Fonte: Ferramentas para assinatura de drivers
The Microsoft Windows Driver Kit (WDK) includes the following tools that you can use to create a code-signing certificate, to sign the catalog file of a driver package, and to embed a signature in a driver file:
- CertMgr
- Inf2Cat
- MakeCat
- MakeCert
- Pvk2Pfx
- SignTool
SignTool é usado para verificar se um arquivo de catálogo está assinado por um certificado de versão comercial válido (veja abaixo).
To verify that a catalog file is signed by a valid commercial release certificate, use the following SignTool command:
SignTool verify /v /pa CatalogFileName.cat
To verify that a file that is listed in a driver package's catalog file is signed by a valid commercial release certificate, use the following SignTool command:
SignTool verify /v /pa /c CatalogFileName.cat DriverFileName
Where:
- The verify command configures SignTool to verify the signature of the driver package's catalog file CatalogFileName.cat or the driver file DriverFileName.
- The /v option configures SignTool to print execution and warning messages.
- The /pa option configures SignTool to verify that the signature of the catalog file or driver file complies with the PnP driver installation requirements.
- CatalogFileName.cat is the name of the catalog file for a driver package.
- The /c CatalogFileName.cat option specifies a catalog file that includes an entry for the file DriverFileName.
- DriverFileName specifies the name of a file that has an entry in the catalog file CatalogFileName.cat.