def test_tlsv1_0_disabled(self): # Given a server to scan that does NOT support TLS 1.0 server_location = ServerNetworkLocationViaDirectConnection.with_ip_address_lookup("success.trendmicro.com", 443) server_info = ServerConnectivityTester().perform(server_location) # When scanning for cipher suites, it succeeds result: CipherSuitesScanResult = Tlsv10ScanImplementation.scan_server(server_info) # And the result confirms that TLS 1.0 is not supported assert result.cipher_suite_preferred_by_server is None assert not result.accepted_cipher_suites assert result.rejected_cipher_suites
def test_tlsv1_0_disabled(self): # Given a server to scan that does NOT support TLS 1.0 server_location = ServerNetworkLocation("success.trendmicro.com", 443) server_info = check_connectivity_to_server_and_return_info( server_location) # When scanning for cipher suites, it succeeds result: CipherSuitesScanResult = Tlsv10ScanImplementation.scan_server( server_info) # And the result confirms that TLS 1.0 is not supported assert not result.accepted_cipher_suites assert result.rejected_cipher_suites
def test_tlsv1_0_enabled(self): # Given a server to scan that supports TLS 1.0 server_location = ServerNetworkLocationViaDirectConnection.with_ip_address_lookup("www.google.com", 443) server_info = ServerConnectivityTester().perform(server_location) # When scanning for cipher suites, it succeeds result: CipherSuitesScanResult = Tlsv10ScanImplementation.scan_server(server_info) # And the result confirms that TLS 1.0 is supported expected_ciphers = { "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", } assert expected_ciphers == { accepted_cipher.cipher_suite.name for accepted_cipher in result.accepted_cipher_suites } assert result.rejected_cipher_suites