Branch: refs/heads/add-crypto-enumeration-api Home: https://github.com/kronosnet/kronosnet Commit: 97b717b709dc834082915520371f47b655c64892 https://github.com/kronosnet/kronosnet/commit/97b717b709dc834082915520371f47... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2026-05-07 (Thu, 07 May 2026)

Changed paths: M libknet/crypto.c M libknet/libknet.h M libknet/libknet_exported_syms M libknet/tests/api-check.mk A libknet/tests/api_knet_get_crypto_cipher_list.c A libknet/tests/api_knet_get_crypto_hash_list.c M man/Makefile.am

Log Message: ----------- Add API to enumerate supported cipher modes and hash algorithms

Implements issue #478 by introducing two new API functions: - knet_get_crypto_cipher_list(): Returns AES cipher modes (CBC/CTR) supported across all crypto backends - knet_get_crypto_hash_list(): Returns hash algorithms supported across all crypto backends

The functions return the intersection of capabilities across OpenSSL, NSS, and libgcrypt backends, ensuring applications can reliably use any returned cipher/hash combination regardless of which crypto module is loaded at runtime.

Key implementation decisions: - Uses hardcoded lists to avoid loading all crypto modules unconditionally - Flattened cipher list includes both OpenSSL (hyphenated) and NSS/gcrypt (non-hyphenated) naming conventions as separate entries to simplify application logic - Cipher list: 12 entries covering AES-128/192/256 in CBC and CTR modes - Hash list: 5 entries covering md5, sha1, sha256, sha384, sha512

New structures: - knet_crypto_cipher_info: name, mode, key_bits - knet_crypto_hash_info: name, hash_bits

Includes comprehensive API tests following existing patterns.

Signed-off-by: Fabio M. Di Nitto fabbione@kronosnet.org Co-Authored-By: Claude Sonnet 4.5 noreply@anthropic.com

To unsubscribe from these emails, change your notification settings at https://github.com/kronosnet/kronosnet/settings/notifications