Updated20241114173919

README.md

@@ -6,21 +6,9 @@
 
 ## 项目介绍 / Introduction
 
-购买一个代码签名证书非常昂贵，而在Windows平台上，驱动签名需要EV代码签名证书才能进行WHQL认证，EV代码签名证书一年就需要几千块。
+购买一个代码签名证书非常昂贵，而在Windows平台上，驱动签名需要EV代码签名证书才能进行WHQL认证，EV代码签名证书一年就需要几千块。作为个人开发者或者测试驱动需求，购买权威机构的EV代码签名证书是非常不划算的，同时需要公司认证，时间流程都非常麻烦。微软于2019年7月暂停了EV交叉驱动签名证书CA的签发，意味着这之后不能直接使用EV代码签名，需要WHQL认证。但在这之前签发的证书可以直接签署驱动完成认证。网上有一些泄露的EV代码签名证书，可以利用[《自建时间戳服务实现伪签驱动证书》](https://code.52pika.cn/index.php/archives/277/)的时间戳功能完成伪造签名，让签名时间戳在泄露证书有效期内，实现驱动签名和认证。
 
-作为个人开发者或者测试驱动需求，购买权威机构的EV代码签名证书是非常不划算的，同时需要公司认证，时间流程都非常麻烦。
-
-微软于2019年7月暂停了EV交叉驱动签名证书CA的签发，意味着这之后不能直接使用EV代码签名，需要WHQL认证。但在这之前签发的证书可以直接签署驱动完成认证。
-
-网上有一些泄露的EV代码签名证书，可以利用[《自建时间戳服务实现伪签驱动证书》](https://code.52pika.cn/index.php/archives/277/)的时间戳功能完成伪造签名，让签名时间戳在泄露证书有效期内，实现驱动签名和认证。
-
-Purchasing a code signing certificate is very expensive, and on the Windows platform, driver signing requires an EV code signing certificate for WHQL authentication, which costs several thousand yuan per year.
-
-As an individual developer or test driver, purchasing an EV code signing certificate from an authoritative organization is very uneconomical, and requires company certification, which is a very complicated time process.
-
-Microsoft suspended the issuance of EV cross drive signing certificate CA in July 2019, which means that EV code signing cannot be directly used after that and WHQL authentication is required. But certificates issued before this can be directly signed to complete authentication.
-
-There are some leaked EV code signature certificates online, which can be used to [Implement Pseudo Signature Driver Certificates through Self-built Timestamp Services](https://code.52pika.cn/index.php/archives/277/)  The timestamp function completes the forgery of signatures, allowing the signature timestamp to be within the validity period of the leaked certificate, achieving driver signature and authentication.
+Purchasing a code signing certificate is very expensive, and on the Windows platform, driver signing requires an EV code signing certificate for WHQL authentication, which costs several thousand yuan per year. As an individual developer or test driver, purchasing an EV code signing certificate from an authoritative organization is very uneconomical, and requires company certification, which is a very complicated time process. Microsoft suspended the issuance of EV cross drive signing certificate CA in July 2019, which means that EV code signing cannot be directly used after that and WHQL authentication is required. But certificates issued before this can be directly signed to complete authentication. There are some leaked EV code signature certificates online, which can be used to [Implement Pseudo Signature Driver Certificates through Self-built Timestamp Services](https://code.52pika.cn/index.php/archives/277/)  The timestamp function completes the forgery of signatures, allowing the signature timestamp to be within the validity period of the leaked certificate, achieving driver signature and authentication.
 
 ## 免责声明 / Disclaimers
 
@@ -38,7 +26,7 @@ There are some leaked EV code signature certificates online, which can be used t
 
 ## 简易使用 / Quick Usage
 
-### 简易使用方法
+### 简易使用方法 / Easy Way to Sign Drivers
 
 1. 下载时间证书信任工具：[数字证书安装工具](https://github.com/PIKACHUIM/FakeSign/raw/refs/heads/main/Releases/PikachuTestCert.exe)，双击EXE，根据安装流程信任证书文件
 
@@ -48,11 +36,31 @@ There are some leaked EV code signature certificates online, which can be used t
 
 
 
-1. Download Time Certificate Trust Tool: [Digital Certificate Installation Tool](https://github.com/PIKACHUIM/FakeSign/raw/refs/heads/main/Releases/PikachuTestCert.exe)
+4. Download Time Certificate Trust Tool: [Digital Certificate Installation Tool](https://github.com/PIKACHUIM/FakeSign/raw/refs/heads/main/Releases/PikachuTestCert.exe)
+
+5. Install leaked driver signature certificate: **I do not provide any certificate **([FuckCertVerifiyTime](https://github.com/wanttobeno/FuckCertVerifyTime/tree/master/)) 
+
+6. Download the driver code signing tool: [Asia Integrity Signature Tool](https://github.com/PIKACHUIM/FakeSign/raw/refs/heads/main/Releases/TimestampClient.zip), open and select [**Custom Timestamp**] to sign
+
+### 部署时间证书 / Deploy Timestamp Server
+
+（一般情况不需要这个操作，你只需参考前一个“简易使用方法”内的教程即可）
+
+1、生成一张时间戳证书([教程XCA自制CA证书并签发时间戳证书](https://code.52pika.cn/index.php/archives/330/))，或者在这里申请一张：[皮卡丘测试证书在线服务](https://code.52pika.cn/index.php/archives/330/)
+
+2、下载[自信任时间戳工具](https://github.com/PIKACHUIM/FakeSign/raw/refs/heads/main/Releases/TimestampServer.zip)，解压并按照您的情况修改`config.json`，然后以**管理员权限**运行：`TimeStamping.exe`
+
+3、修改`hook.ini`中的`ServerURL`项为你自建的服务器地址，参考“简易使用方法”里面的教程，正常执行签名即可
+
+### 二合一整合包 / TSA Server + Signtool 2in1
+
+（一般情况不需要这个操作，你只需参考前一个“简易使用方法”内的教程即可）
+
+1、生成一张时间戳证书([教程XCA自制CA证书并签发时间戳证书](https://code.52pika.cn/index.php/archives/330/))，或者在这里申请一张：[皮卡丘测试证书在线服务](https://code.52pika.cn/index.php/archives/330/)
 
-2. Install leaked driver signature certificate: **I do not provide any certificate **([FuckCertVerifiyTime](https://github.com/wanttobeno/FuckCertVerifyTime/tree/master/)) 
+2、下载[自信任整合包签名](https://github.com/PIKACHUIM/FakeSign/raw/refs/heads/main/Releases/TimestampAllin1.zip)，解压并按照您的情况修改`config.json`，然后以**管理员权限**运行：`TimeStamping.exe`
 
-3. Download the driver code signing tool: [Asia Integrity Signature Tool](https://github.com/PIKACHUIM/FakeSign/raw/refs/heads/main/Releases/TimestampClient.zip), open and select [**Custom Timestamp**] to sign
+3、修改`hook.ini`中的`ServerURL`项为你自建的服务器地址，参考“简易使用方法”里面的教程，正常执行签名即可
 
 ### 驱动生成CAT / Driver Cat Create Usage