diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2019-03-08 22:33:15 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-03-22 16:52:31 -0600 |
| commit | 03479caf9db3447310f33a6711416a63bf6b0001 (patch) | |
| tree | 23039eab9707d3ad244266f605506ea0f22eca71 /README.md | |
| download | wintun-03479caf9db3447310f33a6711416a63bf6b0001.tar.xz wintun-03479caf9db3447310f33a6711416a63bf6b0001.zip | |
Initial commit
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Simon Rozman <simon@rozman.si>
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..248eda0 --- /dev/null +++ b/README.md @@ -0,0 +1,31 @@ +# Wintun Network Adapter +### TUN Device Driver for Windows + +This is a layer 3 TUN driver for Windows 7, 8, 8.1, and 10. Originally created for [WireGuard](https://www.wireguard.com/), it is intended to be useful to a wide variety of projects that require layer 3 tunneling devices with implementations primarily in userspace. + +## Build Requirements + +- [Visual Studio 2017](https://visualstudio.microsoft.com/downloads/) +- [Windows Driver Kit for Windows 10](https://docs.microsoft.com/en-us/windows-hardware/drivers/download-the-wdk) + + +## Digital Signing + +Digital signing is integral part of the build process. By default, the driver will be test-signed using a certificate that the WDK should automatically generate. To subsequently load the driver, you will need to put your computer into test mode by executing as Administrator `bcdedit /set testsigning on`. + +If you possess an EV certificate for kernel mode code signing you should switch TUN driver digital signing from test-signing to production-signing by authoring your `wintun.vcxproj.user` file to look something like this: + +```xml +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <PropertyGroup> + <SignMode>ProductionSign</SignMode> + <CrossCertificateFile>$(WDKContentRoot)CrossCertificates\DigiCert_High_Assurance_EV_Root_CA.crt</CrossCertificateFile> + <ProductionCertificate>CN=WireGuard LLC, O=WireGuard LLC, L=Boulder, S=Colorado, C=US, SERIALNUMBER=4227913, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Ohio, OID.1.3.6.1.4.1.311.60.2.1.3=US | DF98E075A012ED8C86FBCF14854B8F9555CB3D45</ProductionCertificate> + </PropertyGroup> +</Project> +``` + +Modify the `<CrossCertificateFile>` to contain the full path to the cross-signing certificate of CA that issued your certificate. You should be able to find its `.crt` file in `C:\Program Files (x86)\Windows Kits\10\CrossCertificates`. Note that the `$(WDKContentRoot)` expands to `C:\Program Files (x86)\Windows Kits\10\`. + +If you already have `wintun.vcxproj.user` file, just add the `<PropertyGroup>` section. |