[cifs-protocol] [REG:116102514847681]: [MS-PAR] Q 1/2 3.1.4.2.7 RpcAsyncInstallPrinterDriverFromPackage; performing additional validation steps
Andreas Schneider
asn at samba.org
Thu Nov 24 13:16:09 UTC 2016
On Tuesday, 22 November 2016 06:30:20 CET Edgar Olougouna wrote:
> Andreas,
> The drivers are generally signed through Windows Hardware Dev Center
> Dashboard. This is normally achieved through WHQL program. From my
> understanding, in Windows, print driver certificate verification is done
> through some generic setup API call. At the moment, I am planning to
> explore SignTool and see what calls it makes.
>
> For the other question, I don't think there is a specific MS-PAR call that
> creates the cabinet file in the PCC directory.
>
> Using SignTool to Verify a File Signature
> https://msdn.microsoft.com/en-us/library/windows/desktop/aa388171(v=vs.85).a
> spx
>
> SignTool
> https://msdn.microsoft.com/en-us/library/windows/desktop/aa387764(v=vs.85).a
> spx
Edgar,
I finally found out how this is working.
The Catalog file includes all intermediate certificates. You just need one of
the Microsoft Root Certificate to verify the chain.
The one I was looking for was included and it had the URL where you can find
it online too:
http://www.microsoft.com/pki/CRL/products/Microsoft%20Windows%20Hardware
%20Compatibility%20PCA(1).crl
This issue is solved now. Thanks for your help.
Andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the cifs-protocol
mailing list