try this #include <WinCrypt.h> static void ossl_x509store_add_certs_win(X509_STORE *store) { HCERTSTORE hStore; PCCERT_CONTEXT pContext = NULL; X509 *x509; hStore = CertOpenSystemStore(0, "ROOT"); if(!hStore) return; while (pContext = CertEnumCertificatesInStore(hStore, pContext)) { x509 = NULL; x509 = d2i_X509(NULL, &pContext->pbCertEncoded, pContext->cbCertEncoded); if (x509) { X509_STORE_add_cert(store, x509); X509_free(x509); } } CertFreeCertificateContext(pContext); CertCloseStore(hStore, 0); } Shahin Khorasani NARUSE, Yui wrote: ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.orgOn Unix, we can use X509_STORE_set_default_paths(store) to load root certificates provided by the systemBut on Windows, its certificates aren't provided as a file. So it should be required another way. Following is a concept code (use Crypt32.dll): #include <WinCrypt.h> /* http://msdn.microsoft.com/en-us/library/aa380252(VS.85).aspx */ static void ossl_x509store_add_certs_win(X509_STORE *store) { HCERTSTORE hStore; PCCERT_CONTEXT pContext = NULL; hStore = CertOpenSystemStore(0, "ROOT"); if(!hStore) return; while (pContext = CertEnumCertificatesInStore(hStore, pContext)) { BIO *in = BIO_new_mem_buf(pContext->pbCertEncoded, pContext->cbCertEncoded); if (!in) continue; X509 *x509 = d2i_X509_bio(in, NULL); BIO_free(in); if (x509) { X509_STORE_add_cert(store, x509); X509_free(x509); } } CertFreeCertificateContext(pContext); CertCloseStore(hStore, 0); } I want to merge this to OpenSSL, but I can't propose suitable API. Thoughts? |
- Get root certificates from System Store of Windows NARUSE, Yui
- Re: Get root certificates from System Store of Win... Shahin Khorasani
- Re: Get root certificates from System Store of... NARUSE, Yui
- Re: Get root certificates from System Stor... Dr. Stephen Henson
- Re: Get root certificates from System ... NARUSE, Yui
- Re: Get root certificates from Sy... Roumen Petrov
- Re: Get root certificates fro... NARUSE, Yui
- Re: Get root certificates fro... NARUSE, Yui
- Re: Get root certificates... NARUSE, Yui
- Re: Get root certificates... Kyle Hamilton
- Re: Get root certificates... NARUSE, Yui
- Re: Get root certificates... NARUSE, Yui