FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

STM32 and signing USB Drivers

kekon1234
Associate III

‎2012-09-10 01:04 AM

Posted on September 10, 2012 at 10:04

I designed some devices based on STM32 microcontrollers. Some of the devices use USB to communicate with Windows applications. To overcome problems with USB drivers i used Mass Storage Class which does not require to install any drivers. The STM32 emulates FAT system so it is possilble to communicate with the device by means of writing and reading files from/to the device (Windows ''thinks'' that it is connected to a pendrive device but in fact STM32 only emulates FAT file system). However, this way is not convenient because it is slower and needs to use much code to work (SCSII commands send to pendrive, FAT system etc.). I can write USB driver using Windows Device Framework but it needs to be digitally signed. Without signing Windows will not load the driver. I know there is WinUSB driver available but it still needs to be signed to be loaded by Windows. Is there any way to overcome the problem ? I read about some methods that can disable checkking of drivers digital signatures but it doesn't seem to be good solution...

0 Kudos
8 REPLIES 8
carl2399
Associate II

‎2012-09-10 01:48 AM

Posted on September 10, 2012 at 10:48

Hi,

I used a slightly different solution to the problem. I included an FT232H (made by FTDI) in my design which is hooked up to my STM32F2xx using the asynchronous parallel interface.

The drivers are supplied by FTDI and are basically generic to their product range. Early tests indicate that I should be able to get transfers that peak at around 8M bytes per second, although practically I'll probably achieve about 5-6M bytes sustained per second. (I've already seen 2.2M bytes per second sustained over 60 seconds, but there is a fairly obvious bottle-neck that I'm in the process of fixing).  I'm using the interface for more than just transfers though and that's where the generic bit comes in, as the connection functionally just looks like a high speed serial interface (about 60M baud). Another benefit of this approach is that the code is massively simple compared to the code required to do the USB stack - which still leaves me a little overwhelmed.

0 Kudos
kekon1234
Associate III

‎2012-09-10 02:24 AM

Posted on September 10, 2012 at 11:24

Yes, i though about using FTDI devices and it seems that i will stick with it.

There will be no problems with drivers; it is the most important thing.

(however, USB software stack is no problem for me as i wrote my own and the code turned out to be much simpler and shorter that one provided by ST libraries).
0 Kudos
Tesla DeLorean
Guru

‎2012-09-10 08:13 AM

Posted on September 10, 2012 at 17:13

At some level if you want custom USB drivers, and want them signed, you have to man-up and go through the Microsoft WHQL procedure that everyone else has to go through. The purpose of the testing is to ensure you have coded them with sufficient rigor that they won't randomly crash Windows.

If you want something simpler than USBSTOR, there is presumably CDC, but even with mass storage, you don't have to emulate a file system, or pretend to have media present, to send custom SCSI commands to the device. You will of course need to respond to the ones Windows sends, with appropriate results or sense data.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
0 Kudos
kekon1234
Associate III

‎2012-09-10 11:18 PM

Posted on September 11, 2012 at 08:18

I don't want to sign my drivers. I would like them to be loaded without signing.

In fact i don't emulate mass storage system with all its functions. My firmware emulates only some parts of it: boot sector and the first sector of FAT table. For example, if i want to read data from the device i read a disk sector with ''ReadFile'' API function. In fact the sector which is read doesn't exist but is is emulated in STM32 internal RAM. Sending data to the device is more difficult. I could use ''WriteFile'' API function to directly write disk sector (which is also emulated in STM32 RAM). It worked well under Windows XP but Vista and Win7 prohibit the use of writing disk sectors directly. I talked about it with programmers i know in my company and they told me direct writing disk sectors from windows application level in Win7 is not an easy task (i'm not sure if they are right). So i had to implement an emulation of a file in STM32 RAM.

However if the USB device informs Windows that it falls in a mass storage class category Windows will send several SCSII commands that must be implemented in the firmware. If the device does not respond to all required commands (or it responds with incorrect parameters) it will show an error message and no communication can take place.

In my opinion, the only reason of using USB drivers (that must be provided by device manufacturers) for many devices is that Microsoft wants more many from them... (the WHQL process is not for free). Most USB drivers only send and receive data using a few functions implemented in operating system. I think it would be possible for them to be available directy through API functions, without any addidtional drivers (just as we used API functions to access COM and LPT ports in the past)

0 Kudos
tomasz2399
Associate II

‎2012-09-16 01:58 PM

Posted on September 16, 2012 at 22:58

Does WinUSB really needs signing? I haven't been using it but it would surprise me - as developed by MS is should be already signed.

BTW, I'm using libusb and it's signed. There are also plenty of commercial equivalents and they are probably better solution that writing own driver.

Another option for fast transfer I heard of is using HID but not with interrupt transfer (limited to 64 kB/s) but with control transfer.

0 Kudos
stforum.tormod9
Associate II

‎2012-09-24 02:18 PM

Posted on September 24, 2012 at 23:18

I don't think WinUSB needs signing since it is included in Windows 7. Yes, using libusb is a possible way to write the user application or higher-level driver. It will access the USB device through WinUSB so it does not need to be signed itself. See

http://libusbx.org

for more information.

BTW, about automatic registration of WinUSB or another USB driver, see this page:

https://github.com/pbatard/libwdi/wiki/WCID-Devices

or the libwdi project in general.

0 Kudos
piotr239955
Associate

‎2015-11-13 01:27 AM

Posted on November 13, 2015 at 10:27

From your INF file, you need to make CAT files. You find it in the free Windows DDK:

''Inf2Cat'' /v /driver:''CU3_drv'' /os:7_X86,7_X64,8_X86,8_X64,6_3_X86,6_3_X64

And you need ot sign them with your certificate (*.PFX) (hopefully signed by a Root CA, like Verisign):

''signtool.exe'' sign /v /f ''AF.pfx'' /P ''password'' /n ''AF'' /tr

http://tsa.starfieldtech.com/

''CU3_drv\*.cat''

The last step is exactly the same way you would sign any application made for Windows and as you know Windows application do not have to pass any certification.

You don't need WHQL, unless you need to have a Windows logo on the box of your device. Contact me if you have trouble, I've done this many times.
0 Kudos
Tesla DeLorean
Guru

‎2015-11-13 03:44 AM

Posted on November 13, 2015 at 12:44

You can always sign things with your own certificate, you'd need to pass WHQL to get Microsoft to counter sign it with theirs. As I understand it, that's why you get the ''Do you trust 'Random Vendor' '' type dialogs when installing drivers that aren't.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
0 Kudos
Top