Ejemplo n.º 1
0
        public TlsEvaluatorResult Test(ConnectionResults tlsConnectionResults)
        {
            TlsConnectionResult tlsConnectionResult = tlsConnectionResults.TlsSecureDiffieHellmanGroupSelected;

            switch (tlsConnectionResult.Error)
            {
            case Error.HANDSHAKE_FAILURE:
            case Error.PROTOCOL_VERSION:
            case Error.INSUFFICIENT_SECURITY:
                return(new TlsEvaluatorResult(EvaluatorResult.PASS));

            case Error.TCP_CONNECTION_FAILED:
            case Error.SESSION_INITIALIZATION_FAILED:
                return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE,
                                              string.Format(intro,
                                                            $"we were unable to create a connection to the mail server. We will keep trying, so please check back later. Error description \"{tlsConnectionResult.ErrorDescription}\".")));

            case null:
                break;

            default:
                return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE,
                                              string.Format(intro,
                                                            $"the server responded with an error. Error description \"{tlsConnectionResult.ErrorDescription}\".")));
            }

            switch (tlsConnectionResult.CurveGroup)
            {
            case CurveGroup.Ffdhe2048:
            case CurveGroup.Ffdhe3072:
            case CurveGroup.Ffdhe4096:
            case CurveGroup.Ffdhe6144:
            case CurveGroup.Ffdhe8192:
            case CurveGroup.UnknownGroup2048:
            case CurveGroup.UnknownGroup3072:
            case CurveGroup.UnknownGroup4096:
            case CurveGroup.UnknownGroup6144:
            case CurveGroup.UnknownGroup8192:
                return(new TlsEvaluatorResult(EvaluatorResult.PASS));

            case CurveGroup.UnknownGroup1024:
                return(new TlsEvaluatorResult(EvaluatorResult.WARNING,
                                              string.Format(intro, $"the server selected an unknown 1024 bit group. {advice}")));

            case CurveGroup.Java1024:
            case CurveGroup.Rfc2409_1024:
            case CurveGroup.Rfc5114_1024:
                return(new TlsEvaluatorResult(EvaluatorResult.FAIL,
                                              string.Format(intro,
                                                            $"the server selected {tlsConnectionResult.CurveGroup.GetEnumAsString()} which is an insecure 1024 bit (or less) group. {advice}")));

            case CurveGroup.Unknown:
                return(new TlsEvaluatorResult(EvaluatorResult.FAIL,
                                              string.Format(intro,
                                                            $"the server selected an unknown group which is potentially insecure. {advice}")));
            }

            return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE,
                                          string.Format(intro, "there was a problem and we are unable to provide additional information.")));
        }
        public void UnaccountedForCipherSuiteResponseShouldResultInInconclusive()
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, null, null, null, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Ssl3FailsWithBadCipherSuite, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.INCONCLUSIVE);
        }
        public void ConnectionRefusedErrorsShouldResultInPass(Error error)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(error, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Ssl3FailsWithBadCipherSuite, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.PASS);
        }
Ejemplo n.º 4
0
        public void AnErrorShouldResultInInconslusive()
        {
            ConnectionResults connectionResults = TlsTestDataUtil.CreateConnectionResults(TlsTestType.TlsSecureEllipticCurveSelected,
                                                                                          new TlsConnectionResult(Error.CERTIFICATE_UNOBTAINABLE, null, null));

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.INCONCLUSIVE);
        }
        public void InsecureCipherSuitesShouldResultInFail(CipherSuite cipherSuite)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, cipherSuite, null, null, null, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Ssl3FailsWithBadCipherSuite, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.FAIL);
        }
        public void NoPfsCipherSuiteShouldResultInWarning(CipherSuite cipherSuite)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, cipherSuite, null, null, null, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Ssl3FailsWithBadCipherSuite, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.WARNING);
        }
        public TlsEvaluatorResult Test(ConnectionResults tlsConnectionResults)
        {
            TlsConnectionResult tlsConnectionResult = tlsConnectionResults.TlsWeakCipherSuitesRejected;

            switch (tlsConnectionResult.Error)
            {
            case Error.HANDSHAKE_FAILURE:
            case Error.PROTOCOL_VERSION:
            case Error.INSUFFICIENT_SECURITY:
                return(new TlsEvaluatorResult(EvaluatorResult.PASS));

