1 /*******************************************************************************
2 
3         copyright:      Copyright (c) 2008 Jeff Davey. All rights reserved
4 
5         license:        BSD style: $(LICENSE)
6 
7         author:         Jeff Davey <j@submersion.com>
8 
9 *******************************************************************************/
10 
11 module tango.net.util.c.OpenSSL;
12 
13 private import tango.sys.SharedLib;
14 private import tango.sys.Environment;
15 
16 private import tango.stdc.stdio;
17 private import tango.stdc.stringz;
18 private import tango.stdc.config: c_long,c_ulong;
19 
20 private import tango.io.FilePath;
21 
22 private import tango.core.Thread;
23 private import tango.core.sync.Mutex;
24 private import tango.core.sync.ReadWriteMutex;
25 
26 private import tango.text.convert.Format;
27 private import Integer = tango.text.convert.Integer;
28 
29 /*******************************************************************************
30 
31     This module contains all of the dynamic bindings needed to the
32     OpenSSL libraries (libssl.so/libssl32.dll and libcrypto.so/libeay32.dll) 
33 
34 *******************************************************************************/
35 
36 /*
37    XXX TODO XXX
38 
39    A lot of unsigned longs and longs were converted to uint and int
40 
41    These will need to be reversed to support 64bit tango
42    (should use c_long and c_ulong from tango.stdc.config)
43 
44    XXX TODO XXX
45 */
46 
47 
48 version(linux)
49 {
50     version(build)
51     {
52         pragma(link, "dl");
53     }
54 }
55 
56 enum uint BYTES_ENTROPY = 2048; // default bytes of entropy to load on startup.
57 __gshared private CRYPTO_dynlock_value *last = null;
58 __gshared Mutex _dynLocksMutex = null;
59 extern (C)
60 {
61     enum int NID_sha1 = 64;
62     enum int NID_md5 = 4;
63     enum int RSA_PKCS1_OAEP_PADDING = 4;
64     enum int RSA_PKCS1_PADDING = 1;
65     enum int BIO_C_SET_NBIO = 102;
66     enum int SHA_DIGEST_LENGTH = 20;
67     enum int SSL_CTRL_SET_SESS_CACHE_MODE = 44;
68     enum int MBSTRING_FLAG = 0x1000;
69     enum int MBSTRING_ASC = MBSTRING_FLAG | 1;
70     enum int EVP_PKEY_RSA = 6;
71     enum int RSA_F4 = 0x1001;
72     enum int SSL_SENT_SHUTDOWN = 1;
73     enum int SSL_RECEIVED_SHUTDOWN = 2;
74     enum int BIO_C_GET_SSL = 110;
75     enum int BIO_CTRL_RESET = 1;
76     enum int BIO_CTRL_INFO = 3;
77     enum int BIO_FLAGS_READ = 0x01;
78     enum int BIO_FLAGS_WRITE = 0x02;
79     enum int BIO_FLAGS_IO_SPECIAL = 0x04;
80     enum int BIO_FLAGS_SHOULD_RETRY = 0x08;
81     enum int BIO_CLOSE = 0x00;
82     enum int BIO_NOCLOSE = 0x01;
83     enum int ASN1_STRFLGS_ESC_CTRL = 2;
84     enum int ASN1_STRFLGS_ESC_MSB = 4;
85     enum int XN_FLAG_SEP_MULTILINE = (4 << 16);
86     enum int XN_FLAG_SPC_EQ = (1 << 23);
87     enum int XN_FLAG_FN_LN = (1 << 21);
88     enum int XN_FLAG_FN_ALIGN = (1 << 25);
89     enum int XN_FLAG_MULTILINE = ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN;
90 
91     enum immutable(char)* PEM_STRING_EVP_PKEY = "ANY PRIVATE KEY";
92     enum immutable(char)* PEM_STRING_X509 = "CERTIFICATE";   
93     enum immutable(char)* PEM_STRING_RSA_PUBLIC = "RSA PUBLIC KEY";    
94 
95     enum int SSL_CTRL_OPTIONS = 32;
96 
97     enum int SSL_OP_ALL = 0x00000FFFL;
98     enum int SSL_OP_NO_SSLv2 = 0x01000000L;
99 
100     enum int CRYPTO_LOCK = 1;
101     enum int CRYPTO_UNLOCK = 2;
102     enum int CRYPTO_READ = 4;
103     enum int CRYPTO_WRITE = 8;
104 
105     enum int ERR_TXT_STRING = 0x02;
106 
107     enum int MD5_CBLOCK = 64;
108     enum int MD5_LBLOCK = MD5_CBLOCK / 4;
109     enum int MD5_DIGEST_LENGTH = 16;
110 
111     enum int EVP_MAX_BLOCK_LENGTH = 32;
112     enum int EVP_MAX_IV_LENGTH = 16;
113 
114     struct MD5_CTX
115     {
116         uint A;
117         uint B;
118         uint C;
119         uint D;
120         uint Nl;
121         uint Nh;
122         uint[MD5_LBLOCK] data;
123         uint num;
124     };
125 
126     struct EVP_CIPHER_CTX
127     {
128         void *cipher;
129         void *engine;
130         int encrypt;
131         int buf_len;
132 
133         ubyte[EVP_MAX_IV_LENGTH] oiv;
134         ubyte[EVP_MAX_IV_LENGTH] iv;
135         ubyte[EVP_MAX_BLOCK_LENGTH] buf;
136         int num;
137 
138         void *ap_data;
139         int key_len;
140         c_ulong flags;
141         void *cipher_data;
142         int final_used;
143         int block_mask;
144         ubyte[EVP_MAX_BLOCK_LENGTH] finalv;
145     };
146     
147     // fallback for OpenSSL 0.9.7l 28 Sep 2006 that defines only macros
148     int EVP_CIPHER_CTX_block_size_097l(EVP_CIPHER_CTX *e){
149         return *((cast(int*)e.cipher)+1);
150     }
151 
152     struct BIO 
153     {
154         BIO_METHOD *method;
155         int function(BIO *b, int a, char *c, int d, int e, int f) callback;
156         char *cb_arg;
157         int init;
158         int shutdown;
159         int flags;
160         // yadda yadda
161     };
162 
163     alias BIO* function(int sock, int close_flag) tBIO_new_socket;
164     alias BIO* function(SSL_CTX *ctx, int client) tBIO_new_ssl;
165     alias void function(BIO *bio) tBIO_free_all;
166     alias BIO* function(BIO *b, BIO *append) tBIO_push;
167 
168     struct SSL_CTX {};
169     struct SSL {};
170     struct SSL_METHOD {};
171     struct EVP_PKEY 
172     {
173         int type;
174         int save_type;
175         int references;
176         void *ameth;
177         void *engine;
178         union Pkey
179         {
180                 void *ptr;
181                 RSA *rsa;
182                 DSA *dsa;
183                 DH *dh;
184         };
185         Pkey pkey;
186         
187         
188         // yadda yadda ...        
