ViGEm Framework Roadmap

I got asked about a long-term roadmap for the ViGEm project so here it is. It’s sorted by appearance in my head, not priority or chronology or something that’s close to a system 😜

Add/Improve Documentation

I won’t sugarcoat it; I suck at documenting my APIs and ideas 😅 It’s not that I’d dislike documentation but I’d rather spend my time on coding, reverse engineering and solving riddles. Since the projects are intended to provide a framework for other developers it’s crucial to improve this part.

Standardize and harden APIs

I tend to change APIs without version bumps which isn’t best practice at least 😁 I should also mention that before this project I didn’t really design publicly available APIs so I just make up things as I go. Feedback always welcome of course 😉

Provide example applications

When diving into new frameworks or libraries I tend to search for some example implementations first instead of pondering over documentation. I typically whack together some simple console application if I wanna test new features and tend to forget them after success. This should improve massively since nothing beats nicely commented ready-to-copyuse code.

Add Xbox One Controller emulation

Although I successfully created a working proof-of-concept there’s still a long road ahead of me if I wanna provide stable XBONE Controller emulation. Since hunting bugs and reacting to user feedback was my main priority the last couple month I kinda procrastinated on this topic. I don’t want to ditch it though since there is obvious user demand for this feature.

Work on Website and Forums

Coding currently eats up a lot of my time (besides other pesky real-life tasks 😜) so I’m always short on updates and general social-media stuff. I should really rename this to “respond to messages in time” generally. Oh well… 😇

Continue updating the ScpToolkit

Yes, yes, I haven’t forgotten about this delicate topic and I am aware about the community demands. It’s just that the driver development ate up so much time and brain power I didn’t have enough energy left for support, fixes or new features at all. Hope you can understand that 🙃

Update this post

There sure is a lot I forgot to include in this post but that’s all my brain can take at this time so… time for more procrastination! 😅


Updated from the development dungeon


just a quick update on what’s currently in my pipeline:

  • Redesign the HidCerberus Service/Library combo because… well… do I even need a reason? Have you seen the source?!! 😅
  • Sign Drivers for Windows 7, 8, 8.1 and 10

So thanks for your patience, see ya soon!

I can’t reply to Hotmail users

Yet another recent “Fuck you” from Microsoft: it seems that Hotmail (or Live or whatever it’s called these days) won’t accept e-mails from my dedicated server despite its crystal clear Anti-Spam-Reputation:

Feb 26 11:44:36 lvps176-28-14-79 postfix/smtp[21858]: 19FFF1167A7: to=<>,[]:25, delay=1, delays=0/0/0.88/0.16, dsn=5.0.0, status=bounced (host[] said: 550 SC-001 (COL004-MC6F12) Unfortunately, messages from weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to (in reply to MAIL FROM command))

Well, that’s unfortunate but nothing I can do about at the moment since they don’t even have an IP removal submission form or any other sane way of contacting someone who cares, so… If you’re a Hotmail user and haven’t had a reply from me: that’s why 😠 I recommend the forums as an alternative way to contact me. Cheers!

wcsstr in Windows kernel-mode

Turns out there is no equivalent function to strstr/wcsstr in the DDK/WDK and therefore available in kernel mode. But being plain old C you can roll your own so that’s what I did. Well, someone else did and I adapted 😜

#include <crtdefs.h>
#include <stddef.h>

#pragma warning(push)
#pragma warning( disable : 4706 )

// Stolen from here:
wchar_t *kmwcsstr(const wchar_t *haystack, const wchar_t *needle)
    register wchar_t b, c;

    if ((b = *needle) != L'\0')
        haystack--;				/* possible ANSI violation */
            if ((c = *++haystack) == L'\0')
                goto ret0;
        while (c != b);

        if (!(c = *++needle))
            goto foundneedle;
        goto jin;

        for (;;)
            register wchar_t a;
            register const wchar_t *rhaystack, *rneedle;

                if (!(a = *++haystack))
                    goto ret0;
                if (a == b)
                if ((a = *++haystack) == L'\0')
                    goto ret0;
            } while (a != b);

        jin:	  if (!(a = *++haystack))
            goto ret0;

                  if (a != c)
                      goto shloop;

                  if (*(rhaystack = haystack-- + 1) == (a = *(rneedle = needle)))
                          if (a == L'\0')
                              goto foundneedle;
                          if (*++rhaystack != (a = *++needle))
                          if (a == L'\0')
                              goto foundneedle;
                      } while (*++rhaystack == (a = *++needle));

                      needle = rneedle;		  /* took the register-poor approach */

                      if (a == L'\0')
    return (wchar_t*)haystack;
    return NULL;
#pragma warning(pop)

Word of warning: only use with PCWSTR! It expects the passed strings to be NULL-terminated, so don’t use with UNICODE_STRING!



