summary refs log tree commit diff stats
path: root/lib/wrappers/openssl.nim
diff options
context:
space:
mode:
Diffstat (limited to 'lib/wrappers/openssl.nim')
-rw-r--r--lib/wrappers/openssl.nim148
1 files changed, 59 insertions, 89 deletions
diff --git a/lib/wrappers/openssl.nim b/lib/wrappers/openssl.nim
index 03729dbab..013f26943 100644
--- a/lib/wrappers/openssl.nim
+++ b/lib/wrappers/openssl.nim
@@ -1,41 +1,11 @@
-#==============================================================================#
-# Project: Ararat Synapse                                        | 003.004.001 #
-#==============================================================================#
-# Content: SSL support by OpenSSL                                              #
-#==============================================================================#
-# Copyright (c)1999-2005, Lukas Gebauer                                        #
-# All rights reserved.                                                         #
-#                                                                              #
-# Redistribution and use in source and binary forms, with or without           #
-# modification, are permitted provided that the following conditions are met:  #
-#                                                                              #
-# Redistributions of source code must retain the above copyright notice, this  #
-# list of conditions and the following disclaimer.                             #
-#                                                                              #
-# Redistributions in binary form must reproduce the above copyright notice,    #
-# this list of conditions and the following disclaimer in the documentation    #
-# and/or other materials provided with the distribution.                       #
-#                                                                              #
-# Neither the name of Lukas Gebauer nor the names of its contributors may      #
-# be used to endorse or promote products derived from this software without    #
-# specific prior written permission.                                           #
-#                                                                              #
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"  #
-# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE    #
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE   #
-# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR  #
-# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL       #
-# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR   #
-# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER   #
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT           #
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY    #
-# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH  #
-# DAMAGE.                                                                      #
-#==============================================================================#
-# The Initial Developer of the Original Code is Lukas Gebauer (Czech Republic).#
-# Portions created by Lukas Gebauer are Copyright (c)2002-2005.                #
-# All Rights Reserved.                                                         #
-#==============================================================================#
+#
+#
+#            Nim's Runtime Library
+#        (c) Copyright 2015 Andreas Rumpf
+#
+#    See the file "copying.txt", included in this
+#    distribution, for details about the copyright.
+#
 
 ## OpenSSL support
 
@@ -43,8 +13,8 @@
 
 const useWinVersion = defined(Windows) or defined(nimdoc)
 
-when useWinVersion: 
-  const 
+when useWinVersion:
+  const
     DLLSSLName = "(ssleay32|libssl32).dll"
     DLLUtilName = "libeay32.dll"
   from winlean import SocketHandle
@@ -56,12 +26,12 @@ else:
       DLLSSLName = "libssl" & versions & ".dylib"
       DLLUtilName = "libcrypto" & versions & ".dylib"
   else:
-    const 
+    const
       DLLSSLName = "libssl.so" & versions
       DLLUtilName = "libcrypto.so" & versions
   from posix import SocketHandle
 
-type 
+type
   SslStruct {.final, pure.} = object
   SslPtr* = ptr SslStruct
   PSslPtr* = ptr SslPtr
@@ -80,7 +50,7 @@ type
   PFunction* = proc () {.cdecl.}
   DES_cblock* = array[0..7, int8]
   PDES_cblock* = ptr DES_cblock
-  des_ks_struct*{.final.} = object 
+  des_ks_struct*{.final.} = object
     ks*: DES_cblock
     weak_key*: cInt
 
