From f5dcb3939cb79e6999fd4cea509d5b1d0db66568 Mon Sep 17 00:00:00 2001
From: MatteoPologruto <m.pologruto@arduino.cc>
Date: Thu, 4 Apr 2024 10:56:07 +0200
Subject: [PATCH] Add function to uninstall certificate from the system
 keychain

---
 certificates/install_darwin.go  | 38 +++++++++++++++++++++++++++++++++
 certificates/install_default.go |  6 ++++++
 2 files changed, 44 insertions(+)

diff --git a/certificates/install_darwin.go b/certificates/install_darwin.go
index 134a4bc0c..647b34f9d 100644
--- a/certificates/install_darwin.go
+++ b/certificates/install_darwin.go
@@ -61,6 +61,30 @@ const char *installCert(const char *path) {
     return "";
 }
 
+const char *uninstallCert() {
+    NSDictionary* dict = [NSDictionary dictionaryWithObjectsAndKeys:
+        (id)kSecClassCertificate, kSecClass,
+        kSecMatchLimitAll, kSecMatchLimit,
+        kCFBooleanTrue, kSecReturnAttributes,
+        nil];
+
+    OSStatus err = noErr;
+    CFTypeRef itemList;
+    err = SecItemCopyMatching((CFDictionaryRef)dict, &itemList);
+    if (err == noErr) {
+        err = SecItemDelete((CFDictionaryRef)dict);
+        if (err != noErr) {
+            NSString *errString = [@"Could not delete the certificates. Error: " stringByAppendingFormat:@"%d", err];
+            NSLog(@"%@", errString);
+            return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
+        }
+    } else if (err != errSecItemNotFound){
+        NSString *errString = [@"Error: " stringByAppendingFormat:@"%d", err];
+        NSLog(@"%@", errString);
+        return [errString cStringUsingEncoding:[NSString defaultCStringEncoding]];;
+    }
+    return "";
+}
 */
 import "C"
 import (
@@ -88,3 +112,17 @@ func InstallCertificate(cert *paths.Path) error {
 	}
 	return nil
 }
+
+// UninstallCertificates will uninstall the certificates from the system keychain on macos,
+// if something goes wrong will show a dialog with the error and return an error
+func UninstallCertificates() error {
+	log.Infof("Uninstalling certificats")
+	p := C.uninstallCert()
+	s := C.GoString(p)
+	if len(s) != 0 {
+		oscmd := exec.Command("osascript", "-e", "display dialog \""+s+"\" buttons \"OK\" with title \"Error uninstalling certificates\"")
+		_ = oscmd.Run()
+		return errors.New(s)
+	}
+	return nil
+}
diff --git a/certificates/install_default.go b/certificates/install_default.go
index 2a1cf794f..1b7f24bb9 100644
--- a/certificates/install_default.go
+++ b/certificates/install_default.go
@@ -30,3 +30,9 @@ func InstallCertificate(cert *paths.Path) error {
 	log.Warn("platform not supported for the certificate install")
 	return errors.New("platform not supported for the certificate install")
 }
+
+// UninstallCertificates won't do anything on unsupported Operative Systems
+func UninstallCertificates() error {
+	log.Warn("platform not supported for the certificates uninstall")
+	return errors.New("platform not supported for the certificates uninstall")
+}