testing registry control

Author: DeagleGross

src/BenchmarksApps.sln

@@ -72,6 +72,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "HttpSys", "BenchmarksApps\T
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Kestrel", "BenchmarksApps\TLS\Kestrel\Kestrel.csproj", "{291DCDF7-4B7C-D687-A62B-9DF7DF50F2F2}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Shared", "BenchmarksApps\TLS\Shared\Shared.csproj", "{C7A7E484-F1DB-4A46-B8F8-4895C413F680}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug_Database|Any CPU = Debug_Database|Any CPU
@@ -280,6 +282,14 @@ Global
 		{291DCDF7-4B7C-D687-A62B-9DF7DF50F2F2}.Release_Database|Any CPU.Build.0 = Release_Database|Any CPU
 		{291DCDF7-4B7C-D687-A62B-9DF7DF50F2F2}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{291DCDF7-4B7C-D687-A62B-9DF7DF50F2F2}.Release|Any CPU.Build.0 = Release|Any CPU
+		{C7A7E484-F1DB-4A46-B8F8-4895C413F680}.Debug_Database|Any CPU.ActiveCfg = Debug_Database|Any CPU
+		{C7A7E484-F1DB-4A46-B8F8-4895C413F680}.Debug_Database|Any CPU.Build.0 = Debug_Database|Any CPU
+		{C7A7E484-F1DB-4A46-B8F8-4895C413F680}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{C7A7E484-F1DB-4A46-B8F8-4895C413F680}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{C7A7E484-F1DB-4A46-B8F8-4895C413F680}.Release_Database|Any CPU.ActiveCfg = Release_Database|Any CPU
+		{C7A7E484-F1DB-4A46-B8F8-4895C413F680}.Release_Database|Any CPU.Build.0 = Release_Database|Any CPU
+		{C7A7E484-F1DB-4A46-B8F8-4895C413F680}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{C7A7E484-F1DB-4A46-B8F8-4895C413F680}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -297,6 +307,7 @@ Global
 		{D6616E03-A2DA-4929-AD28-595ECC4C004D} = {B6DB234C-8F80-4160-B95D-D70AFC444A3D}
 		{455942DF-6C8E-4054-AF1D-41A10BE1466F} = {02EA681E-C7D8-13C7-8484-4AC65E1B71E8}
 		{291DCDF7-4B7C-D687-A62B-9DF7DF50F2F2} = {02EA681E-C7D8-13C7-8484-4AC65E1B71E8}
+		{C7A7E484-F1DB-4A46-B8F8-4895C413F680} = {02EA681E-C7D8-13C7-8484-4AC65E1B71E8}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {117072DC-DE12-4F74-90CA-692FA2BE8DCB}

src/BenchmarksApps/TLS/HttpSys/HttpSys.csproj

@@ -1,11 +1,15 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
+<Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
     <TargetFramework>net9.0</TargetFramework>
     <Nullable>enable</Nullable>
     <ImplicitUsings>enable</ImplicitUsings>
   </PropertyGroup>
 
+  <ItemGroup>
+    <ProjectReference Include="..\Shared\Shared.csproj" />
+  </ItemGroup>
+
   <ItemGroup>
     <None Update="testCert.pfx">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>

src/BenchmarksApps/TLS/HttpSys/Program.cs

@@ -1,7 +1,7 @@
 using HttpSys;
 using Microsoft.AspNetCore.Connections.Features;
-using Microsoft.AspNetCore.Http.Features;
 using Microsoft.AspNetCore.Server.HttpSys;
+using Shared;
 
 var builder = WebApplication.CreateBuilder(args);
 builder.Logging.ClearProviders();
@@ -11,6 +11,7 @@
 var tlsRegistryLogsEnabled = bool.TryParse(builder.Configuration["tlsRegistryLogs"], out var tlsRegistryLogsConfig) && tlsRegistryLogsConfig;
 var logRequestInfo = bool.TryParse(builder.Configuration["logRequestInfo"], out var logRequestInfoConfig) && logRequestInfoConfig;
 var statsEnabled = bool.TryParse(builder.Configuration["statsEnabled"], out var connectionStatsEnabledConfig) && connectionStatsEnabledConfig;
+var supportedTlsVersions = ConfigurationHelpers.ParseSslProtocols(builder.Configuration["tlsProtocols"]);
 
 var mTlsEnabled = bool.TryParse(builder.Configuration["mTLS"], out var mTlsEnabledConfig) && mTlsEnabledConfig;
 var tlsRenegotiationEnabled = bool.TryParse(builder.Configuration["tlsRenegotiation"], out var tlsRenegotiationEnabledConfig) && tlsRenegotiationEnabledConfig;
@@ -132,11 +133,9 @@ void OnShutdown()
     });
 }
 
