summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/network/ssl/qsslsocket_mac.cpp137
1 files changed, 79 insertions, 58 deletions
diff --git a/src/network/ssl/qsslsocket_mac.cpp b/src/network/ssl/qsslsocket_mac.cpp
index 752640bd46..3e56eac803 100644
--- a/src/network/ssl/qsslsocket_mac.cpp
+++ b/src/network/ssl/qsslsocket_mac.cpp
@@ -476,6 +476,7 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui
{
QSslCipher ciph;
switch (cipher) {
+ // Sorted as in CipherSuite.h (and groupped by their RFC)
case SSL_RSA_WITH_NULL_MD5:
ciph.d->name = QLatin1String("NULL-MD5");
ciph.d->protocol = QSsl::SslV3;
@@ -493,38 +494,21 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui
ciph.d->protocol = QSsl::SslV3;
break;
- case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
- ciph.d->name = QLatin1String("DES-CBC3-SHA");
- break;
+ // TLS addenda using AES, per RFC 3268
case TLS_RSA_WITH_AES_128_CBC_SHA:
ciph.d->name = QLatin1String("AES128-SHA");
break;
- case TLS_RSA_WITH_AES_128_CBC_SHA256:
- ciph.d->name = QLatin1String("AES128-SHA256");
- break;
- case TLS_RSA_WITH_AES_256_CBC_SHA:
- ciph.d->name = QLatin1String("AES256-SHA");
- break;
- case TLS_RSA_WITH_AES_256_CBC_SHA256:
- ciph.d->name = QLatin1String("AES256-SHA256");
- break;
-
- case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
- ciph.d->name = QLatin1String("DHE-RSA-DES-CBC3-SHA");
- break;
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
ciph.d->name = QLatin1String("DHE-RSA-AES128-SHA");
break;
- case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
- ciph.d->name = QLatin1String("DHE-RSA-AES128-SHA256");
+ case TLS_RSA_WITH_AES_256_CBC_SHA:
+ ciph.d->name = QLatin1String("AES256-SHA");
break;
case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
ciph.d->name = QLatin1String("DHE-RSA-AES256-SHA");
break;
- case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
- ciph.d->name = QLatin1String("DHE-RSA-AES256-SHA256");
- break;
+ // ECDSA addenda, RFC 4492
case TLS_ECDH_ECDSA_WITH_NULL_SHA:
ciph.d->name = QLatin1String("ECDH-ECDSA-NULL-SHA");
break;
@@ -537,21 +521,29 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui
case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
ciph.d->name = QLatin1String("ECDH-ECDSA-AES128-SHA");
break;
- case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
- ciph.d->name = QLatin1String("ECDH-ECDSA-AES128-SHA256");
- break;
case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
ciph.d->name = QLatin1String("ECDH-ECDSA-AES256-SHA");
break;
- case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
- ciph.d->name = QLatin1String("ECDH-ECDSA-AES256-SHA384");
+ case TLS_ECDHE_ECDSA_WITH_NULL_SHA:
+ ciph.d->name = QLatin1String("ECDHE-ECDSA-NULL-SHA");
+ break;
+ case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
+ ciph.d->name = QLatin1String("ECDHE-ECDSA-RC4-SHA");
+ break;
+ case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
+ ciph.d->name = QLatin1String("ECDHE-ECDSA-DES-CBC3-SHA");
+ break;
+ case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
+ ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA");
+ break;
+ case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+ ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA");
break;
-
case TLS_ECDH_RSA_WITH_NULL_SHA:
ciph.d->name = QLatin1String("ECDH-RSA-NULL-SHA");
break;
case TLS_ECDH_RSA_WITH_RC4_128_SHA:
- ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA");
+ ciph.d->name = QLatin1String("ECDH-RSA-RC4-SHA");
break;
case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
ciph.d->name = QLatin1String("ECDH-RSA-DES-CBC3-SHA");
@@ -559,62 +551,91 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui
case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
ciph.d->name = QLatin1String("ECDH-RSA-AES128-SHA");
break;
- case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
- ciph.d->name = QLatin1String("ECDH-RSA-AES128-SHA256");
- break;
case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA");
break;
- case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
- ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA384");
+ case TLS_ECDHE_RSA_WITH_NULL_SHA:
+ ciph.d->name = QLatin1String("ECDHE-RSA-NULL-SHA");
+ break;
+ case TLS_ECDHE_RSA_WITH_RC4_128_SHA:
