private MxRecordTlsSecurityProfile CreateSecurityProfile(int failureCount = 0)
{
MxRecord mxRecord = new MxRecord(1, "host");
TlsTestResult tlsTestResult = new TlsTestResult(TlsVersion.TlsV12,
CipherSuite.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, CurveGroup.Ffdhe2048,
SignatureHashAlgorithm.SHA1_DSA, null, null, null);
TlsSecurityProfile tlsSecurityProfile = new TlsSecurityProfile(
1,
null,
new TlsTestResults(
failureCount,
new TlsTestResultsWithoutCertificate(tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult),
new List <X509Certificate2> {
TestCertificates.Certificate1
}
));
return(new MxRecordTlsSecurityProfile(mxRecord, tlsSecurityProfile));
}
private DomainTlsSecurityProfile CreateDomainTlsSecurityProfile()
{
TlsTestResult tlsTestResult = new TlsTestResult(TlsVersion.TlsV12,
CipherSuite.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, CurveGroup.Ffdhe2048,
SignatureHashAlgorithm.SHA1_DSA, null, null, null);
TlsSecurityProfile tlsSecurityProfile = new TlsSecurityProfile(
1,
null,
new TlsTestResults(0,
new TlsTestResultsWithoutCertificate(tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult,
tlsTestResult),
new List <X509Certificate2>()
));
return(new DomainTlsSecurityProfile(new Domain(1, "domain"),
new List <MxRecordTlsSecurityProfile>
{
new MxRecordTlsSecurityProfile(new MxRecord(1, "host"), tlsSecurityProfile)
}));
}
public TlsTestResultsWithoutCertificate(
TlsTestResult tls12AvailableWithBestCipherSuiteSelected,
TlsTestResult tls12AvailableWithBestCipherSuiteSelectedFromReverseList,
TlsTestResult tls12AvailableWithSha2HashFunctionSelected,
TlsTestResult tls12AvailableWithWeakCipherSuiteNotSelected,
TlsTestResult tls11AvailableWithBestCipherSuiteSelected,
TlsTestResult tls11AvailableWithWeakCipherSuiteNotSelected,
TlsTestResult tls10AvailableWithBestCipherSuiteSelected,
TlsTestResult tls10AvailableWithWeakCipherSuiteNotSelected,
TlsTestResult ssl3FailsWithBadCipherSuite,
TlsTestResult tlsSecureEllipticCurveSelected,
TlsTestResult tlsSecureDiffieHellmanGroupSelected,
TlsTestResult tlsWeakCipherSuitesRejected)
{
Tls12AvailableWithBestCipherSuiteSelected = tls12AvailableWithBestCipherSuiteSelected;
Tls12AvailableWithBestCipherSuiteSelectedFromReverseList =
tls12AvailableWithBestCipherSuiteSelectedFromReverseList;
Tls12AvailableWithSha2HashFunctionSelected = tls12AvailableWithSha2HashFunctionSelected;
Tls12AvailableWithWeakCipherSuiteNotSelected = tls12AvailableWithWeakCipherSuiteNotSelected;
Tls11AvailableWithBestCipherSuiteSelected = tls11AvailableWithBestCipherSuiteSelected;
Tls11AvailableWithWeakCipherSuiteNotSelected = tls11AvailableWithWeakCipherSuiteNotSelected;
Tls10AvailableWithBestCipherSuiteSelected = tls10AvailableWithBestCipherSuiteSelected;
Tls10AvailableWithWeakCipherSuiteNotSelected = tls10AvailableWithWeakCipherSuiteNotSelected;
Ssl3FailsWithBadCipherSuite = ssl3FailsWithBadCipherSuite;
TlsSecureEllipticCurveSelected = tlsSecureEllipticCurveSelected;
TlsSecureDiffieHellmanGroupSelected = tlsSecureDiffieHellmanGroupSelected;
TlsWeakCipherSuitesRejected = tlsWeakCipherSuitesRejected;
}
private BouncyCastleTlsTestResult ToTestResult(TlsTestResult tlsTestResult)
{
return(tlsTestResult == null
? new BouncyCastleTlsTestResult(null, null, null, null, null, null, null)
: new BouncyCastleTlsTestResult(tlsTestResult.Result.Version,
tlsTestResult.Result.CipherSuite,
tlsTestResult.Result.CurveGroup,
tlsTestResult.Result.SignatureHashAlgorithm,
tlsTestResult.Result.TlsError,
tlsTestResult.Result.ErrorDescription, tlsTestResult.Result.SmtpResponses));
}
private MxRecordTlsSecurityProfile CreateTlsSecurityProfile(ulong?id = 1,
CipherSuite cipherSuite = CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA)
{
TlsTestResult tlsTestResult = new TlsTestResult(TlsVersion.TlsV12, cipherSuite, CurveGroup.Ffdhe2048,
SignatureHashAlgorithm.SHA1_DSA, null, null, null);
var tlsSecurityProfile = new TlsSecurityProfile(id, null, new TlsTestResults(0,
new TlsTestResultsWithoutCertificate(tlsTestResult,
tlsTestResult, tlsTestResult, tlsTestResult, tlsTestResult, tlsTestResult,
tlsTestResult, tlsTestResult, tlsTestResult, tlsTestResult, tlsTestResult, tlsTestResult),
new List <X509Certificate2>
{
TestCertificates.Certificate1
}));
return(new MxRecordTlsSecurityProfile(new MxRecord(1, "host"), tlsSecurityProfile));
}
private bool IsErrored(TlsTestResult testResult)
{
return(testResult.Result.TlsError == TlsError.TCP_CONNECTION_FAILED ||
testResult.Result.TlsError == TlsError.SESSION_INITIALIZATION_FAILED);
}
