Merge pull request #421 from justcoding121/master

cleanup win certificate generator

Author: justcoding121

Tests/Titanium.Web.Proxy.UnitTests/CertificateManagerTests.cs

@@ -1,5 +1,7 @@
 using System;
 using System.Collections.Generic;
+using System.Diagnostics;
+using System.Linq;
 using System.Threading.Tasks;
 using Microsoft.VisualStudio.TestTools.UnitTesting;
 using Titanium.Web.Proxy.Network;
@@ -12,7 +14,6 @@ public class CertificateManagerTests
         private static readonly string[] hostNames
             = { "facebook.com", "youtube.com", "google.com", "bing.com", "yahoo.com" };
 
-        private readonly Random random = new Random();
 
         [TestMethod]
         public async Task Simple_BC_Create_Certificate_Test()
@@ -21,22 +22,21 @@ public async Task Simple_BC_Create_Certificate_Test()
 
             var mgr = new CertificateManager(null, null, false, false, false, new Lazy<ExceptionHandler>(() => (e =>
             {
-                //Console.WriteLine(e.ToString() + e.InnerException != null ? e.InnerException.ToString() : string.Empty);
-            })).Value);
-
-            mgr.CertificateEngine = CertificateEngine.BouncyCastle;
+                Debug.WriteLine(e.ToString());
+                Debug.WriteLine(e.InnerException?.ToString());
+            })).Value)
+            {
+                CertificateEngine = CertificateEngine.BouncyCastle
+            };
             mgr.ClearIdleCertificates();
             for (int i = 0; i < 5; i++)
             {
-                foreach (string host in hostNames)
+                tasks.AddRange(hostNames.Select(host => Task.Run(() =>
                 {
-                    tasks.Add(Task.Run(() =>
-                    {
-                        //get the connection
-                        var certificate = mgr.CreateCertificate(host, false);
-                        Assert.IsNotNull(certificate);
-                    }));
-                }
+                    //get the connection
+                    var certificate = mgr.CreateCertificate(host, false);
+                    Assert.IsNotNull(certificate);
+                })));
             }
 
             await Task.WhenAll(tasks.ToArray());
@@ -48,34 +48,34 @@ public async Task Simple_BC_Create_Certificate_Test()
         [TestMethod]
         public async Task Simple_Create_Win_Certificate_Test()
         {
+
             var tasks = new List<Task>();
 
             var mgr = new CertificateManager(null, null, false, false, false, new Lazy<ExceptionHandler>(() => (e =>
             {
-                //Console.WriteLine(e.ToString() + e.InnerException != null ? e.InnerException.ToString() : string.Empty);
-            })).Value);
+                Debug.WriteLine(e.ToString());
+                Debug.WriteLine(e.InnerException?.ToString());
+            })).Value)
+            { CertificateEngine = CertificateEngine.DefaultWindows };
 
-            mgr.CertificateEngine = CertificateEngine.DefaultWindows;
-            mgr.CreateRootCertificate(true);
+            mgr.CreateRootCertificate();
             mgr.TrustRootCertificate(true);
             mgr.ClearIdleCertificates();
 
             for (int i = 0; i < 5; i++)
             {
-                foreach (string host in hostNames)
+                tasks.AddRange(hostNames.Select(host => Task.Run(() =>
                 {
-                    tasks.Add(Task.Run(() =>
-                    {
-                        //get the connection
-                        var certificate = mgr.CreateCertificate(host, false);
-                        Assert.IsNotNull(certificate);
-                    }));
-                }
+                    //get the connection
+                    var certificate = mgr.CreateCertificate(host, false);
+                    Assert.IsNotNull(certificate);
+                })));
             }
 
             await Task.WhenAll(tasks.ToArray());
             mgr.RemoveTrustedRootCertificate(true);
             mgr.StopClearIdleCertificates();
+
         }
     }
 }

Titanium.Web.Proxy/Network/Certificate/WinCertificateMaker.cs

@@ -2,9 +2,11 @@
 using System.Reflection;
 using System.Security.Cryptography.X509Certificates;
 using System.Threading;
+using System.Threading.Tasks;
 
 namespace Titanium.Web.Proxy.Network.Certificate
 {
+    /// <inheritdoc />
     /// <summary>
     ///     Certificate Maker - uses MakeCert
     ///     Calls COM objects using reflection
@@ -104,8 +106,8 @@ private X509Certificate2 MakeCertificate(bool isRoot, string subject, string ful
             }
 
             typeX500DN.InvokeMember("Encode", BindingFlags.InvokeMethod, null, x500RootCertDN, typeValue);
-            object sharedPrivateKey = null;
 
+            object sharedPrivateKey = null;
             if (!isRoot)
             {
                 sharedPrivateKey = this.sharedPrivateKey;
@@ -276,49 +278,27 @@ private X509Certificate2 MakeCertificateInternal(string sSubjectCN, bool isRoot,
             bool switchToMTAIfNeeded, X509Certificate2 signingCert = null,
             CancellationToken cancellationToken = default)
         {
-            X509Certificate2 certificate = null;
             if (switchToMTAIfNeeded && Thread.CurrentThread.GetApartmentState() != ApartmentState.MTA)
             {
-                using (var manualResetEvent = new ManualResetEventSlim(false))
-                {
-                    ThreadPool.QueueUserWorkItem(o =>
-                    {
-                        try
-                        {
-                            certificate = MakeCertificateInternal(sSubjectCN, isRoot, false, signingCert);
-                        }
-                        catch (Exception ex)
-                        {
-                            exceptionFunc(new Exception("Failed to create Win certificate", ex));
-                        }
-
-                        if (!cancellationToken.IsCancellationRequested)
-                        {
-                            manualResetEvent.Set();
-                        }
-                    });
-
-                    manualResetEvent.Wait(TimeSpan.FromMinutes(1), cancellationToken);
-                }
-
-                return certificate;
+                return Task.Run(() => MakeCertificateInternal(sSubjectCN, isRoot, false, signingCert),
+                    cancellationToken).Result;
             }
 
