2011-10-14 03:58:19 +01:00
|
|
|
// Copyright 2011 The Go Authors. All rights reserved.
|
|
|
|
// Use of this source code is governed by a BSD-style
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
package tls
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/x509"
|
|
|
|
"reflect"
|
|
|
|
"syscall"
|
|
|
|
"unsafe"
|
|
|
|
)
|
|
|
|
|
|
|
|
func loadStore(roots *x509.CertPool, name string) {
|
|
|
|
store, errno := syscall.CertOpenSystemStore(syscall.InvalidHandle, syscall.StringToUTF16Ptr(name))
|
|
|
|
if errno != 0 {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2011-10-14 17:26:38 +01:00
|
|
|
var cert *syscall.CertContext
|
2011-10-14 03:58:19 +01:00
|
|
|
for {
|
2011-10-14 17:26:38 +01:00
|
|
|
cert = syscall.CertEnumCertificatesInStore(store, cert)
|
|
|
|
if cert == nil {
|
2011-10-14 03:58:19 +01:00
|
|
|
break
|
|
|
|
}
|
|
|
|
|
2011-10-14 17:26:38 +01:00
|
|
|
var asn1Slice []byte
|
|
|
|
hdrp := (*reflect.SliceHeader)(unsafe.Pointer(&asn1Slice))
|
|
|
|
hdrp.Data = cert.EncodedCert
|
|
|
|
hdrp.Len = int(cert.Length)
|
|
|
|
hdrp.Cap = int(cert.Length)
|
2011-10-14 03:58:19 +01:00
|
|
|
|
2011-10-14 17:26:38 +01:00
|
|
|
buf := make([]byte, len(asn1Slice))
|
|
|
|
copy(buf, asn1Slice)
|
2011-10-14 03:58:19 +01:00
|
|
|
|
2011-10-14 17:26:38 +01:00
|
|
|
if cert, err := x509.ParseCertificate(buf); err == nil {
|
|
|
|
roots.AddCert(cert)
|
|
|
|
}
|
2011-10-14 03:58:19 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
syscall.CertCloseStore(store, 0)
|
|
|
|
}
|
|
|
|
|
|
|
|
func initDefaultRoots() {
|
|
|
|
roots := x509.NewCertPool()
|
|
|
|
|
|
|
|
// Roots
|
|
|
|
loadStore(roots, "ROOT")
|
|
|
|
|
|
|
|
// Intermediates
|
|
|
|
loadStore(roots, "CA")
|
|
|
|
|
|
|
|
varDefaultRoots = roots
|
|
|
|
}
|