ERROR_SIGNATURE_OSATTRIBUTE_MISMATCH on Windows 8.1

Question

Hi,

I digitally sign my mini filter with my EV cert and get the MS signature on the .sys and .cat through the Hardware Dev Center. All works great and the filter installs just fine on Windows 10 but on Windows 8.1 I get an ERROR_SIGNATURE_OSATTRIBUTE_MISMATCH from SetupCopyOEMInf(). I thought one and the same signature should suffice for 7, 8, 8.1 & 10? Or is this possibly due to a .inf mistake or a wrong VS project setting on my end? I don't really know where to start looking for what might be wrong and am baffled by the fact that it installs/works on Windows 10.

Michael

Answer 1

Welcome to joy's of Windows signing.  You need to sign things differently for pre-Win10 and you need to specify all the OS'es you are supporting when you invoke the signing.

---

Don Burn Windows Driver Consulting Website: http://www.windrvr.com

Answer 2

Hi Don,

Thanks for your reply. I have two separate mini filter .sys files, one for Win7 and the other for Win8+. I sign the Win7 with SHA1 and the Win8+ with SHA256 (including cross-cert & time stamp). I ran and passed all HCK/HLK tests on 7, 8.1 & 10. After getting the MS signatures from the Dev Center I can also look at their 'Certification Report' and it states:

Certified for Microsoft Windows 10 Client family version 1703, x64 
Logo - Device - Compatible with Windows 7 x64

Certified for Microsoft Windows 8.1 Client family, x64

And yet it won't install/load on 8.1 (With test signing on I get a warning that the publisher cannot be verified; after selecting install anyway, all works fine). Do I have to do something differently when I sign my .sys or when I submit it to the Dev Center or neither? Do I need a separate/special .sys file/signature for Win 8.1 as opposed to 10? Is there anything that would explain what the differences are when it comes to signing for 8 vs. 10?

Thanks,

Michael