downlevelshim: remove in preparation for full WHQL

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

7 files changed, 4 insertions, 159 deletions

diff --git a/api/driver.c b/api/driver.c
index 78c7f10..2671c93 100644
--- a/api/driver.c
+++ b/api/driver.c
@@ -534,7 +534,6 @@ DriverInstall(HDEVINFO *DevInfoExistingAdaptersForCleanup, SP_DEVINFO_DATA_LIST
     WCHAR CatPath[MAX_PATH] = { 0 };
     WCHAR SysPath[MAX_PATH] = { 0 };
     WCHAR InfPath[MAX_PATH] = { 0 };
-    WCHAR DownlevelShimPath[MAX_PATH] = { 0 };
     if (!PathCombineW(CatPath, RandomTempSubDirectory, L"wireguard.cat") ||
         !PathCombineW(SysPath, RandomTempSubDirectory, L"wireguard.sys") ||
         !PathCombineW(InfPath, RandomTempSubDirectory, L"wireguard.inf"))
@@ -576,77 +575,14 @@ DriverInstall(HDEVINFO *DevInfoExistingAdaptersForCleanup, SP_DEVINFO_DATA_LIST
         goto cleanupDelete;
     }
 
-    WCHAR *WintrustKeyOriginalValue = NULL;
-    HKEY WintrustKey = NULL;
-    if (!IsWindows10)
-    {
-        LOG(WIREGUARD_LOG_INFO, L"Shimming downlevel driver loader");
-        if (!PathCombineW(DownlevelShimPath, RandomTempSubDirectory, L"downlevelshim.dll"))
-        {
-            DownlevelShimPath[0] = L'\0';
-            LastError = ERROR_BUFFER_OVERFLOW;
-            goto cleanupDelete;
-        }
-        if (!ResourceCopyToFile(DownlevelShimPath, L"downlevelshim.dll"))
-        {
-            LastError = LOG_LAST_ERROR(L"Failed to extract downlevel shim");
-            goto cleanupDelete;
-        }
-        LastError = RegOpenKeyExW(
-            HKEY_LOCAL_MACHINE,
-            L"SOFTWARE\\Microsoft\\Cryptography\\Providers\\Trust\\FinalPolicy\\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}",
-            0,
-            KEY_QUERY_VALUE | KEY_SET_VALUE,
-            &WintrustKey);
-        if (LastError != ERROR_SUCCESS)
-        {
-            LOG_ERROR(LastError, L"Failed to open Wintrust FinalPolicy key");
-            goto cleanupDelete;
-        }
-        WintrustKeyOriginalValue = RegistryQueryString(WintrustKey, L"$DLL", TRUE);
-        if (!WintrustKeyOriginalValue)
-        {
-            LastError = LOG_LAST_ERROR(L"Failed to read current Wintrust FinalPolicy key");
-            goto cleanupWintrustKey;
-        }
-        LastError = RegSetValueExW(
-            WintrustKey,
-            L"$DLL",
-            0,
-            REG_SZ,
-            (BYTE *)DownlevelShimPath,
-            (DWORD)((wcslen(DownlevelShimPath) + 1) * sizeof(DownlevelShimPath[0])));
-        if (LastError != ERROR_SUCCESS)
-        {
-            LOG_ERROR(LastError, L"Failed to set Wintrust FinalPolicy key");
-            goto cleanupWintrustChangedKey;
-        }
-    }
-
     LOG(WIREGUARD_LOG_INFO, L"Installing driver");
     if (!SetupCopyOEMInfW(InfPath, NULL, SPOST_NONE, 0, NULL, 0, NULL, NULL))
         LastError = LOG_LAST_ERROR(L"Could not install driver %s to store", InfPath);
 
-cleanupWintrustChangedKey:
-    if (WintrustKeyOriginalValue)
-        RegSetValueExW(
-            WintrustKey,
-            L"$DLL",
-            0,
-            REG_SZ,
-            (BYTE *)WintrustKeyOriginalValue,
-            (DWORD)((wcslen(WintrustKeyOriginalValue) + 1) * sizeof(WintrustKeyOriginalValue[0])));
-cleanupWintrustKey:
-    if (WintrustKey)
-        RegCloseKey(WintrustKey);
-    if (WintrustKeyOriginalValue)
-        Free(WintrustKeyOriginalValue);
 cleanupDelete:
     DeleteFileW(CatPath);
     DeleteFileW(SysPath);
     DeleteFileW(InfPath);
-    if (DownlevelShimPath[0])
-        DeleteFileW(DownlevelShimPath);
 cleanupDirectory:
     RemoveDirectoryW(RandomTempSubDirectory);
 cleanupExistingAdapters:
diff --git a/api/resources.rc b/api/resources.rc
index 2a5c4dc..0d5d92f 100644
--- a/api/resources.rc
+++ b/api/resources.rc
@@ -12,8 +12,6 @@ wireguard.cat RCDATA "driver\\wireguard.cat"
 wireguard.inf RCDATA "driver\\wireguard.inf"
 wireguard.sys RCDATA "driver\\wireguard.sys"
 