189     };
190     struct X509_STORE_CTX {};
191     struct EVP_CIPHER {};
192     struct X509_ALGOR {};
193     struct ASN1_INTEGER {};
194     struct EVP_MD {};
195 
196     struct ASN1_STRING
197     {
198         int length;
199         int type;
200         char *data;
201         int flags;
202     }
203 
204     alias ASN1_STRING ASN1_GENERALIZEDTIME;
205     alias ASN1_STRING ASN1_TIME;
206 
207     struct X509_STORE {};
208     struct X509_VAL
209     {
210         ASN1_TIME *notBefore;
211         ASN1_TIME *notAfter;
212     }
213     struct X509_CINF  // being lazy here, only doing the first peices up to what I need
214     {
215         ASN1_INTEGER *vers;
216         ASN1_INTEGER *serialNumber;
217         X509_ALGOR *signature;
218         X509_NAME *issuer;
219         X509_VAL *validity;
220         // yadda yadda
221     }
222 
223     struct X509  // ditto X509_CINF
224     {
225         X509_CINF *cert_info; 
226         // yadda yadda
227     };
228     struct X509_NAME {};
229     struct RSA {};
230     struct DSA {};
231     struct DH {};
232     struct BIO_METHOD {};
233     struct EVP_PKEY_CTX {};
234     
235     alias int function(char *buf, int size, int rwflag, void *userdata) pem_password_cb;
236     alias char *function() d2i_of_void;
237     alias int function() i2d_of_void;
238     alias SSL_CTX* function(SSL_METHOD *meth) tSSL_CTX_new;
239     alias SSL_METHOD* function() tSSLv23_method;
240     alias EVP_PKEY* function(int type, EVP_PKEY **a, ubyte **pp, int length) td2i_PrivateKey;
241     alias int function(SSL_CTX *ctx, EVP_PKEY *pkey) tSSL_CTX_use_PrivateKey;
242     alias void function(SSL_CTX *ctx, int mode, int function(int, X509_STORE_CTX *) callback) tSSL_CTX_set_verify;
243     alias void function(EVP_PKEY *pkey) tEVP_PKEY_free;
244     alias int function(SSL_CTX *ctx, int cmd, int larg, void *parg) tSSL_CTX_ctrl;
245     alias int function(SSL_CTX *ctx, const(char) *str) tSSL_CTX_set_cipher_list;
246     alias void function(SSL_CTX *) tSSL_CTX_free;
247     alias void function() tSSL_load_error_strings;
248     alias void function() tSSL_library_init;
249     alias void function() tOpenSSL_add_all_digests;
250     alias int function(const(char) *file, int max_bytes) tRAND_load_file;
251     alias int function() tCRYPTO_num_locks;
252     alias void function(uint function() cb) tCRYPTO_set_id_callback;
253     alias void function(void function(int mode, int type, const(char) *file, int line) cb) tCRYPTO_set_locking_callback;
254     alias void function(CRYPTO_dynlock_value *function(const(char) *file, int line) cb) tCRYPTO_set_dynlock_create_callback;    
255     alias void function(void function(int mode, CRYPTO_dynlock_value *lock, const(char) *file, int lineNo) cb) tCRYPTO_set_dynlock_lock_callback;
256     alias void function(void function(CRYPTO_dynlock_value *lock, const(char) *file, int line) cb) tCRYPTO_set_dynlock_destroy_callback;
257     alias uint function(const(char) **file, int *line, const(char) **data, int *flags) tERR_get_error_line_data;
258     alias void function(uint pid) tERR_remove_state;
259     alias void function() tRAND_cleanup;
260     alias void function() tERR_free_strings;
261     alias void function() tEVP_cleanup;
262     alias void function() tOBJ_cleanup;
263     alias void function() tX509V3_EXT_cleanup;
264     alias void function() tCRYPTO_cleanup_all_ex_data;
265     alias int function(BIO *b, void *data, int len) tBIO_write;
266     alias int function(BIO *b, void *data, int len) tBIO_read;
267     alias int function(SSL_CTX *ctx) tSSL_CTX_check_private_key;
268     alias EVP_PKEY* function(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, in void *u) tPEM_read_bio_PrivateKey;
269     alias EVP_PKEY* function(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, in void *u) tPEM_read_bio_PUBKEY;
270     alias BIO* function(const(char) *filename, const(char) *mode) tBIO_new_file;
271     alias int function() tERR_peek_error;
272     alias int function(BIO *b, int flags) tBIO_test_flags;
273     alias int function(BIO *b, int cmd, int larg, void *parg) tBIO_ctrl; 
274     alias void function(SSL *ssl, int mode) tSSL_set_shutdown;
275     alias int function(SSL *ssl) tSSL_get_shutdown;
276     alias int function(SSL_CTX *ctx, X509 *x) tSSL_CTX_use_certificate;
277     alias void function(SSL_CTX *CTX, X509_STORE *store) tSSL_CTX_set_cert_store;
278     alias int function(SSL_CTX *ctx, const(char) *CAfile, const(char) *CApath) tSSL_CTX_load_verify_locations;
279     alias X509* function(X509_STORE_CTX *ctx) tX509_STORE_CTX_get_current_cert;
280     alias int function(X509_STORE_CTX *ctx) tX509_STORE_CTX_get_error;
281     alias int function(X509_STORE_CTX *ctx) tX509_STORE_CTX_get_error_depth;
282     alias X509_STORE* function() tX509_STORE_new;
283     alias void function(X509_STORE *v) tX509_STORE_free;
284     alias int function(X509_STORE *store, X509 *x) tX509_STORE_add_cert;
285 //    alias int function(X509_STORE *store, int depth) tX509_STORE_set_depth;
286     alias BIO* function(void *buff, int len) tBIO_new_mem_buf;
287     alias RSA* function(int bits, uint e, void function(int a, int b, void *c) callback, void *cb_arg) tRSA_generate_key;
288     alias EVP_PKEY* function() tEVP_PKEY_new;
289     alias int function(EVP_PKEY *pkey, int type, char *key) tEVP_PKEY_assign;
