У меня есть два файла драйверов, которые, кажется, были подписаны правильно:
bobbarker@bobbarker-PC /cygdrive/c/Users/bobbarker/Desktop
$ ./SignTool.exe verify /kp /v /ph /d truecrypt.sys
Verifying: truecrypt.sys
Hash of file (sha1): 8562AC6F95298C1904DFC0B579C51CBB414D13C9
Signing Certificate Chain:
Issued to: AddTrust External CA Root
Issued by: AddTrust External CA Root
Expires: Sat May 30 05:48:38 2020
SHA1 hash: 02FAF3E291435468607857694DF5E45B68851868
Issued to: COMODO RSA Certification Authority
Issued by: AddTrust External CA Root
Expires: Sat May 30 05:48:38 2020
SHA1 hash: F5AD0BCC1AD56CD150725B1C866C30AD92EF21B0
Issued to: COMODO RSA Code Signing CA
Issued by: COMODO RSA Certification Authority
Expires: Mon May 08 18:59:59 2028
SHA1 hash: B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Issued to: Jason Pyeron
Issued by: COMODO RSA Code Signing CA
Expires: Wed Sep 16 18:59:59 2015
SHA1 hash: 535A507A767922BE8C9BF959BCD2179DE626AAA4
The signature is timestamped: Tue Dec 30 00:29:01 2014
Timestamp Verified by:
Issued to: Thawte Timestamping CA
Issued by: Thawte Timestamping CA
Expires: Thu Dec 31 18:59:59 2020
SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656
Issued to: Symantec Time Stamping Services CA - G2
Issued by: Thawte Timestamping CA
Expires: Wed Dec 30 18:59:59 2020
SHA1 hash: 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Issued to: Symantec Time Stamping Services Signer - G4
Issued by: Symantec Time Stamping Services CA - G2
Expires: Tue Dec 29 18:59:59 2020
SHA1 hash: 65439929B67973EB192D6FF243E6767ADF0834E4
Cross Certificate Chain:
Issued to: Microsoft Code Verification Root
Issued by: Microsoft Code Verification Root
Expires: Sat Nov 01 08:54:03 2025
SHA1 hash: 8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3
Issued to: AddTrust External CA Root
Issued by: Microsoft Code Verification Root
Expires: Tue Aug 15 15:36:30 2023
SHA1 hash: A75AC657AA7A4CDFE5F9DE393E69EFCAB659D250
Issued to: COMODO RSA Certification Authority
Issued by: AddTrust External CA Root
Expires: Sat May 30 05:48:38 2020
SHA1 hash: F5AD0BCC1AD56CD150725B1C866C30AD92EF21B0
Issued to: COMODO RSA Code Signing CA
Issued by: COMODO RSA Certification Authority
Expires: Mon May 08 18:59:59 2028
SHA1 hash: B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Issued to: Jason Pyeron
Issued by: COMODO RSA Code Signing CA
Expires: Wed Sep 16 18:59:59 2015
SHA1 hash: 535A507A767922BE8C9BF959BCD2179DE626AAA4
Successfully verified: truecrypt.sys
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
bobbarker@bobbarker-PC /cygdrive/c/Users/bobbarker/Desktop
$ ./SignTool.exe verify /kp /v /ph /d truecrypt-x64.sys
Verifying: truecrypt-x64.sys
Hash of file (sha1): 5B9B534E682A8768F404B1A1CBFD9ACC98B8E195
Signing Certificate Chain:
Issued to: AddTrust External CA Root
Issued by: AddTrust External CA Root
Expires: Sat May 30 05:48:38 2020
SHA1 hash: 02FAF3E291435468607857694DF5E45B68851868
Issued to: COMODO RSA Certification Authority
Issued by: AddTrust External CA Root
Expires: Sat May 30 05:48:38 2020
SHA1 hash: F5AD0BCC1AD56CD150725B1C866C30AD92EF21B0
Issued to: COMODO RSA Code Signing CA
Issued by: COMODO RSA Certification Authority
Expires: Mon May 08 18:59:59 2028
SHA1 hash: B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Issued to: Jason Pyeron
Issued by: COMODO RSA Code Signing CA
Expires: Wed Sep 16 18:59:59 2015
SHA1 hash: 535A507A767922BE8C9BF959BCD2179DE626AAA4
The signature is timestamped: Tue Dec 30 00:28:52 2014
Timestamp Verified by:
Issued to: Thawte Timestamping CA
Issued by: Thawte Timestamping CA
Expires: Thu Dec 31 18:59:59 2020
SHA1 hash: BE36A4562FB2EE05DBB3D32323ADF445084ED656
Issued to: Symantec Time Stamping Services CA - G2
Issued by: Thawte Timestamping CA
Expires: Wed Dec 30 18:59:59 2020
SHA1 hash: 6C07453FFDDA08B83707C09B82FB3D15F35336B1
Issued to: Symantec Time Stamping Services Signer - G4
Issued by: Symantec Time Stamping Services CA - G2
Expires: Tue Dec 29 18:59:59 2020
SHA1 hash: 65439929B67973EB192D6FF243E6767ADF0834E4
Cross Certificate Chain:
Issued to: Microsoft Code Verification Root
Issued by: Microsoft Code Verification Root
Expires: Sat Nov 01 08:54:03 2025
SHA1 hash: 8FBE4D070EF8AB1BCCAF2A9D5CCAE7282A2C66B3
Issued to: AddTrust External CA Root
Issued by: Microsoft Code Verification Root
Expires: Tue Aug 15 15:36:30 2023
SHA1 hash: A75AC657AA7A4CDFE5F9DE393E69EFCAB659D250
Issued to: COMODO RSA Certification Authority
Issued by: AddTrust External CA Root
Expires: Sat May 30 05:48:38 2020
SHA1 hash: F5AD0BCC1AD56CD150725B1C866C30AD92EF21B0
Issued to: COMODO RSA Code Signing CA
Issued by: COMODO RSA Certification Authority
Expires: Mon May 08 18:59:59 2028
SHA1 hash: B69E752BBE88B4458200A7C0F4F5B3CCE6F35B47
Issued to: Jason Pyeron
Issued by: COMODO RSA Code Signing CA
Expires: Wed Sep 16 18:59:59 2015
SHA1 hash: 535A507A767922BE8C9BF959BCD2179DE626AAA4
Successfully verified: truecrypt-x64.sys
Number of files successfully Verified: 1
Number of warnings: 0
Number of errors: 0
bobbarker@bobbarker-PC /cygdrive/c/Users/bobbarker/Desktop
$
Но когда я пытаюсь установить их, я получаю дредированную ошибку:
Windows не может проверить цифровую подпись для этого файла. В результате недавнего изменения оборудования или программного обеспечения мог быть установлен файл с неправильной подписью или поврежденный, либо это могло быть вредоносное ПО из неизвестного источника.
Я размещены файлы в вопросе, вместе с соответствующими сертификатами. Я создаю файлы с помощью следующей команды:
for i in *.sys; do
cp "$i" "$i".presignbak && \
/cygdrive/c/WinDDK/7600.16385.1/bin/amd64/SignTool.exe sign /v /ac AddTrust_External_CA_Root-srosssigned-by-Microsoft.crt /f signkey.pfx /p password /t http://timestamp.verisign.com/scripts/timstamp.dll "$i" ;
done
Мой cert использует алгоритм подписи: sha256WithRSAEncryption
Что мне попробовать дальше?
