# Signing a Kernel-Mode Windows Driver Notes from Microsoft documentation: https://docs.microsoft.com/en-us/windows-hardware/drivers/dashboard/attestation-signing-a-kernel-driver-for-public-release > - Attestation signing requires the use of an EV Certificate to submit the driver to the Partner Center (Hardware Dev Center Dashboard). > - To get your driver attestation signed, you submit a CAB file. > - Attestation signing supports Windows 10 Desktop kernel mode and user mode drivers. > - For Windows 10 Desktop and later systems, you can submit your drivers for attestation signing, which does not require HLK testing. ## Prerequisites - Install Visual Studio (incl. "Desktop Development with C++), and Windows Driver Kit (WDK) https://docs.microsoft.com/en-us/windows-hardware/drivers/download-the-wdk - Bigscreen's USB hardware token `SafeNet eToken 5110 FIPS` currently with Darshan - A DigiCert EV Code Signing Certificate ## Adding a new Bigscreen EV Certificate into Microsoft Partner Center If the Bigscreen EV Certificate has expired, renew it via DigiCert. Download the new certificate and install it on the hardware token. A newly issued EV certificate might take 24 hours before it's recognized and installs correctly on the hardware token. https://docs.microsoft.com/en-us/windows-hardware/drivers/dashboard/get-a-code-signing-certificate `.\signtool.exe sign /fd sha256 /a /tr http://timestamp.digicert.com .\SignableFile.bin` ## Attesting Process - Make a new directory under C:/, like C:/Bigscreen - Make a .ddf file (see /bsvgb example) - Add unsigned .inf and .sys and make sure filenames and paths correspond in the .ddf - Sign the .sys file - `.\signtool.exe sign /fd sha256 /a /tr http://timestamp.digicert.com .\ViGEmBus.sys` - Generate the .cab file - `MakeCab /f "C:\Bigscreen\bsvgb.ddf"` - Sign the .cab file - `.\signtool.exe sign /fd sha256 /a /tr http://timestamp.digicert.com .\bsvgb.cab` - Upload the cab to Microsoft Partner Center (Hardware Dev Center Dashboard) https://partner.microsoft.com/en-us/dashboard/hardware/Search - Leave everything unchecked, as this is an attestation signature. Check the Windows 10 x64 OS that's appropriate. - Download the final result, and verify that the .sys file Properties now has two signatures from both Bigscreen, Inc. and Microsoft ![image](https://user-images.githubusercontent.com/8766412/172069529-e8a4d731-b15b-4b3d-a810-0db5a511d77b.png)