Add secure sockets to dart:io

runtime/bin/tls_socket_impl.dart

Index: runtime/bin/tls_socket_impl.dart
diff --git a/runtime/bin/tls_socket_impl.dart b/runtime/bin/tls_socket_impl.dart
new file mode 100644
index 0000000000000000000000000000000000000000..dd7e79f44e149f70f52f44dbeb9676fbc15c5225
--- /dev/null
+++ b/runtime/bin/tls_socket_impl.dart
@@ -0,0 +1,321 @@
+// Copyright (c) 2012, the Dart project authors.  Please see the AUTHORS file
+// for details. All rights reserved. Use of this source code is governed by a
+// BSD-style license that can be found in the LICENSE file.
+
+class _TlsSocket implements TlsSocket {
+  static final int _BUFFER_SIZE = 2048;
+
+  // Status states
+  static final int NOT_CONNECTED = 200;
+  static final int HANDSHAKE = 201;
+  static final int CONNECTED = 202;
+  static final int CLOSED = 203;
+
+  // Buffer identifiers.
+  static final int kReadPlaintext = 0;
+  static final int kWritePlaintext = 1;
+  static final int kReadEncrypted = 2;
+  static final int kWriteEncrypted = 3;
+  static final int kNumBuffers = 4;
+
+  // Constructs a new secure client socket.
+  _TlsSocket(String host,
+             int port)
+      : _socket = new Socket(host, port),
+        _tlsFilter = new _TlsFilter() {
+    _socket.onConnect = _tlsConnectHandler;
+    _socket.onWrite = _tlsWriteHandler;
+    _socket.onData = _tlsDataHandler;
+    _socket.onClosed = _tlsCloseHandler;
+    _tlsFilter.init();
+    _tlsFilter.registerHandshakeCallbacks(_tlsHandshakeStartHandler,
+                                          _tlsHandshakeFinishHandler);
+  }
+
+  static void setCertificateDatabase(String pkcertDirectory)
+      native "TlsSocket_SetCertificateDatabase";
+
+  void set onConnect(void callback()) {
+    _socketConnectHandler = callback;
+  }
+
+  void set onWrite(void callback()) {
+    _socketWriteHandler = callback;
+    // Reset the one-shot onWrite handler.
+    _socket.onWrite = _tlsWriteHandler;
+  }
+
+  void set onData(void callback()) {
+    _socketDataHandler = callback;
+  }
+
+  void set onClosed(void callback()) {
+    _socketCloseHandler = callback;
+  }
+
+  void _tlsConnectHandler() {
+    _connectPending = true;
+    _tlsFilter.connect();

[Søren Gjesse, 2012/11/01 11:49:11]

Please explain why you call _tlsFilter.connect() both here and in
_tlsWriteHandler and _tlsDataHandler.

[Bill Hesse, 2012/11/11 22:34:34]

_tlsFilter.connect() was both the initial connection setup, and handshake
processing.  Handshake processing and communication is called multiple times, to
send and receive handshake messages.  

This is now split into connect(host_name), which is called once, and
handshake(), which is repeatedly called when socket events happen, until the
handshake is completed.

On 2012/11/01 11:49:11, Søren Gjesse wrote:

+  }
+
+  void _tlsWriteHandler() {
+    if (_status == HANDSHAKE) {
+      _writeEncryptedData();
+      _readEncryptedData();
+      _tlsFilter.connect();
+      // Only do this if we have more data to write.
+      if (_tlsFilter.buffers[kWriteEncrypted].length > 0) {
+        _socket.onWrite = _tlsWriteHandler;
+      }
+    } else if (_status == CONNECTED) {
+      if (_socketWriteHandler != null) {
+        _socketWriteHandler();
+      }
+    }
+  }
+
+  void _tlsDataHandler() {
+    if (_status == HANDSHAKE) {
+      _readEncryptedData();
+      _writeEncryptedData();
+      _tlsFilter.connect();
+      _socket.onWrite = _tlsWriteHandler;
+    } else {
+      if (scheduledDataEvent != null) {
+        scheduledDataEvent.cancel();
+        scheduledDataEvent = null;
+      }
+      if (_socketDataHandler != null) {
+        _readEncryptedData();
+        _socketDataHandler();
+      }
+    }
+  }
+
+  void _tlsCloseHandler() {
+    _socketClosed = true;
+    _status = CLOSED;
+    _socket.close();
+    if (_filterEmpty) {
+      _fireCloseEvent();
+    } else {
+      _fireCloseEventPending = true;
+    }
+  }
+
+  void _tlsHandshakeStartHandler() {
+    _status = HANDSHAKE;
+    _socket.onWrite = _tlsWriteHandler;
+  }
+
+  void _tlsHandshakeFinishHandler() {

[Søren Gjesse, 2012/11/01 11:49:11]

In this case the handshake will always have succeeded?

