Code-Signing on WM6.1 Drivers_问答_开发者_运维开发者技术经验分享

I've already asked similar question on this issue on stack overflow already, but I believe this part of the issue can be separated into a new question.

I've not done mobile development before so the use of signing and certificates is a new concept to me, and for all the reading of topics I have done, its not really improved my knowledge as each website I read talks only about a small part of signing, not the complete process, and piecing it all together has been difficult.

The issue I have is my driver is not been loaded at startup on WM6.1. Its a driver for GPS so needs to be loaded so its available to any GPS software accessible on a COM port. I believe this is due to a signing issue, given that the DllMain method is never called.

I have been given a privileged certificate (.pfx) to use, and for the record have also got the new (Jan 2010) SDKSamplePrivDeveloper certificate as well. I assume a privileged certificate is needed for drivers.

So what have I actually done. I've tried atleast several variations on this over the last 4-5 days all with no success.

In visual studio; 1)The DLL project has authenticode signing set to our .pfx certificate. Build the project.

2)The CABWizard project has authenticode set to the same certificate. Build the project.

3)Following the MSDN instructions... Converted the .pfx into a 509 Base64 Certificate, and created an XML provisioning file from it.. It has been created into its own CAB Or CPF file. And also tried provisioning the _setup.xml file into the previously created CAB file so its installed with the application.

4)I have installed these onto the device, and whilst the driver does work in our test app it does not load at boot even though its registry settings in "BuiltIn" are correct. When checking the certificate stores in the registry I can see the certificate added to the SPC, Root, Privileged and Unprivileged stores. And when using System|Certificates I can see the certificate in Root tab. So they have definitely been added.

Given the above did not work. I have also tried the siggner.exe tool from http://www.modaco.com/content/i8000-verizon-sch-i920-omnia-ii-http-i8000-modaco-com/306870/sdkcerts-2010-and-signing-tool/ with the SDKSamplePrivDeveloper certificate.

1)The Dll project has authenticode signing set to No. Build the project.

2)Load up siggner.exe and sign the Dll file with SDKSamplePrivDeveloper.cer.

3)The CABWizard project has authenticode set to No. Build the project.

4)Load up siggner.exe and sign the cab file w开发者_如何学JAVAith SDKSamplePrivDeveloper.cer.

5) Use NewSDKCerts.Cab to install the SDKSamplePrivDeveloper certificate into the stores.

6) Install the CAB file i created with the driver.

7) Again, on a warm reboot the driver is not loaded at boot into device.exe.

Given the above, can anyone give me some clear instructions on a sure fire way to load the driver at startup. I'm obviously doing something wrong with the signing given this does boot up without an issue in Windows CE5. I know the device driver code is OK as I can activate it manually in code with ActiviateDevice() method in WM6.1.

Edit--

It maybe worth adding, I also created a DLL and CAB with no signing at all. And on a clean boot of the OS it installed without complaining. Whilst still not loading at boot I did expect warnings about the CAB and DLL been unsigned.

The reason for driver failure, was not a certificate issue.

The driver was originally self contained and also contained some GUI code, and has since expanded. A library used to make the application full-screen was not available at start up so it silently failed with a dependency issue.

This has currently been resolved with a start-up application loading later to wake up the driver, once the library is available. A proper solution to be added is late loading of the required library to prevent a dependency failure.

Driver signing was also an issue in a related matter with this driver. We now have a certificate from the manufacturer to sign drivers so that issue was resolved as well.