-downlevelshim.dll RCDATA "downlevelshim.dll"
-
 #if defined(WANT_AMD64_WOW64)
 #    if defined(BUILT_AMD64_WOW64)
 wireguard-amd64.cat RCDATA "amd64\\driver\\wireguard.cat"
diff --git a/downlevelshim/downlevelshim.vcxproj b/downlevelshim/downlevelshim.vcxproj
deleted file mode 100644
index 264a300..0000000
--- a/downlevelshim/downlevelshim.vcxproj
+++ /dev/null
@@ -1,35 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <PropertyGroup Label="Globals">
-    <ProjectGuid>{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}</ProjectGuid>
-    <RootNamespace>downlevelshim</RootNamespace>
-    <ProjectName>downlevelshim</ProjectName>
-  </PropertyGroup>
-  <PropertyGroup Label="Configuration">
-    <ConfigurationType>DynamicLibrary</ConfigurationType>
-    <PlatformToolset>WindowsApplicationForDrivers10.0</PlatformToolset>
-  </PropertyGroup>
-  <Import Project="..\wireguard-nt.props" />
-  <PropertyGroup>
-    <TargetName>downlevelshim</TargetName>
-  </PropertyGroup>
-  <ItemDefinitionGroup>
-    <ClCompile>
-      <PreprocessorDefinitions>_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <AdditionalOptions>/volatile:iso %(AdditionalOptions)</AdditionalOptions>
-    </ClCompile>
-    <Link>
-      <ModuleDefinitionFile>exports.def</ModuleDefinitionFile>
-      <SubSystem>Windows</SubSystem>
-    </Link>
-  </ItemDefinitionGroup>
-  <ItemGroup>
-    <None Include="exports.def" />
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="shim.c" />
-  </ItemGroup>
-  <Import Project="..\wireguard-nt.props.user" Condition="exists('..\wireguard-nt.props.user')" />
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-  <ImportGroup Label="ExtensionTargets" />
-</Project>
diff --git a/downlevelshim/exports.def b/downlevelshim/exports.def
deleted file mode 100644
index 7d2ec36..0000000
--- a/downlevelshim/exports.def
+++ /dev/null
@@ -1,3 +0,0 @@
-LIBRARY downlevelshim.dll
-EXPORTS
-	DriverFinalPolicy
\ No newline at end of file
diff --git a/downlevelshim/shim.c b/downlevelshim/shim.c
deleted file mode 100644
index d277639..0000000
--- a/downlevelshim/shim.c
+++ /dev/null
@@ -1,32 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0
- *
- * Copyright (C) 2018-2021 WireGuard LLC. All Rights Reserved.
- */
-
-#include <windows.h>
-#include <wintrust.h>
-
-typedef DWORD(DRIVER_FINAL_POLICY_FN)(CRYPT_PROVIDER_DATA *);
-typedef DRIVER_FINAL_POLICY_FN *PDRIVER_FINAL_POLICY_FN;
-
-DRIVER_FINAL_POLICY_FN DriverFinalPolicy;
-
-DWORD
-DriverFinalPolicy(CRYPT_PROVIDER_DATA *ProvData)
-{
-    DWORD OriginalLastError = GetLastError();
-    HMODULE WintrustModule = GetModuleHandleA("WINTRUST.DLL");
-    if (!WintrustModule)
-        return ERROR_INVALID_LIBRARY;
-    PDRIVER_FINAL_POLICY_FN RealDriverFinalPolicy =
-        (PDRIVER_FINAL_POLICY_FN)GetProcAddress(WintrustModule, "DriverFinalPolicy");
-    if (!RealDriverFinalPolicy)
-        return ERROR_INVALID_FUNCTION;
-    DWORD Ret = RealDriverFinalPolicy(ProvData);
-    if (Ret == ERROR_APP_WRONG_OS)
-    {
-        Ret = ERROR_SUCCESS;
-        SetLastError(OriginalLastError);
-    }
-    return Ret;
-}
diff --git a/wireguard-nt.proj b/wireguard-nt.proj
index 26fb62d..f809e53 100644
--- a/wireguard-nt.proj
+++ b/wireguard-nt.proj
@@ -48,21 +48,21 @@
   <Target Name="Dll-x86"
     Outputs="$(Configuration)\x86\wireguard.dll"
     DependsOnTargets="Dll-amd64;Dll-arm64">
-    <MSBuild Projects="setupapihost\setupapihost.vcxproj;downlevelshim\downlevelshim.vcxproj;api\api.vcxproj" Targets="Build" Properties="Configuration=$(Configuration);Platform=Win32" />
+    <MSBuild Projects="setupapihost\setupapihost.vcxproj;api\api.vcxproj" Targets="Build" Properties="Configuration=$(Configuration);Platform=Win32" />
   </Target>
   <Target Name="Dll-amd64"
     Outputs="$(Configuration)\amd64\wireguard.dll"
     DependsOnTargets="Dll-arm64">
-    <MSBuild Projects="setupapihost\setupapihost.vcxproj;downlevelshim\downlevelshim.vcxproj;api\api.vcxproj" Targets="Build" Properties="Configuration=$(Configuration);Platform=x64" />
+    <MSBuild Projects="setupapihost\setupapihost.vcxproj;api\api.vcxproj" Targets="Build" Properties="Configuration=$(Configuration);Platform=x64" />
   </Target>
   <Target Name="Dll-arm"
     Outputs="$(Configuration)\arm\wireguard.dll"
     DependsOnTargets="Dll-arm64">
-    <MSBuild Projects="setupapihost\setupapihost.vcxproj;downlevelshim\downlevelshim.vcxproj;api\api.vcxproj" Targets="Build" Properties="Configuration=$(Configuration);Platform=ARM" />
+    <MSBuild Projects="setupapihost\setupapihost.vcxproj;api\api.vcxproj" Targets="Build" Properties="Configuration=$(Configuration);Platform=ARM" />
   </Target>
   <Target Name="Dll-arm64"
     Outputs="$(Configuration)\arm64\wireguard.dll">
-    <MSBuild Projects="setupapihost\setupapihost.vcxproj;downlevelshim\downlevelshim.vcxproj;api\api.vcxproj" Targets="Build" Properties="Configuration=$(Configuration);Platform=ARM64" />
+    <MSBuild Projects="setupapihost\setupapihost.vcxproj;api\api.vcxproj" Targets="Build" Properties="Configuration=$(Configuration);Platform=ARM64" />
   </Target>
 
