Building Veracrypt - Generating .cab file for Microsoft to sign
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
Hi All,
We are building our own version of Veracrypt with a minor tweak to suit our embedded systems. I'm now trying to get this signed by microsoft via their dev portal so it will work with Windows 10 (It works fine on earlier Windows versions). Unfortuately the dev portal only appears to accept .cab files as the input (attestation signing).
I've approached this by extracting the files from the .exe installer and generating a .cab file, signing it and submitting it, with the expectation that I would be able to re-package the signed files and produce a .exe by adding in extrac32. However I've been running into problems getting the .inf file correct and it now looks to me like this approach is just wrong - especially as the build system appears to be pretty slick so this hack at the end of it does not fit well.
What is the correct way to package up the build outputs ready for submission to Microsoft as a .cab file (or am I missing somthing on the dev portal?)
Apologies if this is a newbie question but I am not a Windows programmer and this has landed on my desk as the developer who did the real work has left!
Thanks in advance,
Andrew.
I remember seeing instructions at the source code link below scroll down for getting the VeraCrypt signed.
https://sourceforge.net/p/veracrypt/code/ci/master/tree/
Thanks for the tip, this describes the code signing process which works up and until secure boot (UEFI) is enabled in windows10 - this is the problem I am trying to fix. From this point the drivers have to be countersigned by microsoft by uploading them to theMicrosoft Dev Portal, however I'm running into problems getting this to work. (See also https://www.osr.com/blog/2016/06/02/driver-signing-details-emerge/)