Update EWT to ETW

.github/workflows/main.yml

@@ -29,4 +29,78 @@ jobs:
         ACTIONS_ALLOW_UNSECURE_COMMANDS: true
 
     - name: Build Debug
-      run: msbuild TameMyCerts\TameMyCerts.csproj -property:Configuration=debug
+      run: msbuild TameMyCerts\TameMyCerts.csproj -property:Configuration=debug
+
+    - name: Build TameMyCerts.Tests
+      run: msbuild TameMyCerts.Tests\TameMyCerts.Tests.csproj -property:Configuration=debug
+
+    - name: Save Build TameMyCerts
+      uses: actions/upload-artifact@v4
+      with:
+        name: build-TameMyCerts
+        path: TameMyCerts\bin\debug\net8.0-windows\
+
+    - name: Save Build TameMyCerts.Tests
+      uses: actions/upload-artifact@v4
+      with:
+        name: build-TameMyCerts.Tests
+        path: TameMyCerts.Tests\bin\debug\net8.0-windows\
+
+  xUnit:
+    name: xUnit tests
+    runs-on: windows-latest
+    needs: build
+
+    steps:
+
+    - uses: actions/checkout@v4
+
+    - name: Setup dotnet
+      uses: actions/setup-dotnet@v3
+      with:
+        dotnet-version: '8.0.x'
+
+    - name: Install dependencies
+      run: dotnet restore TameMyCerts.Tests\TameMyCerts.Tests.csproj
+
+    - name: Download Build Output
+      uses: actions/download-artifact@v4
+      with:
+        name: build-TameMyCerts
+        path: TameMyCerts\bin\debug\net8.0-windows\
+
+    - name: Download build-TameMyCerts.Tests
+      uses: actions/download-artifact@v4
+      with:
+        name: build-TameMyCerts.Tests
+        path: TameMyCerts.Tests\bin\debug\net8.0-windows\
+
+    - name: Run xunit tests
+      run: dotnet test --no-build --verbosity minimal
+
+  EWTManifest:
+    name: Create ETW Manifest
+    runs-on: windows-latest
+
+    steps:
+
+    - uses: actions/checkout@v4
+
+    - name: Setup dotnet
+      uses: actions/setup-dotnet@v3
+      with:
+        dotnet-version: '8.0.x'
+
+    - name: Install dependencies
+      run: dotnet restore --verbosity detailed
+
+    - name: Setup MSBuild Path
+      uses: microsoft/[email protected]
+      env:
+        ACTIONS_ALLOW_UNSECURE_COMMANDS: true
+
+    - name: List installed packages
+      run: dotnet list package
+
+    - name: Build ETW Manifest
+      run: msbuild Support.GenerateETWManifest\Support.GenerateETWManifest.csproj -property:Configuration=release

Support.GenerateETWManifest/Program.cs

@@ -0,0 +1,38 @@
+using System.Diagnostics.Tracing;
+using TameMyCerts;
+using System.IO;
+using System;
+
+// Generate the manifest
+internal class Program
+{
+    private static void Main(string[] args)
+    {
+        string? outFilename = null;
+        for (int i = 0; i < args.Length; i++)
+        {
+            if (args[i] == "--outfile" && i + 1 < args.Length)
+            {
+                outFilename = args[i + 1]; break;
+            }
+        }
+        // Validate the filename
+        if (string.IsNullOrEmpty(outFilename))
+        {
+            throw new ArgumentException("Missing or invalid --outfile argument");
+        }
+
+        // Generate the manifest
+        string? manifest = EventSource.GenerateManifest(typeof(ETWLogger), "TameMyCerts.Events.dll");
+        // Save the manifest to a file
+        if (manifest is not null)
+        {
+            File.WriteAllText(Path.GetFullPath(outFilename), manifest);
+            Console.WriteLine($"Manifest generated and saved to {Path.GetFullPath(outFilename)}");
+        }
+        else
+        {
+            Console.WriteLine("Failed to generate manifest. The manifest content is null.");
+        }
+    }
+}

