Ken Thomases : crypt32: Read trusted root certificates from system keychain on Mac OS X.

23 Nov 2009

Module: wine
Branch: master
Commit: 3921454398d8808fb0e3d4e03f023c4ec70cba17
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=3921454398d8808fb0e3d4e03f...
Author: Ken Thomases ken@codeweavers.com
Date:   Fri Nov 20 15:49:11 2009 -0600
crypt32: Read trusted root certificates from system keychain on Mac OS X.
---
dlls/crypt32/Makefile.in |    1 +
 dlls/crypt32/rootstore.c |   32 ++++++++++++++++++++++++++++++++
 2 files changed, 33 insertions(+), 0 deletions(-)

diff --git a/dlls/crypt32/Makefile.in b/dlls/crypt32/Makefile.in
index c2284b7..2daa01a 100644
--- a/dlls/crypt32/Makefile.in
+++ b/dlls/crypt32/Makefile.in
@@ -6,6 +6,7 @@ VPATH     = @srcdir@
 MODULE    = crypt32.dll
 IMPORTLIB = crypt32
 IMPORTS   = user32 advapi32 kernel32 ntdll
+EXTRALIBS = @SECURITYLIB@
C_SRCS = \
    base64.c \
diff --git a/dlls/crypt32/rootstore.c b/dlls/crypt32/rootstore.c
index a55b281..70b5ef8 100644
--- a/dlls/crypt32/rootstore.c
+++ b/dlls/crypt32/rootstore.c
@@ -40,6 +40,9 @@
 #include "winternl.h"
 #include "wine/debug.h"
 #include "crypt32_private.h"
+#ifdef __APPLE__
+#include <Security/Security.h>
+#endif
WINE_DEFAULT_DEBUG_CHANNEL(crypt);
@@ -713,6 +716,35 @@ static void read_trusted_roots_from_known_locations(HCERTSTORE store)
         DWORD i;
         BOOL ret = FALSE;
+#ifdef __APPLE__
+        OSStatus status;
+        CFArrayRef rootCerts;
+
+        status = SecTrustCopyAnchorCertificates(&rootCerts);
+        if (status == noErr)
+        {
+            int i;
+            for (i = 0; i < CFArrayGetCount(rootCerts); i++)
+            {
+                SecCertificateRef cert = (SecCertificateRef)CFArrayGetValueAtIndex(rootCerts, i);
+                CFDataRef certData;
+                if ((status = SecKeychainItemExport(cert, kSecFormatX509Cert, 0, NULL, &certData)) == noErr)
+                {
+                    if (CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING,
+                            CFDataGetBytePtr(certData), CFDataGetLength(certData),
+                            CERT_STORE_ADD_NEW, NULL))
+                        ret = TRUE;
+                    else
+                        WARN("adding root cert %d failed: %08x\n", i, GetLastError());
+                    CFRelease(certData);
+                }
+                else
+                    WARN("could not export certificate %d to X509 format: 0x%08x\n", i, (unsigned int)status);
+            }
+            CFRelease(rootCerts);
+        }
+#endif
+
         for (i = 0; !ret &&
          i < sizeof(CRYPT_knownLocations) / sizeof(CRYPT_knownLocations[0]);
          i++)

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Ken Thomases : crypt32: Read trusted root certificates from system keychain on Mac OS X.