Windows Support Menu
Signature Verification Tool
The utility searches either for non-signed files or signed files depending on the selection of this list box. A signed file is a file that has been granted a Microsoft digital signature. The signature states that the file is an unaltered copy of the original file. The intent is an easy to use tool that can quickly display any non-Microsoft certified files.
In a continuing effort to promote and advance the quality of drivers and to reduce total cost of ownership (TCO), Microsoft began digitally signing drivers that ship in Windows 98.
Drivers are digitally signed when they ship with the Microsoft Windows 98 and Windows NT version 5.0 operating systems, or if they are published on the Windows Update web site. Digital signatures are associated with individual driver packages and will be recognized by Windows 98, Windows NT 5.0 and future operating systems.
Tip: Launch the Signature Verification Tool from MSInfo.
What is Driver Signing?
Driver Signing uses the existing Digital Signature cryptographic technology to store identifying information in a "catalog file" (*.cat, or CAT file). CAT files are stored in <Windir>\Catroot. This information identifies the driver as having passed testing by WHQL (Windows Hardware Quality Labs). No change is made to the driver binary itself. Instead, a CAT file is created for each driver package and the CAT file is signed with a Microsoft digital signature. The relationship between the driver package and its CAT file is referenced in the drivers INF file and is maintained by the system after the driver is installed.
INF File Changes
The digital signature is stored in a CAT file. The following modifications to INF files are required for IHVs/ISVs who want to obtain digital signature for their drivers:
In the [Version] section of the INF, the entry CatalogFile = <filename.cat> is added.
An entry for the CAT file in the [SourceDisksFiles] section is added
For example, an IHV submits a driver package to WHQL that includes files named Sample.inf, Sample.drv, and Sample.txt.
If the package passes WHQL testing, WHQL will return the original Sample.inf, Sample.drv and Sample.txt with the addition of Sample.cat.
Using the Signature Verification Tool
Launch the tool from MSInfo or Start, Run and type Sigverif. The default search is for non-signed files. The tool's functionality is similar to the Find utility. In addition, the result view includes two new columns OS Platform and Signed By.
Signatures and System Policies
Windows 98 and Windows NT 5.0 provide users with the opportunity to set a three-level system policy for driver installation:
Level 1 in the system policy allows the user to disable digital signature checking. If signature checking is disabled, a dialog box identifying whether the driver was digitally signed will not appear at the time of driver installation, and all drivers will be allowed to be installed on the system whether signed or not.
Level 2 allows the user to detect whether the driver being installed has passed WHQL testing. In this case, a message appears whenever a user tries to install a driver that fails the signature check.
Level 3 allows the user to block installation of a driver that fails the signature check. A dialog box will inform the user that the driver cannot be installed because it is not digitally signed.
Certificate Property Sheet
To view the signature, click a file and click the Details button. The certificate property sheet appears with three tabs, General, Details and Advanced.
This tab defines a certificate and provides general information about the file's certification.
Identifies whom the certificate was issue to and who it was issued by.
Provides details to the certificate including version, serial number, signature algorithm, issuer, effective date, expiration date, subject and public key.
Digital signing creates substantial benefits for the industry, including improved system stability and reduced TCO. It is also beneficial for system administrators who are given a mechanism to set policies for driver installation.