Support.GenerateETWManifest/Support.GenerateETWManifest.csproj

@@ -0,0 +1,52 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0-windows</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Microsoft.Windows.SDK.BuildTools" Version="10.0.26100.1742" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\TameMyCerts\TameMyCerts.csproj" />
+  </ItemGroup>
+
+  <PropertyGroup>
+    <buildtools Condition="Exists('C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0')">C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x64</buildtools>
+    <buildtools Condition="Exists('C:\Program Files (x86)\Microsoft Visual Studio\Shared\NuGetPackages\microsoft.windows.sdk.buildtools\10.0.22621.756')">C:\Program Files (x86)\Microsoft Visual Studio\Shared\NuGetPackages\microsoft.windows.sdk.buildtools\10.0.22621.756\bin\10.0.22621.0\x64</buildtools>
+    <buildtools Condition="Exists('C:\Program Files (x86)\Microsoft Visual Studio\Shared\NuGetPackages\microsoft.windows.sdk.buildtools\10.0.26100.1742')">C:\Program Files (x86)\Microsoft Visual Studio\Shared\NuGetPackages\microsoft.windows.sdk.buildtools\10.0.26100.1742\bin\10.0.26100.0\x64</buildtools>
+    <buildtools Condition="Exists('$(NuGetPackageRoot)microsoft.windows.sdk.buildtools\10.0.26100.1742')">$(NuGetPackageRoot)microsoft.windows.sdk.buildtools\10.0.26100.1742\bin\10.0.26100.0\x64</buildtools>
+  </PropertyGroup>
+
+  <Target Name="GenerateManifest" AfterTargets="Build">
+    <Exec Command="$(TargetDir)\$(TargetName).exe  --outfile &quot;$(TargetDir)TameMyCerts.Events.man&quot;" WorkingDirectory="$(TargetDir)" />
+  </Target>
+
+  <!-- There must not be quotes around $(TargetDir), as it adds a tempfile after and it breaks horribly if it has quotes-->
+  <Target Name="MessageCompiler" AfterTargets="Build" DependsOnTargets="GenerateManifest">
+    <Exec Command="&quot;$(buildtools)\mc.exe&quot; &quot;$(TargetDir)TameMyCerts.Events.man&quot; -r $(TargetDir)" WorkingDirectory="$(TargetDir)" />
+  </Target>
+
+  <Target Name="ResourceCompiler" AfterTargets="Build" DependsOnTargets="MessageCompiler">
+    <Exec Command="&quot;$(buildtools)\rc.exe&quot; &quot;$(TargetDir)TameMyCerts.Events.rc&quot;" WorkingDirectory="$(TargetDir)" />
+  </Target>
+
+  <Target Name="BuildDll" AfterTargets="Build" DependsOnTargets="MessageCompiler">
+    <Exec Command="&quot;$(MSBuildSDKsPath)\..\Current\Bin\Roslyn\csc.exe&quot; /out:$(TargetDir)TameMyCerts.Events.dll /target:library /win32res:$(TargetDir)TameMyCerts.Events.res" WorkingDirectory="$(TargetDir)" />
+  </Target>
+
+  <Target Name="CopyOutputFiles" AfterTargets="Build">
+    <ItemGroup>
+      <!-- Include DLLs, XMLs, and JSON files from the output path -->
+      <FilesToCopy Include="$(OutputPath)**\TameMyCerts.Events.dll" />
+      <FilesToCopy Include="$(OutputPath)**\TameMyCerts.Events.man" />
+    </ItemGroup>
+
+    <Copy SourceFiles="@(FilesToCopy)" DestinationFolder="..\TameMyCerts\bin\$(Configuration)\$(TargetFramework)\" SkipUnchangedFiles="true" />
+
+  </Target>
+</Project>

TameMyCerts.Tests/EWTLoggerListener.cs → TameMyCerts.Tests/ETWLoggerListener.cs

@@ -4,7 +4,7 @@
 
 namespace TameMyCerts.Tests
 {
-    public class EWTLoggerListener : EventListener
+    public class ETWLoggerListener : EventListener
     {
         private readonly List<EventWrittenEventArgs> events = new List<EventWrittenEventArgs>();
         protected override void OnEventWritten(EventWrittenEventArgs eventData) { events.Add(eventData); }