@@ -88,7 +58,7 @@ type
 
 {.deprecated: [PSSL: SslPtr, PSSL_CTX: SslCtx, PBIO: BIO].}
 
-const 
+const
   SSL_SENT_SHUTDOWN* = 1
   SSL_RECEIVED_SHUTDOWN* = 2
   EVP_MAX_MD_SIZE* = 16 + 20
@@ -116,8 +86,8 @@ const
   SSL_CTRL_GET_FLAGS* = 13
   SSL_CTRL_EXTRA_CHAIN_CERT* = 14
   SSL_CTRL_SET_MSG_CALLBACK* = 15
-  SSL_CTRL_SET_MSG_CALLBACK_ARG* = 16 # only applies to datagram connections  
-  SSL_CTRL_SET_MTU* = 17      # Stats  
+  SSL_CTRL_SET_MSG_CALLBACK_ARG* = 16 # only applies to datagram connections
+  SSL_CTRL_SET_MTU* = 17      # Stats
   SSL_CTRL_SESS_NUMBER* = 20
   SSL_CTRL_SESS_CONNECT* = 21
   SSL_CTRL_SESS_CONNECT_GOOD* = 22
@@ -204,7 +174,7 @@ const
   SSL_FILETYPE_ASN1* = 2
   SSL_FILETYPE_PEM* = 1
   EVP_PKEY_RSA* = 6           # libssl.dll
-  
+
   BIO_C_SET_CONNECT = 100
   BIO_C_DO_STATE_MACHINE = 101
   BIO_C_GET_SSL = 110
@@ -237,7 +207,7 @@ proc SSL_CTX_use_certificate_chain_file*(ctx: SslCtx, filename: cstring): cInt{.
     stdcall, dynlib: DLLSSLName, importc.}
 proc SSL_CTX_use_PrivateKey_file*(ctx: SslCtx,
     filename: cstring, typ: cInt): cInt{.cdecl, dynlib: DLLSSLName, importc.}
-proc SSL_CTX_check_private_key*(ctx: SslCtx): cInt{.cdecl, dynlib: DLLSSLName, 
+proc SSL_CTX_check_private_key*(ctx: SslCtx): cInt{.cdecl, dynlib: DLLSSLName,
     importc.}
 
 proc SSL_set_fd*(ssl: SslPtr, fd: SocketHandle): cint{.cdecl, dynlib: DLLSSLName, importc.}
@@ -256,7 +226,7 @@ proc BIO_new_ssl_connect*(ctx: SslCtx): BIO{.cdecl,
     dynlib: DLLSSLName, importc.}
 proc BIO_ctrl*(bio: BIO, cmd: cint, larg: int, arg: cstring): int{.cdecl,
     dynlib: DLLSSLName, importc.}
-proc BIO_get_ssl*(bio: BIO, ssl: ptr SslPtr): int = 
+proc BIO_get_ssl*(bio: BIO, ssl: ptr SslPtr): int =
   return BIO_ctrl(bio, BIO_C_GET_SSL, 0, cast[cstring](ssl))
 proc BIO_set_conn_hostname*(bio: BIO, name: cstring): int =
   return BIO_ctrl(bio, BIO_C_SET_CONNECT, 0, name)
@@ -266,16 +236,16 @@ proc BIO_do_connect*(bio: BIO): int =
   return BIO_do_handshake(bio)
 
 when not defined(nimfix):
-  proc BIO_read*(b: BIO, data: cstring, length: cInt): cInt{.cdecl, 
+  proc BIO_read*(b: BIO, data: cstring, length: cInt): cInt{.cdecl,
       dynlib: DLLUtilName, importc.}
-  proc BIO_write*(b: BIO, data: cstring, length: cInt): cInt{.cdecl, 
+  proc BIO_write*(b: BIO, data: cstring, length: cInt): cInt{.cdecl,
       dynlib: DLLUtilName, importc.}
 
