[Mono-list] signing drivers under Linux
Sebastien Pouliot
sebastien.pouliot at gmail.com
Wed Nov 11 08:27:45 EST 2009
On Tue, 2009-11-10 at 22:27 -0500, Mike Frysinger wrote:
> i have an open source package that can be entirely cross-compiled and
> packaged up for Windows, all from under Linux. i'm trying to now
> integrate some drivers and the last step is the code signing. this
> isnt strictly mono related, but some of the aspects are integrated
> into mono, so here i am.
>
> this process can be broken down into two steps:
> - inf2cat: create .cat file from .inf and executable files
> - signtool: sign the .cat and executable files (authenticode)
>
> while the signtool step was easy to convert via the signcode tool (and
> working around ASN limitations and verisign #316337), the inf2cat step
> isnt falling into place. the WDK version is a .NET program, so i
> figured it'd be easy to run through mono.
>
> after manually forcing all paths to lowercase, i ended up with:
> $ mono inf2cat.exe /driver:drivers/ /os:XP_X86,XP_X64
> ...............................................................
> Signability test complete.
>
> Errors:
> None
>
> Warnings:
> None
>
> wintrust.dll
> Signability test failed.
>
> stracing this shows that the host library paths are searched like so:
> ./
> /lib/
> /usr/lib/
> and it looks for {lib,}wintrust.{dll,so,la} ... maybe it's using
> libltdl ? at any rate, even after getting this file from a Windows
> system and sticking it into /usr/lib64/ temporarily, it still fails
> the same way (the strace output shows that it found & opened the dll
> in question). i'm not sure getting this tool to work isnt going to
> happen ...
Likely not. It's a .NET application but it pinvokes into wintrust.dll
where most of authenticode resides on Windows. You can use MoMA to
detect such things (and other stuff that will affect Mono
compatibility).
> has anyone else tried to do this kind of thing ? perhaps there is
> some util out there to create a .cat file easily ... but googling for
> things like "cat" or "inf" or "mono" doesnt really yield anything
> useful.
Both tools were not required for mono - so I never made managed
alternatives to them. I'm not aware of any either but if you find some
please email the list with them (it could prove useful to others too)
Sebastien
More information about the Mono-list
mailing list