2 files changed, 30 insertions, 0 deletions

diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h
index ba4f5f44..f4e4fe93 100644
--- a/include/libssh/libssh.h
+++ b/include/libssh/libssh.h
@@ -658,6 +658,7 @@ LIBSSH_API int ssh_event_remove_session(ssh_event event, ssh_session session);
 LIBSSH_API void ssh_event_free(ssh_event event);
 LIBSSH_API const char* ssh_get_clientbanner(ssh_session session);
 LIBSSH_API const char* ssh_get_serverbanner(ssh_session session);
+LIBSSH_API const char* ssh_get_kex_algo(ssh_session session);
 LIBSSH_API const char* ssh_get_cipher_in(ssh_session session);
 LIBSSH_API const char* ssh_get_cipher_out(ssh_session session);
 LIBSSH_API const char* ssh_get_hmac_in(ssh_session session);
diff --git a/src/session.c b/src/session.c
index a3b19ede..90206d42 100644
--- a/src/session.c
+++ b/src/session.c
@@ -315,6 +315,35 @@ const char* ssh_get_serverbanner(ssh_session session) {
 }
 
 /**
+ * @brief get the name of the current key exchange algorithm.
+ *
+ * @param[in] session   The SSH session
+ *
+ * @return Returns the key exchange algorithm string or NULL.
+ */
+const char* ssh_get_kex_algo(ssh_session session) {
+    if ((session == NULL) ||
+        (session->current_crypto == NULL)) {
+        return NULL;
+    }
+
+    switch (session->current_crypto->kex_type) {
+        case SSH_KEX_DH_GROUP1_SHA1:
+            return "diffie-hellman-group1-sha1";
+        case SSH_KEX_DH_GROUP14_SHA1:
+            return "diffie-hellman-group14-sha1";
+        case SSH_KEX_ECDH_SHA2_NISTP256:
+            return "ecdh-sha2-nistp256";
+        case SSH_KEX_CURVE25519_SHA256_LIBSSH_ORG:
+            return "curve25519-sha256@libssh.org";
+        default:
+            break;
+    }
+
+    return NULL;
+}
+
+/**
  * @brief get the name of the input cipher for the given session.
  *
  * @param[in] session The SSH session.