 proc BIO_free*(b: BIO): cInt{.cdecl, dynlib: DLLUtilName, importc.}
 
 proc ERR_print_errors_fp*(fp: File){.cdecl, dynlib: DLLSSLName, importc.}
 
-proc ERR_error_string*(e: cInt, buf: cstring): cstring{.cdecl, 
+proc ERR_error_string*(e: cInt, buf: cstring): cstring{.cdecl,
     dynlib: DLLUtilName, importc.}
 proc ERR_get_error*(): cInt{.cdecl, dynlib: DLLUtilName, importc.}
 proc ERR_peek_last_error*(): cInt{.cdecl, dynlib: DLLUtilName, importc.}
@@ -285,7 +255,7 @@ proc OpenSSL_add_all_algorithms*(){.cdecl, dynlib: DLLUtilName, importc: "OPENSS
 proc OPENSSL_config*(configName: cstring){.cdecl, dynlib: DLLSSLName, importc.}
 
 when not useWinVersion:
-  proc CRYPTO_set_mem_functions(a,b,c: pointer){.cdecl, 
+  proc CRYPTO_set_mem_functions(a,b,c: pointer){.cdecl,
     dynlib: DLLUtilName, importc.}
 
   proc allocWrapper(size: int): pointer {.cdecl.} = alloc(size)
@@ -375,7 +345,7 @@ proc ErrRemoveState*(pid: cInt){.cdecl, dynlib: DLLUtilName, importc: "ERR_remov
 when true:
   discard
 else:
-  proc SslCtxSetCipherList*(arg0: PSSL_CTX, str: cstring): cInt{.cdecl, 
+  proc SslCtxSetCipherList*(arg0: PSSL_CTX, str: cstring): cInt{.cdecl,
       dynlib: DLLSSLName, importc.}
   proc SslCtxNew*(meth: PSSL_METHOD): PSSL_CTX{.cdecl,
       dynlib: DLLSSLName, importc.}
@@ -391,12 +361,12 @@ else:
   proc SslMethodV3*(): PSSL_METHOD{.cdecl, dynlib: DLLSSLName, importc.}
   proc SslMethodTLSV1*(): PSSL_METHOD{.cdecl, dynlib: DLLSSLName, importc.}
   proc SslMethodV23*(): PSSL_METHOD{.cdecl, dynlib: DLLSSLName, importc.}
-  proc SslCtxUsePrivateKey*(ctx: PSSL_CTX, pkey: SslPtr): cInt{.cdecl, 
+  proc SslCtxUsePrivateKey*(ctx: PSSL_CTX, pkey: SslPtr): cInt{.cdecl,
       dynlib: DLLSSLName, importc.}
   proc SslCtxUsePrivateKeyASN1*(pk: cInt, ctx: PSSL_CTX,
       d: cstring, length: int): cInt{.cdecl, dynlib: DLLSSLName, importc.}
 
-  proc SslCtxUseCertificate*(ctx: PSSL_CTX, x: SslPtr): cInt{.cdecl, 
+  proc SslCtxUseCertificate*(ctx: PSSL_CTX, x: SslPtr): cInt{.cdecl,
       dynlib: DLLSSLName, importc.}
   proc SslCtxUseCertificateASN1*(ctx: PSSL_CTX, length: int, d: cstring): cInt{.
       cdecl, dynlib: DLLSSLName, importc.}
@@ -404,9 +374,9 @@ else:
     #  function SslCtxUseCertificateChainFile(ctx: PSSL_CTX; const filename: PChar):cInt;
   proc SslCtxUseCertificateChainFile*(ctx: PSSL_CTX, filename: cstring): cInt{.
       cdecl, dynlib: DLLSSLName, importc.}
-  proc SslCtxSetDefaultPasswdCb*(ctx: PSSL_CTX, cb: PPasswdCb){.cdecl, 
+  proc SslCtxSetDefaultPasswdCb*(ctx: PSSL_CTX, cb: PPasswdCb){.cdecl,
       dynlib: DLLSSLName, importc.}
-  proc SslCtxSetDefaultPasswdCbUserdata*(ctx: PSSL_CTX, u: SslPtr){.cdecl, 
+  proc SslCtxSetDefaultPasswdCbUserdata*(ctx: PSSL_CTX, u: SslPtr){.cdecl,
       dynlib: DLLSSLName, importc.}
     #  function SslCtxLoadVerifyLocations(ctx: PSSL_CTX; const CAfile: PChar; const CApath: PChar):cInt;
   proc SslCtxLoadVerifyLocations*(ctx: PSSL_CTX, CAfile: cstring, CApath: cstring): cInt{.
@@ -416,15 +386,15 @@ else:
 
