22// The .NET Foundation licenses this file to you under the MIT license.
33
44using System . IO ;
5+ using System . Collections . Generic ;
56using System . Threading . Tasks ;
67using System . Net . Test . Common ;
78using System . Security . Authentication ;
@@ -115,11 +116,19 @@ public async Task SslStream_RequireClientCert_IsMutuallyAuthenticated_ReturnsTru
115116 }
116117 }
117118 }
119+ public static IEnumerable < object [ ] > SslProtocolsAndBoolData ( )
120+ {
121+ foreach ( object [ ] protocol in new SslProtocolSupport . SupportedSslProtocolsTestData ( ) )
122+ {
123+ yield return new object [ ] { protocol [ 0 ] , true } ;
124+ yield return new object [ ] { protocol [ 0 ] , false } ;
125+ }
126+ }
118127
119128 [ ConditionalTheory ( typeof ( PlatformDetection ) , nameof ( PlatformDetection . IsNotWindows7 ) ) ]
120- [ ClassData ( typeof ( SslProtocolSupport . SupportedSslProtocolsTestData ) ) ]
129+ [ MemberData ( nameof ( SslProtocolsAndBoolData ) ) ]
121130 public async Task SslStream_CachedCredentials_IsMutuallyAuthenticatedCorrect (
122- SslProtocols protocol )
131+ SslProtocols protocol , bool startWithMtls )
123132 {
124133 var clientOptions = new SslClientAuthenticationOptions
125134 {
@@ -129,18 +138,20 @@ public async Task SslStream_CachedCredentials_IsMutuallyAuthenticatedCorrect(
129138 TargetHost = Guid . NewGuid ( ) . ToString ( "N" )
130139 } ;
131140
141+ SslStreamCertificateContext context = SslStreamCertificateContext . Create ( _serverCertificate , null ) ;
142+
132143 for ( int i = 0 ; i < 5 ; i ++ )
133144 {
134145 ( SslStream client , SslStream server ) = TestHelper . GetConnectedSslStreams ( ) ;
135146 using ( client )
136147 using ( server )
137148 {
138- bool expectMutualAuthentication = ( i % 2 ) == 0 ;
149+ bool expectMutualAuthentication = ( i % 2 ) == ( startWithMtls ? 0 : 1 ) ;
139150
140151 var serverOptions = new SslServerAuthenticationOptions
141152 {
142153 ClientCertificateRequired = expectMutualAuthentication ,
143- ServerCertificate = expectMutualAuthentication ? _serverCertificate : _selfSignedCertificate ,
154+ ServerCertificateContext = context ,
144155 RemoteCertificateValidationCallback = delegate { return true ; } ,
145156 EnabledSslProtocols = protocol
146157 } ;
@@ -193,7 +204,6 @@ public async Task SslStream_NegotiateClientCertificate_IsMutuallyAuthenticatedCo
193204 ServerCertificateContext = context ,
194205 ClientCertificateRequired = false ,
195206 EnabledSslProtocols = SslProtocols . Tls12 ,
196-
197207 } ) ;
198208
199209 await TestConfiguration . WhenAllOrAnyFailedWithTimeout ( t1 , t2 ) ;
@@ -266,7 +276,7 @@ await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
266276 }
267277 else
268278 {
269- Assert . Null ( server . RemoteCertificate ) ;
279+ Assert . Null ( server . RemoteCertificate ) ;
270280 }
271281 } ;
272282 }
@@ -320,7 +330,7 @@ await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
320330 }
321331 else
322332 {
323- Assert . Null ( server . RemoteCertificate ) ;
333+ Assert . Null ( server . RemoteCertificate ) ;
324334 }
325335 } ;
326336 }
@@ -357,7 +367,7 @@ public async Task SslStream_ResumedSessionsCallbackMaybeSet_IsMutuallyAuthentica
357367
358368 if ( expectMutualAuthentication )
359369 {
360- clientOptions . LocalCertificateSelectionCallback = ( s , t , l , r , a ) => _clientCertificate ;
370+ clientOptions . LocalCertificateSelectionCallback = ( s , t , l , r , a ) => _clientCertificate ;
361371 }
362372 else
363373 {
@@ -378,7 +388,7 @@ await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
378388 }
379389 else
380390 {
381- Assert . Null ( server . RemoteCertificate ) ;
391+ Assert . Null ( server . RemoteCertificate ) ;
382392 }
383393 } ;
384394 }
0 commit comments