SChannel Cipher List and Connection Info

Cipher List 

By default, using SChannel, the client will use the ciphers configured in the system. If you want customize the ciphers used, you can use the property TLSOptions_SChannel_Options.CipherList to set which Ciphers will be used to connect to a secure server.

Example: if you set in the cipher list the following values "CALG_AES_256:CALG_AES_128", this means that first the client will try to connect using AES256 and if can't, will use AES128. 

You can read the full cipher list from Microsoft documentation.

https://docs.microsoft.com/en-us/windows/win32/seccrypto/alg-id

Connection Info 

Once the client has connected to the secure server, you can request info about which Version is using (TLS 1.2, TLS 1.3...), the cipher used, strength... and more.

Call the function GetInfo of the SChannel Handler to access this info. You can access to the SSL Handler, using the method OnSSLAfterCreateHandler, which is called after the SChannel Handler is created. After the client connects to server and if the SSL Handler is assigned, call the function GetInfo and if successful, will return the connection data.

var
  SSL: TsgcIdSSLIOHandlerSocketSChannel;

oClient := TsgcWebSocketClient.Create(nil);
oClient.URL := 'wss://www.esegece.com:2053';
oClient.TLSOptions.Version := tls1_2;
oClient.TLSOptions.IOHandler := iohSChannel;
oClient.OnSSLAfterCreateHandler := OnSSLAfterCreateHandlerEvent;
oClient.OnConnect := OnConnectEvent;
oClient.Active := True;

procedure OnSSLAfterCreateHandlerEvent(Sender: TObject; aType: TwsSSLHandler; aSSLHandler: TIdSSLIOHandlerSocketBase);
begin
  if aSSLHandler.ClassType = TsgcIdSSLIOHandlerSocketSChannel  then
    SSL := TsgcIdSSLIOHandlerSocketSChannel(aSSLHandler);
end;



procedure OnConnectEvent(Connection: TsgcWSConnection);
var
  oInfo: TsgcSChannelConnectionInfo;
begin
  if Assigned(SSL) then
  begin
    oInfo := SSL.GetInfo;
    if (oInfo.Protocol <> tls1_2) then
      raise Exception.Create('Client cannot connect using TLS 1.2');
  end;
end;