public void ClientDefaultEncryption_ServerRequireEncryption_ConnectWithEncryption()
{
using (var serverRequireEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.RequireEncryption))
using (var client = new TcpClient())
{
client.Connect(serverRequireEncryption.RemoteEndPoint);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null))
{
sslStream.AuthenticateAsClient("localhost", null, TestConfiguration.DefaultSslProtocols, false);
_log.WriteLine("Client({0}) authenticated to server({1}) with encryption cipher: {2} {3}-bit strength",
client.Client.LocalEndPoint, client.Client.RemoteEndPoint,
sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
}
}
}
public async Task ServerAllowNoEncryption_ClientRequireEncryption_ConnectWithEncryption()
{
using (var serverAllowNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.AllowNoEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverAllowNoEncryption.RemoteEndPoint.Address, serverAllowNoEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.RequireEncryption))
{
await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false);
_log.WriteLine("Client({0}) authenticated to server({1}) with encryption cipher: {2} {3}-bit strength",
client.Client.LocalEndPoint, client.Client.RemoteEndPoint,
sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.NotEqual(CipherAlgorithmType.Null, sslStream.CipherAlgorithm);
Assert.True(sslStream.CipherStrength > 0);
}
}
}
public async Task ServerNoEncryption_ClientNoEncryption_ConnectWithNoEncryption()
{
using (var serverNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.NoEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverNoEncryption.RemoteEndPoint.Address, serverNoEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
{
if (SupportsNullEncryption)
{
await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false);
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
serverNoEncryption.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
CipherAlgorithmType expected = CipherAlgorithmType.Null;
Assert.Equal(expected, sslStream.CipherAlgorithm);
Assert.Equal(0, sslStream.CipherStrength);
}
else
{
var ae = await Assert.ThrowsAsync <AuthenticationException>(() => sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false));
Assert.IsType <PlatformNotSupportedException>(ae.InnerException);
}
}
}
}
private async Task ClientAsyncSslHelper(
EncryptionPolicy encryptionPolicy,
SslProtocols clientSslProtocols,
SslProtocols serverSslProtocols,
RemoteCertificateValidationCallback certificateCallback = null)
{
_log.WriteLine("Server: " + serverSslProtocols + "; Client: " + clientSslProtocols);
IPEndPoint endPoint = new IPEndPoint(IPAddress.Loopback, 0);
using (var server = new DummyTcpServer(endPoint, encryptionPolicy))
using (var client = new TcpClient())
{
server.SslProtocols = serverSslProtocols;
// Use a different SNI for each connection to prevent TLS 1.3 renegotiation issue: https://github.com/dotnet/runtime/issues/47378
string serverName = TestHelper.GetTestSNIName(nameof(ClientAsyncSslHelper), clientSslProtocols, serverSslProtocols);
await client.ConnectAsync(server.RemoteEndPoint.Address, server.RemoteEndPoint.Port);
using (SslStream sslStream = new SslStream(client.GetStream(), false, certificateCallback != null ? certificateCallback : AllowAnyServerCertificate, null))
{
Task clientAuthTask = sslStream.AuthenticateAsClientAsync(serverName, null, clientSslProtocols, false);
await clientAuthTask.WaitAsync(TestConfiguration.PassingTestTimeout);
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
server.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
}
}
}
private void ClientAsyncSslHelper(EncryptionPolicy encryptionPolicy, SslProtocols clientSslProtocols,
SslProtocols serverSslProtocols)
{
_log.WriteLine("Server: " + serverSslProtocols + "; Client: " + clientSslProtocols);
IPEndPoint endPoint = new IPEndPoint(IPAddress.IPv6Loopback, 0);
using (var server = new DummyTcpServer(endPoint, encryptionPolicy))
using (var client = new TcpClient(AddressFamily.InterNetworkV6))
{
server.SslProtocols = serverSslProtocols;
client.Connect(server.RemoteEndPoint);
using (SslStream sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null))
{
IAsyncResult async = sslStream.BeginAuthenticateAsClient("localhost", null, clientSslProtocols, false, null, null);
Assert.True(async.AsyncWaitHandle.WaitOne(TestConfiguration.TestTimeoutSeconds * 1000), "Timed Out");
sslStream.EndAuthenticateAsClient(async);
