Certification status


We are often asked if our Windows driver is WHQL certified, signed and fully compliant.

Our drivers are Authenticode signed and carry SHA-2 embedded certificates. For compliance purposes this is generally enough (it shows Touch-Base as the legitimate supplier and that the software has not been tampered with).

Deprecation of SHA-1 certificates was completed end 2017 and are no longer available therefore our driver no longer utilises this certificate. Any operating systems that rely solely on these security certificates, such as XP and unpatched Win 7 systems, are likely to issue a warning that the software is from an unknown source.

Regarding WHQL signing this only applies to kernel mode components. UPDD software utilises three kernel related packages:

Type   Name Description  Signing status 
 Mouse interface   tbupddsu  Implements a mouse port interface  Fully signed package
 HID interface  upddvh  implements a virtual HID interface  Fully signed package
 USB device interface  updd.inf  USB hardware interface   Partially signed package

Mouse Interface

This package is fully WHQL signed:

 

This package was signed using UPDD V5.1.1445 and has not changed since that time, hence is utilised in UPDD V6. It is used to post touch data to the operating system via a mouse port interface.

HID Interface

This package is fully WHQL signed:

This package was signed using UPDD V5.1.1131 and has not changed since that time, hence is utilised in UPDD V6. It is used to post touch data to the operating system via an HID interface.

USB port interface

This package is used to install a USB client side driver for specific devices as defined in the .INF file created dynamically at the time we build the UPDD installer and includes the USB vendor and product id of the supported USB devices.

At its heart this uses a standard 'inbox' signed driver, winusb.sys, signed by Microsoft Windows:

​Because we have to wrap this up in a driver package to support the specific device(s); and whilst (as shown above) this does not add any more "driver files"; it does mean that the driver package is signed by Touch-Base reflecting the Authenticode signing, not a fully signed WHQL installer package.

In our opinion given the above in most cases the driver package signing status is sufficient to satisfy most users signing requirements.

If a driver package requires a full WHQL signing we would have to execute a full signing process in conjunction with Microsoft WHQL signing procedures.

We have performed this on a number of occasions and this takes approximately 2 weeks to complete and is fully chargeable.