public void PreviousCipherSuiteIsDifferentAndCurrentIsWarningShouldResultInWarning(CipherSuite cipherSuite) { Dictionary <TlsTestType, TlsConnectionResult> data = new Dictionary <TlsTestType, TlsConnectionResult> { { TlsTestType.Tls12AvailableWithBestCipherSuiteSelectedFromReverseList, new TlsConnectionResult(null, cipherSuite, null, null, null, null, null, null) }, { TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, new TlsConnectionResult(null, CipherSuite.TLS_RSA_WITH_RC4_128_MD5, null, null, null, null, null, null) } }; ConnectionResults connectionResults = TlsTestDataUtil.CreateConnectionResults(data); Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.WARNING); }
public void PreviousCipherSuiteIsDifferentAndCurrentIsPassShouldResultInPass(CipherSuite cipherSuite) { Dictionary <TlsTestType, TlsConnectionResult> data = new Dictionary <TlsTestType, TlsConnectionResult> { { TlsTestType.Tls12AvailableWithBestCipherSuiteSelectedFromReverseList, new TlsConnectionResult(null, cipherSuite, null, null, null, null, null, null) }, { TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, new TlsConnectionResult(null, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, null, null, null, null, null, null) } }; ConnectionResults connectionResults = TlsTestDataUtil.CreateConnectionResults(data); Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.PASS); }
public void ExpectFailMessageWhenTls11HasError() { Dictionary <TlsTestType, TlsConnectionResult> data = new Dictionary <TlsTestType, TlsConnectionResult> { { TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, new TlsConnectionResult(null, null, null, null, Error.BAD_CERTIFICATE, null, null) }, { TlsTestType.Tls11AvailableWithBestCipherSuiteSelected, new TlsConnectionResult(null, null, null, null, Error.BAD_CERTIFICATE, null, null) } }; ConnectionResults connectionResults = TlsTestDataUtil.CreateConnectionResults(data); Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.FAIL); }
public async Task NoErrorReturnsPass() { Tls10Available tls10Available = new Tls10Available(); BouncyCastleTlsTestResult tls10ConnectionResult = new BouncyCastleTlsTestResult(null, null, null, null, null, null, new List <string>()); TlsTestResults connectionTestResults = TlsTestDataUtil.CreateMxHostTlsResults(new Dictionary <TlsTestType, BouncyCastleTlsTestResult> { { TlsTestType.Tls10AvailableWithBestCipherSuiteSelected, tls10ConnectionResult }, }); List <RuleTypedTlsEvaluationResult> ruleTypedTlsEvaluationResults = await tls10Available.Evaluate(connectionTestResults); Assert.That(ruleTypedTlsEvaluationResults.Count, Is.EqualTo(1)); Assert.That(ruleTypedTlsEvaluationResults[0].TlsEvaluatedResult.Result, Is.EqualTo(EvaluatorResult.PASS)); Assert.That(ruleTypedTlsEvaluationResults[0].TlsEvaluatedResult.Description, Is.Null); }
public async Task Tls10ErrorAndNoOtherTlsSupportedReturnsError() { Tls10Available tls10Available = new Tls10Available(); BouncyCastleTlsTestResult tls10ConnectionResult = new BouncyCastleTlsTestResult(null, null, null, null, TlsError.HANDSHAKE_FAILURE, null, new List <string>()); TlsTestResults connectionTestResults = TlsTestDataUtil.CreateMxHostTlsResults(new Dictionary <TlsTestType, BouncyCastleTlsTestResult> { { TlsTestType.Tls10AvailableWithBestCipherSuiteSelected, tls10ConnectionResult }, }); List <RuleTypedTlsEvaluationResult> ruleTypedTlsEvaluationResults = await tls10Available.Evaluate(connectionTestResults); Assert.That(ruleTypedTlsEvaluationResults.Count, Is.EqualTo(1)); Assert.That(ruleTypedTlsEvaluationResults[0].TlsEvaluatedResult.Result, Is.EqualTo(EvaluatorResult.INFORMATIONAL)); StringAssert.StartsWith("This server refused to negotiate using TLS 1.0", ruleTypedTlsEvaluationResults[0].TlsEvaluatedResult.Description); }
public async Task Test(TlsError?tlsError, EvaluatorResult expectedEvaluatorResult, string expectedDescription) { Tls12Available tls12Available = new Tls12Available(); BouncyCastleTlsTestResult tlsConnectionResult = new BouncyCastleTlsTestResult(null, null, null, null, tlsError, null, new List <string>()); TlsTestResults connectionTestResults = TlsTestDataUtil.CreateMxHostTlsResults( TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, tlsConnectionResult); List <RuleTypedTlsEvaluationResult> ruleTypedTlsEvaluationResults = await tls12Available.Evaluate(connectionTestResults); Assert.That(ruleTypedTlsEvaluationResults.Count, Is.EqualTo(1)); Assert.That(ruleTypedTlsEvaluationResults[0].TlsEvaluatedResult.Result, Is.EqualTo(expectedEvaluatorResult)); StringAssert.StartsWith(expectedDescription, ruleTypedTlsEvaluationResults[0].TlsEvaluatedResult.Description); }
public void UnaccountedForCipherSuiteResponseShouldResultInInconclusive() { Dictionary <TlsTestType, TlsConnectionResult> data = new Dictionary <TlsTestType, TlsConnectionResult> { { TlsTestType.Tls12AvailableWithBestCipherSuiteSelectedFromReverseList, new TlsConnectionResult(null, null, null, null, null, null, null, null) }, { TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, new TlsConnectionResult(null, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, null, null, null, null, null, null) } }; ConnectionResults connectionResults = TlsTestDataUtil.CreateConnectionResults(data); Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.INCONCLUSIVE); }
