mirror of https://github.com/minio/minio.git
62 lines
1.6 KiB
Go
62 lines
1.6 KiB
Go
// +build windows
|
|
|
|
// Copyright (c) 2015-2021 MinIO, Inc.
|
|
//
|
|
// This file is part of MinIO Object Storage stack
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU Affero General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
package certs
|
|
|
|
import (
|
|
"crypto/x509"
|
|
"syscall"
|
|
"unsafe"
|
|
)
|
|
|
|
func loadSystemRoots() (*x509.CertPool, error) {
|
|
const CRYPTENOTFOUND = 0x80092004
|
|
|
|
store, err := syscall.CertOpenSystemStore(0, syscall.StringToUTF16Ptr("ROOT"))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer syscall.CertCloseStore(store, 0)
|
|
|
|
roots := x509.NewCertPool()
|
|
var cert *syscall.CertContext
|
|
for {
|
|
cert, err = syscall.CertEnumCertificatesInStore(store, cert)
|
|
if err != nil {
|
|
if errno, ok := err.(syscall.Errno); ok {
|
|
if errno == CRYPTENOTFOUND {
|
|
break
|
|
}
|
|
}
|
|
return nil, err
|
|
}
|
|
if cert == nil {
|
|
break
|
|
}
|
|
// Copy the buf, since ParseCertificate does not create its own copy.
|
|
buf := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:]
|
|
buf2 := make([]byte, cert.Length)
|
|
copy(buf2, buf)
|
|
if c, err := x509.ParseCertificate(buf2); err == nil {
|
|
roots.AddCert(c)
|
|
}
|
|
}
|
|
return roots, nil
|
|
}
|