290     alias void function(RSA *r) tRSA_free;
291     alias BIO* function(BIO_METHOD *type) tBIO_new;
292     alias BIO_METHOD* function() tBIO_s_mem;
293     alias int function(BIO *bp, EVP_PKEY *x, const(EVP_CIPHER) *cipher, char *kstr, int klen, pem_password_cb, in void *) tPEM_write_bio_PKCS8PrivateKey;
294     alias int function(BIO *bp, EVP_PKEY *x) tPEM_write_bio_PUBKEY;
295     alias EVP_CIPHER* function() tEVP_aes_256_cbc;
296     alias void* function(d2i_of_void d2i, const(char) *name, BIO *bp, void **x, pem_password_cb cb, void *u) tPEM_ASN1_read_bio;
297     alias X509* function() tX509_new;
298     alias void function(X509 *x) tX509_free;
299     alias int function(X509 *x, int ver) tX509_set_version;
300     alias int function(ASN1_INTEGER *a, int v) tASN1_INTEGER_set;
301     alias ASN1_INTEGER* function(X509 *x) tX509_get_serialNumber;
302     alias int function(ASN1_INTEGER *a) tASN1_INTEGER_get;
303     alias ASN1_TIME* function(ASN1_TIME *s, int adj) tX509_gmtime_adj;
304     alias int function(X509 *x, EVP_PKEY *pkey) tX509_set_pubkey;
305     alias X509_NAME* function(X509 *x) tX509_get_subject_name;
306     alias int function(BIO *b, X509_NAME *nm, int indent, uint flags) tX509_NAME_print_ex;
307     alias int function(X509 *x, X509_NAME *name) tX509_set_issuer_name;
308     alias int function(X509 *x, EVP_PKEY *pkey, EVP_MD *md) tX509_sign;
309     alias EVP_MD* function() tEVP_sha1;
310     alias X509_STORE_CTX* function() tX509_STORE_CTX_new;
311     alias int function(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, void *shizzle) tX509_STORE_CTX_init;
312     alias int function(X509_STORE_CTX *ctx) tX509_verify_cert;
313     alias void function(X509_STORE_CTX *ctx) tX509_STORE_CTX_free;
314     alias int function(i2d_of_void i2d, const(char) *name, BIO *bp, char *x, const(EVP_CIPHER) *enc, char *kstr, int klen, pem_password_cb cb, void *u) tPEM_ASN1_write_bio;
315     alias int function(X509_NAME *name, in char* field, int type, const(char) *bytes, int len, int loc, int set) tX509_NAME_add_entry_by_txt;
316     alias int function(SSL_CTX *ctx, ubyte *id, uint len) tSSL_CTX_set_session_id_context;
317     alias int function(EVP_PKEY *a, EVP_PKEY *b) tEVP_PKEY_cmp_parameters;
318     alias int function(X509 *a, X509 *b) tX509_cmp;
319     alias void function() tOPENSSL_add_all_algorithms_noconf;
320     alias ASN1_GENERALIZEDTIME *function(ASN1_TIME *t, ASN1_GENERALIZEDTIME **outTime) tASN1_TIME_to_generalizedtime;
321     alias void function(ASN1_STRING *a) tASN1_STRING_free;
322     alias int function() tRAND_poll;
323     alias int function(RSA *rsa) tRSA_size;
324     alias int function(int flen, ubyte *from, ubyte *to, RSA *rsa, int padding) tRSA_public_encrypt;
325     alias int function(int flen, ubyte *from, ubyte *to, RSA *rsa, int padding) tRSA_private_decrypt;
326     alias int function(int flen, ubyte *from, ubyte *to, RSA *rsa, int padding) tRSA_private_encrypt;
327     alias int function(int flen, ubyte *from, ubyte *to, RSA *rsa, int padding) tRSA_public_decrypt;
328     alias int function(int type, ubyte *m, uint m_length, ubyte *sigret, uint *siglen, RSA *rsa) tRSA_sign;
329     alias int function(int type, ubyte *m, uint m_length, ubyte *sigbuf, uint siglen, RSA *rsa) tRSA_verify;
330     alias void function(MD5_CTX *c) tMD5_Init;
331     alias void function(MD5_CTX *c, in void *data, size_t len) tMD5_Update;
332     alias void function(ubyte *md, MD5_CTX *c) tMD5_Final;
333     alias int function(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, void *impl, ubyte *key, ubyte *iv) tEVP_EncryptInit_ex;
334     alias int function(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, void *impl, ubyte *key, ubyte*iv) tEVP_DecryptInit_ex;
335     alias int function(EVP_CIPHER_CTX *ctx, ubyte *outv, int *outl, ubyte *inv, int inl) tEVP_EncryptUpdate;
336     alias int function(EVP_CIPHER_CTX *ctx, ubyte *outv, int *outl, ubyte *inv, int inl) tEVP_DecryptUpdate;
337     alias int function(EVP_CIPHER_CTX *ctx, ubyte *outv, int *outl) tEVP_EncryptFinal_ex;
338     alias int function(EVP_CIPHER_CTX *ctx, ubyte *outv, int *outl) tEVP_DecryptFinal_ex;
339     alias int function(EVP_CIPHER_CTX *ctx) tEVP_CIPHER_CTX_block_size;
340     alias EVP_CIPHER *function() tEVP_aes_128_cbc;
341     alias int function(EVP_CIPHER_CTX *ctx) tEVP_CIPHER_CTX_cleanup;
342     
343     alias int function(int) tEVP_PKEY_type;
344     alias RSA* function(EVP_PKEY *pkey) tEVP_PKEY_get1_RSA;
345     alias DSA* function(EVP_PKEY *pkey) tEVP_PKEY_get1_DSA;
346     
347     
348     alias EVP_PKEY_CTX* function(EVP_PKEY *pkey, void *e) tEVP_PKEY_CTX_new;
349     alias void function(EVP_PKEY_CTX *ctx) tEVP_PKEY_CTX_free;   
350     
351     
352     alias int function(EVP_PKEY_CTX *ctx) tEVP_PKEY_sign_init;
353     alias int function(EVP_PKEY_CTX *ctx, ubyte *sig, size_t *siglen, const ubyte *tbs, size_t tbslen) tEVP_PKEY_sign;
354     
355     alias int function(EVP_PKEY_CTX *ctx) tEVP_PKEY_verify_init;
356     alias int function(EVP_PKEY_CTX *ctx, const ubyte *sig, size_t siglen, const ubyte *tbs, size_t tbslen) tEVP_PKEY_verify;
357     
358     alias int function(EVP_PKEY_CTX *ctx) tEVP_PKEY_encrypt_init;
359     alias int function(EVP_PKEY_CTX *ctx, ubyte *outdata, size_t *outlen, const ubyte *indata, size_t inlen) tEVP_PKEY_encrypt;
360     