   proc SslConnect*(ssl: PSSL): cInt{.cdecl, dynlib: DLLSSLName, importc.}
 
-  
+
   proc SslGetVersion*(ssl: PSSL): cstring{.cdecl, dynlib: DLLSSLName, importc.}
-  proc SslGetPeerCertificate*(ssl: PSSL): PX509{.cdecl, dynlib: DLLSSLName, 
+  proc SslGetPeerCertificate*(ssl: PSSL): PX509{.cdecl, dynlib: DLLSSLName,
       importc.}
-  proc SslCtxSetVerify*(ctx: PSSL_CTX, mode: cInt, arg2: PFunction){.cdecl, 
+  proc SslCtxSetVerify*(ctx: PSSL_CTX, mode: cInt, arg2: PFunction){.cdecl,
       dynlib: DLLSSLName, importc.}
   proc SSLGetCurrentCipher*(s: PSSL): SslPtr{.cdecl, dynlib: DLLSSLName, importc.}
   proc SSLCipherGetName*(c: SslPtr): cstring{.cdecl, dynlib: DLLSSLName, importc.}
-  proc SSLCipherGetBits*(c: SslPtr, alg_bits: var cInt): cInt{.cdecl, 
+  proc SSLCipherGetBits*(c: SslPtr, alg_bits: var cInt): cInt{.cdecl,
       dynlib: DLLSSLName, importc.}
   proc SSLGetVerifyResult*(ssl: PSSL): int{.cdecl, dynlib: DLLSSLName, importc.}
     # libeay.dll
@@ -432,39 +402,39 @@ else:
   proc X509Free*(x: PX509){.cdecl, dynlib: DLLUtilName, importc.}
   proc X509NameOneline*(a: PX509_NAME, buf: cstring, size: cInt): cstring{.
       cdecl, dynlib: DLLUtilName, importc.}
-  proc X509GetSubjectName*(a: PX509): PX509_NAME{.cdecl, dynlib: DLLUtilName, 
+  proc X509GetSubjectName*(a: PX509): PX509_NAME{.cdecl, dynlib: DLLUtilName,
       importc.}
-  proc X509GetIssuerName*(a: PX509): PX509_NAME{.cdecl, dynlib: DLLUtilName, 
+  proc X509GetIssuerName*(a: PX509): PX509_NAME{.cdecl, dynlib: DLLUtilName,
       importc.}
   proc X509NameHash*(x: PX509_NAME): int{.cdecl, dynlib: DLLUtilName, importc.}
     #  function SslX509Digest(data: PX509; typ: PEVP_MD; md: PChar; len: PcInt):cInt;
   proc X509Digest*(data: PX509, typ: PEVP_MD, md: cstring, length: var cInt): cInt{.
       cdecl, dynlib: DLLUtilName, importc.}
   proc X509print*(b: PBIO, a: PX509): cInt{.cdecl, dynlib: DLLUtilName, importc.}
-  proc X509SetVersion*(x: PX509, version: cInt): cInt{.cdecl, dynlib: DLLUtilName, 
+  proc X509SetVersion*(x: PX509, version: cInt): cInt{.cdecl, dynlib: DLLUtilName,
       importc.}
-  proc X509SetPubkey*(x: PX509, pkey: EVP_PKEY): cInt{.cdecl, dynlib: DLLUtilName, 
