crypto: Add crypto.getEngines()

This adds a new api to show the list of loaded engines of OpenSSL.
It also includes the test of dynamic engine for `crypto.setEngine()`.

Author: shigeki

doc/api/crypto.md

@@ -1698,6 +1698,25 @@ is a bit field taking one of or a mix of the following flags (defined in
 * `crypto.constants.ENGINE_METHOD_ALL`
 * `crypto.constants.ENGINE_METHOD_NONE`
 
+### crypto.getEngines()
+<!-- YAML
+added: REPLACEME
+-->
+
+Returns an array of objects with id, name and flags of loaded engines.
+The flags value represents an integer of one of or a mix of the crypto
+constants described above.
+
+```js
+const crypto = require('crypto');
+console.log(crypto.getEngines());
+// Prints:
+//   [ { id: 'rdrand', name: 'Intel RDRAND engine', flags: 8 },
+//     { id: 'dynamic',
+//       name: 'Dynamic engine loading support',
+//       flags: 4 } ]
+```
+
 ### crypto.timingSafeEqual(a, b)
 <!-- YAML
 added: v6.6.0

lib/crypto.js

@@ -650,6 +650,9 @@ exports.setEngine = function setEngine(id, flags) {
   return binding.setEngine(id, flags);
 };
 
+
+exports.getEngines = binding.getEngines;
+
 exports.randomBytes = exports.pseudoRandomBytes = randomBytes;
 
 exports.rng = exports.prng = randomBytes;

node.gyp

@@ -691,6 +691,18 @@
           'ldflags': [ '-I<(SHARED_INTERMEDIATE_DIR)' ]
         }],
       ]
+    },
+    {
+      # node test engine used in test/parallel/test-crypto-engine.js
+      'target_name': 'node_test_engine',
+      'type': 'loadable_module',
+      'conditions': [
+        ['node_use_openssl=="true" and '
+         'node_shared_openssl=="false" and '
+         'openssl_fips==""', { # fipsld fails to link libcrypto.a
+           'includes': ['test/fixtures/openssl_test_engine/node_test_engine.gypi'],
+         }],
+      ],
     }
   ], # end targets
 

src/env.h

@@ -104,6 +104,7 @@ namespace node {
   V(emitting_top_level_domain_error_string, "_emittingTopLevelDomainError")   \
   V(exchange_string, "exchange")                                              \
   V(enumerable_string, "enumerable")                                          \
+  V(id_string, "id")                                                          \
   V(idle_string, "idle")                                                      \
   V(irq_string, "irq")                                                        \
   V(encoding_string, "encoding")                                              \

src/node_crypto.cc

@@ -5988,11 +5988,41 @@ void SetEngine(const FunctionCallbackInfo<Value>& args) {
     }
   }
 
+  ENGINE_set_flags(engine, flags);
   int r = ENGINE_set_default(engine, flags);
   ENGINE_free(engine);
   if (r == 0)
     return ThrowCryptoError(env, ERR_get_error());
 }
+
+
+void GetEngines(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+  ENGINE* e;
+  int i = 0;
+  Local<Array> arr = Array::New(env->isolate());
+
+  for (e = ENGINE_get_first(); e != nullptr; e = ENGINE_get_next(e)) {
+    const char* id = ENGINE_get_id(e);
+    const char* name = ENGINE_get_name(e);
+    int flags = ENGINE_get_flags(e);
+
+    if (id == nullptr || name == nullptr) {
+      ENGINE_free(e);
+      return env->ThrowError("Invalid Engine: id or name is not found.");
+    }
+
+    Local<Object> obj = Object::New(env->isolate());
+    obj->Set(env->id_string(), OneByteString(env->isolate(), id));
+    obj->Set(env->name_string(), OneByteString(env->isolate(), name));
+    obj->Set(env->flags_string(), Integer::New(env->isolate(), flags));
+    arr->Set(i++, obj);
+  }
+
+  ENGINE_free(e);
+
+  args.GetReturnValue().Set(arr);
+}
 #endif  // !OPENSSL_NO_ENGINE
 
 void GetFipsCrypto(const FunctionCallbackInfo<Value>& args) {
@@ -6042,6 +6072,7 @@ void InitCrypto(Local<Object> target,
   env->SetMethod(target, "certExportChallenge", ExportChallenge);
 #ifndef OPENSSL_NO_ENGINE
   env->SetMethod(target, "setEngine", SetEngine);
+  env->SetMethod(target, "getEngines", GetEngines);
 #endif  // !OPENSSL_NO_ENGINE
   env->SetMethod(target, "getFipsCrypto", GetFipsCrypto);
   env->SetMethod(target, "setFipsCrypto", SetFipsCrypto);