361     alias int function(EVP_PKEY_CTX *ctx) tEVP_PKEY_decrypt_init;
362     alias int function(EVP_PKEY_CTX *ctx, ubyte *outdata, size_t *outlen, const ubyte *indata, size_t inlen) tEVP_PKEY_decrypt;
363     
364     struct CRYPTO_dynlock_value
365     {
366         ReadWriteMutex lock;
367         CRYPTO_dynlock_value *next;
368         CRYPTO_dynlock_value *prev;
369     }
370 
371     uint sslThreadId()
372     {
373         return cast(uint)cast(void*)Thread.getThis();
374     }
375     void sslStaticLock(int mode, int index, const(char) *sourceFile, int lineNo)
376     {
377         if (_locks)
378         {
379             if (mode & CRYPTO_LOCK)
380             {
381                 if (mode & CRYPTO_READ)
382                     _locks[index].reader.lock();
383                 else
384                     _locks[index].writer.lock();
385             }
386             else
387             {
388                 if (mode & CRYPTO_READ)
389                     _locks[index].reader.unlock();
390                 else
391                     _locks[index].writer.unlock();
392             }
393 
394         } 
395     }
396     uint ablah = 0;
397     CRYPTO_dynlock_value *sslDynamicLockCreate(const(char) *sourceFile, int lineNo)
398     {
399         auto rtn = new CRYPTO_dynlock_value;
400         rtn.lock = new ReadWriteMutex;
401         synchronized
402         {
403             if (last is null)
404                 last = rtn;
405             else
406             {
407                 rtn.prev = last;
408                 last.next = rtn;
409                 last = rtn;
410             }        
411         }
412         return rtn; 
413     }
414 
415     void sslDynamicLockLock(int mode, CRYPTO_dynlock_value *lock, const(char) *sourceFile, int lineNo)
416     {
417         if (lock && lock.lock)
418         {
419             if (mode & CRYPTO_LOCK)
420             {
421                 if (mode & CRYPTO_READ)
422                     lock.lock.reader.lock();
423                 else
424                     lock.lock.writer.lock();
425             }
426             else
427             {
428                 if (mode & CRYPTO_READ)
429                     lock.lock.reader.unlock();
430                 else
431                     lock.lock.writer.unlock();
432             }
433         } 
434     }
435 
436     void sslDynamicLockDestroy(CRYPTO_dynlock_value *lock, const(char) *sourceFile, int lineNo)
437     {
438         synchronized
439         {
440             if (lock.prev)
441                 lock.prev.next = lock.next;
442             if (lock.next)
443                 lock.next.prev = lock.prev;    
444             if (lock is last)
445                 last = lock.prev;
446             lock = lock.next = lock.prev = null;
447         }
448     }
449 
450 }
451 private bool _bioTestFlags = true;
452 __gshared
453 {
454 tBIO_test_flags BIO_test_flags;
455 tBIO_new_socket BIO_new_socket;
456 tBIO_new_ssl BIO_new_ssl;
457 tBIO_free_all BIO_free_all;
458 tBIO_push BIO_push;
459 tBIO_read BIO_read;
460 tBIO_write BIO_write;
461 tSSL_CTX_new SSL_CTX_new;
462 tSSLv23_method SSLv23_method;
463 td2i_PrivateKey d2i_PrivateKey;
464 tSSL_CTX_use_PrivateKey SSL_CTX_use_PrivateKey;
465 tSSL_CTX_set_verify SSL_CTX_set_verify;
466 tEVP_PKEY_free EVP_PKEY_free;
467 tSSL_CTX_ctrl SSL_CTX_ctrl;
468 tSSL_CTX_set_cipher_list SSL_CTX_set_cipher_list;
469 tSSL_CTX_free SSL_CTX_free;
470 tSSL_load_error_strings SSL_load_error_strings;
471 tSSL_library_init SSL_library_init;
472 tRAND_load_file RAND_load_file;
473 tCRYPTO_num_locks CRYPTO_num_locks;
474 tCRYPTO_set_id_callback CRYPTO_set_id_callback;
475 tCRYPTO_set_locking_callback CRYPTO_set_locking_callback;
476 tCRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_create_callback;
477 tCRYPTO_set_dynlock_lock_callback CRYPTO_set_dynlock_lock_callback;
478 tCRYPTO_set_dynlock_destroy_callback CRYPTO_set_dynlock_destroy_callback;
479 tERR_get_error_line_data ERR_get_error_line_data;
480 tERR_remove_state ERR_remove_state;
481 tRAND_cleanup RAND_cleanup;
482 tERR_free_strings ERR_free_strings;
483 tEVP_cleanup EVP_cleanup;
484 tOBJ_cleanup OBJ_cleanup;
485 tX509V3_EXT_cleanup X509V3_EXT_cleanup;
486 tCRYPTO_cleanup_all_ex_data CRYPTO_cleanup_all_ex_data;
487 tSSL_CTX_check_private_key SSL_CTX_check_private_key;
488 tPEM_read_bio_PrivateKey PEM_read_bio_PrivateKey;
489 tPEM_read_bio_PUBKEY PEM_read_bio_PUBKEY;
490 tBIO_new_file BIO_new_file;
491 tERR_peek_error ERR_peek_error;
492 tBIO_ctrl BIO_ctrl;
493 tSSL_get_shutdown SSL_get_shutdown;
494 tSSL_set_shutdown SSL_set_shutdown;
495 tSSL_CTX_use_certificate SSL_CTX_use_certificate;
496 tSSL_CTX_set_cert_store SSL_CTX_set_cert_store;
497 tSSL_CTX_load_verify_locations SSL_CTX_load_verify_locations;
498 tX509_STORE_CTX_get_current_cert X509_STORE_CTX_get_current_cert;
499 tX509_STORE_CTX_get_error_depth X509_STORE_CTX_get_error_depth;
500 tX509_STORE_CTX_get_error X509_STORE_CTX_get_error;
501 tX509_STORE_new X509_STORE_new;
502 tX509_STORE_free X509_STORE_free;
503 tX509_STORE_add_cert X509_STORE_add_cert;
504 //tX509_STORE_set_depth X509_STORE_set_depth;
505 tBIO_new_mem_buf BIO_new_mem_buf;
506 tRSA_generate_key RSA_generate_key;
507 tEVP_PKEY_new EVP_PKEY_new;
508 tEVP_PKEY_assign EVP_PKEY_assign;
509 tRSA_free RSA_free;
510 tBIO_new BIO_new;
511 tBIO_s_mem BIO_s_mem;
