crypto: add crypto.getCiphers()

Returns a list of, unsurprisingly, the available ciphers.

Author: bnoordhuis

doc/api/crypto.markdown

@@ -10,6 +10,17 @@ of a secure HTTPS net or http connection.
 
 It also offers a set of wrappers for OpenSSL's hash, hmac, cipher, decipher, sign and verify methods.
 
+
+## crypto.getCiphers()
+
+Returns an array with the names of the supported ciphers.
+
+Example:
+
+    var ciphers = crypto.getCiphers();
+    console.log(ciphers); // ['AES128-SHA', 'AES256-SHA', ...]
+
+
 ## crypto.createCredentials(details)
 
 Creates a credentials object, with the optional details being a dictionary with keys:

lib/crypto.js

@@ -34,6 +34,7 @@ try {
   var PBKDF2 = binding.PBKDF2;
   var randomBytes = binding.randomBytes;
   var pseudoRandomBytes = binding.pseudoRandomBytes;
+  var getCiphers = binding.getCiphers;
   var crypto = true;
 } catch (e) {
 
@@ -193,3 +194,5 @@ exports.pseudoRandomBytes = pseudoRandomBytes;
 
 exports.rng = randomBytes;
 exports.prng = pseudoRandomBytes;
+
+exports.getCiphers = getCiphers;

src/node_crypto.cc

@@ -4617,6 +4617,35 @@ Handle<Value> RandomBytes(const Arguments& args) {
 }
 
 
+Handle<Value> GetCiphers(const Arguments& args) {
+  HandleScope scope;
+
+  SSL_CTX* ctx = SSL_CTX_new(TLSv1_server_method());
+  if (ctx == NULL) {
+    return ThrowError("SSL_CTX_new() failed.");
+  }
+
+  SSL* ssl = SSL_new(ctx);
+  if (ssl == NULL) {
+    SSL_CTX_free(ctx);
+    return ThrowError("SSL_new() failed.");
+  }
+
+  Local<Array> arr = Array::New();
+  STACK_OF(SSL_CIPHER)* ciphers = SSL_get_ciphers(ssl);
+
+  for (int i = 0; i < sk_SSL_CIPHER_num(ciphers); ++i) {
+    SSL_CIPHER* cipher = sk_SSL_CIPHER_value(ciphers, i);
+    arr->Set(i, String::New(SSL_CIPHER_get_name(cipher)));
+  }
+
+  SSL_free(ssl);
+  SSL_CTX_free(ctx);
+
+  return scope.Close(arr);
+}
+
+
 void InitCrypto(Handle<Object> target) {
   HandleScope scope;
 
@@ -4656,6 +4685,7 @@ void InitCrypto(Handle<Object> target) {
   NODE_SET_METHOD(target, "PBKDF2", PBKDF2);
   NODE_SET_METHOD(target, "randomBytes", RandomBytes<RAND_bytes>);
   NODE_SET_METHOD(target, "pseudoRandomBytes", RandomBytes<RAND_pseudo_bytes>);
+  NODE_SET_METHOD(target, "getCiphers", GetCiphers);
 
   subject_symbol    = NODE_PSYMBOL("subject");
   issuer_symbol     = NODE_PSYMBOL("issuer");

test/simple/test-crypto.js

@@ -683,3 +683,7 @@ testPBKDF2('passwordPASSWORDpassword',
 testPBKDF2('pass\0word', 'sa\0lt', 4096, 16,
            '\x56\xfa\x6a\xa7\x55\x48\x09\x9d\xcc\x37\xd7\xf0\x34' +
            '\x25\xe0\xc3');
+
+// Assume that we have at least AES256-SHA.
+assert.notEqual(0, crypto.getCiphers());
+assert.notEqual(-1, crypto.getCiphers().indexOf('AES256-SHA'));