To sum up the attempts to load DLL files in mobile over the past few days...

Document directory

• First, the mobile document above:
• Then I thought about creating my own certificate. This is not test use only, but root. The specific difference is that the root permission should be high:
• As a result, I found out how to use the vs tool for pfx and then load it according to the mobile document above.
• So I looked for other methods:

First, give my DLL

# Include "stdafx. H "# include" t21service. H "hinstance g_hinst; bool apientry dllmain (handle hmodule, DWORD partition, lpvoid lpreserved) {Switch (partition) {Case partition: g_hinst = (hinstance) hmodule; Case dll_thread_attach: Case dll_thread_detach: case dll_process_detach: break;} return true;} // This is an example of the export variable t21service_api int nt21service = 0; // This is an example of the export function. T21service_api int fnt21service (void) {return 42 ;}// this is the constructor of the exported class. // For more information about class definition, see t21service. hct21service: ct21service () {return ;}/// DWORD winapi threadproc (lpvoid parg) // {// g_ntimer = settimer (1000, 10 ,) //} // initialize t21service_api DWORD zzy_init (DWORD dwdata) {// retailmsg (1, (_ T ("initialized parameter % d \ r \ n "), dwdata); return 1 ;}// uninstall t21service_api DWORD zzy_deinit (DWORD dwdata) {retailmsg (1, (_ T ("uninstalled parameter % d \ r \ n "), dwdata); Return 0;} // open t21service_api DWORD zzy_open (DWORD dwdata, DWORD dwaccess, DWORD dw1_mode) {return 0;} // close t21service_api DWORD zzy_close (DWORD dwdata) {return 0;} // read t21service_api DWORD zzy_read (DWORD dwdata, lpvoid pbuf, DWORD dwlen) {return 0;} // write t21service_api DWORD zzy_write (DWORD dwdata, lpvoid pbuf, DWORD dwlen) {return 0;} // Io control t21service_api DWORD zzy_iocontrol (DWORD dwdata, DWORD dwcode, pbyte pbufin, DWORD dwlenin, pbyte pbufout, DWORD dwlenout, pdword timeout) {// switch (dwcode) // {// case 0x1234: // retailmsg (1, (_ T ("server enabled \ r \ n "))); // break; // case ioctl_service_stop: // retailmsg (1, (_ T ("server stop \ r \ n"); // break; // case ioctl_service_refresh: // retailmsg (1, (_ T ("Refresh \ r \ n"); // break; // default: // break; //} return 1 ;} t21service_api DWORD zzy_seek (DWORD dwdata, long POs, DWORD type) {return 0 ;}

Then let's talk about the problem:

 

I added my registry key to platform. Reg and added the dll path to platform. bib. Then makimg burned it to the board and thought it would start on its own. What he did not expect was trust = 0, that is, it was not loaded.

Then I started to solve the problem: many people on the Internet said there was no digital signature. Then I thought about how to sign the signature: first, the above in the mobile document:

1. On the Project menu, click Properties.  2. Click Authenticode Signing.  3. For the Authenticode Signature property, click Yes.  4. For the Certificate property, click the Ellipses (...) button.  In the Select Certificate dialog box, do one of the following:  >> If the certificate you want appears in the list, select it, and then click OK.  >> If the certificate you want does not appear in the list, click Manage Certificates to open the Manage Certificates dialog box. Use this dialog box to import one of the SDK certificates (or import the certificate an OEM or mobile operator gave you as part of its developer program).  Note:   Be sure to use the *.pfx file, not the *.cer file.   On the Authenticode Signing page, click OK.

Tried, set:

Go to the project properties under the "Authenticode Signing" and set:Authenticode signature: YesCertificate: TEST USE ONLY - Sample Privileged... (you may have to import it from the SDK dir)Provision device: Privileged certificate store

As a result, makeimg or trust = 0;

 

 

Then I thought about creating my own certificate. This is not test use only, but root. The specific difference is that the root permission should be high:

First, Windows Server 2003 is installed, because it is very convenient to make the certificate above.

First, install the IIS service, click Start> Management Tools> Manage your server, and then click add or delete roles on the right. Next, check whether the configuration is followed by your application server. If the configuration takes so long, the first step is completed.