+  proc X509SetPubkey*(x: PX509, pkey: EVP_PKEY): cInt{.cdecl, dynlib: DLLUtilName,
       importc.}
-  proc X509SetIssuerName*(x: PX509, name: PX509_NAME): cInt{.cdecl, 
+  proc X509SetIssuerName*(x: PX509, name: PX509_NAME): cInt{.cdecl,
       dynlib: DLLUtilName, importc.}
-  proc X509NameAddEntryByTxt*(name: PX509_NAME, field: cstring, typ: cInt, 
+  proc X509NameAddEntryByTxt*(name: PX509_NAME, field: cstring, typ: cInt,
                               bytes: cstring, length, loc, theSet: cInt): cInt{.
       cdecl, dynlib: DLLUtilName, importc.}
-  proc X509Sign*(x: PX509, pkey: EVP_PKEY, md: PEVP_MD): cInt{.cdecl, 
+  proc X509Sign*(x: PX509, pkey: EVP_PKEY, md: PEVP_MD): cInt{.cdecl,
       dynlib: DLLUtilName, importc.}
-  proc X509GmtimeAdj*(s: PASN1_UTCTIME, adj: cInt): PASN1_UTCTIME{.cdecl, 
+  proc X509GmtimeAdj*(s: PASN1_UTCTIME, adj: cInt): PASN1_UTCTIME{.cdecl,
       dynlib: DLLUtilName, importc.}
-  proc X509SetNotBefore*(x: PX509, tm: PASN1_UTCTIME): cInt{.cdecl, 
+  proc X509SetNotBefore*(x: PX509, tm: PASN1_UTCTIME): cInt{.cdecl,
       dynlib: DLLUtilName, importc.}
-  proc X509SetNotAfter*(x: PX509, tm: PASN1_UTCTIME): cInt{.cdecl, 
+  proc X509SetNotAfter*(x: PX509, tm: PASN1_UTCTIME): cInt{.cdecl,
       dynlib: DLLUtilName, importc.}
-  proc X509GetSerialNumber*(x: PX509): PASN1_cInt{.cdecl, dynlib: DLLUtilName, 
+  proc X509GetSerialNumber*(x: PX509): PASN1_cInt{.cdecl, dynlib: DLLUtilName,
       importc.}
   proc EvpPkeyNew*(): EVP_PKEY{.cdecl, dynlib: DLLUtilName, importc.}
   proc EvpPkeyFree*(pk: EVP_PKEY){.cdecl, dynlib: DLLUtilName, importc.}
-  proc EvpPkeyAssign*(pkey: EVP_PKEY, typ: cInt, key: Prsa): cInt{.cdecl, 
+  proc EvpPkeyAssign*(pkey: EVP_PKEY, typ: cInt, key: Prsa): cInt{.cdecl,
       dynlib: DLLUtilName, importc.}
-  proc EvpGetDigestByName*(Name: cstring): PEVP_MD{.cdecl, dynlib: DLLUtilName, 
+  proc EvpGetDigestByName*(Name: cstring): PEVP_MD{.cdecl, dynlib: DLLUtilName,
       importc.}
   proc EVPcleanup*(){.cdecl, dynlib: DLLUtilName, importc.}
     #  function ErrErrorString(e: cInt; buf: PChar): PChar;
@@ -475,7 +445,7 @@ else:
   proc CRYPTOcleanupAllExData*(){.cdecl, dynlib: DLLUtilName, importc.}
   proc RandScreen*(){.cdecl, dynlib: DLLUtilName, importc.}
 
