feat(openssl) list functions can now optionally drop provider name

README.md

@@ -460,33 +460,37 @@ Sets the default properties for all future EVP algorithm fetches, implicit as we
 
 ### openssl.list_cipher_algorithms
 
-**syntax**: *ret = openssl.list_cipher_algorithms()*
+**syntax**: *ret = openssl.list_cipher_algorithms(hide_provider?)*
 
-Return available cipher algorithms in an array.
+Return available cipher algorithms in an array. Set `hide_provider` to `true` to
+hide provider name from the result.
 
 [Back to TOC](#table-of-contents)
 
 ### openssl.list_digest_algorithms
 
-**syntax**: *ret = openssl.list_digest_algorithms()*
+**syntax**: *ret = openssl.list_digest_algorithms(hide_provider?)*
 
-Return available digest algorithms in an array.
+Return available digest algorithms in an array. Set `hide_provider` to `true` to
+hide provider name from the result.
 
 [Back to TOC](#table-of-contents)
 
 ### openssl.list_mac_algorithms
 
-**syntax**: *ret = openssl.list_mac_algorithms()*
+**syntax**: *ret = openssl.list_mac_algorithms(hide_provider?)*
 
-Return available MAC algorithms in an array.
+Return available MAC algorithms in an array. Set `hide_provider` to `true` to
+hide provider name from the result.
 
 [Back to TOC](#table-of-contents)
 
 ### openssl.list_kdf_algorithms
 
-**syntax**: *ret = openssl.list_kdf_algorithms()*
+**syntax**: *ret = openssl.list_kdf_algorithms(hide_provider?)*
 
-Return available KDF algorithms in an array.
+Return available KDF algorithms in an array. Set `hide_provider` to `true` to
+hide provider name from the result.
 
 [Back to TOC](#table-of-contents)
 

lib/resty/openssl.lua

@@ -326,7 +326,7 @@ local function list_legacy(typ, get_nid_cf)
   return ret
 end
 
-local function list_provided(typ)
+local function list_provided(typ, hide_provider)
   local typ_lower = string.lower(typ:sub(5)) -- cut off EVP_
   local typ_ptr = typ .. "*"
   require ("resty.openssl.include.evp." .. typ_lower)
@@ -338,9 +338,13 @@ local function list_provided(typ)
               function(elem, _)
                 elem = ffi_cast(typ_ptr, elem)
                 local name = ffi_str(C[typ .. "_get0_name"](elem))
-                -- alternate names are ignored, retrieve use TYPE_names_do_all
-                local prov = ffi_str(C.OSSL_PROVIDER_get0_name(C[typ .. "_get0_provider"](elem)))
-                table.insert(ret, name .. " @ " .. prov)
+                if hide_provider then
+                  table.insert(ret, name)
+                else
+                  -- alternate names are ignored, retrieve use TYPE_names_do_all
+                  local prov = ffi_str(C.OSSL_PROVIDER_get0_name(C[typ .. "_get0_provider"](elem)))
+                  table.insert(ret, name .. " @ " .. prov)
+                end
               end)
 
   C[typ .. "_do_all_provided"](ctx_lib.get_libctx(), fn, nil)
@@ -350,50 +354,40 @@ local function list_provided(typ)
   return ret
 end
 
-function _M.list_cipher_algorithms()
+function _M.list_cipher_algorithms(hide_provider)
   require "resty.openssl.include.evp.cipher"
-  local ret = list_legacy("EVP_CIPHER",
-              OPENSSL_3X and C.EVP_CIPHER_get_nid or C.EVP_CIPHER_nid)
 
   if OPENSSL_3X then
-    local ret_provided = list_provided("EVP_CIPHER")
-    for _, r in ipairs(ret_provided) do
-      table.insert(ret, r)
-    end
+    return list_provided("EVP_CIPHER", hide_provider)
+  else
+    return list_legacy("EVP_CIPHER", C.EVP_CIPHER_nid)
   end
-
-  return ret
 end
 
-function _M.list_digest_algorithms()
+function _M.list_digest_algorithms(hide_provider)
   require "resty.openssl.include.evp.md"
-  local ret = list_legacy("EVP_MD",
-              OPENSSL_3X and C.EVP_MD_get_type or C.EVP_MD_type)
 
   if OPENSSL_3X then
-    local ret_provided = list_provided("EVP_MD")
-    for _, r in ipairs(ret_provided) do
-      table.insert(ret, r)
-    end
+    return list_provided("EVP_MD", hide_provider)
+  else
+    return list_legacy("EVP_MD", C.EVP_MD_type)
   end
-
-  return ret
 end
 
-function _M.list_mac_algorithms()
+function _M.list_mac_algorithms(hide_provider)
   if not OPENSSL_3X then
     return nil, "openssl.list_mac_algorithms is only supported from OpenSSL 3.0"
   end
 
-  return list_provided("EVP_MAC")
+  return list_provided("EVP_MAC", hide_provider)
 end
 
-function _M.list_kdf_algorithms()
+function _M.list_kdf_algorithms(hide_provider)
   if not OPENSSL_3X then
     return nil, "openssl.list_kdf_algorithms is only supported from OpenSSL 3.0"
   end
 
-  return list_provided("EVP_KDF")
+  return list_provided("EVP_KDF", hide_provider)
 end
 
 local valid_ssl_protocols = {

t/openssl.t

@@ -73,7 +73,7 @@ false
     location =/t {
         content_by_lua_block {
             local openssl = require("resty.openssl")
-            ngx.say(require("cjson").encode(openssl.list_cipher_algorithms()))
+            ngx.say(require("cjson").encode(openssl.list_cipher_algorithms(true)))
             local version = require("resty.openssl.version")
             if not version.OPENSSL_3X then
                 ngx.say("[\"AES-256-GCM @ default\"]")
@@ -98,7 +98,7 @@ false
     location =/t {
         content_by_lua_block {
             local openssl = require("resty.openssl")
-            ngx.say(require("cjson").encode(openssl.list_digest_algorithms()))
+            ngx.say(require("cjson").encode(openssl.list_digest_algorithms(true)))
             local version = require("resty.openssl.version")
             if not version.OPENSSL_3X then
                 ngx.say("[\"SHA2-256 @ default\"]")