 

Second:

1. Start ---- add and delete programs-install Windows build-Certificate Service

2. The warning message "neither the computer name nor the Domain Member identity can be changed" is displayed. Select "yes"

3. There are four certificate types. You can select "Enterprise Root CA" or "independent Root CA". Here we select "independent Root CA"

4. Enter the public name of the CA. You can enter Chinese characters. Then you can view the Certificate Authority and view the Certificate Authority)

5,

6. If you want to stop the IIS service, select YES. (Note that this is not the pop-up here. It may be that you can insert a CD, so you will insert server2003cd in a long time, and the next step will be done)

7,

The default value is

8. Enter http: // localhost/certsrv/default. asp or
Http: // 10.10.65.111/certsrv/default. asp10.10.65.111 is the IP address of the machine.

9. Select to submit an Advanced Certificate Application (select to apply for a certificate to this step)

10. Select create and submit an application to this ca

11. Fill in the relevant information. Here, only the name and email are entered (the following options are based on your own, such as code signature, 1024 bits, sha1, and export key );

 

12. Here you may see you wait for a day or two, and the Administrator will issue it to you. In fact, you are the Administrator and will issue it to yourself.

Start-management tools-Certificate Authority

Select the pending application, and you will see the certificate application just now-issue it.

In addition, it can be set to automatic issuance.

13,

 

As a result, Cert and the exported PVK are the public key and private key. This is different from the pfx file in the mobile document.

 

As a result, I found out how to use the vs tool for pfx and then load it according to the mobile document above.

The process for creating and verifying a digital signature is as follows:

 

First, use the CMD command window (START-run-Enter cmd-press Enter) to find a tool under common7 under Microsoft vs2008, you can search for these tools in your installation directory:

Makecert.exe cert2spc.exe
Pvk2pfx.exe signfile.exe

1. Use the production certificate tool makecert.exe of Visual Studio to generate the key:

makecert -sv mycert.pvk -a sha1 -len 1024 -sky signature -n "CN=XXXXXXX, O=YYYYYYY" mycert.cer

The preceding command specifies the sha1 algorithm. The key length is 1024 bits, and the certificate file mycert. CER and private key file mycert. PVK are generated.
2、cert2spc.exe converts a CER file (X.509 Certificate) to a SPC file (software publisher certificate)

cert2spc.exe mycert.cer mycert.spc

3. Use pvk2pfx.exe to merge the. SPC file and. PVK file into a pfx-format (Personal Information Exchange) file. 1234 is the password to protect the pfx file.

pvk2pfx.exe -pvk mycert.pvk -spc mycert.spc -f -po 1234 -pfx mycert.pfx

4. Sign For autorunwith signfile.exe:

Signfile.exe -fautorun.exe-xmycert. pfx-ppubkey. H-w1234
-

Using the command above to sign autorun.exe, the Public Key (pubkey. h) is also exported in the form of a C header file ). Pubkey. H should be placed in BSP and used to verify the digital signature of Autorun. EXE. The public key can be exported once.

I made the third step and followed the mobile document. The result is still trust = 0.

 

So I looked for other methods:

 

Security Configuration Manager is used to reduce the device security level.

This is in the security directory under the tools directory in the Windows Mobile 6 SDK. You can also search for it, suffix MSI, and install it.

 

1. Connect the device to the PC through ActiveSync.

2. After synchronization, start the Security Configuration Manager on the PC and wait for the Security Configuration Manager to connect to the device (note the following prompt for this tool ).

3. Select security off in selected configuration and click provision.

4. Wait for the prompt that the installation is successful.

Click the help document in it, which is actually part of the mobile document.

 

I was able to lower the security level of the board, but I still trust = 0. Oh, my God, I crashed .....

 

Up till now, my service dll has not been able to start after it is started, and it is still trust = 0; it cannot be loaded. I hope you can help solve it. I posted a post on csdn:

Http://topic.csdn.net/u/20110824/14/b6e58f17-a018-4b67-b453-e153ba9ab41b.html? 84255

If you want to solve the problem, you can't top it up and score it...

I wrote an article to record my hard work over the past few days. I hope you can solve it quickly. You guys are here. Have you all solved this problem, if so many people ask this question and fail to see the correct solution, have you all given up?