diff --git a/src/network/ssl/qsslkey_openssl.cpp b/src/network/ssl/qsslkey_openssl.cpp
index dfb80bd8290..888058df225 100644
--- a/src/network/ssl/qsslkey_openssl.cpp
+++ b/src/network/ssl/qsslkey_openssl.cpp
@@ -334,12 +334,13 @@ static QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data,
 #endif
         break;
     case QSslKeyPrivate::Aes128Cbc:
+        type = q_EVP_aes_128_cbc();
+        break;
     case QSslKeyPrivate::Aes192Cbc:
+        type = q_EVP_aes_192_cbc();
+        break;
     case QSslKeyPrivate::Aes256Cbc:
-        // Just to avoid compiler warnings/errors. OpenSSL uses a different
-        // codepath when reading encrypted keys, and they all correctly
-        // deduce the cipher and know how to derive a key.
-        Q_UNREACHABLE();
+        type = q_EVP_aes_256_cbc();
         break;
     }
 
diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp
index f136c92a658..e04d45c10c4 100644
--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
+++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
@@ -359,6 +359,11 @@ DEFINEFUNC(const EVP_CIPHER *, EVP_des_ede3_cbc, DUMMYARG, DUMMYARG, return null
 #ifndef OPENSSL_NO_RC2
 DEFINEFUNC(const EVP_CIPHER *, EVP_rc2_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
 #endif
+#ifndef OPENSSL_NO_AES
+DEFINEFUNC(const EVP_CIPHER *, EVP_aes_128_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
+DEFINEFUNC(const EVP_CIPHER *, EVP_aes_192_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
+DEFINEFUNC(const EVP_CIPHER *, EVP_aes_256_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
+#endif
 DEFINEFUNC(const EVP_MD *, EVP_sha1, DUMMYARG, DUMMYARG, return nullptr, return)
 DEFINEFUNC3(int, EVP_PKEY_assign, EVP_PKEY *a, a, int b, b, char *c, c, return -1, return)
 DEFINEFUNC2(int, EVP_PKEY_set1_RSA, EVP_PKEY *a, a, RSA *b, b, return -1, return)
@@ -1178,6 +1183,11 @@ bool q_resolveOpenSslSymbols()
 #endif
 #ifndef OPENSSL_NO_RC2
     RESOLVEFUNC(EVP_rc2_cbc)
+#endif
+#ifndef OPENSSL_NO_AES
+    RESOLVEFUNC(EVP_aes_128_cbc)
+    RESOLVEFUNC(EVP_aes_192_cbc)
+    RESOLVEFUNC(EVP_aes_256_cbc)
 #endif
     RESOLVEFUNC(EVP_sha1)
     RESOLVEFUNC(EVP_PKEY_assign)
diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h
index 59b6e53940f..fcf96dbd47f 100644
--- a/src/network/ssl/qsslsocket_openssl_symbols_p.h
+++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h
@@ -281,6 +281,11 @@ const EVP_CIPHER *q_EVP_des_ede3_cbc();
 #ifndef OPENSSL_NO_RC2
 const EVP_CIPHER *q_EVP_rc2_cbc();
 #endif
+#ifndef OPENSSL_NO_AES
+const EVP_CIPHER *q_EVP_aes_128_cbc();
+const EVP_CIPHER *q_EVP_aes_192_cbc();
+const EVP_CIPHER *q_EVP_aes_256_cbc();
+#endif
 Q_AUTOTEST_EXPORT const EVP_MD *q_EVP_sha1();
 int q_EVP_PKEY_assign(EVP_PKEY *a, int b, char *c);
 Q_AUTOTEST_EXPORT int q_EVP_PKEY_set1_RSA(EVP_PKEY *a, RSA *b);
diff --git a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
index 0ce4256ce11..f94756ed734 100644
--- a/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
+++ b/tests/auto/network/ssl/qsslkey/tst_qsslkey.cpp
@@ -562,79 +562,135 @@ void tst_QSslKey::encrypt_data()
     QTest::addColumn<QByteArray>("key");
     QTest::addColumn<QByteArray>("plainText");
     QTest::addColumn<QByteArray>("cipherText");
+    QTest::addColumn<QByteArray>("iv");
 
