[cifs-protocol] [REG:116102514847681]: [MS-PAR] Q 1/2 3.1.4.2.7 RpcAsyncInstallPrinterDriverFromPackage; performing additional validation steps
Edgar Olougouna
edgaro at microsoft.com
Tue Nov 22 06:30:20 UTC 2016
Andreas,
The drivers are generally signed through Windows Hardware Dev Center Dashboard. This is normally achieved through WHQL program.
>From my understanding, in Windows, print driver certificate verification is done through some generic setup API call.
At the moment, I am planning to explore SignTool and see what calls it makes.
For the other question, I don't think there is a specific MS-PAR call that creates the cabinet file in the PCC directory.
Using SignTool to Verify a File Signature
https://msdn.microsoft.com/en-us/library/windows/desktop/aa388171(v=vs.85).aspx
SignTool
https://msdn.microsoft.com/en-us/library/windows/desktop/aa387764(v=vs.85).aspx
Driver Signing changes in Windows 10
https://blogs.msdn.microsoft.com/windows_hardware_certification/2015/04/01/driver-signing-changes-in-windows-10/
Windows Hardware Developer Center Dashboard portal
https://developer.microsoft.com/en-us/windows/hardware
https://developer.microsoft.com/windows/hardware/dashboard-sign-in
Thanks,
Edgar
-----Original Message-----
From: Andreas Schneider [mailto:asn at samba.org]
Sent: Monday, November 14, 2016 9:54 AM
To: Edgar Olougouna <edgaro at microsoft.com>
Cc: cifs-protocol at lists.samba.org; MSSolve Case Email <casemail at microsoft.com>
Subject: Re: [REG:116102514847681]: [MS-PAR] Q 1/2 3.1.4.2.7 RpcAsyncInstallPrinterDriverFromPackage; performing additional validation steps
On Monday, 14 November 2016 07:23:35 CET Edgar Olougouna wrote:
> Andreas,
Hello Edgar,
> Here is and update to this set of questions:
Thank you very much for the update!
> c) whether there is any requirement for checksum verification of the
> Microsoft catalog file (driver.cat)?
>
> Both Windows Client and Server do the checksum validation before
> installing the driver.
To be able to veriy the cat file (Microsoft Catalog File) we need the public certificate "Microsoft Windows Hardware Compatibility PCA".
This is not available for download.
See also "Verify Microsoft Catalog Files" on [cifs-protocol] mailinglist.
https://lists.samba.org/archive/cifs-protocol/2016-October/002953.html
Could we get a copy of that public certificate?
> d) At what step should the server generate the Print Driver Package
> (cabinet file)?
>
> Can you elaborate on this question? Isn't the driver package stored
> when the driver is added to the print server?
The client uploads normally a lot of files. As an example, the "HP Universial Printing Driver" uploads:
smbclient //WINSRV-DC02/print$ -U Administrator%Secret007!
Domain=[EARTH] OS=[Windows Server 2012 R2 Standard 9600] Server=[Windows Server 2012 R2 Standard 6.3]
smb: \> ls
. D 0 Thu Aug 22 16:50:22 2013
.. D 0 Thu Aug 22 16:50:22 2013
color D 0 Thu Aug 22 17:39:39 2013
IA64 D 0 Thu Aug 22 16:50:22 2013
W32X86 D 0 Mon Nov 14 16:30:42 2016
x64 D 0 Mon Nov 14 16:41:02 2016
smb: \> cd x64\3
smb: \x64\3\> ls
. D 0 Mon Nov 14 16:41:02 2016
.. D 0 Mon Nov 14 16:41:02 2016
cioum.dll A 33008 Fri Aug 26 10:41:38 2016
cioum64.msi A 524288 Fri Aug 26 10:41:42 2016
FxCompChannel_x64.dll A 61168 Fri Aug 26 10:42:00 2016
hpbcfgre.dll A 4169488 Tue Sep 13 14:25:00 2016
hpbdrvjct1004.dll A 899496 Fri Aug 26 10:41:50 2016
hpbuio64.dll A 1400776 Tue Sep 13 14:25:06 2016
hpbuiodm64.dll A 829384 Tue Sep 13 14:25:08 2016
hpcc6190.dll A 514800 Fri Aug 26 10:42:26 2016
hpcdmc64.dll A 1762216 Fri Aug 26 10:42:40 2016
hpcev190.dll A 819112 Fri Aug 26 10:42:24 2016
...
<I shortened the list>
After the upload one of the MS-PAR calls also creates a cabinet file in the PCC directory.
smb: \x64\PCC\> ls
. D 0 Mon Nov 14 16:41:08 2016
.. D 0 Mon Nov 14 16:41:08 2016
hpcu190v.inf_amd64_118eb781e276744c.cab A 20945052 Mon Nov 14 16:41:08
2016
Which MS-PAR call does create the cabinet file in the PCC directory?
Best regards,
Andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the cifs-protocol
mailing list