src/node_crypto.h

@@ -744,6 +744,7 @@ class ECDH : public BaseObject {
 bool EntropySource(unsigned char* buffer, size_t length);
 #ifndef OPENSSL_NO_ENGINE
 void SetEngine(const v8::FunctionCallbackInfo<v8::Value>& args);
+void GetEngines(const v8::FunctionCallbackInfo<v8::Value>& args);
 #endif  // !OPENSSL_NO_ENGINE
 void InitCrypto(v8::Local<v8::Object> target);
 

test/fixtures/openssl_test_engine/node_test_engine.c

@@ -0,0 +1,14 @@
+#include <openssl/engine.h>
+
+static const char *engine_id = "node_test_engine";
+static const char *engine_name = "Node Test Engine for OpenSSL";
+
+static int bind(ENGINE *e, const char *id)
+{
+  ENGINE_set_id(e, engine_id);
+  ENGINE_set_name(e, engine_name);
+  return 1;
+}
+
+IMPLEMENT_DYNAMIC_BIND_FN(bind)
+IMPLEMENT_DYNAMIC_CHECK_FN()

test/fixtures/openssl_test_engine/node_test_engine.gypi

@@ -0,0 +1,39 @@
+{
+  'sources': ['node_test_engine.c'],
+  'conditions': [
+    ['OS=="mac"', {
+      'include_dirs': ['<(PRODUCT_DIR)/../../deps/openssl/openssl/include',],
+      'library_dirs': ['<(LIB_DIR)'],
+      'libraries': ['-lopenssl'],
+    }, 'OS=="win"', {
+      'dependencies': [
+        './deps/openssl/openssl.gyp:openssl',
+      ],
+      'include_dirs': ['<(PRODUCT_DIR)/../deps/openssl/openssl/include',],
+      'library_dirs': ['<(LIB_DIR)'],
+      'libraries': [
+        '-lkernel32.lib',
+        '-luser32.lib',
+        '-lgdi32.lib',
+        '-lwinspool.lib',
+        '-lcomdlg32.lib',
+        '-ladvapi32.lib',
+        '-lshell32.lib',
+        '-lole32.lib',
+        '-loleaut32.lib',
+        '-luuid.lib',
+        '-lodbc32.lib',
+        '-lDelayImp.lib',
+        '-lopenssl.lib',
+      ],
+    }, {
+      'library_dirs': ['<(LIB_DIR)/deps/openssl'],
+      'ldflags': ['-lopenssl'],
+      'include_dirs': ['<(PRODUCT_DIR)/../../deps/openssl/openssl/include',],
+    }],
+    [ 'OS in "freebsd openbsd netbsd solaris" or \
+    (OS=="linux" and target_arch!="ia32")', {
+      'cflags': ['-fPIC'],
+    }],
+  ],
+}

test/parallel/test-crypto-engine.js

@@ -1,14 +1,76 @@
 'use strict';
 const common = require('../common');
 
+// This test ensures that a dynamic engine can be registered with
+// crypto.setEngine() and crypto.getEngines() obtains the list for
+// both builtin and dynamic engines.
+
 if (!common.hasCrypto) {
   common.skip('missing crypto');
   return;
 }
 
 const assert = require('assert');
 const crypto = require('crypto');
+const fs = require('fs');
+const path = require('path');
+
+let found = 0;
+
+// check builtin engine exists.
+// A dynamic engine is loaded by ENGINE_load_builtin_engines()
+// in InitCryptoOnce().
+crypto.getEngines().forEach((e) => {
+  if (e.id === 'dynamic')
+    found++;
+});
+
+assert.strictEqual(found, 1);
+
+// check set and get node test engine of
+// test/fixtures/openssl_test_engine/node_test_engine.c
+
+if (process.config.variables.node_shared_openssl) {
+  common.skip('node test engine cannot be built in shared openssl');
+  return;
+}
+
+if (process.config.variables.openssl_fips) {
+  common.skip('node test engine cannot be built in FIPS mode.');
+  return;
+}
+
+let engine_lib;
+
+if (common.isWindows) {
+  engine_lib = 'node_test_engine.dll';
+} else if (common.isAix) {
+  engine_lib = 'libnode_test_engine.a';
+} else if (process.platform === 'darwin') {
+  engine_lib = 'node_test_engine.so';
+} else {
+  engine_lib = 'libnode_test_engine.so';
+}
+
+const test_engine_id = 'node_test_engine';
+const test_engine_name = 'Node Test Engine for OpenSSL';
+const test_engine = path.join(path.dirname(process.execPath), engine_lib);
+
+assert.doesNotThrow(function() {
+  fs.accessSync(test_engine);
+}, 'node test engine ' + test_engine + ' is not found.');
+
+crypto.setEngine(test_engine);
+
+crypto.getEngines().forEach((e) => {
+  if (e.id === test_engine_id && e.name === test_engine_name &&
+      e.flags === crypto.constants.ENGINE_METHOD_ALL)
+    found++;
+});
+
+assert.strictEqual(found, 2);
 
+// Error Tests for setEngine
 assert.throws(function() {
   crypto.setEngine(true);
 }, /^TypeError: "id" argument should be a string$/);