none
Signtool crashes with exit code -1073740771 when invoked via Visual Studio 2015. RRS feed

  • Question

  • We are attempting to code sign one of our windows 64bit device drivers (targeting config 'Win10.0 Release x64) with a new 'Extended Validation (EV) Code Signing Certificate' from Symantec'.
    The certificate has been imported into the windows Cert store and is made visible with the SafeNet Authentication Client 9.0 and its TPM security device (USB flash).
    When the driver is built via Visual Studio 2015, the signtool process invoked crashes with a code of -1073740771. Note that no SafeNet Token Password dialog is shown.

    When the same signtool command is entered from a command line, signtool presents the SafeNet 'Enter the Token password' dialog box and when the password is provided continues to successfully code sign the device driver.

    This obviously points to an interface issue between Visual Studio 2015 and the Symantec SafeNet Authentication Client.

    I have searched using Google for any mention of this issue but without success.
    Has anyone else seen this signtool crash?

    Cheers
          Dave

    Our Configuration Details are provided below:
          
    From Control Panel's 'Programs and Features':
    Windows Software Development Kit - Windows 10.0.10586.15

    From System Info:
    OS Name    Microsoft Windows Server 2012 R2 Standard
    Version    6.3.9600 Build 9600

    From Visual Studio 2015's About box:
    Microsoft Visual Studio Professional 2015
    Version 14.0.24720.00 Update 1
    Microsoft .NET Framework
    Version 4.6.01055
    Installed Version: Professional
    Visual C++ 2015   XXX.......
    Microsoft Visual C++ 2015
    Windows Driver Kit   10.0.10586.0
     
    signtool.exe location is - "C:\Program Files (x86)\Windows Kits\10\bin\x86\signtool.exe"  


    Visual Studio 2015's Output window trace:
    1>------ Build started: Project: ProcMonitor, Configuration: Win10.0 Release x64 ------
    1>  Building 'ProcMonitor' with toolset 'WindowsKernelModeDriver10.0' and the 'Desktop' target platform.
    1>  Stamping x64\Win10.0Release\ProcMonitor.inf [Version] section with DriverVer=02/16/2016,13.4.56.14
    1>C:\SRC\PROCNOTIFICATIONS\Windows\PROCMONITOR\ProcMonitor.inf(23-23): warning 2083: Section [devicelist] not referenced or used.
    1>  ProcMonitor.vcxproj -> C:\SRC\PROCNOTIFICATIONS\Windows\PROCMONITOR\x64\Win10.0Release\ProcMonitor.sys
    1>  Done Adding Additional Store
    1>C:\Program Files (x86)\Windows Kits\10\build\WindowsDriver.common.targets(1447,5): error MSB6006: "signtool.exe" exited with code -1073740771.
    ========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========
    Tuesday, February 16, 2016 2:22 AM

All replies

  • The first thing I would do is check the INF file with ChkInf from the WDK.  From the output it appears there are problems with the INF.


    Don Burn Windows Driver Consulting Website: http://www.windrvr.com

    Tuesday, February 16, 2016 12:10 PM

  • When the same signtool command is entered from a command line, signtool presents the SafeNet 'Enter the Token password' dialog box and when the password is provided continues to successfully code sign the device driver.

    This obviously points to an interface issue between Visual Studio 2015 and the Symantec SafeNet Authentication Client.

    It may be. When a console program such as signtool runs from VS build environment, its stdin & stdout handler are redirected in a weird way that can prevent displaying GUI. Have you asked Symantec about this?

    -- pa

    Tuesday, February 16, 2016 6:42 PM
  • In an effort to show where the compatibility issue lies, I copied the signtool.exe version 6.3.9600.17298 from the Windows Kits\8.1 tree over to the Windows Kits\10 tree and rebuilt the project from within Visual Studio 2015.  This managed to successfully show the Symantec SafeNet Token password pop-up and correctly code sign both the .sys file and the .inf file.

    This makes it look like an issue with signtool.exe version 10.0.10586.15.

    Do I need to raise a fault with Microsoft?

    Dave

    Thursday, February 18, 2016 2:23 AM
  • I had the exact same problem this week when trying to sign our device driver with our EV cert.  I performed the exact steps you described in this thread.  Renaming the original files C:\Program Files (x86)\Windows Kits\10\bin\x86\signtool*, and replacing with C:\Program Files (x86)\Windows Kits\8.1\bin\x86\signtool*, resulted in the successful signing of the driver files.

    Thanks for your posting.

    Wednesday, February 24, 2016 4:32 PM
  • In an effort to show where the compatibility issue lies, I copied the signtool.exe version 6.3.9600.17298 from the Windows Kits\8.1 tree over to the Windows Kits\10 tree and rebuilt the project from within Visual Studio 2015.  This managed to successfully show the Symantec SafeNet Token password pop-up and correctly code sign both the .sys file and the .inf file.

    This makes it look like an issue with signtool.exe version 10.0.10586.15.

    Still the Symantec component remains a suspect. It could use some "heuristic" to hook the signtool executable and this could just break with the updated program.

    -- pa

    Wednesday, February 24, 2016 8:33 PM
  • TJK5627, do you use the same Symantec token device?

    Wednesday, February 24, 2016 8:34 PM
  • Sorry I didn't notice the new question directed to me.  Yes, I have a Symantec EV token on this system. 
    Monday, April 11, 2016 11:16 PM