Add support for loading user CA certs from an arbitrary Windows cert store.

[kareem-wolfssl]

Description

Add support for loading user CA certs from an arbitrary Windows cert store.

Testing

Tested on Windows machine.

Checklist

• added tests
• updated/added doxygen
• updated appropriate READMEs
• Updated manual and documentation

[kareem-wolfssl]

Please do not merge yet, just looking for a review + pipeline tests passing for now. Will merge after customer confirms patch works for them.

[dgarske]

Any reason not to integrate this with wolfSSL_CTX_load_system_CA_certs? Is wolfSSL_CTX_load_windows_user_CA_certs a compatibility API? If not I would avoid making it Windows specific in case we wanted to expand its coverage beyond Windows.

[kareem-wolfssl]

The customer has requested the ability to configure which cert store is loaded at runtime in wolfSSH, which requires arguments to be passed in to wolfSSL. This is not an OpenSSL compatibility API, but it didn't make sense to me to add Windows specific arguments to wolfSSL_CTX_load_system_CA_certs. I am not sure how to avoid adding a Windows specific API while still allowing wolfSSH to configure this at runtime.

[dgarske]

Seems like we could come up with a better name or API that would be easier to extend in the future. @ejohnstown I'd like your input as well on this since it is related to an SSH PR.

[ejohnstown]

Could there be a generic wolfSSL_CTX_load_CA_cert_store()? There can be a ctx pointer to a struct with OS specific data. For Windows, that would have a flag for user or system. Maybe at some point someone will want certs stored in a LDAP database. Perhaps the existing load function can be rewritten as a specific use case for this function.