A Common Lisp interface to OpenSSL.


This library is a fork of SSL-CMUCL. The original SSL-CMUCL source code was written by Eric Marsden and includes contributions by Jochen Schmidt. Development into CL+SSL was done by David Lichteblau. License: MIT-style.

Distinguishing features: CL+SSL is portable code based on CFFI and gray streams. It defines its own libssl BIO method, so that SSL I/O can be written over portable Lisp streams instead of bypassing the streams and sending data over Unix file descriptors directly. (But the traditional approach is still used if possible.)


The library is available via Quicklisp.

The Git repository:

Send bug reports to (list information).

OpenSSL Installation Hints


You need the libssl-dev package on Debian to load this cl+ssl without manual configuration.

Windows lists several soruces of binary distributions. For example, ( is a 3rd party; if you have questions about the OpenSSL installer they provide, please ask in the mailing list specified on the linked page).

If you chose to install the DLLs into the OpenSSL installation's "bin" directory (recommended), then be sure to add the bin directory to your PATH environment variable and restart your session. e.g. "C:\Program Files\OpenSSL-Win64\bin"


Function CL+SSL:ENSURE-INITIALIZED (&key method (rand-seed nil))
In most cases you do not need to call this function, because it is called automatically. The only reason to call it explicitly is to supply the rand-seed parameter. In this case do it before calling any other functions.

Keyword arguments:

method. Just leave its default value.

rand-seed is an octet sequence to initialize OpenSSL random number generator. On many platforms, including Linux and Windows, it may be leaved NIL (default), because OpenSSL initializes the random number generator from OS specific service. But for example on Solaris it may be necessary to supply this value. The minimum length required by OpenSSL is 128 bits. See here for the details.

Hint: do not use Common Lisp RANDOM function to generate the rand-seed, because the function usually returns predictable values.

Function CL+SSL:MAKE-CONTEXT (&key method
                                                                               (options (list +SSL-OP-ALL+))
                                                                               (session-cache-mode +ssl-sess-cache-server+)
                                                                               (verify-location :default)
                                                                               (verify-depth 100)
                                                                               (verify-mode +ssl-verify-peer+)
                                                                               (verify-callback nil verify-callback-supplied-p)
                                                                               (cipher-list +default-cipher-list+)
                                                                               (pem-password-callback 'pem-password-callback))

Creates a new SSL_CTX using SSL_CTX_new and initializes it according to the specified parameters. After you're done using the context, don't forget to free it using ssl-ctx-free.


ssl-error-initialize. When underlying SSL_CTX_new fails.

Keyword arguments:

method. Specifies which supported SSL/TLS to use. If not specified then TLS_method is used on OpenSSL versions supporing it (on legacy versions SSLv23_method is used).

disabled-protocols. List of +SSL-OP-NO-* constants. Denotes disabled SSL/TLS versions. When method not specified defaults to (list +SSL-OP-NO-SSLv2+ +SSL-OP-NO-SSLv3+)

options. SSL context options list. Defaults to (list +SSL-OP-ALL+)

session-cache-mode. Enable/Disable session caching. Defaults to +SSL-SESS-CACHE-SERVER+

verify-location. Location(s) to load CA from. Possible values

verify-depth. Sets the maximum depth for the certificate chain verification that shall be allowed for context. Defaults to 100.

verify-mode. Sets the verification flags for context to be mode. Available flags

Defaults to +VERIFY-PEER+

verify-callback. The verify-callback is used to control the behaviour when the +SSL-VERIFY-PEER+ flag is set.
Please note: this must be CFFI callback i.e. defined as (defcallback :int ((ok :int) (ctx :pointer)) .. ).
Defaults to verify-peer-callback which converts chain errors to ssl-error-verify.

cipher-list. Sets the list of available ciphers for context. Possible values described here.
Default is expected to change overtime to provide highest security level. Do not rely on its exact value.

pem-password-callback. Sets the default password callback called when loading/storing a PEM certificate with encryption.
Please note: this must be CFFI callback i.e. defined as (cffi:defcallback :int ((buf :pointer) (size :int) (rwflag :int) (unused :pointer)) .. ).
Defaults to pem-password-callback which simply uses password provided by with-pem-password.

Function CL+SSL:SSL-CTX-FREE (context)
Plain FFI binding for SSL_CTX_free.

Macro CL+SSL:WITH-GLOBAL-CONTEXT ((context &key :auto-free-p) &body body)
Executes body with *ssl-global-context* bound to context.
If auto-free-p is true the context is freed using ssl-ctx-free before exit.

Function CL+SSL:MAKE-SSL-CLIENT-STREAM (fd-or-stream &key external-format certificate key password close-callback (unwrap-stream-p *default-unwrap-stream-p*) verify hostname (buffer-size *default-buffer-size*) (input-buffer-size buffer-size) (output-buffer-size buffer-size))

Function CL+SSL:MAKE-SSL-SERVER-STREAM (fd-or-stream &key external-format certificate key password close-callback (unwrap-stream-p *default-unwrap-stream-p*) (buffer-size *default-buffer-size*) (input-buffer-size buffer-size) (output-buffer-size buffer-size))
Return an SSL stream for the client (server) socket fd-or-stream. All reads and writes to this stream will be pushed through the OpenSSL library.