            case Error.TCP_CONNECTION_FAILED:
            case Error.SESSION_INITIALIZATION_FAILED:
                return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE,
                                              $"{intro} we were unable to create a connection to the mail server. We will keep trying, so please check back later. Error description \"{tlsConnectionResult.ErrorDescription}\"."));

            case null:
                break;

            default:
                return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE,
                                              $"{intro} the server responded with an error. Error description \"{tlsConnectionResult.ErrorDescription}\"."));
            }

            if (tlsConnectionResult.CipherSuite != null)
            {
                return(new TlsEvaluatorResult(EvaluatorResult.FAIL, $"{intro} the server accepted the connection and selected {tlsConnectionResult.CipherSuite.GetEnumAsString()}."));
            }

            return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE, $"{intro} there was a problem and we are unable to provide additional information."));
        }
Ejemplo n.º 8
0
        public TlsEvaluatorResult Test(ConnectionResults tlsConnectionResults)
        {
            TlsConnectionResult tlsConnectionResult = tlsConnectionResults.Tls11AvailableWithWeakCipherSuiteNotSelected;
            TlsConnectionResult tls12AvailableWithBestCipherSuiteSelectedResult = tlsConnectionResults.Tls12AvailableWithBestCipherSuiteSelected;

            switch (tlsConnectionResult.Error)
            {
            case Error.HANDSHAKE_FAILURE:
            case Error.PROTOCOL_VERSION:
            case Error.INSUFFICIENT_SECURITY:
                return(new TlsEvaluatorResult(EvaluatorResult.PASS));

            case Error.TCP_CONNECTION_FAILED:
            case Error.SESSION_INITIALIZATION_FAILED:
                return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE,
                                              string.Format(intro,
                                                            $"we were unable to create a connection to the mail server. We will keep trying, so please check back later. Error description \"{tlsConnectionResult.ErrorDescription}\".")));

            case null:
                break;

            default:
                return(tls12AvailableWithBestCipherSuiteSelectedResult.Error == null
                        ? new TlsEvaluatorResult(EvaluatorResult.WARNING,
                                                 string.Format(intro,
                                                               $"the server responded with an error. This may be because you do not support TLS 1.0. Error description \"{tlsConnectionResult.ErrorDescription}\"."))
                        : new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE,
                                                 string.Format(intro,
                                                               $"the server responded with an error. Error description \"{tlsConnectionResult.ErrorDescription}\".")));
            }

            switch (tlsConnectionResult.CipherSuite)
            {
            case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
            case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
            case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
            case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
                return(new TlsEvaluatorResult(EvaluatorResult.PASS));

            case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
            case CipherSuite.TLS_NULL_WITH_NULL_NULL:
            case CipherSuite.TLS_RSA_WITH_NULL_MD5:
            case CipherSuite.TLS_RSA_WITH_NULL_SHA:
            case CipherSuite.TLS_RSA_EXPORT_WITH_RC4_40_MD5:
            case CipherSuite.TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5:
            case CipherSuite.TLS_RSA_EXPORT_WITH_DES40_CBC_SHA:
            case CipherSuite.TLS_RSA_WITH_DES_CBC_SHA:
            case CipherSuite.TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA:
            case CipherSuite.TLS_DH_DSS_WITH_DES_CBC_SHA:
            case CipherSuite.TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA:
            case CipherSuite.TLS_DH_RSA_WITH_DES_CBC_SHA:
            case CipherSuite.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA:
            case CipherSuite.TLS_DHE_DSS_WITH_DES_CBC_SHA:
            case CipherSuite.TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA:
                return(new TlsEvaluatorResult(EvaluatorResult.FAIL, string.Format(intro, $"the server selected {tlsConnectionResult.CipherSuite.GetName()} which is insecure")));
            }