_log.WriteLine("Client({0}) authenticated to server({1}) with encryption cipher: {2} {3}-bit strength",
client.Client.LocalEndPoint, client.Client.RemoteEndPoint,
sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
}
}
}
private async Task ClientAsyncSslHelper(
EncryptionPolicy encryptionPolicy,
SslProtocols clientSslProtocols,
SslProtocols serverSslProtocols)
{
_log.WriteLine("Server: " + serverSslProtocols + "; Client: " + clientSslProtocols);
IPEndPoint endPoint = new IPEndPoint(IPAddress.IPv6Loopback, 0);
using (var server = new DummyTcpServer(endPoint, encryptionPolicy))
using (var client = new TcpClient(AddressFamily.InterNetworkV6))
{
server.SslProtocols = serverSslProtocols;
await client.ConnectAsync(server.RemoteEndPoint.Address, server.RemoteEndPoint.Port);
using (SslStream sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null))
{
Task clientAuthTask = sslStream.AuthenticateAsClientAsync("localhost", null, clientSslProtocols, false);
await clientAuthTask.TimeoutAfter(TestConfiguration.PassingTestTimeoutMilliseconds);
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
server.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
}
}
}
public async Task ServerNoEncryption_ClientNoEncryption_ConnectWithNoEncryption()
{
using (var serverNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.NoEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverNoEncryption.RemoteEndPoint.Address, serverNoEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
{
if (SupportsNullEncryption)
{
await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false);
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
serverNoEncryption.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
CipherAlgorithmType expected = CipherAlgorithmType.Null;
Assert.Equal(expected, sslStream.CipherAlgorithm);
Assert.Equal(0, sslStream.CipherStrength);
}
else
{
var ae = await Assert.ThrowsAsync<AuthenticationException>(() => sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false));
Assert.IsType<PlatformNotSupportedException>(ae.InnerException);
}
}
}
}
public async Task SslStreamConstructor_BadEncryptionPolicy_ThrowException()
{
using (var _remoteServer = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.RequireEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(_remoteServer.RemoteEndPoint.Address, _remoteServer.RemoteEndPoint.Port);
Assert.Throws <ArgumentException>(() =>
{
SslStream sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, (EncryptionPolicy)100);
});
}
}
public async Task ServerRequireEncryption_ClientNoEncryption_NoConnect()
{
using (var serverRequireEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.RequireEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverRequireEncryption.RemoteEndPoint.Address, serverRequireEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
{
await Assert.ThrowsAsync<IOException>(() =>
sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false));
}
}
}
public void SslStreamConstructor_BadEncryptionPolicy_ThrowException()
{
using (var _remoteServer = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 600), EncryptionPolicy.RequireEncryption))
using (var client = new TcpClient())
{
client.Connect(_remoteServer.RemoteEndPoint);
Assert.Throws<ArgumentException>(() =>
{
SslStream sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, (EncryptionPolicy)100);
});
}
}
public async Task ServerNoEncryption_ClientRequireEncryption_NoConnect()
{
using (var serverNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.NoEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverNoEncryption.RemoteEndPoint.Address, serverNoEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.RequireEncryption))
{
await Assert.ThrowsAsync <IOException>(() =>
sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false));
}
}
}
public async Task ServerRequireEncryption_ClientNoEncryption_NoConnect()
{
using (var serverRequireEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.RequireEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverRequireEncryption.RemoteEndPoint.Address, serverRequireEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
{
await Assert.ThrowsAsync(TestConfiguration.SupportsHandshakeAlerts?typeof(AuthenticationException) : typeof(IOException), () =>
sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocols.Tls | SslProtocols.Tls11 | SslProtocols.Tls12, false));
}
}
}
public void ServerRequireEncryption_ClientNoEncryption_NoConnect()
{
using (var serverRequireEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.RequireEncryption))
