[go-nuts] Re: How do you retrieve certs from the Windows Local Machine cert store with Go?

Tue, 19 Mar 2019 15:22:45 -0700 

To get the real error, you probably need to call GetLastError() (
https://docs.microsoft.com/en-us/windows/desktop/api/wincrypt/nf-wincrypt-certopenstore#return-value
). 

In principle, Go code should behave the same as C++ code, but 
syscall.CertOpenStore is a wrapper which doesn't seem to use GetLastError() 
as the doc requests and we can only guess what the C++ code you refer to 
does (as CertOpenStore itself doesn't return an error code).


On Tuesday, March 19, 2019 at 2:04:13 PM UTC-7, Sam wrote:
>
> It turns out that the call I mentioned will indeed retrieve the Local 
> Machine Personal Cert Store but you must run as Administrator on Windows to 
> do so. Otherwise, the store is not found and no error is returned even 
> though it is an access denied error (when run as C/C++).
>
> On Tuesday, March 19, 2019 at 11:52:50 AM UTC-7, Sam wrote:
>>
>> I'd like to add that I have tried this but the store handle returned is 
>> zero
>> store, err := syscall.CertOpenStore(
>> windows.CERT_STORE_PROV_SYSTEM_W, 
>> 0,
>> 0,
>> windows.CERT_SYSTEM_STORE_LOCAL_MACHINE, 
>> uintptr(unsafe.Pointer(syscall.StringToUTF16Ptr("MY")))) 
>>
>>
>> On Tuesday, March 19, 2019 at 11:34:02 AM UTC-7, Sam wrote:
>>>
>>> It seems like I should be able to use this:
>>>
>>> store, err := syscall.CertOpenStore(syscall.CERT_STORE_PROV_MEMORY, 0, 
>>> 0, windows.CERT_SYSTEM_STORE_LOCAL_MACHINE, uintptr(unsafe.Pointer(my)))
>>>
>>> but I think I am having trouble with the last argument. I only receive 
>>> the CRYPT_E_NOT_FOUND error. I have tried to use the method from here: 
>>> https://github.com/google/certtostore/blob/master/certtostore_windows.go 
>>> but I don't know if it's out of date because it is the one that lead me to 
>>> the error above. 
>>>
>>> Has anyone done this before? How did you accomplish it?
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to