#782 use 825 valid days to accomodate iOS 13

justcoding121 · justcoding121 · commit bbd3f7651496 · 2020-08-11T09:57:28.000-06:00
diff --git a/src/Titanium.Web.Proxy/Certificates/BCCertificateMaker.cs b/src/Titanium.Web.Proxy/Certificates/BCCertificateMaker.cs
@@ -26,7 +26,7 @@ namespace Titanium.Web.Proxy.Network.Certificate
     /// </summary>
     internal class BCCertificateMaker : ICertificateMaker
     {
-        private const int certificateValidDays = 1825;
+        private readonly int certificateValidDays;
         private const int certificateGraceDays = 366;
 
         // The FriendlyName value cannot be set on Unix.
@@ -35,9 +35,10 @@ internal class BCCertificateMaker : ICertificateMaker
 
         private readonly ExceptionHandler exceptionFunc;
 
-        internal BCCertificateMaker(ExceptionHandler exceptionFunc)
+        internal BCCertificateMaker(ExceptionHandler exceptionFunc, int certificateValidDays)
         {
-            this.exceptionFunc = exceptionFunc;
+            this.certificateValidDays = certificateValidDays;
+            this.exceptionFunc = exceptionFunc;  
         }
 
         /// <summary>
diff --git a/src/Titanium.Web.Proxy/Certificates/BCCertificateMakerFast.cs b/src/Titanium.Web.Proxy/Certificates/BCCertificateMakerFast.cs
@@ -26,7 +26,7 @@ namespace Titanium.Web.Proxy.Network.Certificate
     /// </summary>
     internal class BCCertificateMakerFast : ICertificateMaker
     {
-        private const int certificateValidDays = 1825;
+        private int certificateValidDays;
         private const int certificateGraceDays = 366;
 
         // The FriendlyName value cannot be set on Unix.
@@ -37,8 +37,9 @@ internal class BCCertificateMakerFast : ICertificateMaker
 
         public AsymmetricCipherKeyPair KeyPair { get; set; }
 
-        internal BCCertificateMakerFast(ExceptionHandler exceptionFunc)
+        internal BCCertificateMakerFast(ExceptionHandler exceptionFunc, int certificateValidDays)
         {
+            this.certificateValidDays = certificateValidDays;
             this.exceptionFunc = exceptionFunc;
             KeyPair = GenerateKeyPair();
         }
diff --git a/src/Titanium.Web.Proxy/Certificates/CertificateManager.cs b/src/Titanium.Web.Proxy/Certificates/CertificateManager.cs
@@ -73,14 +73,14 @@ private ICertificateMaker certEngine
                     switch (engine)
                     {
                         case CertificateEngine.BouncyCastle:
-                            certEngineValue = new BCCertificateMaker(ExceptionFunc);
+                            certEngineValue = new BCCertificateMaker(ExceptionFunc, CertificateValidDays);
                             break;
                         case CertificateEngine.BouncyCastleFast:
-                            certEngineValue = new BCCertificateMakerFast(ExceptionFunc);
+                            certEngineValue = new BCCertificateMakerFast(ExceptionFunc, CertificateValidDays);
                             break;
                         case CertificateEngine.DefaultWindows:
                         default:
-                            certEngineValue = new WinCertificateMaker(ExceptionFunc);
+                            certEngineValue = new WinCertificateMaker(ExceptionFunc, CertificateValidDays);
                             break;
                     }
                 }
@@ -204,6 +204,12 @@ public CertificateEngine CertificateEngine
         /// </summary>
         public string PfxFilePath { get; set; } = string.Empty;
 
+        /// <summary>
+        /// Number of Days generated HTTPS certificates are valid for.
+        /// Maximum allowed on iOS 13 is 825 days and it is the default.
+        /// </summary>
+        public int CertificateValidDays { get; set; } = 825;
+
         /// <summary>
         ///     Name of the root certificate issuer.
         ///     (This is valid only when RootCertificate property is not set.)
diff --git a/src/Titanium.Web.Proxy/Certificates/WinCertificateMaker.cs b/src/Titanium.Web.Proxy/Certificates/WinCertificateMaker.cs
@@ -13,6 +13,9 @@ namespace Titanium.Web.Proxy.Network.Certificate
     /// </summary>
     internal class WinCertificateMaker : ICertificateMaker
     {
+        // Validity Days for Root Certificates Generated.
+        private int certificateValidDays;
+
         private readonly ExceptionHandler exceptionFunc;
 