+    QByteArray iv("abcdefgh");
     QTest::newRow("DES-CBC, length 0")
         << QSslKeyPrivate::DesCbc << QByteArray("01234567")
         << QByteArray()
-        << QByteArray::fromHex("956585228BAF9B1F");
+        << QByteArray::fromHex("956585228BAF9B1F")
+        << iv;
     QTest::newRow("DES-CBC, length 1")
         << QSslKeyPrivate::DesCbc << QByteArray("01234567")
         << QByteArray(1, 'a')
-        << QByteArray::fromHex("E6880AF202BA3C12");
+        << QByteArray::fromHex("E6880AF202BA3C12")
+        << iv;
     QTest::newRow("DES-CBC, length 2")
         << QSslKeyPrivate::DesCbc << QByteArray("01234567")
         << QByteArray(2, 'a')
-        << QByteArray::fromHex("A82492386EED6026");
+        << QByteArray::fromHex("A82492386EED6026")
+        << iv;
     QTest::newRow("DES-CBC, length 3")
         << QSslKeyPrivate::DesCbc << QByteArray("01234567")
         << QByteArray(3, 'a')
-        << QByteArray::fromHex("90B76D5B79519CBA");
+        << QByteArray::fromHex("90B76D5B79519CBA")
+        << iv;
     QTest::newRow("DES-CBC, length 4")
         << QSslKeyPrivate::DesCbc << QByteArray("01234567")
         << QByteArray(4, 'a')
-        << QByteArray::fromHex("63E3DD6FED87052A");
+        << QByteArray::fromHex("63E3DD6FED87052A")
+        << iv;
     QTest::newRow("DES-CBC, length 5")
         << QSslKeyPrivate::DesCbc << QByteArray("01234567")
         << QByteArray(5, 'a')
-        << QByteArray::fromHex("03ACDB0EACBDFA94");
+        << QByteArray::fromHex("03ACDB0EACBDFA94")
+        << iv;
     QTest::newRow("DES-CBC, length 6")
         << QSslKeyPrivate::DesCbc << QByteArray("01234567")
         << QByteArray(6, 'a')
-        << QByteArray::fromHex("7D95024E42A3A88A");
+        << QByteArray::fromHex("7D95024E42A3A88A")
+        << iv;
     QTest::newRow("DES-CBC, length 7")
         << QSslKeyPrivate::DesCbc << QByteArray("01234567")
         << QByteArray(7, 'a')
-        << QByteArray::fromHex("5003436B8A8E42E9");
+        << QByteArray::fromHex("5003436B8A8E42E9")
+        << iv;
     QTest::newRow("DES-CBC, length 8")
         << QSslKeyPrivate::DesCbc << QByteArray("01234567")
         << QByteArray(8, 'a')
-        << QByteArray::fromHex("E4C1F054BF5521C0A4A0FD4A2BC6C1B1");
+        << QByteArray::fromHex("E4C1F054BF5521C0A4A0FD4A2BC6C1B1")
+        << iv;
 
     QTest::newRow("DES-EDE3-CBC, length 0")
         << QSslKeyPrivate::DesEde3Cbc << QByteArray("0123456789abcdefghijklmn")
         << QByteArray()
-        << QByteArray::fromHex("3B2B4CD0B0FD495F");
+        << QByteArray::fromHex("3B2B4CD0B0FD495F")
+        << iv;
     QTest::newRow("DES-EDE3-CBC, length 8")
         << QSslKeyPrivate::DesEde3Cbc << QByteArray("0123456789abcdefghijklmn")
         << QByteArray(8, 'a')
-        << QByteArray::fromHex("F2A5A87763C54A72A3224103D90CDB03");
+        << QByteArray::fromHex("F2A5A87763C54A72A3224103D90CDB03")
+        << iv;
 
     QTest::newRow("RC2-40-CBC, length 0")
         << QSslKeyPrivate::Rc2Cbc << QByteArray("01234")
         << QByteArray()
-        << QByteArray::fromHex("6D05D52392FF6E7A");
+        << QByteArray::fromHex("6D05D52392FF6E7A")
+        << iv;
     QTest::newRow("RC2-40-CBC, length 8")
         << QSslKeyPrivate::Rc2Cbc << QByteArray("01234")
         << QByteArray(8, 'a')
-        << QByteArray::fromHex("75768E64C5749072A5D168F3AFEB0005");
+        << QByteArray::fromHex("75768E64C5749072A5D168F3AFEB0005")
+        << iv;
 
