diff options
author | Liang Qi <liang.qi@qt.io> | 2017-03-20 08:44:28 +0100 |
---|---|---|
committer | Liang Qi <liang.qi@qt.io> | 2017-03-20 09:00:44 +0100 |
commit | ae2695535a2f1abbd4c6596a22dd33319b9388dd (patch) | |
tree | 91df41df365a13ea71b1361d909535e5b7a7360a /src/network/ssl/qsslsocket_mac.cpp | |
parent | 8066ae49433ed7604e710eef7b15d15de171608e (diff) | |
parent | c1a2f97a3b3a8c058b1760b57e5c83bf7815b84a (diff) |
Merge remote-tracking branch 'origin/5.9' into dev
Conflicts:
src/corelib/io/qfilesystemengine_win.cpp
src/gui/text/qdistancefield.cpp
src/plugins/platforms/xcb/qxcbconnection.h
Change-Id: I1be4a6f440ccb7599991159e3cb9de60990e4b1e
Diffstat (limited to 'src/network/ssl/qsslsocket_mac.cpp')
-rw-r--r-- | src/network/ssl/qsslsocket_mac.cpp | 137 |
1 files changed, 79 insertions, 58 deletions
diff --git a/src/network/ssl/qsslsocket_mac.cpp b/src/network/ssl/qsslsocket_mac.cpp index 07de954cef..44171ca911 100644 --- a/src/network/ssl/qsslsocket_mac.cpp +++ b/src/network/ssl/qsslsocket_mac.cpp @@ -575,6 +575,7 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui { QSslCipher ciph; switch (cipher) { + // Sorted as in CipherSuite.h (and groupped by their RFC) case SSL_RSA_WITH_NULL_MD5: ciph.d->name = QLatin1String("NULL-MD5"); ciph.d->protocol = QSsl::SslV3; @@ -592,38 +593,21 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui ciph.d->protocol = QSsl::SslV3; break; - case TLS_RSA_WITH_3DES_EDE_CBC_SHA: - ciph.d->name = QLatin1String("DES-CBC3-SHA"); - break; + // TLS addenda using AES, per RFC 3268 case TLS_RSA_WITH_AES_128_CBC_SHA: ciph.d->name = QLatin1String("AES128-SHA"); break; - case TLS_RSA_WITH_AES_128_CBC_SHA256: - ciph.d->name = QLatin1String("AES128-SHA256"); - break; - case TLS_RSA_WITH_AES_256_CBC_SHA: - ciph.d->name = QLatin1String("AES256-SHA"); - break; - case TLS_RSA_WITH_AES_256_CBC_SHA256: - ciph.d->name = QLatin1String("AES256-SHA256"); - break; - - case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: - ciph.d->name = QLatin1String("DHE-RSA-DES-CBC3-SHA"); - break; case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: ciph.d->name = QLatin1String("DHE-RSA-AES128-SHA"); break; - case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: - ciph.d->name = QLatin1String("DHE-RSA-AES128-SHA256"); + case TLS_RSA_WITH_AES_256_CBC_SHA: + ciph.d->name = QLatin1String("AES256-SHA"); break; case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: ciph.d->name = QLatin1String("DHE-RSA-AES256-SHA"); break; - case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: - ciph.d->name = QLatin1String("DHE-RSA-AES256-SHA256"); - break; + // ECDSA addenda, RFC 4492 case TLS_ECDH_ECDSA_WITH_NULL_SHA: ciph.d->name = QLatin1String("ECDH-ECDSA-NULL-SHA"); break; @@ -636,21 +620,29 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: ciph.d->name = QLatin1String("ECDH-ECDSA-AES128-SHA"); break; - case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: - ciph.d->name = QLatin1String("ECDH-ECDSA-AES128-SHA256"); - break; case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: ciph.d->name = QLatin1String("ECDH-ECDSA-AES256-SHA"); break; - case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: - ciph.d->name = QLatin1String("ECDH-ECDSA-AES256-SHA384"); + case TLS_ECDHE_ECDSA_WITH_NULL_SHA: + ciph.d->name = QLatin1String("ECDHE-ECDSA-NULL-SHA"); + break; + case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: + ciph.d->name = QLatin1String("ECDHE-ECDSA-RC4-SHA"); + break; + case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-ECDSA-DES-CBC3-SHA"); + break; + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA"); + break; + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA"); break; - case TLS_ECDH_RSA_WITH_NULL_SHA: ciph.d->name = QLatin1String("ECDH-RSA-NULL-SHA"); break; case TLS_ECDH_RSA_WITH_RC4_128_SHA: - ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA"); + ciph.d->name = QLatin1String("ECDH-RSA-RC4-SHA"); break; case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: ciph.d->name = QLatin1String("ECDH-RSA-DES-CBC3-SHA"); @@ -658,62 +650,91 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: ciph.d->name = QLatin1String("ECDH-RSA-AES128-SHA"); break; - case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: - ciph.d->name = QLatin1String("ECDH-RSA-AES128-SHA256"); - break; case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA"); break; - case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: - ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA384"); + case TLS_ECDHE_RSA_WITH_NULL_SHA: + ciph.d->name = QLatin1String("ECDHE-RSA-NULL-SHA"); + break; + case TLS_ECDHE_RSA_WITH_RC4_128_SHA: + ciph.d->name = QLatin1String("ECDHE-RSA-RC4-SHA"); + break; + case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-RSA-DES-CBC3-SHA"); + break; + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-RSA-AES128-SHA"); + break; + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA"); break; - case TLS_ECDHE_ECDSA_WITH_NULL_SHA: - ciph.d->name = QLatin1String("ECDHE-ECDSA-NULL-SHA"); + // TLS 1.2 addenda, RFC 5246 + case TLS_RSA_WITH_3DES_EDE_CBC_SHA: + ciph.d->name = QLatin1String("DES-CBC3-SHA"); break; - case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: - ciph.d->name = QLatin1String("ECDHE-ECDSA-RC4-SHA"); + case TLS_RSA_WITH_AES_128_CBC_SHA256: + ciph.d->name = QLatin1String("AES128-SHA256"); break; - case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-ECDSA-DES-CBC3-SHA"); + case TLS_RSA_WITH_AES_256_CBC_SHA256: + ciph.d->name = QLatin1String("AES256-SHA256"); break; - case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA"); + case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + ciph.d->name = QLatin1String("DHE-RSA-DES-CBC3-SHA"); break; - case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: - ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA256"); + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + ciph.d->name = QLatin1String("DHE-RSA-AES128-SHA256"); break; - case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA"); + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + ciph.d->name = QLatin1String("DHE-RSA-AES256-SHA256"); break; - case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: - ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA384"); + + // Addendum from RFC 4279, TLS PSK + // all missing atm. + + // RFC 4785 - Pre-Shared Key (PSK) Ciphersuites with NULL Encryption + // all missing atm. + + // Addenda from rfc 5288 AES Galois Counter Mode (CGM) Cipher Suites for TLS + case TLS_RSA_WITH_AES_256_GCM_SHA384: + ciph.d->name = QLatin1String("AES256-GCM-SHA384"); break; - case TLS_ECDHE_RSA_WITH_NULL_SHA: - ciph.d->name = QLatin1String("ECDHE-RSA-NULL-SHA"); + // RFC 5487 - PSK with SHA-256/384 and AES GCM + // all missing atm. + + // Addenda from rfc 5289 Elliptic Curve Cipher Suites with HMAC SHA-256/384 + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA256"); break; - case TLS_ECDHE_RSA_WITH_RC4_128_SHA: - ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA"); + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA384"); break; - case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-RSA-DES-CBC3-SHA"); + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + ciph.d->name = QLatin1String("ECDH-ECDSA-AES128-SHA256"); break; - case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-RSA-AES128-SHA"); + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + ciph.d->name = QLatin1String("ECDH-ECDSA-AES256-SHA384"); break; case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: ciph.d->name = QLatin1String("ECDHE-RSA-AES128-SHA256"); break; - case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA"); - break; case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA384"); break; + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + ciph.d->name = QLatin1String("ECDH-RSA-AES128-SHA256"); + break; + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA384"); + break; + + // Addenda from rfc 5289 Elliptic Curve Cipher Suites + // with SHA-256/384 and AES Galois Counter Mode (GCM) case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: ciph.d->name = QLatin1String("ECDHE-RSA-AES256-GCM-SHA384"); break; + default: return ciph; } |