBB8C6A14F55F09E2D37DF4C0DE012D
>
>             Issued to: VeriSign Time Stamping Services Signer - G2
>             Issued by: VeriSign Time Stamping Services CA
>             Expires:   6/14/2012 4:59:59 PM
>             SHA1 hash: ADA8AAA643FF7DC38DD40FA4C97AD559FF4846DE
>
> Successfully verified: mthca.sys
>
> Number of files successfully Verified: 1
> Number of warnings: 0
> Number of errors: 0
> _______________________________________________
> ofw mailing list
> ofw at lists.openfabrics.org
> http://lists.openfabrics.org/cgi-bin/mailman/listinfo/ofw

More information about the ofw mailing list