Edit

Share via

Verifying the Signature of a Release-Signed Driver File

  • Article

To verify an embedded signature in a driver file that is created by a Software Publisher Certificate (SPC), use the following SignTool command:

SignTool verify /v /kp DriverFileName.sys

Where:

  • The verify command configures SignTool to verify the signature that is embedded in the driver file DriverFileName.sys.

  • The /v option configures SignTool to print execution and warning messages.

  • The /kp option configures SignTool to verify that the signature that is embedded in DriverFileName.sys complies with the kernel-mode code signing policy and the PnP device installation signing requirements for Windows Vista and later versions of Windows.

  • DriverFileName.sys is the name of the driver file.

For example, the following command verifies that Toaster.sys has a valid embedded signature. In this example, Toaster.sys is in the amd64 subdirectory under the directory in which the command is run.

SignTool verify /kp amd64\toaster.sys