contrib/native/client/src/clientlib/wincert.ipp - drill - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 #if defined(IS_SSL_ENABLED)

 #include <openssl/x509.h>
 #include <openssl/ssl.h>

 #if defined _WIN32  || defined _WIN64

 #include <stdio.h>
 #include <windows.h>
 #include <wincrypt.h>
 #include <cryptuiapi.h>
 #include <iostream>
 #include <tchar.h>


 #pragma comment (lib, "crypt32.lib")
 #pragma comment (lib, "cryptui.lib")

 #define MY_ENCODING_TYPE  (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)

 inline
 int loadSystemTrustStore(const SSL *ssl, std::string& msg) {
     HCERTSTORE hStore;
     PCCERT_CONTEXT pContext = NULL;
     X509 *x509;
 	char* stores[] = {
 	    "CA",
 		"MY",
 		"ROOT",
 		"SPC"
 	};
 	int certCount=0;

     SSL_CTX * ctx = SSL_get_SSL_CTX(ssl);
     X509_STORE *store = SSL_CTX_get_cert_store(ctx);

 	for(int i=0; i<4; i++){
     hStore = CertOpenSystemStore(NULL, stores[i]);

     if (!hStore){
         msg.append("Failed to load store: ").append(stores[i]).append("\n");
         continue;
     }

     while (pContext = CertEnumCertificatesInStore(hStore, pContext)) {
         //uncomment the line below if you want to see the certificates as pop ups
         //CryptUIDlgViewContext(CERT_STORE_CERTIFICATE_CONTEXT, pContext,   NULL, NULL, 0, NULL);

         x509 = NULL;
         x509 = d2i_X509(NULL, (const unsigned char **)&pContext->pbCertEncoded, pContext->cbCertEncoded);
         if (x509) {
             int ret = X509_STORE_add_cert(store, x509);

             //if (ret == 1)
             //    std::cout << "Added certificate " << x509->name << " from " << stores[i] << std::endl;

             X509_free(x509);
             certCount++;
         }
     }

     CertFreeCertificateContext(pContext);
     CertCloseStore(hStore, 0);
 	}
 	if(certCount==0){
 	    msg.append("No certificates found.");
 	    return -1;
 	}
     return 0;
 }

 #else // notwindows
 inline
 int loadSystemTrustStore(const SSL *ssl, std::string& msg) {
     return 0;
 }

 #endif // WIN32 or WIN64

 #endif // SSL_ENABLED
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	#if defined(IS_SSL_ENABLED)

	#include <openssl/x509.h>
	#include <openssl/ssl.h>

	#if defined _WIN32 \|\| defined _WIN64

	#include <stdio.h>
	#include <windows.h>
	#include <wincrypt.h>
	#include <cryptuiapi.h>
	#include <iostream>
	#include <tchar.h>


	#pragma comment (lib, "crypt32.lib")
	#pragma comment (lib, "cryptui.lib")

	#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING \| X509_ASN_ENCODING)

	inline
	int loadSystemTrustStore(const SSL *ssl, std::string& msg) {
	HCERTSTORE hStore;
	PCCERT_CONTEXT pContext = NULL;
	X509 *x509;
	char* stores[] = {
	"CA",
	"MY",
	"ROOT",
	"SPC"
	};
	int certCount=0;

	SSL_CTX * ctx = SSL_get_SSL_CTX(ssl);
	X509_STORE *store = SSL_CTX_get_cert_store(ctx);

	for(int i=0; i<4; i++){
	hStore = CertOpenSystemStore(NULL, stores[i]);

	if (!hStore){
	msg.append("Failed to load store: ").append(stores[i]).append("\n");
	continue;
	}

	while (pContext = CertEnumCertificatesInStore(hStore, pContext)) {
	//uncomment the line below if you want to see the certificates as pop ups
	//CryptUIDlgViewContext(CERT_STORE_CERTIFICATE_CONTEXT, pContext, NULL, NULL, 0, NULL);

	x509 = NULL;
	x509 = d2i_X509(NULL, (const unsigned char **)&pContext->pbCertEncoded, pContext->cbCertEncoded);
	if (x509) {
	int ret = X509_STORE_add_cert(store, x509);

	//if (ret == 1)
	// std::cout << "Added certificate " << x509->name << " from " << stores[i] << std::endl;

	X509_free(x509);
	certCount++;
	}
	}

	CertFreeCertificateContext(pContext);
	CertCloseStore(hStore, 0);
	}
	if(certCount==0){
	msg.append("No certificates found.");
	return -1;
	}
	return 0;
	}

	#else // notwindows
	inline
	int loadSystemTrustStore(const SSL *ssl, std::string& msg) {
	return 0;
	}

	#endif // WIN32 or WIN64

	#endif // SSL_ENABLED