public void TlsDefinitionTest()
{
using (var definition = NWProtocolDefinition.CreateTlsDefinition())
Assert.NotNull(definition);
}
public void TlsDefaults()
{
using (var ep = NWEndpoint.Create("www.microsoft.com", "https"))
using (var parameters = NWParameters.CreateSecureTcp())
using (var queue = new DispatchQueue(GetType().FullName)) {
var connection = new NWConnection(ep, parameters);
var ready = new ManualResetEvent(false);
connection.SetStateChangeHandler((state, error) => {
Console.WriteLine(state);
switch (state)
{
case NWConnectionState.Cancelled:
case NWConnectionState.Failed:
// We can't dispose until the connection has been closed or it failed.
connection.Dispose();
break;
case NWConnectionState.Invalid:
case NWConnectionState.Preparing:
case NWConnectionState.Waiting:
break;
case NWConnectionState.Ready:
ready.Set();
break;
default:
break;
}
});
connection.SetQueue(queue);
connection.Start();
// Wait until the connection is ready.
Assert.True(ready.WaitOne(TimeSpan.FromSeconds(10)), "Connection is ready");
#if NET
using (var m = connection.GetProtocolMetadata <NWTlsMetadata> (NWProtocolDefinition.CreateTlsDefinition())) {
var s = m.SecProtocolMetadata;
#else
using (var m = connection.GetProtocolMetadata(NWProtocolDefinition.TlsDefinition)) {
var s = m.TlsSecProtocolMetadata;
#endif
Assert.False(s.EarlyDataAccepted, "EarlyDataAccepted");
#if !NET
Assert.That(s.NegotiatedCipherSuite, Is.Not.EqualTo(SslCipherSuite.SSL_NULL_WITH_NULL_NULL), "NegotiatedCipherSuite");
#endif
Assert.Null(s.NegotiatedProtocol, "NegotiatedProtocol");
Assert.That(s.NegotiatedProtocolVersion, Is.EqualTo(SslProtocol.Tls_1_2).Or.EqualTo(SslProtocol.Tls_1_3), "NegotiatedProtocolVersion");
Assert.NotNull(s.PeerPublicKey, "PeerPublicKey");
Assert.True(SecProtocolMetadata.ChallengeParametersAreEqual(s, s), "ChallengeParametersAreEqual");
Assert.True(SecProtocolMetadata.PeersAreEqual(s, s), "PeersAreEqual");
if (TestRuntime.CheckXcodeVersion(11, 0))
{
using (var d = s.CreateSecret("Xamarin", 128)) {
Assert.That(d.Size, Is.EqualTo((nuint)128), "CreateSecret-1");
}
using (var d = s.CreateSecret("Microsoft", new byte [1], 256)) {
Assert.That(d.Size, Is.EqualTo((nuint)256), "CreateSecret-2");
}
Assert.That(s.NegotiatedTlsProtocolVersion, Is.EqualTo(TlsProtocolVersion.Tls12).Or.EqualTo(TlsProtocolVersion.Tls13), "NegotiatedTlsProtocolVersion");
// we want to test the binding/API - not the exact value which can vary depending on the negotiation between the client (OS) and server...
Assert.That(s.NegotiatedTlsCipherSuite, Is.Not.EqualTo(0), "NegotiatedTlsCipherSuite");
Assert.That(s.ServerName, Is.EqualTo("www.microsoft.com"), "ServerName");
// we don't have a TLS-PSK enabled server to test this
Assert.False(s.AccessPreSharedKeys((psk, pskId) => { }), "AccessPreSharedKeys");
}
}
connection.Cancel();
}
}
}