using (var client = new TcpClient())
{
client.Connect(serverRequireEncryption.RemoteEndPoint);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
{
Assert.Throws <IOException>(() =>
{
sslStream.AuthenticateAsClient("localhost", null, TestConfiguration.DefaultSslProtocols, false);
});
}
}
}
public void ServerRequireEncryption_ClientNoEncryption_NoConnect()
{
using (var serverRequireEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.RequireEncryption))
using (var client = new TcpClient())
{
client.Connect(serverRequireEncryption.RemoteEndPoint);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
{
Assert.Throws<IOException>(() =>
{
sslStream.AuthenticateAsClient("localhost", null, TestConfiguration.DefaultSslProtocols, false);
});
}
}
}
public async Task TransportContext_ConnectToServerWithSsl_GetExpectedChannelBindings()
{
using (var testServer = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.RequireEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(testServer.RemoteEndPoint.Address, testServer.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.RequireEncryption))
{
await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocols.Tls, false);
TransportContext context = sslStream.TransportContext;
CheckTransportContext(context);
}
}
}
public async Task TransportContext_ConnectToServerWithSsl_GetExpectedChannelBindings()
{
using (var testServer = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.RequireEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(testServer.RemoteEndPoint.Address, testServer.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.RequireEncryption))
{
await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocols.Tls, false);
TransportContext context = sslStream.TransportContext;
CheckTransportContext(context);
}
}
}
public async Task ClientDefaultEncryption_ServerAllowNoEncryption_ConnectWithEncryption()
{
using (var serverAllowNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.AllowNoEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverAllowNoEncryption.RemoteEndPoint.Address, serverAllowNoEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null))
{
await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false);
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
serverAllowNoEncryption.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
}
}
}
public void ClientDefaultEncryption_ServerAllowNoEncryption_ConnectWithEncryption()
{
using (var serverAllowNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.AllowNoEncryption))
using (var client = new TcpClient())
{
client.Connect(serverAllowNoEncryption.RemoteEndPoint);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null))
{
sslStream.AuthenticateAsClient("localhost", null, TestConfiguration.DefaultSslProtocols, false);
_log.WriteLine("Client({0}) authenticated to server({1}) with encryption cipher: {2} {3}-bit strength",
client.Client.LocalEndPoint, client.Client.RemoteEndPoint,
sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
}
}
}
public async Task ServerRequireEncryption_ClientAllowNoEncryption_ConnectWithEncryption()
{
using (var serverRequireEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.RequireEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverRequireEncryption.RemoteEndPoint.Address, serverRequireEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.AllowNoEncryption))
{
await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false);
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
serverRequireEncryption.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
}
}
}
public async Task ServerAllowNoEncryption_ClientRequireEncryption_ConnectWithEncryption()
{
using (var serverAllowNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.AllowNoEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverAllowNoEncryption.RemoteEndPoint.Address, serverAllowNoEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.RequireEncryption))
{
sslStream.AuthenticateAsClient("localhost", null, SslProtocolSupport.DefaultSslProtocols, false);
_log.WriteLine("Client({0}) authenticated to server({1}) with encryption cipher: {2} {3}-bit strength",
client.Client.LocalEndPoint, client.Client.RemoteEndPoint,
sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.NotEqual(CipherAlgorithmType.Null, sslStream.CipherAlgorithm);
Assert.True(sslStream.CipherStrength > 0);
}
}
}
public void ServerNoEncryption_ClientNoEncryption_ConnectWithNoEncryption()
{
