RTDECL(int) RTCrStoreCreateSnapshotById(PRTCRSTORE phStore, RTCRSTOREID enmStoreId, PRTERRINFO pErrInfo) { AssertReturn(enmStoreId > RTCRSTOREID_INVALID && enmStoreId < RTCRSTOREID_END, VERR_INVALID_PARAMETER); /* * Create an empty in-memory store. */ RTCRSTORE hStore; int rc = RTCrStoreCreateInMem(&hStore, 128); if (RT_SUCCESS(rc)) { *phStore = hStore; /* * Resolve the APIs we need to do this job. */ RTLDRMOD hLdrMod; int rc2 = RTLdrLoadSystem("crypt32.dll", false /*NoUnload*/, &hLdrMod); if (RT_SUCCESS(rc2)) { PFNCERTOPENSTORE pfnOpenStore = NULL; rc2 = RTLdrGetSymbol(hLdrMod, "CertOpenStore", (void **)&pfnOpenStore); PFNCERTCLOSESTORE pfnCloseStore = NULL; if (RT_SUCCESS(rc2)) rc2 = RTLdrGetSymbol(hLdrMod, "CertCloseStore", (void **)&pfnCloseStore); PFNCERTENUMCERTIFICATESINSTORE pfnEnumCerts = NULL; if (RT_SUCCESS(rc2)) rc2 = RTLdrGetSymbol(hLdrMod, "CertEnumCertificatesInStore", (void **)&pfnEnumCerts); if (RT_SUCCESS(rc2)) { /* * Do the work. */ switch (enmStoreId) { case RTCRSTOREID_USER_TRUSTED_CAS_AND_CERTIFICATES: case RTCRSTOREID_SYSTEM_TRUSTED_CAS_AND_CERTIFICATES: { DWORD fStore = enmStoreId == RTCRSTOREID_USER_TRUSTED_CAS_AND_CERTIFICATES ? CERT_SYSTEM_STORE_CURRENT_USER : CERT_SYSTEM_STORE_LOCAL_MACHINE; static PCRTUTF16 const s_apwszStores[] = { L"AuthRoot", L"CA", L"MY", L"Root" }; for (uint32_t i = 0; i < RT_ELEMENTS(s_apwszStores); i++) rc = rtCrStoreAddCertsFromNative(hStore, fStore, s_apwszStores[i], pfnOpenStore, pfnCloseStore, pfnEnumCerts, rc, pErrInfo); break; } default: AssertFailed(); /* implement me */ } } else rc = RTErrInfoSetF(pErrInfo, -rc2, "Error resolving crypt32.dll APIs"); RTLdrClose(hLdrMod); } else rc = RTErrInfoSetF(pErrInfo, -rc2, "Error loading crypt32.dll"); } else RTErrInfoSet(pErrInfo, rc, "RTCrStoreCreateInMem failed"); return rc; }
RTDECL(int) RTCrStoreCreateSnapshotById(PRTCRSTORE phStore, RTCRSTOREID enmStoreId, PRTERRINFO pErrInfo) { AssertReturn(enmStoreId > RTCRSTOREID_INVALID && enmStoreId < RTCRSTOREID_END, VERR_INVALID_PARAMETER); /* * Create an empty in-memory store. */ RTCRSTORE hStore; uint32_t cExpected = enmStoreId == RTCRSTOREID_SYSTEM_TRUSTED_CAS_AND_CERTIFICATES ? 256 : 0; int rc = RTCrStoreCreateInMem(&hStore, cExpected); if (RT_SUCCESS(rc)) { *phStore = hStore; /* * Add system certificates if part of the given store ID. */ bool fFound = false; rc = VINF_SUCCESS; if (enmStoreId == RTCRSTOREID_SYSTEM_TRUSTED_CAS_AND_CERTIFICATES) { for (uint32_t i = 0; i < RT_ELEMENTS(g_apszSystemPemFiles); i++) if (RTFileExists(g_apszSystemPemFiles[i])) { fFound = true; int rc2 = RTCrStoreCertAddFromFile(hStore, RTCRCERTCTX_F_ADD_IF_NOT_FOUND | RTCRCERTCTX_F_ADD_CONTINUE_ON_ERROR, g_apszSystemPemFiles[i], pErrInfo); if (RT_FAILURE(rc2)) rc = -rc2; } /* * If we didn't find any of the certificate collection files, go hunting * for directories containing PEM/CRT files with single certificates. */ if (!fFound) for (uint32_t i = 0; i < RT_ELEMENTS(g_apszSystemPemDirs); i++) if (RTDirExists(g_apszSystemPemDirs[i])) { static RTSTRTUPLE const s_aSuffixes[] = { { RT_STR_TUPLE(".crt") }, { RT_STR_TUPLE(".pem") }, { RT_STR_TUPLE(".PEM") }, { RT_STR_TUPLE(".CRT") }, }; fFound = true; int rc2 = RTCrStoreCertAddFromDir(hStore, RTCRCERTCTX_F_ADD_IF_NOT_FOUND | RTCRCERTCTX_F_ADD_CONTINUE_ON_ERROR, g_apszSystemPemDirs[i], &s_aSuffixes[0], RT_ELEMENTS(s_aSuffixes), pErrInfo); if (RT_FAILURE(rc2)) rc = -rc2; } } } else RTErrInfoAdd(pErrInfo, rc, " RTCrStoreCreateInMem failed"); return rc; }