TameMyCerts.Tests/ETWTests.cs

@@ -0,0 +1,85 @@
+using System;
+using System.ComponentModel;
+using System.Linq;
+using Xunit;
+using TameMyCerts.Enums;
+using TameMyCerts.Models;
+using Xunit.Abstractions;
+using System.Reflection;
+using System.Text.RegularExpressions;
+
+namespace TameMyCerts.Tests
+{
+    public class ETWTests
+    {
+        private readonly ITestOutputHelper output;
+        private ETWLoggerListener _listener;
+
+        public ETWTests(ITestOutputHelper output)
+        {
+            this.output = output;
+            this._listener = new ETWLoggerListener();
+        }
+
+        internal void PrintResult(CertificateRequestValidationResult result)
+        {
+            output.WriteLine("0x{0:X} ({0}) {1}.", result.StatusCode,
+                new Win32Exception(result.StatusCode).Message);
+            output.WriteLine(string.Join("\n", result.Description));
+        }
+
+        [Fact]
+        public void VerifyEventIDs()
+        {
+            var loggerType = typeof(ETWLogger);
+
+            var methods = loggerType.GetMethods(BindingFlags.Public | BindingFlags.Instance | BindingFlags.DeclaredOnly);
+
+            foreach (var method in methods)
+            {
+                _listener.ClearEvents();
+                int? eventID = null;
+                // Extract the expected event ID from the method name
+                Match match = Regex.Match(method.Name, @"\d+");
+                if (match.Success)
+                {
+                    eventID = int.Parse(match.Value);
+                }
+                else
+                {
+                    Assert.Fail($"Event ID not found in method name {method.Name}");
+                }
+
+                    // Prepare default parameters for the method
+                    var parameters = method.GetParameters();
+                var parameterValues = new object[parameters.Length];
+                for (int i = 0; i < parameters.Length; i++)
+                {
+                    if (parameters[i].ParameterType == typeof(string))
+                    {
+                        parameterValues[i] = "Test message";
+                    }
+                    else if (parameters[i].ParameterType == typeof(int))
+                    {
+                        parameterValues[i] = 123;
+                    }
+                    else if (parameters[i].ParameterType.IsValueType)
+                    {
+                        parameterValues[i] = Activator.CreateInstance(parameters[i].ParameterType);
+                    }
+                    else
+                    {
+                        output.WriteLine($"Unknown parameter type {parameters[i].ParameterType}");
+                        parameterValues[i] = null;
+                    }
+                }
+                _ = method.Invoke(ETWLogger.Log, parameterValues);
+                // This checks that there is a event with the correct ID has been registered
+                Assert.Equal(eventID, _listener.Events[0].EventId);
+                //output.WriteLine($"Found the {method.Name}");
+            }
+
+        }
+
+    }
+}

TameMyCerts.Tests/XMLPolicyTests.cs

@@ -17,13 +17,13 @@ namespace TameMyCerts.Tests;
 
 public class XMLPolicyTests
 {
-    private EWTLoggerListener _listener;
+    private ETWLoggerListener _listener;
     private readonly ITestOutputHelper output;
 
     public XMLPolicyTests(ITestOutputHelper output)
     {
         this.output = output;
-        this._listener = new EWTLoggerListener();
+        this._listener = new ETWLoggerListener();
     }
 
     internal void PrintResult(CertificateRequestValidationResult result)

TameMyCerts.Tests/YubikeyValidatorTests.cs

@@ -30,10 +30,13 @@ public class YubikeyValidatorTests
 
         private readonly ITestOutputHelper output;
 
-        private EWTLoggerListener _listener;
+        private ETWLoggerListener _listener;
 
         public YubikeyValidatorTests(ITestOutputHelper output)
         {
+            // Setup a fake CA configuration
+            _caConfig = new CertificateAuthorityConfiguration(3, 1, "ADCS Labor Issuing CA 1",
+                "ADCS Labor Issuing CA 1", "CA02", "pki.adcslabor.de", "CN=Configuration,DC=intra,DC=adcslabor,DC=de");
 
             // Sample CSR from a Yubikey with attestion included
             _yubikey_valid_5_4_3_Once_Never_UsbAKeychain_9a_Normal_RSA_2048_CSR =
@@ -230,7 +233,7 @@ public YubikeyValidatorTests(ITestOutputHelper output)
             _yubikey_valid_5_4_3_Once_Cached_UsbAKeychain_9a_FIPS_RSA_2048_dbRow = new CertificateDatabaseRow(_yubikey_valid_5_4_3_Once_Cached_UsbAKeychain_9a_FIPS_RSA_2048_CSR, CertCli.CR_IN_PKCS10);
 
             this.output = output;
-            this._listener = new EWTLoggerListener();
+            this._listener = new ETWLoggerListener();
         }
 
         internal void PrintResult(CertificateRequestValidationResult result)

TameMyCerts.sln

@@ -7,7 +7,7 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "TameMyCerts", "TameMyCerts\
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "TameMyCerts.Tests", "TameMyCerts.Tests\TameMyCerts.Tests.csproj", "{98F86AA9-4B95-4300-9A23-512C620D075C}"
 EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Support.GenerateEWTManifest", "Support.GenerateEWTManifest\Support.GenerateEWTManifest.csproj", "{6ED9736E-8C10-44A3-B80E-5FE83F2FE632}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Support.GenerateETWManifest", "Support.GenerateETWManifest\Support.GenerateETWManifest.csproj", "{6ED9736E-8C10-44A3-B80E-5FE83F2FE632}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution

TameMyCerts/EWTLogger.cs

@@ -12,9 +12,9 @@ namespace TameMyCerts
 {
     [EventSource(Name = "TameMyCerts-TameMyCerts-Policy", LocalizationResources = "TameMyCerts.LocalizedStrings")]
     // This needs to be named Company-Product-Component, it is hardcoded into EventViewer.
-    public sealed class EWTLogger : EventSource
+    public sealed class ETWLogger : EventSource
     {
-        public static EWTLogger Log = new EWTLogger();
+        public static ETWLogger Log = new ETWLogger();
 
         public static class Tasks
         {