     QTest::newRow("RC2-64-CBC, length 0")
         << QSslKeyPrivate::Rc2Cbc << QByteArray("01234567")
         << QByteArray()
-        << QByteArray::fromHex("ADAE6BF70F420130");
+        << QByteArray::fromHex("ADAE6BF70F420130")
+        << iv;
     QTest::newRow("RC2-64-CBC, length 8")
         << QSslKeyPrivate::Rc2Cbc << QByteArray("01234567")
         << QByteArray(8, 'a')
-        << QByteArray::fromHex("C7BF5C80AFBE9FBEFBBB9FD935F6D0DF");
+        << QByteArray::fromHex("C7BF5C80AFBE9FBEFBBB9FD935F6D0DF")
+        << iv;
 
     QTest::newRow("RC2-128-CBC, length 0")
         << QSslKeyPrivate::Rc2Cbc << QByteArray("012345679abcdefg")
         << QByteArray()
-        << QByteArray::fromHex("1E965D483A13C8FB");
+        << QByteArray::fromHex("1E965D483A13C8FB")
+        << iv;
     QTest::newRow("RC2-128-CBC, length 8")
         << QSslKeyPrivate::Rc2Cbc << QByteArray("012345679abcdefg")
         << QByteArray(8, 'a')
-        << QByteArray::fromHex("5AEC1A5B295660B02613454232F7DECE");
+        << QByteArray::fromHex("5AEC1A5B295660B02613454232F7DECE")
+        << iv;
+
+#if (!defined(QT_NO_OPENSSL) && !defined(OPENSSL_NO_AES)) || (defined(QT_NO_OPENSSL) && QT_CONFIG(ssl))
+    // AES needs a longer IV
+    iv = QByteArray("abcdefghijklmnop");
+    QTest::newRow("AES-128-CBC, length 0")
+        << QSslKeyPrivate::Aes128Cbc << QByteArray("012345679abcdefg")
+        << QByteArray()
+        << QByteArray::fromHex("28DE1A9AA26601C30DD2527407121D1A")
+        << iv;
+    QTest::newRow("AES-128-CBC, length 8")
+        << QSslKeyPrivate::Aes128Cbc << QByteArray("012345679abcdefg")
+        << QByteArray(8, 'a')
+        << QByteArray::fromHex("08E880B1BA916F061C1E801D7F44D0EC")
+        << iv;
+
+    QTest::newRow("AES-192-CBC, length 0")
+        << QSslKeyPrivate::Aes192Cbc << QByteArray("0123456789abcdefghijklmn")
+        << QByteArray()
+        << QByteArray::fromHex("E169E0E205CDC2BA895B7CF6097673B1")
+        << iv;
+    QTest::newRow("AES-192-CBC, length 8")
+        << QSslKeyPrivate::Aes192Cbc << QByteArray("0123456789abcdefghijklmn")
+        << QByteArray(8, 'a')
+        << QByteArray::fromHex("3A227D6A3A13237316D30AA17FF9B0A7")
+        << iv;
+
+    QTest::newRow("AES-256-CBC, length 0")
+        << QSslKeyPrivate::Aes256Cbc << QByteArray("0123456789abcdefghijklmnopqrstuv")
+        << QByteArray()
+        << QByteArray::fromHex("4BAACAA0D22199C97DE206C465B7B14A")
+        << iv;
+    QTest::newRow("AES-256-CBC, length 8")
+        << QSslKeyPrivate::Aes256Cbc << QByteArray("0123456789abcdefghijklmnopqrstuv")
+        << QByteArray(8, 'a')
+        << QByteArray::fromHex("879C8C25EC135CDF0B14490A0A7C2F67")
+        << iv;
+#endif // (OpenSSL && AES) || generic backend
 }
 
 void tst_QSslKey::encrypt()
@@ -643,7 +699,7 @@ void tst_QSslKey::encrypt()
     QFETCH(QByteArray, key);
     QFETCH(QByteArray, plainText);
     QFETCH(QByteArray, cipherText);
-    QByteArray iv("abcdefgh");
+    QFETCH(QByteArray, iv);
 
 #if defined(Q_OS_WINRT) || QT_CONFIG(schannel)
     QEXPECT_FAIL("RC2-40-CBC, length 0", "WinRT/Schannel treats RC2 as 128-bit", Abort);