From 7111ba173673a950eec70a9e881a4181d714cf0a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A5rten=20Nordheim?= <marten.nordheim@qt.io>
Date: Tue, 5 Mar 2019 17:05:13 +0100
Subject: Schannel: support for AES-encrypted keys

Task-number: QTBUG-54422
Change-Id: I7387cdf9ca927c91cccf3dab7d2deb577ce71802
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
---
 src/network/ssl/qsslkey_qt.cpp                 | 5 ++---
 src/network/ssl/qsslkey_schannel.cpp           | 5 ++++-
 tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp | 2 +-
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/src/network/ssl/qsslkey_qt.cpp b/src/network/ssl/qsslkey_qt.cpp
index 61251b641b..1b2d9a49aa 100644
--- a/src/network/ssl/qsslkey_qt.cpp
+++ b/src/network/ssl/qsslkey_qt.cpp
@@ -413,15 +413,14 @@ void QSslKeyPrivate::decodePem(const QByteArray &pem, const QByteArray &passPhra
             cipher = DesEde3Cbc;
         } else if (dekInfo.first() == "RC2-CBC") {
             cipher = Rc2Cbc;
-// TODO: Add SChannel version too!
-#ifdef QT_SECURETRANSPORT
+#if defined(QT_SECURETRANSPORT) || QT_CONFIG(schannel)
         } else if (dekInfo.first() == "AES-128-CBC") {
             cipher = Aes128Cbc;
         } else if (dekInfo.first() == "AES-192-CBC") {
             cipher = Aes192Cbc;
         } else if (dekInfo.first() == "AES-256-CBC") {
             cipher = Aes256Cbc;
-#endif // QT_SECURETRANSPORT
+#endif // QT_SECURETRANSPORT || schannel
         } else {
             clear(deepClear);
             return;
diff --git a/src/network/ssl/qsslkey_schannel.cpp b/src/network/ssl/qsslkey_schannel.cpp
index 9dfbc87e9a..1e21d123f4 100644
--- a/src/network/ssl/qsslkey_schannel.cpp
+++ b/src/network/ssl/qsslkey_schannel.cpp
@@ -57,7 +57,10 @@ const wchar_t *getName(QSslKeyPrivate::Cipher cipher)
         return BCRYPT_3DES_ALGORITHM;
     case QSslKeyPrivate::Cipher::Rc2Cbc:
         return BCRYPT_RC2_ALGORITHM;
-    default:;
+    case QSslKeyPrivate::Cipher::Aes128Cbc:
+    case QSslKeyPrivate::Cipher::Aes192Cbc:
+    case QSslKeyPrivate::Cipher::Aes256Cbc:
+        return BCRYPT_AES_ALGORITHM;
     }
     Q_UNREACHABLE();
 }
diff --git a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
index 195f052266..059efae63d 100644
--- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
+++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
@@ -474,7 +474,7 @@ void tst_QSslKey::passphraseChecks_data()
     QTest::newRow("DES") << QString(testDataDir + "rsa-with-passphrase-des.pem") << pass;
     QTest::newRow("3DES") << QString(testDataDir + "rsa-with-passphrase-3des.pem") << pass;
     QTest::newRow("RC2") << QString(testDataDir + "rsa-with-passphrase-rc2.pem") << pass;
-#if (!defined(QT_NO_OPENSSL) && !defined(OPENSSL_NO_AES)) || defined(QT_SECURETRANSPORT)
+#if (!defined(QT_NO_OPENSSL) && !defined(OPENSSL_NO_AES)) || defined(QT_SECURETRANSPORT) || QT_CONFIG(schannel)
     QTest::newRow("AES128") << QString(testDataDir + "rsa-with-passphrase-aes128.pem") << aesPass;
     QTest::newRow("AES192") << QString(testDataDir + "rsa-with-passphrase-aes192.pem") << aesPass;
     QTest::newRow("AES256") << QString(testDataDir + "rsa-with-passphrase-aes256.pem") << aesPass;
-- 
cgit v1.2.3