Keyword arguments:

If fd-or-stream is a lisp stream, the SSL stream will close it automatically. File descriptors are not closed automatically. However, if close-callback is non-nil, it will be called with zero arguments when the SSL stream is closed.

If unwrap-stream-p is true (the default), a stream for a file descriptor will be replaced by that file descriptor automatically. This is similar to passing the result of stream-fd as an argument, except that a deadline associated with the stream object will be taken into account, and that the stream will be closed automatically. As with file descriptor arguments, no I/O will actually be done on the stream object.

certificate is the path to a file containing the PEM-encoded certificate.

key is the path to the PEM-encoded key, which may be associated with the passphrase password.

If external-format is nil (the default), a plain (unsigned-byte 8) SSL stream is returned. With a non-null external-format, a flexi-stream capable of character I/O will be returned instead, with the specified value as its initial external format.

verify can be specified either as NIL if no check should be performed, :optional to verify the server's certificate if it presented one or :required to verify the server's certificate and fail if an invalid or no certificate was presented. Defaults to *make-ssl-client-stream-verify-default* which is initialized to :required

hostname if specified, will be sent by client during TLS negotiation, according to the Server Name Indication (SNI) extension to the TLS. When server handles several domain names, this extension enables the server to choose certificate for right domain. Also the hostname> is used for hostname verification if verification is enabled by verify.

Parameter *default-buffer-size*
The default input and output buffers size of the SSL-STREAM objects.

Variable *default-unwrap-stream-p* t
The default value for the :unwrap-stream-p function parameter.

Variable *make-ssl-client-stream-verify-default* :required
Helps to mitigate the change in default behaviour of make-ssl-client-stream - previously it worked as if :verify nil but then :verify :required became the default on non-Windows platforms. Change this variable if you want the previous behaviour.

Function CL+SSL:USE-CERTIFICATE-CHAIN-FILE (certificate-chain-file)
Loads a PEM encoded certificate chain file certificate-chain-file and adds the chain to global context. The certificates must be sorted starting with the subject's certificate (actual client or server certificate), followed by intermediate CA certificates if applicable, and ending at the highest level (root) CA.

Note: the RELOAD function clears the global context and in particular the loaded certificate chain.

Function CL+SSL:RELOAD ()
Reload libssl. Call this function after restarting a Lisp core with CL+SSL dumped into it on Lisp implementations that do not reload shared libraries automatically.


Allows user to load libssl (and libeay32 on Windows) himself, thus choosing the foreigh library(-ies) path and version to load.

You will probably need to recompile CL+SSL for the feature to take effect.

If specified, neither loading of the cl+ssl ASDF system nor (cl+ssl:reload) try to load the foreign libraries, assuming user has loaded them already.

        (cffi:load-foreign-library "")

        (let ((*features* (cons :cl+ssl-foreign-libs-already-loaded

          (ql:quickload :a-system-which-depends-on-cl+ssl)

          ;; or just load cl+ssl
          (ql:quickload :cl+ssl))

Define the path where libssl resides to be path (not evaluated). This macro should be used before loading CL+SSL. This can be accomplished by first loading the system CL+SSL/CONFIG, which defines the macro. For instance, the following piece of code defines libssl to be /opt/local/lib/libssl.dylib:
(ql:quickload :cl+ssl/config)
(cl+ssl/config:define-libssl-path "/opt/local/lib/libssl.dylib")
(ql:quickload :cl+ssl)
See also: define-libcrypto-path

Define the path where libcrypto resides to be path (not evaluated). This macro should be used before loading CL+SSL. This can be accomplished by first loading the system CL+SSL/CONFIG, which defines the macro. For instance, the following piece of code defines libssl to be /opt/local/lib/libcrypto.dylib:
(ql:quickload :cl+ssl/config)
(cl+ssl/config:define-libcrypto-path "/opt/local/lib/libcrypto.dylib")
(ql:quickload :cl+ssl)
See also: define-libssl-path

Function CL+SSL:STREAM-FD (stream)
Return stream's file descriptor as an integer, if known. Otherwise return stream itself. The result of this function can be passed to make-ssl-client-stream and make-ssl-server-stream.

Function CL+SSL:RANDOM-BYTES (count)
Generates count cryptographically strong pseudo-random bytes. Returns the bytes as a simple-array with element-type '(unsigned-byte 8). Signals an error in case of problems, for example when the OpenSSL random number generator has not been seeded with enough randomness to ensure an unpredictable byte sequence.

Returns a universal-time representing the time after which the certificate is not valid. Signals an error if the certificate does not have a properly formatted time.

Returns a universal-time representing the time before which the certificate is not valid. Signals an error if the certificate does not have a properly formatted time.

Function CL+SSL:CERTIFICATE-FINGERPRINT (certificate &optional algorithm)
Returns the fingerprint of certificate as a byte-vector. algorithm is a string designator for the digest algorithm to use (it defaults to SHA-1).


CL+SSL requires CFFI with callback support.

CL Test Grid results:













2007-01-16: CL+SSL is now available under an MIT-style license.