libgo/go/crypto/tls/root_windows.go

   1 // Copyright 2011 The Go Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style
   3 // license that can be found in the LICENSE file.
   4
   5 package tls
   6
   7 import (
   8         "crypto/x509"
   9         "reflect"
  10         "syscall"
  11         "unsafe"
  12 )
  13
  14 func loadStore(roots *x509.CertPool, name string) {
  15         store, err := syscall.CertOpenSystemStore(syscall.InvalidHandle, syscall.StringToUTF16Ptr(name))
  16         if err != nil {
  17                 return
  18         }
  19
  20         var cert *syscall.CertContext
  21         for {
  22                 cert = syscall.CertEnumCertificatesInStore(store, cert)
  23                 if cert == nil {
  24                         break
  25                 }
  26
  27                 var asn1Slice []byte
  28                 hdrp := (*reflect.SliceHeader)(unsafe.Pointer(&asn1Slice))
  29                 hdrp.Data = cert.EncodedCert
  30                 hdrp.Len = int(cert.Length)
  31                 hdrp.Cap = int(cert.Length)
  32
  33                 buf := make([]byte, len(asn1Slice))
  34                 copy(buf, asn1Slice)
  35
  36                 if cert, err := x509.ParseCertificate(buf); err == nil {
  37                         roots.AddCert(cert)
  38                 }
  39         }
  40
  41         syscall.CertCloseStore(store, 0)
  42 }
  43
  44 func initDefaultRoots() {
  45         roots := x509.NewCertPool()
  46
  47         // Roots
  48         loadStore(roots, "ROOT")
  49
  50         // Intermediates
  51         loadStore(roots, "CA")
  52
  53         varDefaultRoots = roots
  54 }