Windows Driver Signing Bullshit

You’re probably thinking “what’s taking this guy so long to push out releases”. Well, apart from my permanent lack of time (job, life, you know the drill) it’s some bullshit called Driver Signing. What is that and why should you care? Read on…


Long story short: every version of Windows we care about (starting with 7, skipping Vista) enforces certain restrictions when you’re dealing with the installation of a device driver. The major one is the driver files signature. Since other people smarter (and older) than me have already tackled this topic I’ll just blatantly steal a quote from David Grayson:

If you have ever installed some software or drivers in Windows, you have probably seen a dialog telling you the name of the company or person that published that software. This means that the publisher has cryptographically signed their work. Signing your software is important: by showing a nicer dialog to the end user, it gives end users more confidence that they are not installing malware. In the case of device drivers, signing is even required by certain versions of Windows in certain situations.

If you’re interested in the whole story of signing Windows drivers I recommend you read the whole article I linked above.

Another quote from an article of a bloke at PiXCEL:

What’s not immediately clear with Windows 8 is that an unsigned 32 bit Windows 7 driver may (but probably will not) load, and an unsigned 64 bit driver definitely will not . The usual error is a message that the installation failed, or that an unnamed file cannot be found. These error messages are particularly unhelpful and don’t accurately reflect the cause of the failure.

So in summary: a working signature is inescapable if you wan’t to release drivers to the public, got it. Therefore I acquired an Extended Validation Code Signing Certificate from GlobalSign based on David Grayson’s experiences and recommendations (which was ridiculously expensive for the community work I use it for but that’s for yet another post).

The Problem

OK I really want to keep this as short and non-boring as possible but this is important. You’ll find a whole truck-load of articles on MSDN and the general interwebz. Everybody is talking about the new requirements for signing for Windows 10 Anniversary Update and how these requirements have been tightened even more when UEFI Secure Boot is enabled and yaddi-yadda and so on and so forth. Now that I also have access to their brand new developer dashboard I can finally request a signature from Microsoft which will allow my drivers to get loaded even on the latest Windows 10 with Secure Boot on. Great! But. What about Windows 8(.1) and 7? They’re still around aren’t they. Well too bad for you, the portal doesn’t give you the options for those:

And I know this fact is documented in MSDN:

As an alternative to HLK and HCK testing, you can cross-sign your driver yourself and submit it to the dashboard for attestation signing so that it also works on Windows 10. This is more complicated, but still a valid option. But it’s important to note that a submission signed this way will not work on Windows Server 2016. For more information about how to attestation sign a driver, see Attestation signing a kernel driver for public release. Important You must still use Hardware Dev Center (Sysdev) to attestation sign a driver until driver signing is available through the new Windows Hardware Dev Center dashboard.

But what’s that good for?! Thanks for telling me I’m just wasting my time with the portal! But what’s this:

Use the Hardware Lab Kit (HLK) to test your submission against Windows 10 and use the Hardware Certification Kit (HCK) to test against earlier versions of Windows. Then create a dashboard submission that includes all the merged HLK/HCK test results. During the submission process, you can opt-in to get a free signature for Windows Vista and Windows XP, as shown later in this topic. To opt-in for Windows Server 2008, provide a submission ID from a Windows Logo Kit (WLK) submission. This is the only way to make a submission apply to all Windows versions.

Ah, use the Hardware Lab Kit, you say? You mean this piece-of-shit Software that requires yet another virtual machine running in my build environment but now with Server 2012 R2 installed? Okay, I obeyed and wen’t through multiple tries (because, as I said, piece of shit) and after even preparing a physical test machine to run the test playlist I still can only submit a package for Windows 10:

Oh excuse me, I could submit it if not for the fact that I can’t sign it because the damn tool doesn’t recognize my hardware token which you have to use if you bought an EV Certificate which you have to buy because it’s required by the same baboons who probably made the tool incompatible with the cert!

In conclusion I can say this has torn my soul more than anything else I’ve ever encountered in IT which lead to this rant post. Hopefully some Overwatch can cool me down now, see you later 😑