512 tPEM_write_bio_PKCS8PrivateKey PEM_write_bio_PKCS8PrivateKey;
513 tPEM_write_bio_PUBKEY PEM_write_bio_PUBKEY;
514 tEVP_aes_256_cbc EVP_aes_256_cbc;
515 tPEM_ASN1_read_bio PEM_ASN1_read_bio;
516 d2i_of_void d2i_X509;
517 d2i_of_void d2i_RSAPublicKey;
518 tX509_new X509_new;
519 tX509_free X509_free;
520 tX509_set_version X509_set_version;
521 tASN1_INTEGER_set ASN1_INTEGER_set;
522 tX509_get_serialNumber X509_get_serialNumber;
523 tASN1_INTEGER_get ASN1_INTEGER_get;
524 tX509_gmtime_adj X509_gmtime_adj;
525 tX509_set_pubkey X509_set_pubkey;
526 tX509_get_subject_name X509_get_subject_name;
527 tX509_NAME_print_ex X509_NAME_print_ex;
528 tX509_set_issuer_name X509_set_issuer_name;
529 tX509_sign X509_sign;
530 tEVP_sha1 EVP_sha1;
531 tX509_STORE_CTX_new X509_STORE_CTX_new;
532 tX509_STORE_CTX_init X509_STORE_CTX_init;
533 tX509_verify_cert X509_verify_cert;
534 tX509_STORE_CTX_free X509_STORE_CTX_free;
535 tPEM_ASN1_write_bio PEM_ASN1_write_bio;
536 i2d_of_void i2d_X509;
537 i2d_of_void i2d_RSAPublicKey;
538 tX509_NAME_add_entry_by_txt X509_NAME_add_entry_by_txt;
539 tSSL_CTX_set_session_id_context SSL_CTX_set_session_id_context;
540 tEVP_PKEY_cmp_parameters EVP_PKEY_cmp_parameters;
541 tX509_cmp X509_cmp;
542 tOPENSSL_add_all_algorithms_noconf OPENSSL_add_all_algorithms_noconf;
543 tASN1_TIME_to_generalizedtime ASN1_TIME_to_generalizedtime;
544 tASN1_STRING_free ASN1_STRING_free;
545 tRAND_poll RAND_poll;
546 tRSA_size RSA_size;
547 tRSA_public_encrypt RSA_public_encrypt;
548 tRSA_private_decrypt RSA_private_decrypt;
549 tRSA_private_encrypt RSA_private_encrypt;
550 tRSA_public_decrypt RSA_public_decrypt;
551 tRSA_sign RSA_sign;
552 tRSA_verify RSA_verify;
553 tMD5_Init MD5_Init;
554 tMD5_Update MD5_Update;
555 tMD5_Final MD5_Final;
556 tEVP_EncryptInit_ex EVP_EncryptInit_ex;
557 tEVP_DecryptInit_ex EVP_DecryptInit_ex;
558 tEVP_EncryptUpdate EVP_EncryptUpdate;
559 tEVP_DecryptUpdate EVP_DecryptUpdate;
560 tEVP_EncryptFinal_ex EVP_EncryptFinal_ex;
561 tEVP_DecryptFinal_ex EVP_DecryptFinal_ex;
562 tEVP_aes_128_cbc EVP_aes_128_cbc;
563 tEVP_CIPHER_CTX_block_size EVP_CIPHER_CTX_block_size;
564 tEVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_cleanup;
565 
566 tEVP_PKEY_type EVP_PKEY_type;
567 tEVP_PKEY_get1_RSA EVP_PKEY_get1_RSA;
568 tEVP_PKEY_get1_DSA EVP_PKEY_get1_DSA;
569 
570 tEVP_PKEY_CTX_new EVP_PKEY_CTX_new;
571 tEVP_PKEY_CTX_free EVP_PKEY_CTX_free;
572 tEVP_PKEY_sign_init EVP_PKEY_sign_init;
573 tEVP_PKEY_sign EVP_PKEY_sign;
574 tEVP_PKEY_verify_init EVP_PKEY_verify_init;
575 tEVP_PKEY_verify EVP_PKEY_verify;
576 
577 tEVP_PKEY_encrypt_init EVP_PKEY_encrypt_init;
578 tEVP_PKEY_encrypt EVP_PKEY_encrypt;
579 tEVP_PKEY_decrypt_init EVP_PKEY_decrypt_init;
580 tEVP_PKEY_decrypt EVP_PKEY_decrypt;
581 }
582 int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x)
583 {
584     return PEM_ASN1_write_bio(i2d_RSAPublicKey, PEM_STRING_RSA_PUBLIC, bp, cast(char*)x, null, null, 0, null, null);
585 }
586 
587 RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x, pem_password_cb cb, void *u)
588 {
589     return cast(RSA *)PEM_ASN1_read_bio(d2i_RSAPublicKey, PEM_STRING_RSA_PUBLIC, bp, cast(void **)x, cb, u);
590 }
591 
592 int PEM_write_bio_X509(BIO *b, X509 *x)
593 {
594     return PEM_ASN1_write_bio(i2d_X509, PEM_STRING_X509, b,cast(char *)x, null, null, 0, null, null);
595 }
596 
597 ASN1_TIME *X509_get_notBefore(X509 *x)
598 {
599     return x.cert_info.validity.notBefore;
600 }
601 
602 ASN1_TIME *X509_get_notAfter(X509 *x)
603 {
604     return x.cert_info.validity.notAfter;
605 }
606 
607 int EVP_PKEY_assign_RSA(EVP_PKEY *key, RSA *rsa)
608 {
609     return EVP_PKEY_assign(key, EVP_PKEY_RSA, cast(char*)rsa);
610 }
611 
612 int BIO_get_mem_data(BIO *b, char **data)
613 {
614     return BIO_ctrl(b, BIO_CTRL_INFO, 0, data);
615 }
616 
617 void BIO_get_ssl(BIO *b, SSL **obj)
618 {
619     BIO_ctrl(b, BIO_C_GET_SSL, 0, obj);
620 }
621 
622 int SSL_CTX_set_options(SSL_CTX *ctx, int larg)
623 {
624     return SSL_CTX_ctrl(ctx, SSL_CTRL_OPTIONS, larg, null);
625 }
626 
627 int SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode)
628 {
629     return SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, mode, null);
630 }
631 
632 int BIO_reset(BIO *b)
633 {
634     return BIO_ctrl(b, BIO_CTRL_RESET, 0, null);
635 }
636 
637 bool BIO_should_retry(BIO *b)
638 {
639     if (_bioTestFlags)
640         return cast(bool)BIO_test_flags(b, BIO_FLAGS_SHOULD_RETRY);
641     return cast(bool)(b.flags & BIO_FLAGS_SHOULD_RETRY);
642 }
643 
644 bool BIO_should_io_special(BIO *b)
645 {
646     if (_bioTestFlags)
647         return cast(bool)BIO_test_flags(b, BIO_FLAGS_IO_SPECIAL);
648     return cast(bool)(b.flags & BIO_FLAGS_IO_SPECIAL);
649 }
650 
651 bool BIO_should_read(BIO *b)
652 {
653     if (_bioTestFlags)
654         return cast(bool)BIO_test_flags(b, BIO_FLAGS_READ);
655     return cast(bool)(b.flags & BIO_FLAGS_READ);
656 }
657 
658 bool BIO_should_write(BIO *b)
659 {
660     if (_bioTestFlags)
661         return cast(bool)BIO_test_flags(b, BIO_FLAGS_WRITE);
662     return cast(bool)(b.flags & BIO_FLAGS_WRITE);
663 }
664 
665 X509* PEM_read_bio_X509(BIO *b, X509 **x, pem_password_cb cb, void *u)
666 {
667     return cast(X509 *)PEM_ASN1_read_bio(d2i_X509, PEM_STRING_X509, b, cast(void**)x, cb, u);
668 }
669 
670 
671 private void bindFunc(T)(ref T func, const(char)[] funcName, SharedLib lib)