   <!--
diff --git a/wireguard-nt.sln b/wireguard-nt.sln
index 989a683..cb89b67 100644
--- a/wireguard-nt.sln
+++ b/wireguard-nt.sln
@@ -7,7 +7,6 @@ EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "api", "api\api.vcxproj", "{99648503-7DFB-4C06-A87A-E7B66E93FF84}"
 	ProjectSection(ProjectDependencies) = postProject
 		{8B282C8F-5870-44C3-9A2A-B9091F4E9F68} = {8B282C8F-5870-44C3-9A2A-B9091F4E9F68}
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82} = {E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}
 		{91F6BAF4-6CA1-4F33-A1BE-EFBA4E978B33} = {91F6BAF4-6CA1-4F33-A1BE-EFBA4E978B33}
 	EndProjectSection
 EndProject
@@ -15,8 +14,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "driver", "driver\driver.vcx
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "setupapihost", "setupapihost\setupapihost.vcxproj", "{91F6BAF4-6CA1-4F33-A1BE-EFBA4E978B33}"
 EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "downlevelshim", "downlevelshim\downlevelshim.vcxproj", "{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}"
-EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{3A98F138-EE02-4488-B856-B3C48500BEA8}"
 	ProjectSection(SolutionItems) = preProject
 		README.md = README.md
@@ -101,22 +98,6 @@ Global
 		{91F6BAF4-6CA1-4F33-A1BE-EFBA4E978B33}.Release|arm64.Build.0 = Release|ARM64
 		{91F6BAF4-6CA1-4F33-A1BE-EFBA4E978B33}.Release|x86.ActiveCfg = Release|Win32
 		{91F6BAF4-6CA1-4F33-A1BE-EFBA4E978B33}.Release|x86.Build.0 = Release|Win32
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Debug|amd64.ActiveCfg = Debug|x64
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Debug|amd64.Build.0 = Debug|x64
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Debug|arm.ActiveCfg = Debug|ARM
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Debug|arm.Build.0 = Debug|ARM
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Debug|arm64.ActiveCfg = Debug|ARM64
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Debug|arm64.Build.0 = Debug|ARM64
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Debug|x86.ActiveCfg = Debug|Win32
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Debug|x86.Build.0 = Debug|Win32
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Release|amd64.ActiveCfg = Release|x64
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Release|amd64.Build.0 = Release|x64
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Release|arm.ActiveCfg = Release|ARM
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Release|arm.Build.0 = Release|ARM
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Release|arm64.ActiveCfg = Release|ARM64
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Release|arm64.Build.0 = Release|ARM64
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Release|x86.ActiveCfg = Release|Win32
-		{E22CA58F-DEA5-48DC-BCF5-12075AD9BB82}.Release|x86.Build.0 = Release|Win32
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE