[cifs-protocol] [REG:116102514847681]: [MS-PAR] Q 1/2 RpcAsyncInstallPrinterDriverFromPackage; performing additional validation steps

Andreas Schneider asn at samba.org
Thu Nov 24 13:16:09 UTC 2016

On Tuesday, 22 November 2016 06:30:20 CET Edgar Olougouna wrote:
> Andreas,
> The drivers are generally signed through Windows Hardware Dev Center
> Dashboard. This is normally achieved through WHQL program. From my
> understanding, in Windows, print driver certificate verification is done
> through some generic setup API call. At the moment, I am planning to
> explore SignTool and see what calls it makes.
> For the other question, I don't think there is a specific MS-PAR call that
> creates the cabinet file in the PCC directory.
> Using SignTool to Verify a File Signature
> https://msdn.microsoft.com/en-us/library/windows/desktop/aa388171(v=vs.85).a
> spx
> SignTool
> https://msdn.microsoft.com/en-us/library/windows/desktop/aa387764(v=vs.85).a
> spx


I finally found out how this is working.

The Catalog file includes all intermediate certificates. You just need one of 
the Microsoft Root Certificate to verify the chain.

The one I was looking for was included and it had the URL where you can find 
it online too:


This issue is solved now. Thanks for your help.


Andreas Schneider                   GPG-ID: CC014E3D
Samba Team                             asn at samba.org

More information about the cifs-protocol mailing list