672 in
673 {
674     assert(funcName);
675     assert(lib);
676 }
677 body
678 {
679     void *funcPtr = lib.getSymbol(toStringz(funcName));
680     if (funcPtr)
681     {
682         void **point = cast(void **)&func;
683         *point = funcPtr;
684     }
685     else
686         throw new Exception("Could not load symbol: " ~ funcName.idup);
687 }
688 
689 static __gshared SharedLib ssllib = null;
690 version(Win32)
691 {
692     static __gshared SharedLib eaylib = null;
693 }
694 version(OSX){
695     static __gshared SharedLib cryptolib = null;
696 }
697 static __gshared ReadWriteMutex[] _locks = null;
698 
699 
700 void throwOpenSSLError()
701 {
702     if (ERR_peek_error())
703     {
704         char[] exceptionString;
705 
706         int flags, line;
707         const(char) *data;
708         const(char) *file;
709         uint code;
710 
711         code = ERR_get_error_line_data(&file, &line, &data, &flags);
712         while (code != 0)
713         {
714             if (data && (flags & ERR_TXT_STRING))
715                 exceptionString ~= Format.convert("ssl error code: {} {}:{} - {}\r\n", code, fromStringz(file), line, fromStringz(data));
716             else
717                 exceptionString ~= Format.convert("ssl error code: {} {}:{}\r\n", code, fromStringz(file), line); 
718             code = ERR_get_error_line_data(&file, &line, &data, &flags);
719         }
720         throw new Exception(exceptionString.idup);
721     }
722     else
723         throw new Exception("Unknown OpenSSL error.");
724 }
725 
726 void _initOpenSSL()
727 {
728     SSL_load_error_strings();
729     SSL_library_init();
730     OPENSSL_add_all_algorithms_noconf();
731     version(Posix)
732         RAND_load_file("/dev/urandom", BYTES_ENTROPY);
733     version(Win32)
734     {
735         RAND_poll();
736     }
737 
738     uint numLocks = CRYPTO_num_locks();
739     if ((_locks = new ReadWriteMutex[numLocks]) !is null)
740     {
741         uint i = 0;
742         for (; i < numLocks; i++)
743         {
744             if((_locks[i] = new ReadWriteMutex()) is null)
745                 break;
746         }
747         if (i == numLocks)
748         {
749             CRYPTO_set_id_callback(&sslThreadId);
750             CRYPTO_set_locking_callback(&sslStaticLock);
751 
752             CRYPTO_set_dynlock_create_callback(&sslDynamicLockCreate);
753             CRYPTO_set_dynlock_lock_callback(&sslDynamicLockLock);
754             CRYPTO_set_dynlock_destroy_callback(&sslDynamicLockDestroy);
755 
756         }
757     } 
758 }
759 
760 shared static this()
761 {
762     version(Win32)
763         loadEAY32();
764     loadOpenSSL();
765 }
766 // Though it would be nice to do this, it can't be closed until all the sockets and etc have been collected.. not sure how to do that.
767 /*static ~this()
768 {
769     closeOpenSSL();
770 }*/
771 
772 
773 SharedLib loadLib(const(char[])[] loadPath)
774 {
775     SharedLib rtn;
776     foreach(path; loadPath)
777     {
778         try
779             rtn = SharedLib.load(path);
780         catch (SharedLibException ex)
781         {
782             scope fp = new FilePath(path.dup);
783             try
784                 rtn = SharedLib.load(fp.absolute(Environment.cwd()).toString());
785             catch (SharedLibException ex)
786             {}
787         }
788     }
789     return rtn;
790 }
791 
792 version (Win32)
793 {
794     void loadEAY32()
795     {
796         const(char[])[] loadPath = [ "libeay32.dll" ];
797         if ((eaylib = loadLib(loadPath)) !is null)
798         {
799             bindCrypto(eaylib);    
800         }
801     }
802 
803 }
804 
805 void bindCrypto(SharedLib ssllib)
806 {
807     if (ssllib)
808     {
809         bindFunc(X509_cmp, "X509_cmp", ssllib);
810         bindFunc(OPENSSL_add_all_algorithms_noconf, "OPENSSL_add_all_algorithms_noconf", ssllib);
811         bindFunc(ASN1_TIME_to_generalizedtime, "ASN1_TIME_to_generalizedtime", ssllib);
812         bindFunc(ASN1_STRING_free, "ASN1_STRING_free", ssllib);
813         bindFunc(EVP_PKEY_cmp_parameters, "EVP_PKEY_cmp_parameters", ssllib);
814         bindFunc(X509_STORE_CTX_get_current_cert, "X509_STORE_CTX_get_current_cert", ssllib);
815         bindFunc(X509_STORE_CTX_get_error_depth, "X509_STORE_CTX_get_error_depth", ssllib);
816         bindFunc(X509_STORE_CTX_get_error, "X509_STORE_CTX_get_error", ssllib);
817         bindFunc(X509_STORE_new, "X509_STORE_new", ssllib);
818         bindFunc(X509_STORE_free, "X509_STORE_free", ssllib);
819         bindFunc(X509_STORE_add_cert, "X509_STORE_add_cert", ssllib);
820 //        bindFunc(X509_STORE_set_depth, "X509_STORE_set_depth", ssllib);
821         bindFunc(BIO_new_mem_buf, "BIO_new_mem_buf", ssllib);
822         bindFunc(RSA_generate_key, "RSA_generate_key", ssllib);
823         bindFunc(EVP_PKEY_new, "EVP_PKEY_new", ssllib);
824         bindFunc(EVP_PKEY_assign, "EVP_PKEY_assign", ssllib);
825         bindFunc(RSA_free, "RSA_free", ssllib);
826         bindFunc(BIO_new, "BIO_new", ssllib);
827         bindFunc(BIO_s_mem, "BIO_s_mem", ssllib);
828         bindFunc(PEM_write_bio_PKCS8PrivateKey, "PEM_write_bio_PKCS8PrivateKey", ssllib);
829         bindFunc(PEM_write_bio_PUBKEY, "PEM_write_bio_PUBKEY", ssllib);
830         bindFunc(EVP_aes_256_cbc, "EVP_aes_256_cbc", ssllib);