+ ciph.d->name = QLatin1String("ECDHE-RSA-RC4-SHA");
+ break;
+ case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
+ ciph.d->name = QLatin1String("ECDHE-RSA-DES-CBC3-SHA");
+ break;
+ case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+ ciph.d->name = QLatin1String("ECDHE-RSA-AES128-SHA");
+ break;
+ case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+ ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA");
break;
- case TLS_ECDHE_ECDSA_WITH_NULL_SHA:
- ciph.d->name = QLatin1String("ECDHE-ECDSA-NULL-SHA");
+ // TLS 1.2 addenda, RFC 5246
+ case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
+ ciph.d->name = QLatin1String("DES-CBC3-SHA");
break;
- case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
- ciph.d->name = QLatin1String("ECDHE-ECDSA-RC4-SHA");
+ case TLS_RSA_WITH_AES_128_CBC_SHA256:
+ ciph.d->name = QLatin1String("AES128-SHA256");
break;
- case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
- ciph.d->name = QLatin1String("ECDHE-ECDSA-DES-CBC3-SHA");
+ case TLS_RSA_WITH_AES_256_CBC_SHA256:
+ ciph.d->name = QLatin1String("AES256-SHA256");
break;
- case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
- ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA");
+ case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
+ ciph.d->name = QLatin1String("DHE-RSA-DES-CBC3-SHA");
break;
- case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
- ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA256");
+ case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
+ ciph.d->name = QLatin1String("DHE-RSA-AES128-SHA256");
break;
- case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
- ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA");
+ case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
+ ciph.d->name = QLatin1String("DHE-RSA-AES256-SHA256");
break;
- case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
- ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA384");
+
+ // Addendum from RFC 4279, TLS PSK
+ // all missing atm.
+
+ // RFC 4785 - Pre-Shared Key (PSK) Ciphersuites with NULL Encryption
+ // all missing atm.
+
+ // Addenda from rfc 5288 AES Galois Counter Mode (CGM) Cipher Suites for TLS
+ case TLS_RSA_WITH_AES_256_GCM_SHA384:
+ ciph.d->name = QLatin1String("AES256-GCM-SHA384");
break;
- case TLS_ECDHE_RSA_WITH_NULL_SHA:
- ciph.d->name = QLatin1String("ECDHE-RSA-NULL-SHA");
+ // RFC 5487 - PSK with SHA-256/384 and AES GCM
+ // all missing atm.
+
+ // Addenda from rfc 5289 Elliptic Curve Cipher Suites with HMAC SHA-256/384
+ case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+ ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA256");
break;
- case TLS_ECDHE_RSA_WITH_RC4_128_SHA:
- ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA");
+ case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
+ ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA384");
break;
- case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
- ciph.d->name = QLatin1String("ECDHE-RSA-DES-CBC3-SHA");
+ case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
+ ciph.d->name = QLatin1String("ECDH-ECDSA-AES128-SHA256");
break;
- case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
- ciph.d->name = QLatin1String("ECDHE-RSA-AES128-SHA");
+ case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
+ ciph.d->name = QLatin1String("ECDH-ECDSA-AES256-SHA384");
break;
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
ciph.d->name = QLatin1String("ECDHE-RSA-AES128-SHA256");
break;
- case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
- ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA");
- break;
case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA384");
break;
+ case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
+ ciph.d->name = QLatin1String("ECDH-RSA-AES128-SHA256");
+ break;
+ case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
+ ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA384");
+ break;
+
+ // Addenda from rfc 5289 Elliptic Curve Cipher Suites
+ // with SHA-256/384 and AES Galois Counter Mode (GCM)
case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
ciph.d->name = QLatin1String("ECDHE-RSA-AES256-GCM-SHA384");
break;
+
default:
return ciph;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-21 16:22:23 +0000