You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
126 lines
3.3 KiB
126 lines
3.3 KiB
package initFunc |
|
|
|
import ( |
|
"crypto/x509" |
|
"encoding/pem" |
|
"fmt" |
|
"os" |
|
"syscall" |
|
"unsafe" |
|
) |
|
|
|
const ( |
|
X509_ASN_ENCODING = 0x00000001 |
|
PKCS_7_ASN_ENCODING = 0x00010000 |
|
CERT_STORE_ADD_REPLACE_EXISTING = 3 |
|
) |
|
|
|
var ( |
|
modcrypt32 = syscall.NewLazyDLL("crypt32.dll") |
|
procCertOpenSystemStore = modcrypt32.NewProc("CertOpenSystemStoreW") |
|
procCertEnumCertificatesInStore = modcrypt32.NewProc("CertEnumCertificatesInStore") |
|
procCertGetNameString = modcrypt32.NewProc("CertGetNameStringW") |
|
procCertCloseStore = modcrypt32.NewProc("CertCloseStore") |
|
) |
|
// 安装信任证书 |
|
func SetupCert() { |
|
CheckCertIsInstalled() |
|
|
|
//获取证书路径 |
|
dir, _ := os.Getwd() |
|
certPath := dir+"/rootCA.crt" // 替换为您的证书路径 |
|
|
|
if CheckCertIsInstalled() == "yes"{ |
|
return |
|
} |
|
// 读取证书文件 |
|
certFile, err := os.ReadFile(certPath) |
|
if err != nil { |
|
fmt.Println("无法读取证书文件:", err) |
|
return |
|
} |
|
|
|
// 解码 PEM 编码的证书 |
|
block, _ := pem.Decode(certFile) |
|
if block == nil { |
|
fmt.Println("无法解码 PEM 格式的证书") |
|
return |
|
} |
|
|
|
// 解析证书 |
|
cert, err := x509.ParseCertificate(block.Bytes) |
|
if err != nil { |
|
fmt.Println("无法解析证书:", err) |
|
return |
|
} |
|
|
|
|
|
// 打开证书存储 |
|
storeHandle, err := syscall.CertOpenSystemStore(0, syscall.StringToUTF16Ptr("ROOT")) |
|
|
|
if err != nil { |
|
fmt.Println("无法打开证书存储:", err) |
|
return |
|
} |
|
defer syscall.CertCloseStore(storeHandle, 0) |
|
|
|
// 将证书添加到存储中 |
|
err = addCertificateToStore(cert.Raw, storeHandle) |
|
if err != nil { |
|
fmt.Println("无法将证书添加到存储中:", err) |
|
return |
|
} |
|
|
|
fmt.Println("证书已成功导入到受信任的根证书颁发机构") |
|
} |
|
|
|
func addCertificateToStore(cert []byte, storeHandle syscall.Handle) error { |
|
certContext, err := syscall.CertCreateCertificateContext(X509_ASN_ENCODING|PKCS_7_ASN_ENCODING, &cert[0], uint32(len(cert))) |
|
if err != nil { |
|
return fmt.Errorf("无法创建证书上下文: %v", err) |
|
} |
|
defer syscall.CertFreeCertificateContext(certContext) |
|
|
|
err = syscall.CertAddCertificateContextToStore(storeHandle, certContext, CERT_STORE_ADD_REPLACE_EXISTING, nil) |
|
if err != nil { |
|
return fmt.Errorf("无法将证书上下文添加到存储中: %v", err) |
|
} |
|
|
|
return nil |
|
} |
|
|
|
//检测证书是否已经安装了 |
|
func CheckCertIsInstalled() string { |
|
storeName := "Root" // 证书存储名称,这里使用了 "MY" 表示个人证书存储 |
|
|
|
storeHandle, _, _ := procCertOpenSystemStore.Call(0, uintptr(unsafe.Pointer(syscall.StringToUTF16Ptr(storeName)))) |
|
if storeHandle == 0 { |
|
fmt.Println("Error opening certificate store") |
|
return "error" |
|
} |
|
defer procCertCloseStore.Call(storeHandle, 0) |
|
|
|
var pCertContext uintptr |
|
for { |
|
pCertContext, _, _ = procCertEnumCertificatesInStore.Call(storeHandle, pCertContext) |
|
if pCertContext == 0 { |
|
break |
|
} |
|
res := printCertificateInfo(pCertContext) // 输出证书信息 |
|
if res == "yes"{ |
|
return res |
|
} |
|
} |
|
return "no" |
|
} |
|
//获取证书的信息 |
|
func printCertificateInfo(pCertContext uintptr) string { |
|
var buffer [200]uint16 |
|
size, _, _ := procCertGetNameString.Call(pCertContext, 5, 0, 0, uintptr(unsafe.Pointer(&buffer)), 200) |
|
issuer := syscall.UTF16ToString(buffer[:size]) |
|
fmt.Println("Certificate Issuer:", issuer) |
|
if issuer == "SX"{ |
|
return "yes" |
|
} |
|
return "no" |
|
} |