public void SslSupportedCiphers() { TestRuntime.AssertSystemVersion(PlatformName.MacOSX, 10, 8, throwIfOtherPlatform: false); int ssl_client_ciphers = -1; using (var client = new SslContext(SslProtocolSide.Client, SslConnectionType.Stream)) { // maximum downgrade client.MaxProtocol = client.MinProtocol; var ciphers = client.GetSupportedCiphers(); ssl_client_ciphers = ciphers.Count; Assert.That(ssl_client_ciphers, Is.AtLeast(1), "GetSupportedCiphers"); // we can't really scan for SSL_* since (some of) the values are identical to TLS_ // useful the other way around } int ssl_server_ciphers = -1; using (var server = new SslContext(SslProtocolSide.Server, SslConnectionType.Stream)) { // no downgrade, shows that the ciphers are not really restriced var ciphers = server.GetSupportedCiphers(); ssl_server_ciphers = ciphers.Count; Assert.That(ssl_server_ciphers, Is.AtLeast(1), "GetSupportedCiphers"); // we can't really scan for SSL_* since (some of) the values are identical to TLS_ // useful the other way around // make sure we have names for all ciphers - except old export ones (that we do not want to promote) // e.g. iOS 5.1 still supports them foreach (var cipher in ciphers) { string s = cipher.ToString(); if (s.Length < 8) { Console.WriteLine(s); } Assert.True(s.StartsWith("SSL_", StringComparison.Ordinal) || s.StartsWith("TLS_", StringComparison.Ordinal), s); } } Assert.That(ssl_client_ciphers, Is.EqualTo(ssl_server_ciphers), "same"); }