On Thursday, July 1, 2021 at 5:07:36 PM UTC+3, Michael S wrote:
For many years I didn't touch Windows kernel mode.
But recently we had a problem - a certain SBC that we used to use in one of our products is no longer available and the most suitable replacement does not support 32-bit variants of Windows OS.
So I had to provide a 64-bit driver.
At the beginning it was easy - a theory of "just recompile" worked. All 3 drivers were functional at first try.
But then came the trouble of dealing with mandatory signing.
I did extensive search in various Microsoft's documents, but was unable to locate the official list of signing providers which are considered good enough for signing KMDF drivers for Win10 IOT*. In the distant past I knew that there is Verisign, which
was expensive, but at least people could be sure that their signs are accepted by Microsoft. Today, it seems, Verisign is no longer in the racket of code signing. If not Verisign then who?
* - BTW, Win10 IOT is extremely stupid name. Our device has nothing to do with Internet, either of things or of nothings. The previous name, Windows Embedded was non-ideal, but far saner.
After further reading it seems that the question is no longer relevant. Starting from yesterday all new kernel drivers have to be signed by the Microsoft through the Hardware Dev Center.
Now I have to figure out what is Hardware Certification and what is Attestation and if I have any chance of either.
All to have driver that we wrote to be loaded on computer we own and fully control.
But the general direction is clear - Microsoft is no longer interested in Windows being open lab or industrial platform.
They want to be Apple. That is, Microsoft always wanted to be Apple, but today they want it more than ever.
Which means that we should seriously consider leaving Windows. Of course, Linux is also a pain, because of GPL,
but, may be, with new Windows signing requirements it's already a lesser pain. --- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)