Skip to content

Add CertBySHA1Hash to retrieve a specific cert#89

Open
djboris9 wants to merge 1 commit intogoogle:masterfrom
djboris9:bysha1
Open

Add CertBySHA1Hash to retrieve a specific cert#89
djboris9 wants to merge 1 commit intogoogle:masterfrom
djboris9:bysha1

Conversation

@djboris9
Copy link

@djboris9 djboris9 commented Sep 22, 2025

Hi

This PR implements retrieving a certificate by its SHA1 hash.

It is useful in situations where CertByCommonName cannot determine the correct certificate because there are multiple certificates with the same CN (e.g., one for client auth and one for server auth).

In combination with ListCertificates from #88, users can process each certificate to identify the desired one and obtain the windows.CertContext for a specific certificate.

apurv15
apurv15 reviewed Sep 23, 2025
View reviewed changes
certtostore_windows.go Outdated

var certContext *windows.CertContext
var cert *x509.Certificate
for {
Copy link
Contributor

@apurv15 apurv15 Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't need a for loop for this search as we can ever have just 1 cert with a given SHA.

Copy link
Author

@djboris9 djboris9 Sep 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, you're right. I fixed it now in the recent commit.

@djboris9
Add CertBySHA1Hash to retrieve a specific cert
1b60bd5 
Signed-off-by: Boris Djurdjevic <boris@djurdjevic.ch>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@apurv15 apurv15 apurv15 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@djboris9 @apurv15