[cifs-protocol] [REG:116102514847681]: [MS-PAR] Q 1/2 188.8.131.52.7 RpcAsyncInstallPrinterDriverFromPackage; performing additional validation steps
edgaro at microsoft.com
Fri Nov 25 05:43:44 UTC 2016
Thanks for confirming. Indeed the CRL URL would be of importance.
Testing signtool on a signed driver catalog file should reveal more detail how it works, then use Process Monitor and Network Monitor to see files that are opened and calls going on.
SignTool is in SDK, and would require Visual Studio to build.
From: Andreas Schneider [mailto:asn at samba.org]
Sent: Thursday, November 24, 2016 7:16 AM
To: Edgar Olougouna <edgaro at microsoft.com>
Cc: cifs-protocol at lists.samba.org; MSSolve Case Email <casemail at microsoft.com>
Subject: Re: [REG:116102514847681]: [MS-PAR] Q 1/2 184.108.40.206.7 RpcAsyncInstallPrinterDriverFromPackage; performing additional validation steps
On Tuesday, 22 November 2016 06:30:20 CET Edgar Olougouna wrote:
> The drivers are generally signed through Windows Hardware Dev Center
> Dashboard. This is normally achieved through WHQL program. From my
> understanding, in Windows, print driver certificate verification is
> done through some generic setup API call. At the moment, I am planning
> to explore SignTool and see what calls it makes.
> For the other question, I don't think there is a specific MS-PAR call
> that creates the cabinet file in the PCC directory.
> Using SignTool to Verify a File Signature
I finally found out how this is working.
The Catalog file includes all intermediate certificates. You just need one of the Microsoft Root Certificate to verify the chain.
The one I was looking for was included and it had the URL where you can find it online too:
This issue is solved now. Thanks for your help.
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
More information about the cifs-protocol