831         bindFunc(PEM_ASN1_read_bio, "PEM_ASN1_read_bio", ssllib);
832         bindFunc(d2i_X509, "d2i_X509", ssllib);
833         bindFunc(d2i_RSAPublicKey, "d2i_RSAPublicKey", ssllib);
834         bindFunc(X509_new, "X509_new", ssllib);
835         bindFunc(X509_free, "X509_free", ssllib);
836         bindFunc(X509_set_version, "X509_set_version", ssllib);
837         bindFunc(ASN1_INTEGER_set, "ASN1_INTEGER_set", ssllib);
838         bindFunc(X509_get_serialNumber, "X509_get_serialNumber", ssllib);
839         bindFunc(ASN1_INTEGER_get, "ASN1_INTEGER_get", ssllib);
840         bindFunc(X509_gmtime_adj, "X509_gmtime_adj", ssllib);
841         bindFunc(X509_set_pubkey, "X509_set_pubkey", ssllib);
842         bindFunc(X509_get_subject_name, "X509_get_subject_name", ssllib);
843         bindFunc(X509_NAME_print_ex, "X509_NAME_print_ex", ssllib);
844         bindFunc(X509_set_issuer_name, "X509_set_issuer_name", ssllib);
845         bindFunc(X509_sign, "X509_sign", ssllib);
846         bindFunc(EVP_sha1, "EVP_sha1", ssllib);
847         bindFunc(X509_STORE_CTX_new, "X509_STORE_CTX_new", ssllib);
848         bindFunc(X509_STORE_CTX_init, "X509_STORE_CTX_init", ssllib);
849         bindFunc(X509_verify_cert, "X509_verify_cert", ssllib);
850         bindFunc(X509_STORE_CTX_free, "X509_STORE_CTX_free", ssllib);
851         bindFunc(PEM_ASN1_write_bio, "PEM_ASN1_write_bio", ssllib);
852         bindFunc(i2d_X509, "i2d_X509", ssllib);
853         bindFunc(i2d_RSAPublicKey, "i2d_RSAPublicKey", ssllib);
854         bindFunc(X509_NAME_add_entry_by_txt, "X509_NAME_add_entry_by_txt", ssllib);
855         bindFunc(PEM_read_bio_PrivateKey, "PEM_read_bio_PrivateKey", ssllib);
856         bindFunc(PEM_read_bio_PUBKEY, "PEM_read_bio_PUBKEY", ssllib);
857         bindFunc(BIO_new_file, "BIO_new_file", ssllib);
858         bindFunc(ERR_peek_error, "ERR_peek_error", ssllib);
859         try
860             bindFunc(BIO_test_flags, "BIO_test_flags", ssllib); // 0.9.7 doesn't have this function, it access the struct directly
861         catch (Exception ex)
862             _bioTestFlags = false;
863         bindFunc(BIO_ctrl, "BIO_ctrl", ssllib);
864         bindFunc(RAND_load_file, "RAND_load_file", ssllib);
865         bindFunc(CRYPTO_num_locks, "CRYPTO_num_locks", ssllib);
866         bindFunc(CRYPTO_set_id_callback, "CRYPTO_set_id_callback", ssllib);
867         bindFunc(CRYPTO_set_locking_callback, "CRYPTO_set_locking_callback", ssllib);
868         bindFunc(CRYPTO_set_dynlock_create_callback, "CRYPTO_set_dynlock_create_callback", ssllib);
869         bindFunc(CRYPTO_set_dynlock_lock_callback, "CRYPTO_set_dynlock_lock_callback", ssllib);
870         bindFunc(CRYPTO_set_dynlock_lock_callback, "CRYPTO_set_dynlock_lock_callback", ssllib);
871         bindFunc(CRYPTO_set_dynlock_destroy_callback, "CRYPTO_set_dynlock_destroy_callback", ssllib);
872         bindFunc(ERR_get_error_line_data, "ERR_get_error_line_data", ssllib);
873         bindFunc(ERR_remove_state, "ERR_remove_state", ssllib);
874         bindFunc(RAND_cleanup, "RAND_cleanup", ssllib);
875         bindFunc(ERR_free_strings, "ERR_free_strings", ssllib);
876         bindFunc(EVP_cleanup, "EVP_cleanup", ssllib);
877         bindFunc(OBJ_cleanup, "OBJ_cleanup", ssllib);
878         bindFunc(X509V3_EXT_cleanup, "X509V3_EXT_cleanup", ssllib);
879         bindFunc(CRYPTO_cleanup_all_ex_data, "CRYPTO_cleanup_all_ex_data", ssllib);
880         bindFunc(BIO_read, "BIO_read", ssllib);
881         bindFunc(BIO_write, "BIO_write", ssllib);
882         bindFunc(EVP_PKEY_free, "EVP_PKEY_free", ssllib);
883         bindFunc(d2i_PrivateKey, "d2i_PrivateKey", ssllib);    
884         bindFunc(BIO_free_all, "BIO_free_all", ssllib);
885         bindFunc(BIO_push, "BIO_push", ssllib);    
886         bindFunc(BIO_new_socket, "BIO_new_socket", ssllib);
887         bindFunc(RAND_poll, "RAND_poll", ssllib);
888         bindFunc(RSA_size, "RSA_size", ssllib);
889         bindFunc(RSA_public_encrypt, "RSA_public_encrypt", ssllib);
890         bindFunc(RSA_private_decrypt, "RSA_private_decrypt", ssllib);
891         bindFunc(RSA_private_encrypt, "RSA_private_encrypt", ssllib);
892         bindFunc(RSA_public_decrypt, "RSA_public_decrypt", ssllib);
893         bindFunc(RSA_sign, "RSA_sign", ssllib);
894         bindFunc(RSA_verify, "RSA_verify", ssllib);
895         bindFunc(MD5_Init, "MD5_Init", ssllib);
896         bindFunc(MD5_Update, "MD5_Update", ssllib);
897         bindFunc(MD5_Final, "MD5_Final", ssllib);
898         bindFunc(EVP_EncryptInit_ex, "EVP_EncryptInit_ex", ssllib);
899         bindFunc(EVP_DecryptInit_ex, "EVP_DecryptInit_ex", ssllib);
900         bindFunc(EVP_EncryptUpdate, "EVP_EncryptUpdate", ssllib);
901         bindFunc(EVP_DecryptUpdate,  "EVP_DecryptUpdate", ssllib);
902         bindFunc(EVP_EncryptFinal_ex, "EVP_EncryptFinal_ex", ssllib);
903         bindFunc(EVP_DecryptFinal_ex, "EVP_DecryptFinal_ex", ssllib);
904         bindFunc(EVP_aes_128_cbc, "EVP_aes_128_cbc", ssllib);
905         try {
906             bindFunc(EVP_CIPHER_CTX_block_size, "EVP_CIPHER_CTX_block_size", ssllib);
907         } catch (Exception e){
908             // openSSL 0.9.7l defines only macros, not the function
909             EVP_CIPHER_CTX_block_size=&EVP_CIPHER_CTX_block_size_097l;
910         }
911         bindFunc(EVP_CIPHER_CTX_cleanup, "EVP_CIPHER_CTX_cleanup", ssllib);