public void NullCipherSuiteShouldResultInInconclusive() { Dictionary <TlsTestType, TlsConnectionResult> data = new Dictionary <TlsTestType, TlsConnectionResult> { { TlsTestType.Tls12AvailableWithBestCipherSuiteSelectedFromReverseList, new TlsConnectionResult(null, null, null, null, null, null, null, null) }, { TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, new TlsConnectionResult(null, CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, null, null, null, null, null, null) } }; ConnectionResults connectionResults = TlsTestDataUtil.CreateConnectionResults(data); Assert.AreEqual(_sut.Test(connectionResults).Result, EvaluatorResult.INCONCLUSIVE); }
public async Task PreviousCipherSuiteIsDifferentAndCurrentIsFailShouldResultInFail(CipherSuite cipherSuite) { Dictionary <TlsTestType, BouncyCastleTlsTestResult> data = new Dictionary <TlsTestType, BouncyCastleTlsTestResult> { { TlsTestType.Tls12AvailableWithBestCipherSuiteSelectedFromReverseList, new BouncyCastleTlsTestResult(null, cipherSuite, null, null, null, null, null, null) }, { TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, new BouncyCastleTlsTestResult(null, CipherSuite.TLS_RSA_WITH_RC4_128_SHA, null, null, null, null, null, null) } }; TlsTestResults connectionTestResults = TlsTestDataUtil.CreateMxHostTlsResults(data); List <RuleTypedTlsEvaluationResult> evaluatorResults = await _sut.Evaluate(connectionTestResults); Assert.AreEqual(evaluatorResults[0].TlsEvaluatedResult.Result, EvaluatorResult.FAIL); }
public async Task PreviousCipherSuiteIsSameShouldResultInPass() { Dictionary <TlsTestType, BouncyCastleTlsTestResult> data = new Dictionary <TlsTestType, BouncyCastleTlsTestResult> { { TlsTestType.Tls12AvailableWithBestCipherSuiteSelectedFromReverseList, new BouncyCastleTlsTestResult(null, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, null, null, null, null, null, null) }, { TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, new BouncyCastleTlsTestResult(null, CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, null, null, null, null, null, null) } }; TlsTestResults connectionTestResults = TlsTestDataUtil.CreateMxHostTlsResults(data); List <RuleTypedTlsEvaluationResult> evaluatorResults = await _sut.Evaluate(connectionTestResults); Assert.That(evaluatorResults.Count, Is.EqualTo(1)); Assert.AreEqual(evaluatorResults[0].TlsEvaluatedResult.Result, EvaluatorResult.PASS); }
public async Task ExpectInconclusiveMessageWhenTls12HasError() { Dictionary <TlsTestType, BouncyCastleTlsTestResult> data = new Dictionary <TlsTestType, BouncyCastleTlsTestResult> { { TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, new BouncyCastleTlsTestResult(null, null, null, null, TlsError.BAD_CERTIFICATE, null, null) }, { TlsTestType.Tls10AvailableWithWeakCipherSuiteNotSelected, new BouncyCastleTlsTestResult(null, null, null, null, TlsError.BAD_CERTIFICATE, null, null) } }; TlsTestResults connectionTestResults = TlsTestDataUtil.CreateMxHostTlsResults(data); List <RuleTypedTlsEvaluationResult> evaluatorResults = await _sut.Evaluate(connectionTestResults); Assert.That(evaluatorResults.Count, Is.EqualTo(1)); Assert.AreEqual(evaluatorResults[0].TlsEvaluatedResult.Result, EvaluatorResult.INCONCLUSIVE); }
public async Task NullCipherSuiteShouldResultInInconclusive() { Dictionary <TlsTestType, BouncyCastleTlsTestResult> data = new Dictionary <TlsTestType, BouncyCastleTlsTestResult> { { TlsTestType.Tls12AvailableWithBestCipherSuiteSelectedFromReverseList, new BouncyCastleTlsTestResult(null, null, null, null, null, null, null, null) }, { TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, new BouncyCastleTlsTestResult(null, CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA, null, null, null, null, null, null) } }; TlsTestResults connectionTestResults = TlsTestDataUtil.CreateMxHostTlsResults(data); List <RuleTypedTlsEvaluationResult> evaluatorResults = await _sut.Evaluate(connectionTestResults); Assert.That(evaluatorResults.Count, Is.EqualTo(1)); Assert.AreEqual(evaluatorResults[0].TlsEvaluatedResult.Result, EvaluatorResult.INCONCLUSIVE); }
public void ExpectFailMessageWhenTls12HasError() { string errorDescription = "Something went wrong!"; Dictionary <TlsTestType, TlsConnectionResult> data = new Dictionary <TlsTestType, TlsConnectionResult> { { TlsTestType.Tls12AvailableWithBestCipherSuiteSelected, new TlsConnectionResult(null, null, null, null, Error.BAD_CERTIFICATE, errorDescription, null) }, { TlsTestType.Tls10AvailableWithBestCipherSuiteSelected, new TlsConnectionResult(null, null, null, null, Error.BAD_CERTIFICATE, errorDescription, null) } }; ConnectionResults connectionResults = TlsTestDataUtil.CreateConnectionResults(data); TlsEvaluatorResult result = _sut.Test(connectionResults); Assert.AreEqual(result.Result, EvaluatorResult.FAIL); StringAssert.Contains($"Error description \"{errorDescription}\".", result.Description); }