-
Notifications
You must be signed in to change notification settings - Fork 4.6k
/
MsQuicCipherSuitesPolicyTests.cs
80 lines (72 loc) · 3.65 KB
/
MsQuicCipherSuitesPolicyTests.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
using System.Collections.Generic;
using System.Net.Security;
using System.Threading.Tasks;
using Xunit;
using Xunit.Abstractions;
namespace System.Net.Quic.Tests
{
[Collection(nameof(DisableParallelization))]
[ConditionalClass(typeof(QuicTestBase), nameof(QuicTestBase.IsSupported))]
[SkipOnPlatform(TestPlatforms.Windows, "CipherSuitesPolicy is not supported on Windows")]
public class MsQuicCipherSuitesPolicyTests : QuicTestBase
{
public MsQuicCipherSuitesPolicyTests(ITestOutputHelper output) : base(output) { }
private async Task TestConnection(CipherSuitesPolicy serverPolicy, CipherSuitesPolicy clientPolicy)
{
var listenerOptions = new QuicListenerOptions()
{
ListenEndPoint = new IPEndPoint(IPAddress.Loopback, 0),
ApplicationProtocols = new List<SslApplicationProtocol>() { ApplicationProtocol },
ConnectionOptionsCallback = (_, _, _) =>
{
var serverOptions = CreateQuicServerOptions();
serverOptions.ServerAuthenticationOptions.CipherSuitesPolicy = serverPolicy;
return ValueTask.FromResult(serverOptions);
}
};
await using QuicListener listener = await CreateQuicListener(listenerOptions);
var clientOptions = CreateQuicClientOptions(listener.LocalEndPoint);
clientOptions.ClientAuthenticationOptions.CipherSuitesPolicy = clientPolicy;
await using QuicConnection clientConnection = await CreateQuicConnection(clientOptions);
await clientConnection.CloseAsync(0);
}
[Fact]
public Task SupportedCipher_Success()
{
CipherSuitesPolicy policy = new CipherSuitesPolicy(new[] { TlsCipherSuite.TLS_AES_128_GCM_SHA256 });
return TestConnection(policy, policy);
}
[Theory]
[InlineData(new TlsCipherSuite[] { })]
[InlineData(new[] { TlsCipherSuite.TLS_AES_128_CCM_8_SHA256 })]
public void NoSupportedCiphers_ThrowsArgumentException(TlsCipherSuite[] ciphers)
{
CipherSuitesPolicy policy = new CipherSuitesPolicy(ciphers);
var listenerOptions = new QuicListenerOptions()
{
ListenEndPoint = new IPEndPoint(IPAddress.Loopback, 0),
ApplicationProtocols = new List<SslApplicationProtocol>() { ApplicationProtocol },
ConnectionOptionsCallback = (_, _, _) =>
{
var serverOptions = CreateQuicServerOptions();
serverOptions.ServerAuthenticationOptions.CipherSuitesPolicy = policy;
return ValueTask.FromResult(serverOptions);
}
};
Assert.ThrowsAsync<ArgumentException>(async () => await CreateQuicListener(listenerOptions));
var clientOptions = CreateQuicClientOptions(new IPEndPoint(IPAddress.Loopback, 5000));
clientOptions.ClientAuthenticationOptions.CipherSuitesPolicy = policy;
Assert.ThrowsAsync<ArgumentException>(async () => await CreateQuicConnection(clientOptions));
}
[Fact]
public async Task MismatchedCipherPolicies_ConnectAsync_ThrowsQuicException()
{
await Assert.ThrowsAsync<QuicException>(() => TestConnection(
new CipherSuitesPolicy(new[] { TlsCipherSuite.TLS_AES_128_GCM_SHA256 }),
new CipherSuitesPolicy(new[] { TlsCipherSuite.TLS_AES_256_GCM_SHA384 })
));
}
}
}