            return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE, string.Format(intro, "there was a problem and we are unable to provide additional information.")));
        }
        public void ConnectionRefusedErrorsShouldResultInPass(Error error)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(error, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Tls12AvailableWithWeakCipherSuiteNotSelected,
                                                                                              tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.PASS);
        }
        public void InsecureCiphersShouldResultInAFail(CipherSuite cipherSuite)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, cipherSuite, null, null, null, null, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Tls12AvailableWithWeakCipherSuiteNotSelected,
                                                                                              tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.FAIL);
        }
        public void Unknown1024GroupShouldResultInAWarn()
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, null, CurveGroup.UnknownGroup1024, null, null, null, null, null);
            ConnectionResults   connectionResults   =
                TlsTestDataUtil.CreateConnectionResults(TlsTestType.TlsSecureDiffieHellmanGroupSelected, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.WARNING);
        }
        public void NoCipherSuiteResponseShouldResultInInconclusive()
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, null, null, null, null, null, null, null);
            ConnectionResults   connectionResults   =
                TlsTestDataUtil.CreateConnectionResults(TlsTestType.TlsWeakCipherSuitesRejected, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.INCONCLUSIVE);
        }
        public void AnErrorShouldResultInAFail()
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(Error.INSUFFICIENT_SECURITY, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Tls12AvailableWithSha2HashFunctionSelected,
                                                                                              tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.FAIL);
        }
Ejemplo n.º 14
0
        public void AnErrorShouldResultInAWarning()
        {
            ConnectionResults connectionResults = TlsTestDataUtil.CreateConnectionResults(
                TlsTestType.Tls12AvailableWithBestCipherSuiteSelectedFromReverseList,
                new TlsConnectionResult(Error.BAD_CERTIFICATE, null, null));

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.WARNING);
        }
        public void AnErrorShouldResultInAFail()
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(Error.INSUFFICIENT_SECURITY, "Insufficient security", null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Tls11AvailableWithBestCipherSuiteSelected,
                                                                                              tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.FAIL);
        }
        public void ConnectionRefusedErrorsShouldResultInPass(Error error)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(error, null, null);
            ConnectionResults   connectionResults   =
                TlsTestDataUtil.CreateConnectionResults(TlsTestType.TlsSecureDiffieHellmanGroupSelected, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.PASS);
        }
        public void OtherErrorsShouldResultInInconclusive()
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(Error.INTERNAL_ERROR, null, null);
            ConnectionResults   connectionResults   =
                TlsTestDataUtil.CreateConnectionResults(TlsTestType.TlsSecureDiffieHellmanGroupSelected, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.INCONCLUSIVE);
        }
        public void TcpErrorsShouldResultInInconclusive(Error error)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(error, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Tls12AvailableWithSha2HashFunctionSelected,
                                                                                              tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.INCONCLUSIVE);
        }
        public void GoodCurveGroupsShouldResultInAPass(CurveGroup curveGroup)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, null, curveGroup, null, null, null, null, null);
            ConnectionResults   connectionResults   =
                TlsTestDataUtil.CreateConnectionResults(TlsTestType.TlsSecureDiffieHellmanGroupSelected, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.PASS);
        }
        public void GoodCiphersShouldResultInAPass(CipherSuite cipherSuite)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, cipherSuite, null, null, null, null, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Tls12AvailableWithSha2HashFunctionSelected,
                                                                                              tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.PASS);
        }
        public void OtherErrorsShouldResultInInconclusive()
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(Error.INTERNAL_ERROR, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Tls12AvailableWithWeakCipherSuiteNotSelected,
                                                                                              tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.INCONCLUSIVE);
        }
        public void CipherSuitesWithNoPfsShouldResultInAWarning(CipherSuite cipherSuite)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, cipherSuite, null, null, null, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Tls10AvailableWithBestCipherSuiteSelected,
                                                                                              tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.WARNING);
        }
Ejemplo n.º 23
0
        public void CurvesWithCurveNumberLessThan256ShouldResultInAFail(CurveGroup curveGroup)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, null, curveGroup, null, null, null, null, null);
            ConnectionResults   connectionResults   =
                TlsTestDataUtil.CreateConnectionResults(TlsTestType.TlsSecureEllipticCurveSelected, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.FAIL);
        }
        public void AnErrorShouldResultInAFail()
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(Error.ACCESS_DENIED, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Tls10AvailableWithBestCipherSuiteSelected,
                                                                                              tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.FAIL);
        }
Ejemplo n.º 25
0
        public void UnaccountedForCurveShouldResultInInconclusive()
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null, null, null, null, null, null, null, null);
            ConnectionResults   connectionResults   =
                TlsTestDataUtil.CreateConnectionResults(TlsTestType.TlsSecureEllipticCurveSelected, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.INCONCLUSIVE);
        }
        public void ErrorsShouldHaveErrorDescriptionInResult(Error error, string description)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(error, description, null);
            ConnectionResults   connectionResults   =
                TlsTestDataUtil.CreateConnectionResults(TlsTestType.Tls10AvailableWithBestCipherSuiteSelected, tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.INCONCLUSIVE);
            StringAssert.Contains($"Error description \"{description}\".", _sut.Test(connectionResults).Description);
        }
        public void ConnectionRefusedErrorsShouldResultInPassWithoutErrorDescription(Error error, string description)
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(error, null, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Ssl3FailsWithBadCipherSuite, tlsConnectionResult);

