Digital Signing of a Driver

Many third-party drivers ship with the Microsoft Windows 2000 CD distribution. In order to participate in this program, several requirements must be met.

Additionally, whenever a naive attempt to install a driver on Windows 2000 is made, a warning message is issued stating that the device driver is not digitally signed and its authenticity cannot be verified by Microsoft.

This section explains the role of Microsoft in verifying driver authenticity and the burden placed on a driver author and hardware manufacturer to certify their package for inclusion into future Windows 2000 CD distribution.

Why Microsoft Verifies Drivers

It is in Microsoft's best interest to promote two (conflicting) goals.

• Provide or promote as much interoperability for Windows 2000 and varied hardware devices as possible through the convenient distribution of device drivers.

• Ensure that device drivers are stable and do not compromise the integrity of the system.

Since device drivers operate in kernel mode, they have the capability to slowly or quickly crash a system. Since instability of the system will often be blamed on the kernel itself, it is clearly in Microsoft's interest to maintain a list of certified vendors and drivers for their operating systems.

Of course, stating that Windows 2000 interoperates with more hardware devices than other OSs is a strong selling feature. Therefore, Microsoft often works with hardware vendors to ensure timely release of compatible drivers.

To accomplish the two goals, Microsoft has established a specialized group, the Windows Hardware Quality Labs (WHQL), that provides a certification of hardware and the device driver. The participation benefits for hardware vendors include

• Use of the Windows logo on the certifying hardware and software

• Inclusion in the official list of supported and certified hardware for the various Microsoft operating system offerings (see http://www.microsoft.com/hcl )

• The opportunity to distribute the driver with future releases of the OS

• A digital signature that ensures tamper-proof code and allows customers to obtain the latest versions of drivers through Microsoft's Windows Update site

To participate in the program, visit the site http://www.microsoft.com/hwtest for procedures and pricing.

Digital Signatures

As part of the WHQL program, a certified driver obtains a digital signature that permits Windows 2000 to install the driver without the unprofessional warning of "imminent danger." The digital signature consists of several components.

• A catalog file (.CAT) that is included with the distributed driver package. It contains the actual digital signature assigned by Microsoft.

• An INF file entry in the [Versions] section that references the .CAT file.

• Windows 2000 policy that restricts whether or not an unsigned driver can be installed.

The digital signature is allegedly tamper-proof and ensures that the driver being installed is the original code supplied by the vendor. It uses cryptographic technology to achieve this goal. The signature itself does not alter the code in any way.