             //Subject
             string fullSubject = $"CN={sSubjectCN}";
             //Sig Algo
-            string HashAlgo = "SHA256";
+            const string hashAlgo = "SHA256";
             //Grace Days
-            int GraceDays = -366;
+            const int graceDays = -366;
             //ValiDays
-            int ValidDays = 1825;
+            const int validDays = 1825;
             //KeyLength
-            int keyLength = 2048;
+            const int keyLength = 2048;
 
-            var graceTime = DateTime.Now.AddDays(GraceDays);
+            var graceTime = DateTime.Now.AddDays(graceDays);
             var now = DateTime.Now;
-            certificate = MakeCertificate(isRoot, sSubjectCN, fullSubject, keyLength, HashAlgo, graceTime,
-                now.AddDays(ValidDays), isRoot ? null : signingCert);
+            var certificate = MakeCertificate(isRoot, sSubjectCN, fullSubject, keyLength, hashAlgo, graceTime,
+                now.AddDays(validDays), isRoot ? null : signingCert);
             return certificate;
         }
     }

Titanium.Web.Proxy/Network/CertificateManager.cs

@@ -79,11 +79,7 @@ internal CertificateManager(string rootCertificateName, string rootCertificateIs
         {
             this.exceptionFunc = exceptionFunc;
 
-            UserTrustRoot = userTrustRootCertificate;
-            if (machineTrustRootCertificate)
-            {
-                userTrustRootCertificate = true;
-            }
+            UserTrustRoot = userTrustRootCertificate || machineTrustRootCertificate;
 
             MachineTrustRoot = machineTrustRootCertificate;
             TrustRootAsAdministrator = trustRootCertificateAsAdmin;
@@ -338,14 +334,14 @@ private void InstallCertificate(StoreName storeName, StoreLocation storeLocation
                 return;
             }
 
-            var x509store = new X509Store(storeName, storeLocation);
+            var x509Store = new X509Store(storeName, storeLocation);
 
             //TODO
             //also it should do not duplicate if certificate already exists
             try
             {
-                x509store.Open(OpenFlags.ReadWrite);
-                x509store.Add(RootCertificate);
+                x509Store.Open(OpenFlags.ReadWrite);
+                x509Store.Add(RootCertificate);
             }
             catch (Exception e)
             {
@@ -356,7 +352,7 @@ private void InstallCertificate(StoreName storeName, StoreLocation storeLocation
             }
             finally
             {
-                x509store.Close();
+                x509Store.Close();
             }
         }
 
@@ -436,7 +432,7 @@ internal X509Certificate2 CreateCertificate(string certificateName, bool isRootC
 
                     if (!File.Exists(certificatePath))
                     {
-                        certificate = MakeCertificate(certificateName, isRootCertificate);
+                        certificate = MakeCertificate(certificateName, false);
 
                         //store as cache
                         Task.Run(() =>
@@ -460,7 +456,7 @@ internal X509Certificate2 CreateCertificate(string certificateName, bool isRootC
                         //if load failed create again
                         catch
                         {
-                            certificate = MakeCertificate(certificateName, isRootCertificate);
+                            certificate = MakeCertificate(certificateName, false);
                         }
                     }
                 }
@@ -485,17 +481,15 @@ internal X509Certificate2 CreateCertificate(string certificateName, bool isRootC
         internal async Task<X509Certificate2> CreateCertificateAsync(string certificateName)
         {
             //check in cache first
-            CachedCertificate cached;
-            if (certificateCache.TryGetValue(certificateName, out cached))
+            if (certificateCache.TryGetValue(certificateName, out var cached))
             {
                 cached.LastAccess = DateTime.Now;
                 return cached.Certificate;
             }
 
             //handle burst requests with same certificate name
             //by checking for existing task for same certificate name
-            Task<X509Certificate2> task;
-            if (pendingCertificateCreationTasks.TryGetValue(certificateName, out task))
+            if (pendingCertificateCreationTasks.TryGetValue(certificateName, out var task))
             {
                 return await task;
             }
@@ -785,12 +779,7 @@ public void EnsureRootCertificate()
         public void EnsureRootCertificate(bool userTrustRootCertificate,
             bool machineTrustRootCertificate, bool trustRootCertificateAsAdmin = false)
         {
-            UserTrustRoot = userTrustRootCertificate;
-            if (machineTrustRootCertificate)
-            {
-                userTrustRootCertificate = true;
-            }
-
+            UserTrustRoot = userTrustRootCertificate || machineTrustRootCertificate;
             MachineTrustRoot = machineTrustRootCertificate;
             TrustRootAsAdministrator = trustRootCertificateAsAdmin;
 
@@ -909,7 +898,7 @@ public bool RemoveTrustedRootCertificateAsAdmin(bool machineTrusted = false)
                         success = false;
                     }
 
-                    process.WaitForExit();
+                    process?.WaitForExit();
                 }
             }
             catch