storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/certs/cert_pool_windows.go (about) 1 //go:build windows 2 // +build windows 3 4 /* 5 * MinIO Cloud Storage, (C) 2020 MinIO, Inc. 6 * 7 * Licensed under the Apache License, Version 2.0 (the "License"); 8 * you may not use this file except in compliance with the License. 9 * You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, software 14 * distributed under the License is distributed on an "AS IS" BASIS, 15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 * See the License for the specific language governing permissions and 17 * limitations under the License. 18 */ 19 20 package certs 21 22 import ( 23 "crypto/x509" 24 "syscall" 25 "unsafe" 26 ) 27 28 func loadSystemRoots() (*x509.CertPool, error) { 29 const CRYPTENOTFOUND = 0x80092004 30 31 store, err := syscall.CertOpenSystemStore(0, syscall.StringToUTF16Ptr("ROOT")) 32 if err != nil { 33 return nil, err 34 } 35 defer syscall.CertCloseStore(store, 0) 36 37 roots := x509.NewCertPool() 38 var cert *syscall.CertContext 39 for { 40 cert, err = syscall.CertEnumCertificatesInStore(store, cert) 41 if err != nil { 42 if errno, ok := err.(syscall.Errno); ok { 43 if errno == CRYPTENOTFOUND { 44 break 45 } 46 } 47 return nil, err 48 } 49 if cert == nil { 50 break 51 } 52 // Copy the buf, since ParseCertificate does not create its own copy. 53 buf := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:] 54 buf2 := make([]byte, cert.Length) 55 copy(buf2, buf) 56 if c, err := x509.ParseCertificate(buf2); err == nil { 57 roots.AddCert(c) 58 } 59 } 60 return roots, nil 61 }