912         
913         bindFunc(EVP_PKEY_type, "EVP_PKEY_type", ssllib);
914         bindFunc(EVP_PKEY_get1_RSA, "EVP_PKEY_get1_RSA", ssllib);
915         bindFunc(EVP_PKEY_get1_DSA, "EVP_PKEY_get1_DSA", ssllib);
916        
917         bindFunc(EVP_PKEY_CTX_new, "EVP_PKEY_CTX_new", ssllib);
918         bindFunc(EVP_PKEY_CTX_free, "EVP_PKEY_CTX_free", ssllib);
919         
920         bindFunc(EVP_PKEY_sign_init, "EVP_PKEY_sign_init", ssllib);
921         bindFunc(EVP_PKEY_sign, "EVP_PKEY_sign", ssllib);
922         
923         bindFunc(EVP_PKEY_verify_init, "EVP_PKEY_verify_init", ssllib);
924         bindFunc(EVP_PKEY_verify, "EVP_PKEY_verify", ssllib);
925         
926         bindFunc(EVP_PKEY_encrypt_init, "EVP_PKEY_encrypt_init", ssllib);
927         bindFunc(EVP_PKEY_encrypt, "EVP_PKEY_encrypt", ssllib);
928         
929         bindFunc(EVP_PKEY_decrypt_init, "EVP_PKEY_decrypt_init", ssllib);
930         bindFunc(EVP_PKEY_decrypt, "EVP_PKEY_decrypt", ssllib);
931 
932 
933         /*EVP_PKEY_CTX_new
934         EVP_PKEY_CTX_free
935         int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
936     int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
937                 unsigned char *sig, size_t *siglen,
938                 const unsigned char *tbs, size_t tbslen);
939     int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
940     int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
941                 const unsigned char *sig, size_t siglen,
942                 const unsigned char *tbs, size_t tbslen);
943 
944     int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
945     int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
946                 unsigned char *out, size_t *outlen,
947                 const unsigned char *in, size_t inlen);
948     int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
949     int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
950                 unsigned char *out, size_t *outlen,
951                 const unsigned char *in, size_t inlen);*/
952         
953     }
954 }
955 
956 void loadOpenSSL()
957 {
958     version (linux)
959     {
960         const(char[])[] loadPath = [ "libssl.so.0.9.8", "libssl.so.1.0.0", "libssl.so" ];
961     }
962     version (Windows)
963     {
964         const(char[])[] loadPath = [ "libssl32.dll" ];
965     }
966     version(OSX)
967     {
968         const(char[])[] loadPath = [ "/usr/lib/libssl.dylib", "libssl.dylib" ];
969     }
970     version (FreeBSD)
971     {
972         const(char[])[] loadPath = [ "libssl.so.5", "libssl.so" ];
973     }
974     version (solaris)
975     {
976         const(char[])[] loadPath = [ "libssl.so.0.9.8", "libssl.so.1.0.0", "libssl.so" ];
977     }
978     if ((ssllib = loadLib(loadPath)) !is null)
979     {
980 
981         bindFunc(BIO_new_ssl, "BIO_new_ssl", ssllib);
982         bindFunc(SSL_CTX_free, "SSL_CTX_free", ssllib);
983         bindFunc(SSL_CTX_new, "SSL_CTX_new", ssllib);
984         bindFunc(SSLv23_method, "SSLv23_method", ssllib);
985         bindFunc(SSL_CTX_use_PrivateKey, "SSL_CTX_use_PrivateKey", ssllib);
986         bindFunc(SSL_CTX_set_verify, "SSL_CTX_set_verify", ssllib);
987         bindFunc(SSL_CTX_ctrl, "SSL_CTX_ctrl", ssllib);
988         bindFunc(SSL_CTX_set_cipher_list, "SSL_CTX_set_cipher_list", ssllib);
989         bindFunc(SSL_load_error_strings, "SSL_load_error_strings", ssllib);
990         bindFunc(SSL_library_init, "SSL_library_init", ssllib);
991         bindFunc(SSL_CTX_check_private_key, "SSL_CTX_check_private_key", ssllib);
992         bindFunc(SSL_get_shutdown, "SSL_get_shutdown", ssllib);
993         bindFunc(SSL_set_shutdown, "SSL_set_shutdown", ssllib);
994         bindFunc(SSL_CTX_use_certificate, "SSL_CTX_use_certificate", ssllib);
995         bindFunc(SSL_CTX_set_cert_store, "SSL_CTX_set_cert_store", ssllib);
996         bindFunc(SSL_CTX_load_verify_locations, "SSL_CTX_load_verify_locations", ssllib);
997         bindFunc(SSL_CTX_set_session_id_context, "SSL_CTX_set_session_id_context", ssllib);
998         version(Posix)
999         {
1000             version(OSX){
1001                 string[] loadPathCrypto = [ "/usr/lib/libcrypto.dylib", "libcrypto.dylib" ];
1002                 cryptolib = loadLib(loadPathCrypto);
1003                 if (cryptolib !is null) bindCrypto(cryptolib);
1004             } else {
1005                 bindCrypto(ssllib);
1006             }
1007         }
1008 
1009         _initOpenSSL();
1010     }
1011     else
1012         throw new Exception("Could not load OpenSSL library.");
1013 }
1014 
1015 void closeOpenSSL()
1016 {
1017     CRYPTO_set_id_callback(null);
1018     CRYPTO_set_locking_callback(null);
1019     CRYPTO_set_dynlock_create_callback(null);
1020     CRYPTO_set_dynlock_lock_callback(null);
1021     CRYPTO_set_dynlock_destroy_callback(null);
1022     ERR_remove_state(0);
1023     RAND_cleanup();
1024     ERR_free_strings();
1025     EVP_cleanup();
1026     OBJ_cleanup();
1027     X509V3_EXT_cleanup();
1028     CRYPTO_cleanup_all_ex_data();
1029     if (ssllib)
1030         ssllib.unload();
1031     version(OSX){
1032         if (cryptolib)
1033             cryptolib.unload();
1034     }
1035     version(Win32)
1036     {
1037         if (eaylib)
1038             eaylib.unload();
1039     }
1040 }