aheinecke@137: #ifdef WIN32 aheinecke@137: aheinecke@137: #include aheinecke@137: #include "windowsstore.h" aheinecke@137: aheinecke@137: static LPWSTR getLastErrorMsg() { aheinecke@137: LPWSTR bufPtr = NULL; aheinecke@137: DWORD err = GetLastError(); aheinecke@137: FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | aheinecke@137: FORMAT_MESSAGE_FROM_SYSTEM | aheinecke@137: FORMAT_MESSAGE_IGNORE_INSERTS, aheinecke@137: NULL, err, 0, (LPWSTR)&bufPtr, 0, NULL); aheinecke@137: if (!bufPtr) { aheinecke@137: HMODULE hWinhttp = GetModuleHandleW(L"winhttp"); aheinecke@137: if (hWinhttp) { aheinecke@137: FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | aheinecke@137: FORMAT_MESSAGE_FROM_HMODULE | aheinecke@137: FORMAT_MESSAGE_IGNORE_INSERTS, aheinecke@137: hWinhttp, HRESULT_CODE(err), 0, aheinecke@137: (LPWSTR)&bufPtr, 0, NULL); aheinecke@137: } aheinecke@137: } aheinecke@137: if (!bufPtr) aheinecke@137: printf("Error getting last error\n"); aheinecke@137: return bufPtr; aheinecke@137: } aheinecke@137: aheinecke@137: int install_certificates_win(const char **to_install, int user_store) aheinecke@137: { aheinecke@137: int i = 0; aheinecke@137: HCERTSTORE hStore = NULL; aheinecke@137: aheinecke@137: if (user_store) { aheinecke@137: // Access user store aheinecke@137: hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, aheinecke@137: 0, CERT_SYSTEM_STORE_CURRENT_USER, L"Root"); aheinecke@137: } else { aheinecke@137: // Access machine store aheinecke@137: hStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, aheinecke@137: 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, L"Root"); aheinecke@137: } aheinecke@137: aheinecke@137: if (!hStore) { aheinecke@137: return ERR_STORE_ACCESS_DENIED; aheinecke@137: } aheinecke@137: aheinecke@137: while (to_install[i]) { aheinecke@137: size_t needed_len = 0; aheinecke@137: size_t cert_len = strnlen(to_install[i], MAX_LINE_LENGTH); aheinecke@137: int ret = -1; aheinecke@137: unsigned char *buf; aheinecke@137: aheinecke@137: /* Check the needed size for the buffer */ aheinecke@137: ret = base64_decode(NULL, &needed_len, aheinecke@137: (unsigned char *)to_install[i], cert_len); aheinecke@137: aheinecke@137: if (ret != 0 && ret != POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) { aheinecke@137: return ERR_INVALID_INSTRUCTIONS; aheinecke@137: } aheinecke@137: aheinecke@137: buf = xmalloc(needed_len); aheinecke@137: memset (buf, 0, needed_len); aheinecke@137: aheinecke@137: ret = base64_decode(buf, &needed_len, aheinecke@137: (unsigned char *)to_install[i], cert_len); aheinecke@137: aheinecke@137: if (ret != 0) { aheinecke@137: return ERR_INVALID_INSTRUCTIONS; aheinecke@137: } aheinecke@137: aheinecke@137: ret = CertAddEncodedCertificateToStore (hStore, aheinecke@137: X509_ASN_ENCODING, aheinecke@137: (PBYTE)buf, aheinecke@137: needed_len, aheinecke@137: CERT_STORE_ADD_ALWAYS, aheinecke@137: NULL); aheinecke@137: aheinecke@137: if (ret == 0) { aheinecke@137: LPWSTR error = getLastErrorMsg(); aheinecke@137: if (error) { aheinecke@137: printf("Failed to add certificate: %S \n", error); aheinecke@137: LocalFree(error); aheinecke@137: } aheinecke@137: } aheinecke@137: i++; aheinecke@137: free(buf); aheinecke@137: } aheinecke@137: if(hStore) { aheinecke@137: CertCloseStore(hStore, 0); aheinecke@137: } aheinecke@137: return 0; aheinecke@137: } aheinecke@137: #endif // WIN32