libdigidocpp
MSX509CertStore.cpp
Go to the documentation of this file.
1 /*
2  * libdigidocpp
3  *
4  * This library is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU Lesser General Public
6  * License as published by the Free Software Foundation; either
7  * version 2.1 of the License, or (at your option) any later version.
8  *
9  * This library is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  * Lesser General Public License for more details.
13  *
14  * You should have received a copy of the GNU Lesser General Public
15  * License along with this library; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17  *
18  */
19 
20 #include "MSX509CertStore.h"
21 #include "X509CertStore_p.h"
22 
23 #include "../../log.h"
24 
25 #include <Windows.h>
26 
27 #include <openssl/err.h>
28 
29 using namespace digidoc;
30 
37 {
38  loadCerts("ROOT");
39  loadCerts("CA");
40  INFO("Loaded %d certificates into certificate store.", sk_X509_num(d->stack));
41 }
42 
49 void MSX509CertStore::loadCerts(const std::string &provider) throw(IOException)
50 {
51  HCERTSTORE s = CertOpenStore(CERT_STORE_PROV_SYSTEM_A,
52  X509_ASN_ENCODING, 0, CERT_SYSTEM_STORE_CURRENT_USER, provider.c_str() );
53  if(!s)
54  THROW_IOEXCEPTION("Failed to ope CertStore with provider %s, can not load cert store.", provider.c_str());
55 
56  PCCERT_CONTEXT pc = 0;
57  while((pc = CertEnumCertificatesInStore(s, pc)))
58  {
59  const unsigned char *pBytes = pc->pbCertEncoded;
60  X509 *c = d2i_X509(0, &pBytes, pc->cbCertEncoded);
61  if(!c)
62  WARN("Cant add cert %ld to X509_STORE, %s", ASN1_INTEGER_get(X509_get_serialNumber(c)), ERR_reason_error_string(ERR_get_error()));
63  sk_X509_push(d->stack, c);
64  if(!X509_STORE_add_cert(d->store, c))
65  WARN("Cant add cert %ld to X509_STORE, %s", ASN1_INTEGER_get(X509_get_serialNumber(c)), ERR_reason_error_string(ERR_get_error()));
66  }
67  CertCloseStore(s, 0);
68 }