[Bill Hesse, 2012/11/11 22:34:34]

Yes.  Terminating the connection on a failed handshake is a TODO - currently it
terminates by timing out on the server end.

+    _status = CONNECTED;
+    if (_connectPending && _socketConnectHandler != null) {
+      _connectPending = false;
+      _socketConnectHandler();
+    }
+  }
+
+  void _fireCloseEvent() {
+    _fireCloseEventPending = false;
+    _tlsFilter.destroy();
+    _tlsFilter = null;
+    if (scheduledDataEvent != null) {
+      scheduledDataEvent.cancel();
+    }
+    if (_socketCloseHandler != null) {
+      _socketCloseHandler();
+    }
+  }
+
+  void close([bool halfClose]) {
+    _socket.close(halfClose);
+  }
+
+  int readList(List<int> data, int offset, int bytes) {
+    print("Entering readList");
+    _readEncryptedData();

[Søren Gjesse, 2012/11/01 11:49:11]

Do you need to call _readEncryptedData here? Shouldn't it be sufficient to call
it in the _tlsDataHandler?

[Bill Hesse, 2012/11/11 22:34:34]

We need to call _readEncryptedData here because it both moved dart from the
socket to the Dart buffer, and from the Dart buffer to the filter.  If the
filter and buffer were full, then we may not have read from the socket since the
last data event on the socket.  But we need to call this to empty the data from
the buffer to the filter.

We also need the postcondition that if we read 0 bytes in this call, then all of
the pipeline is empty.

This all can and should be looked at again, though.

On 2012/11/01 11:49:11, Søren Gjesse wrote:

+    if (offset < 0 || bytes < 0 || offset + bytes > data.length) {
+      throw new IllegalArgumentException(
+          "Invalid offset or bytes in TlsSocket.readList");
+    }
+    int bytesRead = 0;
+    var buffer = _tlsFilter.buffers[kReadPlaintext];
+    if (buffer.length == 0 && buffer.start != 0) {
+      throw "Unexpected buffer state in TlsSocket.readList";
+    }
+    if (buffer.length > 0) {
+      int toRead = min(bytes, buffer.length);
+      data.setRange(offset, toRead, buffer.data, buffer.start);
+      buffer.advanceStart(toRead);
+      bytesRead += toRead;
+    }
+    print("Before processBuffer(readPlaintext)");

[Søren Gjesse, 2012/11/01 11:49:11]

Debug print more below.

[Bill Hesse, 2012/11/11 22:34:34]

Removed.
On 2012/11/01 11:49:11, Søren Gjesse wrote:

