Make the virtual gamepad deployable on owned cabinets and wire the real user-mode feeder: - driver/sign.ps1 (non-admin): create a self-signed code-signing cert, build the catalog with inf2cat, and SHA-256-sign RioGamepad.sys + .cat (embed-sign the sys before cataloguing so the .cat matches). Exports RIOJoyTest.cer. Verified end-to-end against the EWDK (signability + catalog clean; both files signed). - driver/install.ps1 (admin, two-phase): trust the cert (LocalMachine Root + TrustedPublisher), stage the package (pnputil /add-driver), enable test signing; after reboot, -CreateDevice runs devgen to create root\RioGamepad so PnP installs it. uninstall.ps1 reverses it. - RioJoy.Core.Output.HidFeederJoystickSink: opens the driver by GUID_DEVINTERFACE_RIOGAMEPAD (SetupAPI), maintains a RioHidReport, and submits it via DeviceIoControl(IOCTL_RIO_SUBMIT_REPORT) on each axis/button/hat change. RioCoordinator now uses it when the driver is present and falls back to the no-op sink otherwise (status shows "[no joystick driver]"). - gitignore the signing outputs (driver/package/, *.cat); driver/README.md gets the full build → sign → install → joy.cpl workflow. Remaining = the actual elevated install + reboot + joy.cpl verification on the cabinet (admin steps), and on-hardware confirmation of the feeder. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
76 lines
3.3 KiB
PowerShell
76 lines
3.3 KiB
PowerShell
<#
|
|
.SYNOPSIS
|
|
Test-sign the RioGamepad driver package. No admin required.
|
|
|
|
.DESCRIPTION
|
|
Creates (once) a self-signed code-signing certificate in the current user's
|
|
store, stages the built RioGamepad.sys + RioGamepad.inf into driver\package\,
|
|
generates the security catalog with Inf2Cat, and signs both the .sys and the
|
|
.cat with SHA-256. Exports the public cert (RIOJoyTest.cer) for the install
|
|
step to trust.
|
|
|
|
Order matters: the .sys is embed-signed BEFORE the catalog is generated, so the
|
|
catalog hashes the signed binary; then the catalog itself is signed.
|
|
|
|
.PARAMETER Ewdk
|
|
Drive or root where the EWDK is mounted (default: E:).
|
|
#>
|
|
param([string]$Ewdk = "E:")
|
|
|
|
$ErrorActionPreference = "Stop"
|
|
$scriptDir = $PSScriptRoot
|
|
$projectDir = Join-Path $scriptDir "RioGamepad"
|
|
$buildOut = Join-Path $projectDir "x64\Release"
|
|
$pkg = Join-Path $scriptDir "package"
|
|
|
|
$kitsBin = Join-Path $Ewdk "Program Files\Windows Kits\10\bin\10.0.28000.0"
|
|
$signtool = Join-Path $kitsBin "x64\signtool.exe"
|
|
$inf2cat = Join-Path $kitsBin "x86\Inf2Cat.exe"
|
|
$certName = "RIOJoy Test Cert"
|
|
$cerPath = Join-Path $scriptDir "RIOJoyTest.cer"
|
|
|
|
foreach ($tool in @($signtool, $inf2cat)) {
|
|
if (-not (Test-Path $tool)) { throw "Tool not found: $tool (is the EWDK mounted at $Ewdk?)" }
|
|
}
|
|
if (-not (Test-Path (Join-Path $buildOut "RioGamepad.sys"))) {
|
|
throw "RioGamepad.sys not found. Build first: driver\RioGamepad\build.cmd $Ewdk"
|
|
}
|
|
|
|
# 1. Self-signed code-signing certificate (idempotent).
|
|
$cert = Get-ChildItem Cert:\CurrentUser\My | Where-Object { $_.Subject -eq "CN=$certName" } | Select-Object -First 1
|
|
if (-not $cert) {
|
|
Write-Host "Creating self-signed code-signing certificate '$certName'..."
|
|
$cert = New-SelfSignedCertificate -Type CodeSigningCert -Subject "CN=$certName" `
|
|
-CertStoreLocation Cert:\CurrentUser\My -KeyExportPolicy Exportable `
|
|
-NotAfter (Get-Date).AddYears(5)
|
|
}
|
|
Export-Certificate -Cert $cert -FilePath $cerPath -Force | Out-Null
|
|
Write-Host "Certificate thumbprint: $($cert.Thumbprint)"
|
|
Write-Host "Public cert exported to: $cerPath"
|
|
|
|
# 2. Stage the package.
|
|
if (Test-Path $pkg) { Remove-Item $pkg -Recurse -Force }
|
|
New-Item -ItemType Directory -Path $pkg | Out-Null
|
|
Copy-Item (Join-Path $buildOut "RioGamepad.sys") $pkg
|
|
Copy-Item (Join-Path $buildOut "RioGamepad.inf") $pkg
|
|
|
|
# 3. Embed-sign the .sys.
|
|
& $signtool sign /fd SHA256 /s My /n $certName (Join-Path $pkg "RioGamepad.sys")
|
|
if ($LASTEXITCODE -ne 0) { throw "signtool failed on RioGamepad.sys ($LASTEXITCODE)" }
|
|
|
|
# 4. Generate the catalog (Win10 x64).
|
|
& $inf2cat /driver:$pkg /os:10_X64 /verbose
|
|
if ($LASTEXITCODE -ne 0) { throw "inf2cat failed ($LASTEXITCODE)" }
|
|
|
|
# 5. Sign the catalog.
|
|
& $signtool sign /fd SHA256 /s My /n $certName (Join-Path $pkg "RioGamepad.cat")
|
|
if ($LASTEXITCODE -ne 0) { throw "signtool failed on RioGamepad.cat ($LASTEXITCODE)" }
|
|
|
|
Write-Host ""
|
|
Write-Host "Signed package ready in: $pkg" -ForegroundColor Green
|
|
Write-Host "Next: run driver\install.ps1 from an elevated shell to trust the cert," -ForegroundColor Yellow
|
|
Write-Host "enable test signing, and install the device." -ForegroundColor Yellow
|
|
Write-Host ""
|
|
Write-Host "(Note: 'signtool verify /pa' will fail until the cert is trusted by install.ps1 —" -ForegroundColor DarkGray
|
|
Write-Host " that is expected for a self-signed test driver.)" -ForegroundColor DarkGray
|