使用 `certtostore` 从 Golang 中的 windows 证书存储获取证书时出错?
Getting error while fetching certificate from windows certificate store in Golang using `certtostore`?
我想使用来自 windows 证书存储的证书包,谁能告诉我我在这里做错了什么?
我的代码:
package main
import (
"fmt"
"runtime"
"github.com/google/certtostore"
)
type certmgr struct {
certToStore certtostore.CertStorage
}
func main() {
if runtime.GOOS == "windows" {
var cert certmgr
certInStore, err := cert.certToStore.Cert()
if err != nil {
fmt.Println("message", "Error in getting system store certificate ...")
}
fmt.Println("Windows System Store Certificate", *certInStore)
}
}
我遇到的错误:
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x0 pc=0xbe2dda]
goroutine 1 [running]:
main.main()
C:/Users/prajwal.bhagat/go/src/phoenix/mainsvc/cmd/main/test.go:17 +0x1a
exit status 2
您可以使用像 google/certtostore 这样的库,它是一个 multi-platform 包,允许您在 Linux 上使用 x509 证书并在 Windows 上使用证书存储.
它不直接获取证书包,而是使用 Windows certGetCertificateChain call, which builds a certificate chain context starting from an end certificate and going back, if possible, to a trusted root CA。
它由 CertWithContext() 使用,后者使用创建 WinCertStore 时提供的颁发者值执行证书查找。
它 returns 证书及其 Windows 上下文,可用于执行其他操作,例如使用 CertKey().
查找私钥
invalid memory address or nil pointer dereference
您需要初始化 var cert certmgr
更一般地说,您需要先获取商店,如 this example:
fmt.Println("open cert store")
// Open the local cert store. Provider generally shouldn't matter, so use Software which is ubiquitous. See comments in getHostKey.
store, err := certtostore.OpenWinCertStore(certtostore.ProviderMSSoftware, "", []string{"localhost"}, nil, false)
if err != nil {
fmt.Errorf("OpenWinCertStore: %v", err)
return
}
fmt.Println("get cert from cert store")
// Obtain the first cert matching all of container/issuers/intermediates in the store.
// This function is indifferent to the provider the store was opened with, as the store lists certs
// from all providers.
crt, context, err := store.CertWithContext()
if err != nil {
fmt.Println("failed to get cert from cert store. ", err)
return
}
if crt == nil {
fmt.Println("no cert")
return
}
fmt.Println("get key from cert")
// Obtain the private key from the cert. This *should* work regardless of provider because
// the key is directly linked to the certificate.
key, err := store.CertKey(context)
if err != nil {
fmt.Printf("private key not found in %s, %s", store.ProvName, err)
return
}
if key == nil {
fmt.Println("no key")
return
}
fmt.Printf("find cert '%s' with private key in container '%s', algo '%s'\n", crt.Subject, key.Container, key.AlgorithmGroup)
我想使用来自 windows 证书存储的证书包,谁能告诉我我在这里做错了什么?
我的代码:
package main
import (
"fmt"
"runtime"
"github.com/google/certtostore"
)
type certmgr struct {
certToStore certtostore.CertStorage
}
func main() {
if runtime.GOOS == "windows" {
var cert certmgr
certInStore, err := cert.certToStore.Cert()
if err != nil {
fmt.Println("message", "Error in getting system store certificate ...")
}
fmt.Println("Windows System Store Certificate", *certInStore)
}
}
我遇到的错误:
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x0 pc=0xbe2dda]
goroutine 1 [running]:
main.main()
C:/Users/prajwal.bhagat/go/src/phoenix/mainsvc/cmd/main/test.go:17 +0x1a
exit status 2
您可以使用像 google/certtostore 这样的库,它是一个 multi-platform 包,允许您在 Linux 上使用 x509 证书并在 Windows 上使用证书存储.
它不直接获取证书包,而是使用 Windows certGetCertificateChain call, which builds a certificate chain context starting from an end certificate and going back, if possible, to a trusted root CA。
它由 CertWithContext() 使用,后者使用创建 WinCertStore 时提供的颁发者值执行证书查找。
它 returns 证书及其 Windows 上下文,可用于执行其他操作,例如使用 CertKey().
invalid memory address or nil pointer dereference
您需要初始化 var cert certmgr
更一般地说,您需要先获取商店,如 this example:
fmt.Println("open cert store")
// Open the local cert store. Provider generally shouldn't matter, so use Software which is ubiquitous. See comments in getHostKey.
store, err := certtostore.OpenWinCertStore(certtostore.ProviderMSSoftware, "", []string{"localhost"}, nil, false)
if err != nil {
fmt.Errorf("OpenWinCertStore: %v", err)
return
}
fmt.Println("get cert from cert store")
// Obtain the first cert matching all of container/issuers/intermediates in the store.
// This function is indifferent to the provider the store was opened with, as the store lists certs
// from all providers.
crt, context, err := store.CertWithContext()
if err != nil {
fmt.Println("failed to get cert from cert store. ", err)
return
}
if crt == nil {
fmt.Println("no cert")
return
}
fmt.Println("get key from cert")
// Obtain the private key from the cert. This *should* work regardless of provider because
// the key is directly linked to the certificate.
key, err := store.CertKey(context)
if err != nil {
fmt.Printf("private key not found in %s, %s", store.ProvName, err)
return
}
if key == nil {
fmt.Println("no key")
return
}
fmt.Printf("find cert '%s' with private key in container '%s', algo '%s'\n", crt.Subject, key.Container, key.AlgorithmGroup)