System - Embedded Signature Verification
This test uses SignTool.exe to verify that all the boot start type drivers on system are embed-signed.
Test details
| Specifications |
|
| Platforms |
|
| Supported Releases |
|
| Expected run time (in minutes) | 5 |
| Category | Scenario |
| Timeout (in minutes) | 300 |
| Requires reboot | false |
| Requires special configuration | false |
| Type | automatic |
Additional documentation
Tests in this feature area might have additional documentation, including prerequisites, setup, and troubleshooting information, that can be found in the following topic(s):
Running the test
Before you run the test, complete the test setup as described in the test requirements: WDTF System Fundamentals Testing Prerequisites.
Troubleshooting
For generic troubleshooting of HLK test failures, see Troubleshooting Windows HLK Test Failures.
For troubleshooting information, see Troubleshooting System Fundamentals Testing.
If you see an error saying that a "<Driver name> is not a signed driver", you can use signtool.exe to get more information about the digital signature to better troubleshoot the issue. For example, you could run the following command to find out more about pci.sys: signtool.exe verify /pa /v C:\Windows\system32\drivers\pci.sys
In order to pass this test, all embedded signatures in your boot driver must have time stamp signature.
More information
File list
| File | Location |
|---|---|
EmbeddedSignature.exe |
[<testbinroot>]\ |
Signtool.exe |
[<testbinroot>]\ |
Parameters
| Parameter name | Parameter description |
|---|---|
| LLU_NetAccessOnly | LLU for copying binaries |
| LLU_LclAdmin | LLU for built in admin account |