def test_filter_for_certificate_with_no_cert(self):
orig_ciphers = [CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
CipherSuite.TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA,
CipherSuite.TLS_AES_128_GCM_SHA256]
new_ciphers = CipherSuite.filter_for_certificate(
orig_ciphers,
None)
self.assertFalse(orig_ciphers is new_ciphers)
self.assertEqual(new_ciphers,
[CipherSuite.TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA,
CipherSuite.TLS_AES_128_GCM_SHA256])
def test_filter_for_certificate_with_ecdsa(self):
cert_list = mock.MagicMock()
cert = mock.MagicMock()
cert.certAlg = "ecdsa"
cert_list.x509List = [cert]
orig_ciphers = [CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
CipherSuite.TLS_AES_128_GCM_SHA256]
new_ciphers = CipherSuite.filter_for_certificate(
orig_ciphers, cert_list)
self.assertEqual(new_ciphers,
[CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
CipherSuite.TLS_AES_128_GCM_SHA256])
