public async Task SslStream_StreamToStream_HandshakeAlert_Ok()
{
VirtualNetwork network = new VirtualNetwork();
using (var clientStream = new VirtualNetworkStream(network, isServer: false))
using (var serverStream = new VirtualNetworkStream(network, isServer: true))
using (var client = new SslStream(clientStream, true, AllowAnyServerCertificate))
using (var server = new SslStream(serverStream, true, FailClientCertificate))
using (X509Certificate2 certificate = Configuration.Certificates.GetServerCertificate())
{
Task serverAuth = server.AuthenticateAsServerAsync(certificate);
await client.AuthenticateAsClientAsync(certificate.GetNameInfo(X509NameType.SimpleName, false));
byte[] buffer = new byte[1024];
// Schannel semantics require that Decrypt is called to receive an alert.
await client.WriteAsync(buffer, 0, buffer.Length);
var exception = await Assert.ThrowsAsync<IOException>(() => client.ReadAsync(buffer, 0, buffer.Length));
Assert.IsType<Win32Exception>(exception.InnerException);
var win32ex = (Win32Exception)exception.InnerException;
// The Schannel HResults for each alert are documented here:
// https://msdn.microsoft.com/en-us/library/windows/desktop/dd721886(v=vs.85).aspx
Assert.Equal(SEC_E_CERT_UNKNOWN, (uint)win32ex.NativeErrorCode);
await Assert.ThrowsAsync<AuthenticationException>(() => serverAuth);
await Assert.ThrowsAsync<AuthenticationException>(() => server.WriteAsync(buffer, 0, buffer.Length));
await Assert.ThrowsAsync<AuthenticationException>(() => server.ReadAsync(buffer, 0, buffer.Length));
}
}