I have recently been trying to create my first driver using WDK with Visual Studio 2015 and so far I was able to generate a .sys file, along with the .cert and the other files generated by default.
My problem comes when I try to dynamically load the driver, the function fails with the code 577, ERROR_INVALID_IMAGE_HASH.
Here is the code I am using to load the driver:
#include <windows.h>
#include <stdio.h>
int _cdecl main(void)
{
HANDLE hSCManager;
HANDLE hService;
SERVICE_STATUS ss;
DWORD error;
PHANDLE hToken;
hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
error = GetLastError();
printf("Load Driver\n");
if (hSCManager)
{
printf("Create Service\n");
hService = CreateService(hSCManager
, "test"
, "test Driver"
, SERVICE_START | DELETE | SERVICE_STOP
, SERVICE_KERNEL_DRIVER
, SERVICE_DEMAND_START
, SERVICE_ERROR_IGNORE
, "C:\\driver_test.sys"
, NULL, NULL, NULL, NULL, NULL);
error = GetLastError();
if(error == ERROR_SERVICE_EXISTS)
{
error = 0;
}
if(!hService)
{
hService = OpenService(hSCManager, "test", SERVICE_START | DELETE
| SERVICE_STOP);
}
error = GetLastError();
if (hService)
{
printf("Start Service\n");
StartService(hService, 0, NULL);
error = GetLastError();
if (error!= NO_ERROR)
{
printf("Error: %d\nPress Enter to exit", error);
getchar();
}
else
{
printf("SUCCESS\nPress Enter to close service\n");
getchar();
}
ControlService(hService, SERVICE_CONTROL_STOP, &ss);
CloseServiceHandle(hService);
DeleteService(hService);
}
CloseServiceHandle(hSCManager);
}
return 0;
}
The error shows up once I call GetLastError function right after StartService function is called.
So far, what I have understood is that the driver I am trying to test doesn't have a valid certificate, or at least windows is not aware of its existence.
I have therefore tried using signtool in the developper command prompt for vs2015 and I was able to succesfully sign my driver.
Unfortunately, I went back to trying to load it and I still got the same error.
What would be the best course of action to fix this?
Thanks