From ba6c026615f83884bb8facdfb022776adae9de0c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20Beauz=C3=A9e-Luyssen?= <hugo@beauzee.fr>
Date: Tue, 4 Dec 2018 11:53:48 +0100
Subject: lib: Don't hardcode LoadLibraryA
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Those functions are forbidden when building for Windows Store

Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
---
 lib/system.c          | 2 +-
 lib/system/keys-win.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/system.c b/lib/system.c
index 1bbbf79c84..ddf1427098 100644
--- a/lib/system.c
+++ b/lib/system.c
@@ -70,7 +70,7 @@ int gnutls_system_global_init(void)
 #if defined(_WIN32) && defined(NEED_CERT_ENUM_CRLS)
 	/* used in system/certs.c */
 	HMODULE crypto;
-	crypto = LoadLibraryA("Crypt32.dll");
+	crypto = LoadLibrary(TEXT("Crypt32.dll"));
 
 	if (crypto == NULL)
 		return GNUTLS_E_CRYPTO_INIT_FAILED;
diff --git a/lib/system/keys-win.c b/lib/system/keys-win.c
index eac511b975..16d6f9f951 100644
--- a/lib/system/keys-win.c
+++ b/lib/system/keys-win.c
@@ -1426,7 +1426,7 @@ int _gnutls_system_key_init(void)
 	int ret;
 
 #ifdef DYN_NCRYPT
-	ncrypt_lib = LoadLibraryA("ncrypt.dll");
+	ncrypt_lib = LoadLibrary(TEXT("ncrypt.dll"));
 	if (ncrypt_lib == NULL) {
 		return gnutls_assert_val(GNUTLS_E_CRYPTO_INIT_FAILED);
 	}
-- 
cgit v1.2.1


From 362a0c30b79ccede7e5bc3a7747c3e7f1d30889a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20Beauz=C3=A9e-Luyssen?= <hugo@beauzee.fr>
Date: Tue, 4 Dec 2018 13:22:52 +0100
Subject: verify-high2: Fix cert dir iteration on Win32

And especially when building for windows store, which only allows
unicode version of opendir & friends functions.
---
 lib/x509/verify-high2.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 48 insertions(+), 2 deletions(-)

diff --git a/lib/x509/verify-high2.c b/lib/x509/verify-high2.c
index f4a580bb05..6c7cf99012 100644
--- a/lib/x509/verify-high2.c
+++ b/lib/x509/verify-high2.c
@@ -45,6 +45,10 @@
 # endif
 #endif
 
+#ifdef _WIN32
+# include <tchar.h>
+#endif
+
 /* Convenience functions for verify-high functionality 
  */
 
@@ -386,12 +390,14 @@ int load_dir_certs(const char *dirname,
 			  unsigned int tl_flags, unsigned int tl_vflags,
 			  unsigned type, unsigned crl)
 {
-	DIR *dirp;
-	struct dirent *d;
 	int ret;
 	int r = 0;
 	char path[GNUTLS_PATH_MAX];
 
+#if !defined(_WIN32) || !defined(_UNICODE)
+	DIR *dirp;
+	struct dirent *d;
+
 	dirp = opendir(dirname);
 	if (dirp != NULL) {
 		do {
@@ -422,7 +428,47 @@ int load_dir_certs(const char *dirname,
 		while (d != NULL);
 		closedir(dirp);
 	}
+#else /* _WIN32 */
 
+	_TDIR *dirp;
+	struct _tdirent *d;
+	gnutls_datum_t utf16 = {NULL, 0};
+
+	r = _gnutls_utf8_to_ucs2(dirname, strlen(dirname), &utf16);
+	if (r < 0)
+		return gnutls_assert_val(r);
+	dirp = _topendir((_TCHAR*)utf16.data);
+	gnutls_free(utf16.data);
+	if (dirp != NULL) {
+		do {
+			d = _treaddir(dirp);
+			if (d != NULL
+#ifdef _DIRENT_HAVE_D_TYPE
+				&& (d->d_type == DT_REG || d->d_type == DT_LNK || d->d_type == DT_UNKNOWN)
+#endif
+			) {
+				snprintf(path, sizeof(path), "%s/%S",
+					dirname, d->d_name);
+
+				if (crl != 0) {
+					ret =
+					    gnutls_x509_trust_list_add_trust_file
+					    (list, NULL, path, type, tl_flags,
+					     tl_vflags);
+				} else {
+					ret =
+					    gnutls_x509_trust_list_add_trust_file
+					    (list, path, NULL, type, tl_flags,
+					     tl_vflags);
+				}
+				if (ret >= 0)
+					r += ret;
+			}
+		}
+		while (d != NULL);
+		_tclosedir(dirp);
+	}
+#endif /* _WIN32 */
 	return r;
 }
 
-- 
cgit v1.2.1


From 7799eb1a092bc8ac2a4674ec31c4d7308e4b695a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20Beauz=C3=A9e-Luyssen?= <hugo@beauzee.fr>
Date: Tue, 4 Dec 2018 15:18:36 +0100
Subject: keys-win: Disable private key import on windows store
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Windows store drastically limits the available functions.
In this case, at least CryptSetProvParam and the NCrypt* functions
can't be used

Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
---
 lib/system/keys-win.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/system/keys-win.c b/lib/system/keys-win.c
index 16d6f9f951..ab4f6aaa0d 100644
--- a/lib/system/keys-win.c
+++ b/lib/system/keys-win.c
@@ -43,6 +43,7 @@
 
 #include <wincrypt.h>
 #include <winbase.h>
+#include <winapifamily.h>
 
 #define DYN_NCRYPT
 
@@ -612,6 +613,9 @@ static int cng_info(gnutls_privkey_t key, unsigned int flags, void *userdata)
  -*/
 int _gnutls_privkey_import_system_url(gnutls_privkey_t pkey, const char *url)
 {
+#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP)
+    return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
+#else
 	uint8_t id[MAX_WID_SIZE];
 	HCERTSTORE store = NULL;
 	size_t id_size;
@@ -861,6 +865,7 @@ int _gnutls_privkey_import_system_url(gnutls_privkey_t pkey, const char *url)
 
 	CertCloseStore(store, 0);
 	return ret;
+#endif
 }
 
 int _gnutls_x509_crt_import_system_url(gnutls_x509_crt_t crt, const char *url)
-- 
cgit v1.2.1