-  proc d2iPKCS12bio*(b: PBIO, Pkcs12: SslPtr): SslPtr{.cdecl, dynlib: DLLUtilName, 
+  proc d2iPKCS12bio*(b: PBIO, Pkcs12: SslPtr): SslPtr{.cdecl, dynlib: DLLUtilName,
       importc.}
   proc PKCS12parse*(p12: SslPtr, pass: cstring, pkey, cert, ca: var SslPtr): cint{.
       dynlib: DLLUtilName, importc, cdecl.}
@@ -485,37 +455,37 @@ else:
       cdecl, dynlib: DLLUtilName, importc.}
   proc Asn1UtctimeNew*(): PASN1_UTCTIME{.cdecl, dynlib: DLLUtilName, importc.}
   proc Asn1UtctimeFree*(a: PASN1_UTCTIME){.cdecl, dynlib: DLLUtilName, importc.}
-  proc Asn1cIntSet*(a: PASN1_cInt, v: cInt): cInt{.cdecl, dynlib: DLLUtilName, 
+  proc Asn1cIntSet*(a: PASN1_cInt, v: cInt): cInt{.cdecl, dynlib: DLLUtilName,
       importc.}
   proc i2dX509bio*(b: PBIO, x: PX509): cInt{.cdecl, dynlib: DLLUtilName, importc.}
-  proc i2dPrivateKeyBio*(b: PBIO, pkey: EVP_PKEY): cInt{.cdecl, 
+  proc i2dPrivateKeyBio*(b: PBIO, pkey: EVP_PKEY): cInt{.cdecl,
       dynlib: DLLUtilName, importc.}
     # 3DES functions
   proc DESsetoddparity*(Key: des_cblock){.cdecl, dynlib: DLLUtilName, importc.}
   proc DESsetkeychecked*(key: des_cblock, schedule: des_key_schedule): cInt{.
       cdecl, dynlib: DLLUtilName, importc.}
-  proc DESecbencrypt*(Input: des_cblock, output: des_cblock, ks: des_key_schedule, 
+  proc DESecbencrypt*(Input: des_cblock, output: des_cblock, ks: des_key_schedule,
                       enc: cInt){.cdecl, dynlib: DLLUtilName, importc.}
   # implementation
 
-  proc SSLSetMode(s: PSSL, mode: int): int = 
+  proc SSLSetMode(s: PSSL, mode: int): int =
     result = SSLctrl(s, SSL_CTRL_MODE, mode, nil)
 
-  proc SSLCTXGetMode(ctx: PSSL_CTX): int = 
+  proc SSLCTXGetMode(ctx: PSSL_CTX): int =
     result = SSLCTXctrl(ctx, SSL_CTRL_MODE, 0, nil)
 
-  proc SSLGetMode(s: PSSL): int = 
+  proc SSLGetMode(s: PSSL): int =
     result = SSLctrl(s, SSL_CTRL_MODE, 0, nil)
 
 # <openssl/md5.h>
-type 
+type
   MD5_LONG* = cuint
-const 
+const
   MD5_CBLOCK* = 64
   MD5_LBLOCK* = int(MD5_CBLOCK div 4)
   MD5_DIGEST_LENGTH* = 16
-type 
-  MD5_CTX* = object 
+type
+  MD5_CTX* = object
     A,B,C,D,Nl,Nh: MD5_LONG
     data: array[MD5_LBLOCK, MD5_LONG]
     num: cuint
@@ -532,7 +502,7 @@ proc md5_Transform*(c: var MD5_CTX; b: ptr cuchar){.ic.}
 from strutils import toHex,toLower
 
 proc hexStr (buf:cstring): string =
-  # turn md5s output into a nice hex str 
+  # turn md5s output into a nice hex str
   result = newStringOfCap(32)
   for i in 0 .. <16:
     result.add toHex(buf[i].ord, 2).toLower
@@ -554,13 +524,13 @@ proc md5_File* (file: string): string {.raises: [IOError,Exception].} =
 
   discard md5_final( buf[0].addr, ctx )
   f.close
-  
+
   result = hexStr(buf)
 
 proc md5_Str* (str:string): string {.raises:[IOError].} =
   ##Generate MD5 hash for a string. Result is a 32 character
   #hex string with lowercase characters
-  var 
+  var
     ctx: MD5_CTX
     res: array[MD5_DIGEST_LENGTH,char]
     input = str.cstring