Runtime engine detection with libssh2_crypto_engine() (#643)

File: version.c, HACKING-CRYPTO, libssh2.h, libssh2_crypto_engine.3, makefile. Notes: libssh2_crypto_engine() API to get crypto engine at runtime. Credit: Bastien Durel
2025-08-07 08:02:56 +03:00 · 2022-01-06 19:06:02 +01:00
parent 64a555d6f5
commit e24a4a9d48
6 changed files with 47 additions and 0 deletions
--- a/docs/CMakeLists.txt
+++ b/docs/CMakeLists.txt
@@ -92,6 +92,7 @@ set(MAN_PAGES
  libssh2_channel_write_stderr.3
  libssh2_channel_x11_req.3
  libssh2_channel_x11_req_ex.3
+  libssh2_crypto_engine.3
  libssh2_exit.3
  libssh2_free.3
  libssh2_hostkey_hash.3
--- a/docs/HACKING-CRYPTO
+++ b/docs/HACKING-CRYPTO
@@ -53,6 +53,10 @@ Initializes the crypto library. May be an empty macro if not needed.
 void libssh2_crypto_exit(void);
 Terminates the crypto library use. May be an empty macro if not needed.

+1.1) Crypto runtime detection
+
+The libssh2_crypto_engine_t enum must include the new engine, and
+libssh2_crypto_engine() must return it when it's built in.

 2) HMAC

--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -62,6 +62,7 @@ dist_man_MANS = \
 	libssh2_channel_write_stderr.3 \
 	libssh2_channel_x11_req.3 \
 	libssh2_channel_x11_req_ex.3 \
+	libssh2_crypto_engine.3 \
 	libssh2_exit.3 \
 	libssh2_free.3 \
 	libssh2_hostkey_hash.3 \
--- a/docs/libssh2_crypto_engine.3
+++ b/docs/libssh2_crypto_engine.3
@@ -0,0 +1,12 @@
+.TH libssh2_crypto_engine 3 "22 Nov 2021" "libssh2 1.11" "libssh2 manual"
+.SH NAME
+ - retrieve used crypto engine
+.SH SYNOPSIS
+#include <libssh2.h>
+
+libssh2_crypto_engine_t
+libssh2_crypto_engine();
+.SH DESCRIPTION
+Returns currently used crypto engine, as en enum value.
+.SH AVAILABILITY
+Added in libssh2 1.11
--- a/include/libssh2.h
+++ b/include/libssh2.h
@@ -940,8 +940,21 @@ LIBSSH2_API int libssh2_base64_decode(LIBSSH2_SESSION *session, char **dest,
 LIBSSH2_API
 const char *libssh2_version(int req_version_num);

+typedef enum {
+    libssh2_no_crypto = 0,
+    libssh2_openssl,
+    libssh2_gcrypt,
+    libssh2_mbedtls,
+    libssh2_wincng
+} libssh2_crypto_engine_t;
+
+LIBSSH2_API
+libssh2_crypto_engine_t libssh2_crypto_engine(void);
+
 #define HAVE_LIBSSH2_KNOWNHOST_API 0x010101 /* since 1.1.1 */
 #define HAVE_LIBSSH2_VERSION_API   0x010100 /* libssh2_version since 1.1 */
+#define HAVE_LIBSSH2_CRYPTOENGINE_API 0x011100 /* libssh2_crypto_engine
+                                                  since 1.11 */

 struct libssh2_knownhost {
    unsigned int magic;  /* magic stored by the library */
--- a/src/version.c
+++ b/src/version.c
@@ -52,3 +52,19 @@ const char *libssh2_version(int req_version_num)
        return LIBSSH2_VERSION;
    return NULL; /* this is not a suitable library! */
 }
+
+LIBSSH2_API
+libssh2_crypto_engine_t libssh2_crypto_engine()
+{
+#if defined LIBSSH2_OPENSSL
+    return libssh2_openssl;
+#elif defined LIBSSH2_LIBGCRYPT
+    return libssh2_gcrypt;
+#elif defined LIBSSH2_MBEDTLS
+    return libssh2_mbedtls;
+#elif defined LIBSSH2_WINCNG
+    return libssh2_wincng;
+#else
+    return libssh2_no_crypto;
+#endif
+}