Add comprehensive tests for SSL/TLS module functions

[mohamedsolaiman]

Improved SSL Test Coverage

I was running some pentest engagements where we needed to validate SSL/TLS checks were working correctly, so I ended up writing a bunch of unit tests for the SSL module. Figured these could be useful upstream.

What I added:

1. Extended is_weak_hash_algo tests

• Case insensitivity (MD5, SHA1, Md5 all detected)
• Real-world signature algorithm strings like sha1WithRSAEncryption, md5WithRSAEncryption
• Strong algorithms like sha256, sha384, sha512, ed25519
• Edge cases (empty string, non-hash algo names)

2. New TestGetCertInfo class

• Valid certificate with all fields
• Weak signature detection (sha1, md5)
• Self-signed certificate detection
• Expired certificate
• Certificate expiring soon (< 30 days)
• Not-yet-activated certificate

3. New TestCreateSocketConnection class

• Successful connection
• Timeout and connection parameter verification

4. Additional edge cases in existing tests

• ssl_certificate_scan with connection refused (returns None)
• create_tcp_socket with connection refused
• is_weak_ssl_version with socket timeout

Related to #1452 and #1489.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 3ba1e7bf-8b91-4fcc-aa84-185d2541258d

📥 Commits

Reviewing files that changed from the base of the PR and between a2157ee and 07de1f0.

📒 Files selected for processing (1)

• tests/core/lib/test_ssl.py

---

Summary by CodeRabbit

• Tests
  • Expanded SSL/TLS validation test coverage with additional test cases for signing algorithms, timeout handling, connection failures, certificate validity, and socket connection operations.

Walkthrough

This pull request adds comprehensive test coverage for SSL-related functions in the core library. Changes include expanded test cases for weak hash algorithm detection, timeout/error handling, connection failures, certificate information extraction, and socket connection creation with proper mocking and assertions.

Changes

Cohort / File(s)	Summary
SSL Hash Algorithm Testing tests/core/lib/test_ssl.py	Expanded test_is_weak_hash_algo with case-insensitive variants, RSA "WithRSAEncryption" forms, strong algorithms, and edge/empty input cases.
SSL Version and Connection Error Handling tests/core/lib/test_ssl.py	Added timeout/error-path testing for is_weak_ssl_version and connection-failure handling for ssl_certificate_scan and create_tcp_socket; asserts proper return values when errors occur.
Certificate Information Extraction tests/core/lib/test_ssl.py	New unit tests for get_cert_info with mocked certificate loading, verifying detection of validity, weak signatures, self-signed certificates, expiration, activation windows, and MD5 classification.
Socket Connection Creation tests/core/lib/test_ssl.py	Added unit tests for create_socket_connection verifying wrapped socket return, timeout configuration, and correct connect behavior before wrapping.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 6/8 reviews remaining, refill in 11 minutes and 17 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

PR validation failed: No linked issue and no valid closing issue reference in PR description