wininet: Support querying the cipher strength of an SSL connection.

dlls/wininet/http.c

@@ -1847,6 +1847,7 @@ static DWORD HTTPREQ_QueryOption(object_header_t *hdr, DWORD option, void *buffe
                 CertNameToStrA(context->dwCertEncodingType,
                          &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR,
                          info->lpszIssuerInfo, len);
+            info->dwKeySize = NETCON_GetCipherStrength(&req->netConnection);
             CertFreeCertificateContext(context);
             return ERROR_SUCCESS;
         }

dlls/wininet/internet.h

@@ -460,6 +460,7 @@ DWORD NETCON_recv(WININET_NETCONNECTION *connection, void *buf, size_t len, int
 		int *recvd /* out */);
 BOOL NETCON_query_data_available(WININET_NETCONNECTION *connection, DWORD *available);
 LPCVOID NETCON_GetCert(WININET_NETCONNECTION *connection);
+int NETCON_GetCipherStrength(WININET_NETCONNECTION *connection);
 DWORD NETCON_set_timeout(WININET_NETCONNECTION *connection, BOOL send, int value);
 int sock_get_error(int);
 

dlls/wininet/netconnection.c

@@ -150,6 +150,8 @@ MAKE_FUNCPTR(SSL_CTX_get_timeout);
 MAKE_FUNCPTR(SSL_CTX_set_timeout);
 MAKE_FUNCPTR(SSL_CTX_set_default_verify_paths);
 MAKE_FUNCPTR(SSL_CTX_set_verify);
+MAKE_FUNCPTR(SSL_get_current_cipher);
+MAKE_FUNCPTR(SSL_CIPHER_get_bits);
 MAKE_FUNCPTR(X509_STORE_CTX_get_ex_data);
 
 /* OpenSSL's libcrypto functions that we use */
@@ -427,6 +429,8 @@ DWORD NETCON_init(WININET_NETCONNECTION *connection, BOOL useSSL)
 	DYNSSL(SSL_CTX_set_timeout);
 	DYNSSL(SSL_CTX_set_default_verify_paths);
 	DYNSSL(SSL_CTX_set_verify);
+        DYNSSL(SSL_get_current_cipher);
+        DYNSSL(SSL_CIPHER_get_bits);
 	DYNSSL(X509_STORE_CTX_get_ex_data);
 #undef DYNSSL
 
@@ -868,6 +872,24 @@ LPCVOID NETCON_GetCert(WININET_NETCONNECTION *connection)
 #endif
 }
 
+int NETCON_GetCipherStrength(WININET_NETCONNECTION *connection)
+{
+#ifdef SONAME_LIBSSL
+    SSL_CIPHER *cipher;
+    int bits = 0;
+
+    if (!connection->useSSL)
+        return 0;
+    cipher = pSSL_get_current_cipher(connection->ssl_s);
+    if (!cipher)
+        return 0;
+    pSSL_CIPHER_get_bits(cipher, &bits);
+    return bits;
+#else
+    return 0;
+#endif
+}
+
 DWORD NETCON_set_timeout(WININET_NETCONNECTION *connection, BOOL send, int value)
 {
     int result;

dlls/wininet/tests/http.c

@@ -2622,7 +2622,6 @@ static void test_secure_connection(void)
            "unexpected encryption algorithm name\n");
         ok(!certificate_structA->lpszProtocolName,
            "unexpected protocol name\n");
-        todo_wine
         ok(certificate_structA->dwKeySize, "expected a non-zero key size\n");
     }
     HeapFree(GetProcessHeap(), 0, certificate_structA);
@@ -2653,7 +2652,6 @@ static void test_secure_connection(void)
            "unexpected encryption algorithm name\n");
         ok(!certificate_structA->lpszProtocolName,
            "unexpected protocol name\n");
-        todo_wine
         ok(certificate_structA->dwKeySize, "expected a non-zero key size\n");
     }
     HeapFree(GetProcessHeap(), 0, certificate_structW);
@@ -2705,7 +2703,6 @@ static void test_secure_connection(void)
            "unexpected encryption algorithm name\n");
         ok(!certificate_structA->lpszProtocolName,
            "unexpected protocol name\n");
-        todo_wine
         ok(certificate_structA->dwKeySize, "expected a non-zero key size\n");
     }
     HeapFree(GetProcessHeap(), 0, certificate_structA);
@@ -2736,7 +2733,6 @@ static void test_secure_connection(void)
            "unexpected encryption algorithm name\n");
         ok(!certificate_structA->lpszProtocolName,
            "unexpected protocol name\n");
-        todo_wine
         ok(certificate_structA->dwKeySize, "expected a non-zero key size\n");
     }
     HeapFree(GetProcessHeap(), 0, certificate_structW);