/i believe you are aware of the disable "Driver signature enforcement" option in 64 bit systems, that will allow you to continue working with unsigned drivers, in case you are okay with the same. If so, you can find the details at http://www.cypress.com/?id=4&rID=56113.
If you are specifically looking for signed drivers: we are providing signed drivers for a set of Cypress VID/PIDs. If you are not aware of this, you may find the signed drivers for the respective product DVK. Which Cypress device are you using? Please share as to understand what all VID/PIDs are signed for that device.
If you are looking for signing of driver with your own custom VID/PID, then the following links may be useful: http://www.cypress.com/?app=forum&id=167&rID=56763, http://www.cypress.com/?id=4&rID=65775.
Pease clarify us regaring these.
Thanks for replying Gayathri,
My device is EZ-USB CY7C68013. The device goes through several stages during booting so there are multiple VID/PID associations. The following combinations have been assigned.
VID_04B4&PID_8613 // board with blank eeprom
VID_2628&PID_E360 // board with our VID/PID but no firmware
VID_2628&PID_0360 // our board with firmware loadedThese assignments are flexible and there is no requirement that we use our own VID/PID.The customers that will use our device will not allow bypassing of Windows Security.I would be interested if there is a way to acheive this without signing our own driver. If there is no other way, does the process require that we set up a special server and test computers to perform WHQL tests for submission to Microsoft?As an alternative, do you know of a company or organization that can do this for us?Gary
These assignments are flexible and there is no requirement that we use our own VID/PID
>If the VID/PID of the customers change then the .INF file is changed.which means they need to go through the driver testing again and re-submit to microsoft.
>Yes the process requires atleast 2 machines machine1 will host Windows server OS along with WHCK software Machine2 will contain Windows platforms -XP , Vista and 7 both in 32 and 64-bit configurations.The second machine could host all these 6 OS like a multistage boot system or they can be split across multiple machines.In such cases using L2 ethernet switch and connecting them is the common scenario.
After testing the .sys and .INF combination successfully on each OS a .cpk file will be generated which is a log of test results.
Windows vista and 7 64-bit platforms typically take a full day to complete the tests.on the whole to complete all 6 platforms will take 4-5 days on a single machine .If there are multiple test OS machines then the duration can be 2-3 days.
Since unsigned drivers cannot be loaded into Windows vista,7 64-bit OS typically we force the OS in test mode under admin rights .It would be better if all the OS are in test mode before test procedure starts otherwise the loading these drivers require manual intervention every time during testing .
The procedure on how to test the driver is documented in Microsoft MSDN http://msdn.microsoft.com/en-us/library/windows/hardware/gg487530.aspx
After testing package .cpk , .sys and .INF for each OS platform and submit to verisign.Verisign will provide .cat file which contains special keys to recognise the signed package.
After certification any change to .INF will nullify the Microsoft signature.The entire process has to be repeated every time there is a slight change in the .INF by the end customer.
Narayana Murthy M
Thank you for clarifying what is required. I have one last question to ask. Is there a way to use existing Cypress VID/PID combinations that would allow me to do what I need without having to go through all that?
Using Cypress VD/PID is not recommended as these were already recorded as used combinations.We use these VID/PID for demonstration purpose only in our kits.I suggest you use your own VID/PID for final demonstration.There should be companies who can test on your behalf but i am not aware of them though.Please contact Verisign if they could help with any contact.
Narayana Murthy M
Thanks for the help Narayana!
I will discuss that option with Verisign.
This is the same question I have. Have you found any answers?
Do you mean you need a third party contact who can get your driver signed for a particular VID/PID?
@Gary: It is technically possible to use the driver as-is from the development kit.
If the VID/PID is set to 0x04B4/0x00F0 in the device, it will enumerate using the unmodified driver and come up as a "Cypress USB BulkloopExample" in Windows device manager. You cannot change this name without changing the INF file, which would invalidate the signature.
An important thing to note is that the Windows application software will have to identify the device in a different way, since in theory you could have lots of devices all claiming to be a "Cypress USB BulkloopExample", when in fact they are not. A fairly straightforward solution would be to look at the Vendor and Product strings from the USB descriptor.
A discussion on whether this is a good idea or not can be found here: