github.com/jfrog/jfrog-client-go@v1.40.2/auth/cert/sslutils_windows.go

github.com/jfrog/jfrog-client-go@v1.40.2/auth/cert/sslutils_windows.go (about)

     1  //go:build windows
     2  // +build windows
     3  
     4  package cert
     5  
     6  import (
     7  	"crypto/x509"
     8  	"syscall"
     9  	"unsafe"
    10  )
    11  
    12  func loadSystemRoots() (*x509.CertPool, error) {
    13  	const CRYPT_E_NOT_FOUND = 0x80092004
    14  
    15  	store, err := syscall.CertOpenSystemStore(0, syscall.StringToUTF16Ptr("ROOT"))
    16  	if err != nil {
    17  		return nil, err
    18  	}
    19  	defer syscall.CertCloseStore(store, 0)
    20  
    21  	roots := x509.NewCertPool()
    22  	var cert *syscall.CertContext
    23  	for {
    24  		cert, err = syscall.CertEnumCertificatesInStore(store, cert)
    25  		if err != nil {
    26  			if errno, ok := err.(syscall.Errno); ok {
    27  				if errno == CRYPT_E_NOT_FOUND {
    28  					break
    29  				}
    30  			}
    31  			return nil, err
    32  		}
    33  		if cert == nil {
    34  			break
    35  		}
    36  		// Copy the buf, since ParseCertificate does not create its own copy.
    37  		buf := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:]
    38  		buf2 := make([]byte, cert.Length)
    39  		copy(buf2, buf)
    40  		if c, err := x509.ParseCertificate(buf2); err == nil {
    41  			roots.AddCert(c)
    42  		}
    43  	}
    44  	return roots, nil
    45  }