|
|
От: | Vicul | |
| Дата: | 23.07.15 06:04 | ||
| Оценка: | |||
Devon J.: [11:24:41 PM] Hello! How are you today?
Victor: [11:24:41 PM] Hello, I have a question about EV Code Signing Certificate. I will use it for signing my drivers for Win10 (x86/x64). But I have too drivers for other Windows. Can I use EV for signing Win 7 and Vista or should still purchase Code Signing Certificate too?
Devon J.: [11:24:49 PM] Hello
[11:25:35 PM] You can use the certificate to sign the drivers for use on Windows 7, Vista however will be an issue due to it not supporting SHA2 signatures.
Victor: [11:27:00 PM] So, do I need to purchase two certificates?
Devon J.: [11:27:35 PM] No, all new code signing certificates are issued out as SHA2 certificates.
Victor: [11:30:55 PM] Sorry, if I sign a driver, for example, for Vista by EV, then my user will have a problem, because Vista supports only SHA1? Is true?
Devon J.: [11:31:31 PM] Correct
Victor: [11:32:53 PM] So I need two certificates: EV and Code Signing. Is it true?
Devon J.: [11:34:16 PM] No, all new code signing certificates are issued out as SHA2. Microsoft is mandating that all new CS certificates are SHA2. If they wanted Vista to have SHA2 support, they could push out a patch for it.
Victor: [11:37:41 PM] ok, does Win 7 have that problem with SHA2, or I need a patch there too?
Devon J.: [11:38:40 PM] Microsoft pushed out a patch for SHA2 code signing certificates for Windows 7 back in March. The hotfix is listed here: https://technet.microsoft.com/en-us/library/security/3033929.aspx
