YuOpenSSL is the only OpenSSL implementation for Delphi which does not require OpenSSL DLLs. YuOpenSSL enables Delphi applications to compile encryption and Internet security into a single executable with no dependencies. This ensures complete control about the OpenSSL version and ends all worries about DLL deployment and locations.

OpenSSL is one of the most feature-rich cryptographc Internet security libraries. It includes message digests, ciphers, synchronous and asynchronous encryption, SSL, TLS, and much more. YuOpenSSL provides about 3000 functions & procedures, 3700 constants, and 700 types.

YuOpenSSL Versions
There are currently two versions of YuOpenSSL, available as separate packages. The YuOpenSSL license covers both versions:

YuOpenSSL-3

YuOpenSSL-3 is based on the OpenSSL 3.x series. It superseeds YuOpenSSL (see below) and is compatible with it just as OpenSSL 3.0 is compatible with OpenSSL 1.1.1.

This is where the main development takes place, including new features, optimizations, as well as security and bug fixes.

YuOpenSSL

YuOpenSSL (without “-3”) is based on OpenSSL 1.1.1. It is in maintainance mode and will see mostly security and bug fixes but very few or no new features.

Updating to YuOpenSSL-3 is recommended and should as easy as re-building applications with the new version.

Third Party Components and Library Support
YuOpenSSL currently supports the following 3rd party Internet components and libraries. With YuOpenSSL, they no longer require external OpenSSL DLLs for secure TLS / SSL Internet connections. All work with both YuOpenSSL versions.

ICS – Internet Component Suite

ICS can be compiled against YuOpenSSL. Starting with ICS 8.66, YuOpenSSL support is readily built in. For the older versions 8.65 and 8.64, minimally modified ICS sources are bundled with YuOpenSSL.

YuOpenSSL is enabled by $defining the YuOpenSSL compiler directive. This makes it easy to switch between ICS with OpenSSL DLLs and ICS with YuOpenSSL (and without DLLs).

Indy – Internet Direct

Indy can be compiled against YuOpenSSL. YuOpenSSL includes modified sources of the new Indy OpenSSL 1.1.1 IOHander. It adds TLS 1.3 as a new feature. YuOpenSSL is enabled by $defining the YuOpenSSL compiler directive. This makes it easy to switch between Indy with OpenSSL DLLs and Indy with YuOpenSSL (and without DLLs).

The new Indy OpenSSL 1.1.1 IOHandler is still in development. Testing is recommended.

Synapse TCP/IP and serial library

Synapse can be compiled against YuOpenSSL. YuOpenSSL includes modified sources of the Synapse OpenSSL bindings. YuOpenSSL is enabled by $defining the YuOpenSSL compiler directive. This makes it easy to switch between Synapse with OpenSSL DLLs and Synapse with YuOpenSSL (and without DLLs).

3rd Party Problems Detected During YuOpenSSL Development
YuOpenSSL development uncovered problems in Delphi 3rd party Internet components. They have been reported to their developers and are now fixed in latests versions. Here is the list:

ICS – Internet Component Suite

Fixed in ICS 8.66:
2 wrong function parameter types in OverbyteIcsLIBEAY.pas, possible memory overwrite
Fixed in ICS 8.65:
7 memory leaks in OverbyteIcsWSocket.pas - with fixes
OverbyteIcsLIBEAY.pas: EVP_PKEY_paramgen() pkey parameter should be double pointer
OverbyteIcsLIBEAY.pas: f_CRYPTO_get_ex_data should return Pointer, not Integer
OverbyteIcsLIBEAY.pas: TCryptoExNewFunc should be procedure, not function
Fixed in ICS 8.64:
Memory leak in OverbyteIcsWSocket.pas
OverbyteIcsWSocket.SslWSocketCopyRight does not exist
f_SSL_bytes_to_cipher_list should use var or ptr_ptr
TProto_msg_cb is a function but must be a procedure, at least for SSL_set_msg_callback().
f_SSL_clear : SSL_clear is a function and returns an integer
f_X509_check_ip_asc has extra namelen parameter
OverbyteIcsLIBEAY.pas f_EVP_DigestSignInit() declaration mismatch
OverbyteIcsWSocket.pas bug: PunyServerName filled with 8-bit data, even if it is a 16-bit UnicodeString
Indy – Internet Direct

Fixed in the Indy OpenSSL 1.1.1 IOHandler GIT repository:
TIdOpenSSLX509.SaveToFile() uses BIO type instead of PBIO
Leak of memory allocaated to thread-local storage (TLS) due to inappropriate initialization of SSL/TLS handshake
Memory leak in TIdOpenSSLContextClient class
Free before use access violation
Synapse TCP/IP and serial library

Fixed in Synapse SVN r266:
function d2iX509bio(): Wrong order of arguments in implementation



Only for V.I.P