using (var serverNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.NoEncryption))
using (var client = new TcpClient())
{
client.Connect(serverNoEncryption.RemoteEndPoint);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
{
sslStream.AuthenticateAsClient("localhost", null, TestConfiguration.DefaultSslProtocols, false);
_log.WriteLine("Client({0}) authenticated to server({1}) with encryption cipher: {2} {3}-bit strength",
client.Client.LocalEndPoint, client.Client.RemoteEndPoint,
sslStream.CipherAlgorithm, sslStream.CipherStrength);
CipherAlgorithmType expected = CipherAlgorithmType.Null;
Assert.Equal(expected, sslStream.CipherAlgorithm);
Assert.Equal(0, sslStream.CipherStrength);
}
}
}
public void ServerAllowNoEncryption_ClientNoEncryption_ConnectWithNoEncryption()
{
using (var serverAllowNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.AllowNoEncryption))
using (var client = new TcpClient())
{
client.Connect(serverAllowNoEncryption.RemoteEndPoint);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
{
sslStream.AuthenticateAsClient("localhost", null, TestConfiguration.DefaultSslProtocols, false);
_log.WriteLine("Client({0}) authenticated to server({1}) with encryption cipher: {2} {3}-bit strength",
client.Client.LocalEndPoint, client.Client.RemoteEndPoint,
sslStream.CipherAlgorithm, sslStream.CipherStrength);
CipherAlgorithmType expected = CipherAlgorithmType.Null;
Assert.Equal(expected, sslStream.CipherAlgorithm);
Assert.Equal(0, sslStream.CipherStrength);
}
}
}
public async Task ServerNoEncryption_ClientAllowNoEncryption_ConnectWithNoEncryption()
{
using (var serverNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.NoEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverNoEncryption.RemoteEndPoint.Address, serverNoEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.AllowNoEncryption))
{
await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocols.Tls | SslProtocols.Tls11 | SslProtocols.Tls12, false);
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
serverNoEncryption.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
CipherAlgorithmType expected = CipherAlgorithmType.Null;
Assert.Equal(expected, sslStream.CipherAlgorithm);
Assert.Equal(0, sslStream.CipherStrength);
}
}
}
private async Task ClientAsyncSslHelper(
EncryptionPolicy encryptionPolicy,
SslProtocols clientSslProtocols,
SslProtocols serverSslProtocols)
{
_log.WriteLine("Server: " + serverSslProtocols + "; Client: " + clientSslProtocols);
IPEndPoint endPoint = new IPEndPoint(IPAddress.IPv6Loopback, 0);
using (var server = new DummyTcpServer(endPoint, encryptionPolicy))
using (var client = new TcpClient(AddressFamily.InterNetworkV6))
{
server.SslProtocols = serverSslProtocols;
await client.ConnectAsync(server.RemoteEndPoint.Address, server.RemoteEndPoint.Port);
using (SslStream sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null))
{
Task clientAuthTask = sslStream.AuthenticateAsClientAsync("localhost", null, clientSslProtocols, false);
await clientAuthTask.TimeoutAfter(TestConfiguration.PassingTestTimeoutMilliseconds);
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
server.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
}
}
}
private async Task ClientAsyncSslHelper(EncryptionPolicy encryptionPolicy, SslProtocols clientSslProtocols,
SslProtocols serverSslProtocols)
{
_log.WriteLine("Server: " + serverSslProtocols + "; Client: " + clientSslProtocols);
IPEndPoint endPoint = new IPEndPoint(IPAddress.IPv6Loopback, 0);
using (var server = new DummyTcpServer(endPoint, encryptionPolicy))
using (var client = new TcpClient(AddressFamily.InterNetworkV6))
{
server.SslProtocols = serverSslProtocols;
await client.ConnectAsync(server.RemoteEndPoint.Address, server.RemoteEndPoint.Port);
using (SslStream sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null))
{
Task async = sslStream.AuthenticateAsClientAsync("localhost", null, clientSslProtocols, false);
Assert.True(((IAsyncResult)async).AsyncWaitHandle.WaitOne(TestConfiguration.TestTimeoutSeconds * 1000), "Timed Out");
async.GetAwaiter().GetResult();
_log.WriteLine("Client({0}) authenticated to server({1}) with encryption cipher: {2} {3}-bit strength",
client.Client.LocalEndPoint, client.Client.RemoteEndPoint,
sslStream.CipherAlgorithm, sslStream.CipherStrength);
Assert.True(sslStream.CipherAlgorithm != CipherAlgorithmType.Null, "Cipher algorithm should not be NULL");
Assert.True(sslStream.CipherStrength > 0, "Cipher strength should be greater than 0");
}
}
}