            TlsEvaluatorResult result = _sut.Test(connectionResults);

            Assert.AreEqual(result.Result, EvaluatorResult.PASS);
            Assert.That(result.Description, Is.Null);
        }
        public void OtherErrorsShouldResultInInconclusive()
        {
            string errorDescription = "Something went wrong!";
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(Error.INTERNAL_ERROR, errorDescription, null);
            ConnectionResults   connectionResults   = TlsTestDataUtil.CreateConnectionResults(TlsTestType.Ssl3FailsWithBadCipherSuite, tlsConnectionResult);
            TlsEvaluatorResult  result = _sut.Test(connectionResults);

            Assert.AreEqual(result.Result, EvaluatorResult.INCONCLUSIVE);
            StringAssert.Contains($"Error description \"{errorDescription}\".", result.Description);
        }
Ejemplo n.º 29
0
        public TlsEvaluatorResult Test(ConnectionResults tlsConnectionResults)
        {
            TlsConnectionResult tlsConnectionResult = tlsConnectionResults.Ssl3FailsWithBadCipherSuite;

            switch (tlsConnectionResult.Error)
            {
            case Error.HANDSHAKE_FAILURE:
            case Error.PROTOCOL_VERSION:
            case Error.INSUFFICIENT_SECURITY:
                return(new TlsEvaluatorResult(EvaluatorResult.PASS));

            case Error.TCP_CONNECTION_FAILED:
            case Error.SESSION_INITIALIZATION_FAILED:
                return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE, string.Format(intro, $"we were unable to create a connection to the mail server. We will keep trying, so please check back later. Error description \"{tlsConnectionResult.ErrorDescription}\".")));

            case null:
                break;

            default:
                return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE, string.Format(intro, $"the server responded with an error. Error description \"{tlsConnectionResult.ErrorDescription}\".")));
            }

            string introWithCipherSuite = string.Format(intro,
                                                        $"the server accepted the connection and selected {tlsConnectionResult.CipherSuite.GetEnumAsString()}");

            switch (tlsConnectionResult.CipherSuite)
            {
            case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
            case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
            case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
                return(new TlsEvaluatorResult(EvaluatorResult.WARNING,
                                              $"{introWithCipherSuite}. {advice}"));

            case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
            case CipherSuite.TLS_NULL_WITH_NULL_NULL:
            case CipherSuite.TLS_RSA_WITH_NULL_MD5:
            case CipherSuite.TLS_RSA_WITH_NULL_SHA:
            case CipherSuite.TLS_RSA_EXPORT_WITH_RC4_40_MD5:
            case CipherSuite.TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5:
            case CipherSuite.TLS_RSA_EXPORT_WITH_DES40_CBC_SHA:
            case CipherSuite.TLS_RSA_WITH_DES_CBC_SHA:
            case CipherSuite.TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA:
            case CipherSuite.TLS_DH_DSS_WITH_DES_CBC_SHA:
            case CipherSuite.TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA:
            case CipherSuite.TLS_DH_RSA_WITH_DES_CBC_SHA:
            case CipherSuite.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA:
            case CipherSuite.TLS_DHE_DSS_WITH_DES_CBC_SHA:
            case CipherSuite.TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA:
                return(new TlsEvaluatorResult(EvaluatorResult.FAIL,
                                              $"{introWithCipherSuite} which is insecure. {advice}"));
            }

            return(new TlsEvaluatorResult(EvaluatorResult.INCONCLUSIVE, string.Format(intro, "there was a problem and we are unable to provide additional information.")));
        }
Ejemplo n.º 30
0
        public void PreviousTestBeingInconclusiveShouldResultInPass()
        {
            TlsConnectionResult tlsConnectionResult = new TlsConnectionResult(null,
                                                                              CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, null, null, null, null, null, null);
            ConnectionResults connectionResults =
                TlsTestDataUtil.CreateConnectionResults(
                    TlsTestType.Tls12AvailableWithBestCipherSuiteSelectedFromReverseList,
                    tlsConnectionResult);

            Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.PASS);
        }