Branch: refs/heads/add-crypto-enumeration-api Home: https://github.com/kronosnet/kronosnet Commit: e7d1521ec08cd9565f4041712e50cfdc13d9c719 https://github.com/kronosnet/kronosnet/commit/e7d1521ec08cd9565f4041712e50cf... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2026-05-08 (Fri, 08 May 2026)
Changed paths: M libknet/crypto.c M libknet/crypto_nss.c M libknet/libknet.h M libknet/libknet_exported_syms M libknet/tests/api-check.mk A libknet/tests/api_knet_get_crypto_cipher_list.c A libknet/tests/api_knet_get_crypto_hash_list.c M man/Makefile.am
Log Message: ----------- Add API to enumerate supported cipher modes and hash algorithms
Implements issue #478 by introducing two new API functions: - knet_get_crypto_cipher_list(): Returns AES cipher modes (CBC/CTR) supported across all crypto backends - knet_get_crypto_hash_list(): Returns hash algorithms supported across all crypto backends
Both functions return the intersection of capabilities across OpenSSL, NSS, and libgcrypt backends. Applications can reliably use any returned cipher/hash combination regardless of which crypto module is loaded.
The cipher list includes both OpenSSL-style hyphenated names (aes-128-cbc) and NSS/libgcrypt non-hyphenated names (aes128) as separate entries.
New structures: - knet_crypto_cipher_info: const char *name, const char *mode, int key_bits - knet_crypto_hash_info: const char *name, int hash_bits
Updated NSS parser to accept hyphenated CBC cipher names (aes-128-cbc, aes-192-cbc, aes-256-cbc) in addition to non-hyphenated variants.
Includes comprehensive tests verifying all returned ciphers and hashes work with all three crypto backends.
Signed-off-by: Fabio M. Di Nitto fabbione@kronosnet.org Co-Authored-By: Claude Sonnet 4.5 noreply@anthropic.com
To unsubscribe from these emails, change your notification settings at https://github.com/kronosnet/kronosnet/settings/notifications
-
Fabio M. Di Nitto