-await app.StartAsync();
-
+RegistryController.EnableTls(supportedTlsVersions);
 if (tlsRegistryLogsEnabled)
 {
-    Console.WriteLine("Fetching registry info");
     RegistryController.ShowRegistryKeys();
 }
 if (httpSysLogsEnabled)
@@ -160,5 +159,7 @@ void OnShutdown()
 Console.WriteLine($"\tlistening endpoints: {listeningEndpoints}");
 Console.WriteLine("--------------------------------");
 
+await app.StartAsync();
+
 Console.WriteLine("Application started.");
 await app.WaitForShutdownAsync();

src/BenchmarksApps/TLS/HttpSys/RegistryController.cs

@@ -1,8 +1,10 @@
-using System.Text;
+using System.Security.Authentication;
+using System.Text;
 using Microsoft.Win32;
 
 namespace HttpSys;
 
+[System.Diagnostics.CodeAnalysis.SuppressMessage("Interoperability", "CA1416:Validate platform compatibility", Justification = "benchmark only runs on windows")]
 public static class RegistryController
 {
     private const string TLS12Key = @"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server";
@@ -21,6 +23,22 @@ public static void ShowRegistryKeys()
         Console.WriteLine(strBuilder.ToString());
     }
 
+    public static void EnableTls(SslProtocols sslProtocols)
+    {
+        if (sslProtocols.HasFlag(SslProtocols.Tls12))
+        {
+            EnableTls12();
+            return;
+        }
+        if (sslProtocols.HasFlag(SslProtocols.Tls13))
+        {
+            EnableTls13();
+            return;
+        }
+
+        throw new ArgumentOutOfRangeException(nameof(sslProtocols), "Unsupported TLS protocol version. Only TLS1.2 and TLS1.3 are supported.");
+    }
+
     private static void EnableTls12()
     {
         // todo
@@ -32,10 +50,19 @@ private static void EnableTls13()
             ? RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry64)
             : RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry32);
 
-        localKey.OpenSubKey(TLS13Key).SetValue("EnableHTTP3", 1);
+        var registrySubKey = localKey.OpenSubKey(TLS13Key, writable: true);
+        if (registrySubKey is null)
+        {
+            Console.WriteLine($"Registry subKey `{TLS13Key}` does not exist. Creating one...");
+            registrySubKey = localKey.CreateSubKey(TLS13Key);
+            Console.WriteLine($"Created Registry subKey `{TLS13Key}`");
+        }
+
+        Console.WriteLine($"Enabling registry setting {TLS13Key}\\EnableHTTP3 for TLS1.3");
+        registrySubKey.SetValue("EnableHTTP3", 1);
+        Console.WriteLine($"Enabled registry setting {TLS13Key}\\EnableHTTP3 for TLS1.3");
     }
 
-    [System.Diagnostics.CodeAnalysis.SuppressMessage("Interoperability", "CA1416:Validate platform compatibility", Justification = "benchmark only runs on windows")]
     private static string? GetRegistryValue(string path, string name)
     {
         var localKey = Environment.Is64BitOperatingSystem

src/BenchmarksApps/TLS/HttpSys/appsettings.Development.json

@@ -9,5 +9,7 @@
   "httpSysLogs": "true",
   "tlsRegistryLogs": "true",
   "tlsRenegotiation": "true",
-  "certValidationConsoleEnabled": "true"
+  "certValidationConsoleEnabled": "true",
+
+  "tlsProtocols": "tls13"
 }

src/BenchmarksApps/TLS/Kestrel/Kestrel.csproj

@@ -10,6 +10,10 @@
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Certificate" Version="9.0.0" />
   </ItemGroup>
 
