Windows 2000 Code Signing: Digitally Signed Drivers

This article was previously published under Q224404
This article has been archived. It is offered "as is" and will no longer be updated.
In order to assure users that they are using the highest-quality drivers, Microsoft will digitally sign drivers that pass the Windows Hardware Quality Lab (WHQL) tests. Drivers submitted to WHQL that pass testing with the final released Windows 2000 products will be given a Microsoft digital signature. This digital signature will be associated with individual driver packages and will be recognized natively by Windows 2000 systems. Devices covered include:
  • Video adapter
  • Keyboard
  • HDC
  • Multimedia device
  • Monitor
  • Modem
  • Mouse
  • Network adapter
  • Printer
  • SCSI adapter
  • Smart card reader
More information
Windows 2000 systems will support the ability to either warn or entirely block users from installing unsigned code. If a file has not been digitally signed and resides in the above-referenced classes, users will be notified that a file has not been digitally signed, and prompted whether they would like to continue.

Driver signing uses the existing digital-signature cryptographic technology. A hash of the driver binary and relevant information is stored in a catalog file (CAT file), and the CAT file is signed with the Microsoft signature. The driver binary itself is not touched; only a CAT file is created for each driver package. The relationship between the driver package and its CAT file is referenced in the driver's INF file and maintained by the system after the driver is installed.

Article ID: 224404 - Last Review: 10/26/2013 04:54:00 - Revision: 4.0

Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Professional Edition

  • kbnosurvey kbarchive kbenv kbinfo KB224404