Schannel: Add support for proper listing of ciphers

Reworked the code to list supported ciphers for Schannel backend to provide the proper cipher names and cipher properties. Note: restricting the used ciphers for a TLS connection is only supported for TLS 1.2 yet! [ChangeLog][QtNetwork][QSslConfiguration] Add support for listing supported ciphers with Schannel backend. Change-Id: Idfc17335ec489315387a3e84b7a76a263be22378 Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
author: Tobias Koenig <tobias.koenig@kdab.com> 2023-04-28 10:42:04 +0200
committer: Tobias Koenig <tobias.koenig@kdab.com> 2023-06-16 09:27:00 +0200
commit: f7792d2b6d3d1e5dd47a8f6429b817b793bcfb9b (patch)
tree: 7c94b3ce70c7bc34fedf4513361556d9611d14ab /src/network/ssl/qtlsbackend.cpp
parent: ef7d809eaf3be2e162a274b48a6ac8051a51e86d (diff)
1 files changed, 15 insertions, 7 deletions
diff --git a/src/network/ssl/qtlsbackend.cpp b/src/network/ssl/qtlsbackend.cpp
index 8ef82a8a8e2..761ab33fbe2 100644
--- a/src/network/ssl/qtlsbackend.cpp
+++ b/src/network/ssl/qtlsbackend.cpp
@@ -889,20 +889,28 @@ QSslCipher QTlsBackend::createCiphersuite(const QString &suiteName, QSsl::SslPro
 
 /*!
     \internal
-    Auxiliary function. Creates a new QSslCipher from \a name (which is an implementation-specific
-    string), \a protocol and \a protocolString, e.g.:
+    Auxiliary function. Creates a new QSslCipher from \a name, \a keyExchangeMethod, \a encryptionMethod,
+    \a authenticationMethod, \a bits, \a protocol version and \a protocolString.
+    For example:
     \code
-    createCipher(QStringLiteral("schannel"), QSsl::TlsV1_2, "TLSv1.2"_L1);
+    createCiphersuite("ECDHE-RSA-AES256-GCM-SHA256"_L1, "ECDH"_L1, "AES"_L1, "RSA"_L1, 256,
+                      QSsl::TlsV1_2, "TLSv1.2"_L1);
     \endcode
 */
-QSslCipher QTlsBackend::createCipher(const QString &name, QSsl::SslProtocol protocol,
-                                     const QString &protocolString)
+QSslCipher QTlsBackend::createCiphersuite(const QString &name, const QString &keyExchangeMethod,
+                                          const QString &encryptionMethod,
+                                          const QString &authenticationMethod,
+                                          int bits, QSsl::SslProtocol protocol,
+                                          const QString &protocolString)
 {
-    // Note the name 'createCipher' (not 'ciphersuite'): we don't provide
-    // information about Kx, Au, bits/supported etc.
     QSslCipher cipher;
     cipher.d->isNull = false;
     cipher.d->name = name;
+    cipher.d->bits = bits;
+    cipher.d->supportedBits = bits;
+    cipher.d->keyExchangeMethod = keyExchangeMethod;
+    cipher.d->encryptionMethod = encryptionMethod;
+    cipher.d->authenticationMethod = authenticationMethod;
     cipher.d->protocol = protocol;
     cipher.d->protocolString = protocolString;
     return cipher;
author	Tobias Koenig <tobias.koenig@kdab.com>	2023-04-28 10:42:04 +0200
committer	Tobias Koenig <tobias.koenig@kdab.com>	2023-06-16 09:27:00 +0200
commit	f7792d2b6d3d1e5dd47a8f6429b817b793bcfb9b (patch)
tree	7c94b3ce70c7bc34fedf4513361556d9611d14ab /src/network/ssl/qtlsbackend.cpp
parent	ef7d809eaf3be2e162a274b48a6ac8051a51e86d (diff)