• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 //
2 //
3 // Copyright 2023 gRPC authors.
4 //
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 //
9 //     http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 //
17 //
18 
19 #include <grpc/support/port_platform.h>
20 
21 #if defined(GPR_WINDOWS)
22 
23 #pragma comment(lib, "crypt32")
24 
25 #include <esent.h>
26 #include <grpc/slice.h>
27 #include <grpc/slice_buffer.h>
28 #include <grpc/support/alloc.h>
29 #include <wincrypt.h>
30 
31 #include <vector>
32 
33 #include "src/core/lib/security/security_connector/load_system_roots.h"
34 #include "src/core/lib/slice/slice_internal.h"
35 #include "src/core/util/useful.h"
36 
37 namespace grpc_core {
38 namespace {
39 
Utf8Encode(const std::wstring & wstr)40 std::string Utf8Encode(const std::wstring& wstr) {
41   if (wstr.empty()) return "";
42 
43   int size_needed = WideCharToMultiByte(CP_UTF8, 0, &wstr[0], (int)wstr.size(),
44                                         NULL, 0, NULL, NULL);
45   std::string str_to(size_needed, 0);
46   WideCharToMultiByte(CP_UTF8, 0, &wstr[0], (int)wstr.size(), &str_to[0],
47                       size_needed, NULL, NULL);
48   return str_to;
49 }
50 
51 }  // namespace
52 
LoadSystemRootCerts()53 grpc_slice LoadSystemRootCerts() {
54   std::string bundle_string;
55 
56   // Open root certificate store.
57   HANDLE root_cert_store = CertOpenSystemStoreW(NULL, L"ROOT");
58   if (!root_cert_store) {
59     return grpc_empty_slice();
60   }
61 
62   // Load all root certificates from certificate store.
63   PCCERT_CONTEXT cert = NULL;
64   while ((cert = CertEnumCertificatesInStore(root_cert_store, cert)) != NULL) {
65     // Append each certificate in PEM format.
66     DWORD size = 0;
67     CryptBinaryToStringW(cert->pbCertEncoded, cert->cbCertEncoded,
68                          CRYPT_STRING_BASE64HEADER, NULL, &size);
69     std::vector<WCHAR> pem(size);
70     CryptBinaryToStringW(cert->pbCertEncoded, cert->cbCertEncoded,
71                          CRYPT_STRING_BASE64HEADER, pem.data(), &size);
72     bundle_string += Utf8Encode(pem.data());
73   }
74 
75   CertCloseStore(root_cert_store, 0);
76   if (bundle_string.size() == 0) {
77     return grpc_empty_slice();
78   }
79 
80   return grpc_slice_from_cpp_string(std::move(bundle_string));
81 }
82 
83 }  // namespace grpc_core
84 
85 #endif  // GPR_WINDOWS
86