New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Windows support #14
Windows support #14
Conversation
4555030
to
fcb0f4f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The cons cells aren't tagged correctly, but for lists I'd use the low-level allocation functions
aea23cf
to
07eef05
Compare
Thanks for your work @emillon. It would be nice if you could add a GitHub action CI that executes the build and test on Windows. (an example yaml file is available at https://github.com/mirage/mirage-crypto/blob/main/.github/workflows/windows.yml). |
FWIW, I don't think that we need the PEM formatted certificates (getting DER and decoding is fine) -- as indicated by the open tasks. I'm in favor to setup CI and merge and release this PR. |
OK! I haven't thought everything fully, this is why I marked this as WIP. I'll let you know when that can be reviewed. For the github action, it won't work well if I'm adding it in this PR (when the PR is from a fork, it's the action from |
5efc686
to
ce9010f
Compare
Closes mirage#14 On Windows, the root certificates are available in the system store named "ROOT". The corresponding certificate contexts hold a DER encoding of the certificates, which is exposed through a C external. See <https://docs.microsoft.com/en-us/windows/win32/seccrypto/example-c-program-listing-the-certificates-in-a-store>
Closes mirage#14 On Windows, the root certificates are available in the system store named "ROOT". The corresponding certificate contexts hold a DER encoding of the certificates, which is exposed through a C external. See <https://docs.microsoft.com/en-us/windows/win32/seccrypto/example-c-program-listing-the-certificates-in-a-store>
This is now ready for review. The list of certificates that are returned correspond to the ones in the list of Trusted Root Certificate Authorities: About encoding: certificate contexts have an implicit certificate encoding type. At the moment, the only one is |
Thanks @emillon, to me this looks fine. The only question I have whether the |
There are some alternatives (reading from |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks fine (thanks for taking your time to answer my questions), feel free to merge and release to opam-repository.
Thanks! |
CHANGES: * Add Windows support (mirage/ca-certs#14, @emillon)
Closes #14
On Windows, the root certificates are available in the system store named "ROOT". The corresponding certificate contexts hold a DER encoding of the certificates, which is exposed through a C external.
See https://docs.microsoft.com/en-us/windows/win32/seccrypto/example-c-program-listing-the-certificates-in-a-store