github.com/jfrog/jfrog-client-go@v1.40.2/auth/cert/sslutils_windows.go (about) 1 //go:build windows 2 // +build windows 3 4 package cert 5 6 import ( 7 "crypto/x509" 8 "syscall" 9 "unsafe" 10 ) 11 12 func loadSystemRoots() (*x509.CertPool, error) { 13 const CRYPT_E_NOT_FOUND = 0x80092004 14 15 store, err := syscall.CertOpenSystemStore(0, syscall.StringToUTF16Ptr("ROOT")) 16 if err != nil { 17 return nil, err 18 } 19 defer syscall.CertCloseStore(store, 0) 20 21 roots := x509.NewCertPool() 22 var cert *syscall.CertContext 23 for { 24 cert, err = syscall.CertEnumCertificatesInStore(store, cert) 25 if err != nil { 26 if errno, ok := err.(syscall.Errno); ok { 27 if errno == CRYPT_E_NOT_FOUND { 28 break 29 } 30 } 31 return nil, err 32 } 33 if cert == nil { 34 break 35 } 36 // Copy the buf, since ParseCertificate does not create its own copy. 37 buf := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:] 38 buf2 := make([]byte, cert.Length) 39 copy(buf2, buf) 40 if c, err := x509.ParseCertificate(buf2); err == nil { 41 roots.AddCert(c) 42 } 43 } 44 return roots, nil 45 }