From 38c5d54e571f74e2b7ba8d4baf006004e509631a Mon Sep 17 00:00:00 2001
From: Thomas Glatzer <glatzert@outlook.de>
Date: Tue, 19 Apr 2022 20:05:19 +0200
Subject: [PATCH] Minor changes to condense code

---
 ACME-PS/internal/classes/crypto/Certificate.ps1 | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/ACME-PS/internal/classes/crypto/Certificate.ps1 b/ACME-PS/internal/classes/crypto/Certificate.ps1
index 449b169..1ebc5cb 100644
--- a/ACME-PS/internal/classes/crypto/Certificate.ps1
+++ b/ACME-PS/internal/classes/crypto/Certificate.ps1
@@ -32,14 +32,16 @@ class Certificate {
     # note: this returns issuers before the certs they've issued.  This is the opposite order to what's desired; but is the order that produces the correct output when combined with the X509Certificate2Collection's Export command
     hidden static [Security.Cryptography.X509Certificates.X509Certificate2Collection] ConvertToCertificateCollection([Collections.ArrayList] $acmeCertificates) {
         $result = [Security.Cryptography.X509Certificates.X509Certificate2Collection]::new();
+        
         # process any quick wins (i.e. where it's clear there's no dependency
         $todoCount = $acmeCertificates.Count - 1;
         for ($i = $todoCount; $i -ge 0; $i--) {
-            if ([string]::IsNullOrWhitespace($acmeCertificates[$i].Issuer) -or ($acmeCertificates[$i].Subject -eq $acmeCertificates[$i].Issuer)) {
+            if (!($acmeCertificates[$i].Issuer) -or ($acmeCertificates[$i].Subject -eq $acmeCertificates[$i].Issuer)) {
                 $result.Add($acmeCertificates[$i]); #| out-null
                 $acmeCertificates.RemoveAt($i);
             }
         }
+
         # then work through the chains, returning all certificates whose issuers aren't in the unprocessed collection
         $todoSubjects = [Collections.ArrayList]::new( ($acmeCertificates | Select-Object -ExpandProperty 'Subject') );
         while ($todoCount = $acmeCertificates.Count) {
@@ -56,15 +58,19 @@ class Certificate {
                 throw [System.ArgumentException]::new("There appears to be a circular loop in the given certificate's dependency chain"); # I don't think this would ever occur; but maybe it's a risk for some self signed cert scenarios?
             }
         }
+
         return $result;
     }
 
-    hidden static [Security.Cryptography.X509Certificates.X509Certificate2Collection] ConvertToCertificateCollection([byte[][]] $acmeCertificates, [Security.Cryptography.AsymmetricAlgorithm] $algorithm) {
+    hidden static [Security.Cryptography.X509Certificates.X509Certificate2Collection] CreateCertificateCollection([byte[][]] $acmeCertificates, [Security.Cryptography.AsymmetricAlgorithm] $algorithm) {
         $certs = [Collections.ArrayList]::new();
+        
         $certs.Add([Certificate]::CreateX509WithKey($acmeCertificates[0], $algorithm));
+
         for($i = 1; $i -lt $acmeCertificates.Length; $i++) {
             $certs.Add([Security.Cryptography.X509Certificates.X509Certificate2]::new($acmeCertificates[$i]));
         }
+
         return [Certificate]::ConvertToCertificateCollection($certs);
     }
 
@@ -74,7 +80,7 @@ class Certificate {
 
     static [byte[]] ExportPfxCertificateChain([byte[][]] $acmeCertificates, [Security.Cryptography.AsymmetricAlgorithm] $algorithm, [securestring] $password) {
 
-        $certificateCollection = [Certificate]::ConvertToCertificateCollection($acmeCertificates, $algorithm);
+        $certificateCollection = [Certificate]::CreateCertificateCollection($acmeCertificates, $algorithm);
 
         if($password) {
             $unprotectedPassword = [PSCredential]::new("ACME-PS", $password).GetNetworkCredential().Password;