Interfaces/GraphQL: Search Root and My Stores for Certificates

2022-10-20 15:55:02 +02:00
parent 80ac12a2d6
commit d366e6095f
9 changed files with 84 additions and 33 deletions
--- a/Interfaces/GraphQLInterface.vb
+++ b/Interfaces/GraphQLInterface.vb
@@ -30,34 +30,57 @@ Public Class GraphQLInterface
            _userEmail = Email
            _userPassword = Password

-            Dim oStore As New X509Store(StoreName.Root, StoreLocation.CurrentUser)
-            oStore.Open(OpenFlags.ReadOnly)
+            Dim oStoreNames As New List(Of StoreName) From {StoreName.Root, StoreName.My}
+            Dim oCertificate As X509Certificate2 = Nothing

+            For Each oStoreName In oStoreNames
+                oCertificate = FindCertificateByFingerprint(oStoreName, CertificateFingerprint, False)

-            _logger.Debug("Available Certificates ({0}):", oStore.Certificates.Count)
-
-            For Each oCert In oStore.Certificates
-                _logger.Debug("FriendlyName: {0}", oCert.FriendlyName)
-                _logger.Debug("IssuerName: {0}", oCert.IssuerName.Name)
-                _logger.Debug("SubjectName: {0}", oCert.SubjectName.Name)
-                _logger.Debug("Fingerprint: {0}", oCert.Thumbprint)
+                If oCertificate IsNot Nothing Then
+                    _logger.Info("Certificate found in Store [{0}]!", oStoreName.ToString)
+                    Exit For
+                End If
            Next

-            _logger.Debug("Looking for Certificate with Fingerprint [{0}]", CertificateFingerprint)
-
-            Dim oFoundCerts = oStore.Certificates.Find(X509FindType.FindByThumbprint, CertificateFingerprint, False)
-
-            If oFoundCerts.Count = 0 Then
+            If oCertificate Is Nothing Then
                _logger.Warn("Certificate could not be found! Exiting.")
                Exit Sub
            End If

-            _certificate = oFoundCerts.Item(0)
+            _certificate = oCertificate
+
        Catch ex As Exception
            _logger.Error(ex)
        End Try
    End Sub

+    Private Function FindCertificateByFingerprint(pStoreName As StoreName, pFingerprint As String, pValidOnly As Boolean) As X509Certificate2
+        Dim oStore As New X509Store(pStoreName, StoreLocation.CurrentUser)
+        oStore.Open(OpenFlags.ReadOnly)
+
+        _logger.Info("Available Certificates in Store [{0}]: [{1}]", oStore.Name, oStore.Certificates.Count)
+
+        For Each oCert In oStore.Certificates
+            _logger.Debug("FriendlyName: {0}", oCert.FriendlyName)
+            _logger.Debug("IssuerName: {0}", oCert.IssuerName.Name)
+            _logger.Debug("SubjectName: {0}", oCert.SubjectName.Name)
+            _logger.Debug("Fingerprint: {0}", oCert.Thumbprint)
+        Next
+
+        _logger.Debug("Looking for Certificate with Fingerprint [{0}]", pFingerprint)
+
+        Dim oFoundCerts = oStore.Certificates.Find(X509FindType.FindByThumbprint, pFingerprint, pValidOnly)
+
+        oStore.Close()
+
+        If oFoundCerts.Count = 0 Then
+            Return Nothing
+        End If
+
+        Return oFoundCerts.Item(0)
+
+    End Function
+
    Public Sub SaveCookies(Cookie As Cookie)
        GetCookies().Add(Cookie)
    End Sub
@@ -144,13 +167,18 @@ Public Class GraphQLInterface

    Private Function GetRequest(Url As String, PostData As Byte()) As HttpWebRequest
        Try
+            ' Set supported TLS versions for WebRequest
+            ' Source: https://stackoverflow.com/questions/10822509/the-request-was-aborted-could-not-create-ssl-tls-secure-channel
+            'SetSecurityOptions()
+            'SetSecurityOptionsInsecure()
+            'SetSecurityOptionsModern()
+
            Dim oRequest As HttpWebRequest = WebRequest.Create($"{_baseUrl}{Url}")
            oRequest.Method = "POST"
            oRequest.ContentType = "application/json"
            oRequest.ContentLength = PostData.Length
            oRequest.ClientCertificates.Add(_certificate)
            oRequest.CookieContainer = GetCookies()
-
            oRequest.Proxy = Nothing

            If Proxy Is Nothing Then
@@ -167,6 +195,26 @@ Public Class GraphQLInterface
        End Try
    End Function

+
+    Private Sub SetSecurityOptions()
+        ServicePointManager.SecurityProtocol =
+            SecurityProtocolType.Tls Or
+            SecurityProtocolType.Tls11 Or
+            SecurityProtocolType.Tls12
+    End Sub
+
+    Private Sub SetSecurityOptionsInsecure()
+        ServicePointManager.SecurityProtocol =
+            SecurityProtocolType.Tls Or
+            SecurityProtocolType.Tls11 Or
+            SecurityProtocolType.Tls12 Or
+            SecurityProtocolType.Ssl3
+    End Sub
+
+    Private Sub SetSecurityOptionsModern()
+        ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
+    End Sub
+
    Private Function GetCookies() As CookieContainer
        If _cookieJar Is Nothing Then
            _cookieJar = New CookieContainer(MAX_COOKIE_COUNT, MAX_COOKIE_COUNT_PER_DOMAIN, MAX_COOKIE_SIZE)