From e24a4a9d48110c3095189e9336f85fac803b9ddf Mon Sep 17 00:00:00 2001 From: Bastien Durel Date: Thu, 6 Jan 2022 19:06:02 +0100 Subject: [PATCH] Runtime engine detection with libssh2_crypto_engine() (#643) File: version.c, HACKING-CRYPTO, libssh2.h, libssh2_crypto_engine.3, makefile. Notes: libssh2_crypto_engine() API to get crypto engine at runtime. Credit: Bastien Durel --- docs/CMakeLists.txt | 1 + docs/HACKING-CRYPTO | 4 ++++ docs/Makefile.am | 1 + docs/libssh2_crypto_engine.3 | 12 ++++++++++++ include/libssh2.h | 13 +++++++++++++ src/version.c | 16 ++++++++++++++++ 6 files changed, 47 insertions(+) create mode 100644 docs/libssh2_crypto_engine.3 diff --git a/docs/CMakeLists.txt b/docs/CMakeLists.txt index 6abf0e49..f439db71 100644 --- a/docs/CMakeLists.txt +++ b/docs/CMakeLists.txt @@ -92,6 +92,7 @@ set(MAN_PAGES libssh2_channel_write_stderr.3 libssh2_channel_x11_req.3 libssh2_channel_x11_req_ex.3 + libssh2_crypto_engine.3 libssh2_exit.3 libssh2_free.3 libssh2_hostkey_hash.3 diff --git a/docs/HACKING-CRYPTO b/docs/HACKING-CRYPTO index 85d813aa..c0fe3711 100644 --- a/docs/HACKING-CRYPTO +++ b/docs/HACKING-CRYPTO @@ -53,6 +53,10 @@ Initializes the crypto library. May be an empty macro if not needed. void libssh2_crypto_exit(void); Terminates the crypto library use. May be an empty macro if not needed. +1.1) Crypto runtime detection + +The libssh2_crypto_engine_t enum must include the new engine, and +libssh2_crypto_engine() must return it when it's built in. 2) HMAC diff --git a/docs/Makefile.am b/docs/Makefile.am index a8094312..f0a71fc5 100644 --- a/docs/Makefile.am +++ b/docs/Makefile.am @@ -62,6 +62,7 @@ dist_man_MANS = \ libssh2_channel_write_stderr.3 \ libssh2_channel_x11_req.3 \ libssh2_channel_x11_req_ex.3 \ + libssh2_crypto_engine.3 \ libssh2_exit.3 \ libssh2_free.3 \ libssh2_hostkey_hash.3 \ diff --git a/docs/libssh2_crypto_engine.3 b/docs/libssh2_crypto_engine.3 new file mode 100644 index 00000000..268ac0e5 --- /dev/null +++ b/docs/libssh2_crypto_engine.3 @@ -0,0 +1,12 @@ +.TH libssh2_crypto_engine 3 "22 Nov 2021" "libssh2 1.11" "libssh2 manual" +.SH NAME + - retrieve used crypto engine +.SH SYNOPSIS +#include + +libssh2_crypto_engine_t +libssh2_crypto_engine(); +.SH DESCRIPTION +Returns currently used crypto engine, as en enum value. +.SH AVAILABILITY +Added in libssh2 1.11 diff --git a/include/libssh2.h b/include/libssh2.h index b9ae8092..8db3015e 100644 --- a/include/libssh2.h +++ b/include/libssh2.h @@ -940,8 +940,21 @@ LIBSSH2_API int libssh2_base64_decode(LIBSSH2_SESSION *session, char **dest, LIBSSH2_API const char *libssh2_version(int req_version_num); +typedef enum { + libssh2_no_crypto = 0, + libssh2_openssl, + libssh2_gcrypt, + libssh2_mbedtls, + libssh2_wincng +} libssh2_crypto_engine_t; + +LIBSSH2_API +libssh2_crypto_engine_t libssh2_crypto_engine(void); + #define HAVE_LIBSSH2_KNOWNHOST_API 0x010101 /* since 1.1.1 */ #define HAVE_LIBSSH2_VERSION_API 0x010100 /* libssh2_version since 1.1 */ +#define HAVE_LIBSSH2_CRYPTOENGINE_API 0x011100 /* libssh2_crypto_engine + since 1.11 */ struct libssh2_knownhost { unsigned int magic; /* magic stored by the library */ diff --git a/src/version.c b/src/version.c index 408f83a3..0e236669 100644 --- a/src/version.c +++ b/src/version.c @@ -52,3 +52,19 @@ const char *libssh2_version(int req_version_num) return LIBSSH2_VERSION; return NULL; /* this is not a suitable library! */ } + +LIBSSH2_API +libssh2_crypto_engine_t libssh2_crypto_engine() +{ +#if defined LIBSSH2_OPENSSL + return libssh2_openssl; +#elif defined LIBSSH2_LIBGCRYPT + return libssh2_gcrypt; +#elif defined LIBSSH2_MBEDTLS + return libssh2_mbedtls; +#elif defined LIBSSH2_WINCNG + return libssh2_wincng; +#else + return libssh2_no_crypto; +#endif +}