         private readonly string sProviderName = "Microsoft Enhanced Cryptographic Provider v1.0";
@@ -49,8 +52,9 @@ internal class WinCertificateMaker : ICertificateMaker
         /// <summary>
         ///     Constructor.
         /// </summary>
-        internal WinCertificateMaker(ExceptionHandler exceptionFunc)
+        internal WinCertificateMaker(ExceptionHandler exceptionFunc, int certificateValidDays)
         {
+            this.certificateValidDays = certificateValidDays;
             this.exceptionFunc = exceptionFunc;
 
             typeX500DN = Type.GetTypeFromProgID("X509Enrollment.CX500DistinguishedName", true);
@@ -99,16 +103,13 @@ private X509Certificate2 makeCertificate(string sSubjectCN,
             // Grace Days
             const int graceDays = -366;
 
-            // ValiDays
-            const int validDays = 1825;
-
             // KeyLength
             const int keyLength = 2048;
 
             var now = DateTime.UtcNow;
             var graceTime = now.AddDays(graceDays);
             var certificate = makeCertificate(sSubjectCN, fullSubject, keyLength, hashAlgo, graceTime,
-                now.AddDays(validDays), signingCertificate);
+                now.AddDays(certificateValidDays), signingCertificate);
             return certificate;
         }
 
diff --git a/src/Titanium.Web.Proxy/Helpers/RunTime.cs b/src/Titanium.Web.Proxy/Helpers/RunTime.cs
@@ -88,7 +88,7 @@ private static bool isSocketReuseAvailable()
                 }
 
                 // get the currently running framework name and version (EX: .NETFramework,Version=v4.5.1) (Ex: .NETCoreApp,Version=v2.0)
-                string ver = Assembly.GetEntryAssembly()?.GetCustomAttribute<TargetFrameworkAttribute>()?.FrameworkName;
+                string? ver = Assembly.GetEntryAssembly()?.GetCustomAttribute<TargetFrameworkAttribute>()?.FrameworkName;
 
                 if (ver == null)
                     return false; // play it safe if we can not figure out what the framework is

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@ namespace Titanium.Web.Proxy.Network.Certificate`
`26`	`26`	`/// </summary>`
`27`	`27`	`internal class BCCertificateMaker : ICertificateMaker`
`28`	`28`	`{`
`29`		`- private const int certificateValidDays = 1825;`
	`29`	`+ private readonly int certificateValidDays;`
`30`	`30`	`private const int certificateGraceDays = 366;`
`31`	`31`
`32`	`32`	`// The FriendlyName value cannot be set on Unix.`
`@@ -35,9 +35,10 @@ internal class BCCertificateMaker : ICertificateMaker`
`35`	`35`
`36`	`36`	`private readonly ExceptionHandler exceptionFunc;`
`37`	`37`
`38`		`- internal BCCertificateMaker(ExceptionHandler exceptionFunc)`
	`38`	`+ internal BCCertificateMaker(ExceptionHandler exceptionFunc, int certificateValidDays)`
`39`	`39`	`{`
`40`		`- this.exceptionFunc = exceptionFunc;`
	`40`	`+ this.certificateValidDays = certificateValidDays;`
	`41`	`+ this.exceptionFunc = exceptionFunc;`
`41`	`42`	`}`
`42`	`43`
`43`	`44`	`/// <summary>`
Original file line number	Diff line number	Diff line change
`@@ -88,7 +88,7 @@ private static bool isSocketReuseAvailable()`
`88`	`88`	`}`
`89`	`89`
`90`	`90`	`// get the currently running framework name and version (EX: .NETFramework,Version=v4.5.1) (Ex: .NETCoreApp,Version=v2.0)`
`91`		`- string ver = Assembly.GetEntryAssembly()?.GetCustomAttribute<TargetFrameworkAttribute>()?.FrameworkName;`
	`91`	`+ string? ver = Assembly.GetEntryAssembly()?.GetCustomAttribute<TargetFrameworkAttribute>()?.FrameworkName;`
`92`	`92`
`93`	`93`	`if (ver == null)`
`94`	`94`	`return false; // play it safe if we can not figure out what the framework is`