summaryrefslogtreecommitdiff
path: root/src/pkg/crypto/tls/root_windows.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/pkg/crypto/tls/root_windows.go')
-rw-r--r--src/pkg/crypto/tls/root_windows.go47
1 files changed, 47 insertions, 0 deletions
diff --git a/src/pkg/crypto/tls/root_windows.go b/src/pkg/crypto/tls/root_windows.go
new file mode 100644
index 000000000..319309ae6
--- /dev/null
+++ b/src/pkg/crypto/tls/root_windows.go
@@ -0,0 +1,47 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package tls
+
+import (
+ "crypto/x509"
+ "syscall"
+ "unsafe"
+)
+
+func loadStore(roots *x509.CertPool, name string) {
+ store, err := syscall.CertOpenSystemStore(syscall.InvalidHandle, syscall.StringToUTF16Ptr(name))
+ if err != nil {
+ return
+ }
+ defer syscall.CertCloseStore(store, 0)
+
+ var cert *syscall.CertContext
+ for {
+ cert, err = syscall.CertEnumCertificatesInStore(store, cert)
+ if err != nil {
+ return
+ }
+
+ buf := (*[1 << 20]byte)(unsafe.Pointer(cert.EncodedCert))[:]
+ // ParseCertificate requires its own copy of certificate data to keep.
+ buf2 := make([]byte, cert.Length)
+ copy(buf2, buf)
+ if c, err := x509.ParseCertificate(buf2); err == nil {
+ roots.AddCert(c)
+ }
+ }
+}
+
+func initDefaultRoots() {
+ roots := x509.NewCertPool()
+
+ // Roots
+ loadStore(roots, "ROOT")
+
+ // Intermediates
+ loadStore(roots, "CA")
+
+ varDefaultRoots = roots
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-12 02:31:08 +0000