+  <ItemGroup>
+    <ProjectReference Include="..\Shared\Shared.csproj" />
+  </ItemGroup>
+
   <ItemGroup>
     <None Update="testCert.pfx">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>

src/BenchmarksApps/TLS/Kestrel/Program.cs

@@ -5,6 +5,7 @@
 using Microsoft.AspNetCore.Server.HttpSys;
 using Microsoft.AspNetCore.Server.Kestrel.Core;
 using Microsoft.AspNetCore.Server.Kestrel.Https;
+using Shared;
 
 var builder = WebApplication.CreateBuilder(args);
 builder.Logging.ClearProviders();
@@ -14,7 +15,7 @@
 var tlsRenegotiationEnabled = bool.TryParse(builder.Configuration["tlsRenegotiation"], out var tlsRenegotiationEnabledConfig) && tlsRenegotiationEnabledConfig;
 var statsEnabled = bool.TryParse(builder.Configuration["statsEnabled"], out var connectionStatsEnabledConfig) && connectionStatsEnabledConfig;
 var listeningEndpoints = builder.Configuration["urls"] ?? "https://localhost:5000/";
-var supportedTlsVersions = ParseSslProtocols(builder.Configuration["tlsProtocols"]);
+var supportedTlsVersions = ConfigurationHelpers.ParseSslProtocols(builder.Configuration["tlsProtocols"]);
 
 if (mTlsEnabled && tlsRenegotiationEnabled)
 {
@@ -161,36 +162,4 @@ static IPEndPoint CreateIPEndPoint(UrlPrefix urlPrefix)
     }
 
     return new IPEndPoint(ip, urlPrefix.PortValue);
-}
-
-static SslProtocols ParseSslProtocols(string? supportedTlsVersions)
-{
-    var protocols = SslProtocols.Tls12; // default it TLS 1.2
-    if (string.IsNullOrEmpty(supportedTlsVersions))
-    {
-        return protocols;
-    }
-
-    protocols = SslProtocols.None;
-    foreach (var version in supportedTlsVersions.Split(','))
-    {
-        switch (version.Trim().ToLower())
-        {
-#pragma warning disable SYSLIB0039 // Type or member is obsolete
-            case "tls11":
-                protocols |= SslProtocols.Tls11;
-                break;
-#pragma warning restore SYSLIB0039 // Type or member is obsolete
-            case "tls12":
-                protocols |= SslProtocols.Tls12;
-                break;
-            case "tls13":
-                protocols |= SslProtocols.Tls13;
-                break;
-            default:
-                throw new ArgumentException($"Unsupported TLS version: {version}");
-        }
-    }
-
-    return protocols;
 }

src/BenchmarksApps/TLS/Shared/ConfigurationHelpers.cs

@@ -0,0 +1,39 @@
+using System.Security.Authentication;
+
+namespace Shared
+{
+    public static class ConfigurationHelpers
+    {
+        public static SslProtocols ParseSslProtocols(string? supportedTlsVersions)
+        {
+            var protocols = SslProtocols.Tls12; // default it TLS 1.2
+            if (string.IsNullOrEmpty(supportedTlsVersions))
+            {
+                return protocols;
+            }
+
+            protocols = SslProtocols.None;
+            foreach (var version in supportedTlsVersions.Split(','))
+            {
+                switch (version.Trim().ToLower())
+                {
+#pragma warning disable SYSLIB0039 // Type or member is obsolete
+                    case "tls11":
+                        protocols |= SslProtocols.Tls11;
+                        break;
+#pragma warning restore SYSLIB0039 // Type or member is obsolete
+                    case "tls12":
+                        protocols |= SslProtocols.Tls12;
+                        break;
+                    case "tls13":
+                        protocols |= SslProtocols.Tls13;
+                        break;
+                    default:
+                        throw new ArgumentException($"Unsupported TLS version: {version}");
+                }
+            }
+
+            return protocols;
+        }
+    }
+}

src/BenchmarksApps/TLS/Shared/Shared.csproj

@@ -0,0 +1,9 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net9.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+  </PropertyGroup>
+
+</Project>