+    int newBytes = _tlsFilter.processBuffer(kReadPlaintext);
+    if (newBytes > 0) {
+      buffer.length += newBytes;
+    }
+    if (bytes - bytesRead > 0 && buffer.length > 0) {
+      int toRead = min(bytes - bytesRead, buffer.length);
+      data.setRange(offset + bytesRead, toRead, buffer.data, buffer.start);
+      buffer.advanceStart(toRead);
+      bytesRead += toRead;
+    }
+
+    // If bytesRead is 0, then something is blocked or empty, and
+    // we are guaranteed an event when it becomes unblocked.
+    // Otherwise, give an event if there is data available, and
+    // there has been a read call since the last data event.
+    // This gives the invariant that:
+    // If there is data available, and there has been a read after the
+    // last data event (or no previous one fired), then we are guaranteed
+    // to get a data event.
+    _filterEmpty = (bytesRead == 0);
+    if (bytesRead > 0 && scheduledDataEvent == null) {
+      scheduledDataEvent = new Timer(0, (_) => _tlsDataHandler());
+    } else if (bytesRead == 0) {
+      if (_fireCloseEventPending) {
+        _fireCloseEvent();
+      } else if (scheduledDataEvent != null) {
+        scheduledDataEvent.cancel();
+        scheduledDataEvent = null;
+      }
+    }
+    return bytesRead;
+  }
+
+
+  // Write the data to the socket, and flush it as much as possible
+  // without blocking.  If not all the data is written, enable the
+  // onWrite event.  If data is not all flushed, add handlers to all
+  // relevant events.
+  int writeList(List<int> data, int offset, int bytes) {
+    _writeEncryptedData();  // Tries to flush all post-filter stages.
+    var buffer = _tlsFilter.buffers[kWritePlaintext];
+    if (bytes > buffer.free) {
+      bytes = buffer.free;
+    }
+    if (bytes > 0) {
+      buffer.data.setRange(buffer.start + buffer.length, bytes, data, offset);
+      buffer.length += bytes;
+    }
+    int bytesWritten = _tlsFilter.processBuffer(kWritePlaintext);
+    buffer.advanceStart(bytesWritten);
+    print("bytesWritten $bytesWritten");
+    _readEncryptedData();
+    _writeEncryptedData();
+    return bytes;
+  }
+
+  void _readEncryptedData() {
+    // Read from the socket and write to the filter.
+    print("Entering readEncryptedData");
+    var buffer = _tlsFilter.buffers[kReadEncrypted];
+    while (true) {
+      print("    buffer.length: ${buffer.length}");
+      if (buffer.length > 0) {
+        int bytes = _tlsFilter.processBuffer(kReadEncrypted);
+        if (bytes > 0) {
+          buffer.advanceStart(bytes);
+        } else {
+          break;
+        }
+      } else if (!_socketClosed) {
+        int bytes = _socket.readList(buffer.data,
+                                     buffer.start + buffer.length,
+                                     buffer.free);
+        print("    bytes read from socket: $bytes");
+        if (bytes <= 0) break;
+        buffer.length += bytes;
+      } else {
+        break;  // Socket is closed and read buffer is empty.
+      }
+    }
+  }
+
+  void _writeEncryptedData() {
+    // Write from the filter to the socket.
+    var buffer = _tlsFilter.buffers[kWriteEncrypted];
+    while (true) {
+      print("top of while loop: buffer.length = ${buffer.length}");
+      if (buffer.length > 0) {
+        int bytes = _socket.writeList(buffer.data, buffer.start, buffer.length);
+        if (bytes <= 0) break;
+        buffer.advanceStart(bytes);
+      } else {
+        if (buffer.start != 0 || buffer.length != 0) {
+          throw "Unexpected state in _writeEncryptedData";
+        }
+        int bytes = _tlsFilter.processBuffer(kWriteEncrypted);
+        print("foo writeEncrypted processBuffer returned $bytes");
+        if (bytes <= 0) break;
+        buffer.length += bytes;
+      }
+    }
+  }
+
+  // _TlsSocket cannot extend _Socket and use _Socket's factory constructor.
+  Socket _socket;
+
+  var _status = NOT_CONNECTED;
+  bool _socketClosed = false;
+  bool _filterEmpty = false;
+  bool _connectPending = false;
+  bool _fireCloseEventPending = false;
+  Function _socketConnectHandler;
+  Function _socketWriteHandler;
+  Function _socketDataHandler;
+  Function _socketCloseHandler;
+  Timer scheduledDataEvent;
+
+  var _tlsFilter;
+}
+
+class _TlsExternalBuffer {
+  static final int kSize = 8 * 1024;
+  _TlsExternalBuffer() : start = 0, length = 0;
+
+  void advanceStart(int numBytes) {
+    start += numBytes;
+    length -= numBytes;
+    if (length == 0) {
+      start = 0;
+    }
+  }
+
+  int get free() => kSize - start - length;
+
+  List data;  // This will be a ExternalByteArray, backed by C allocated data.
+  int start;
+  int length;
+}
+
+/**
+ * _TlsFilter wraps a filter that encrypts and decrypts data travelling
+ * over a TLS encrypted socket.  The filter also handles the handshaking
+ * and certificate verification.
+ *
+ * The filter exposes its input and output buffers as Dart objects that
+ * are backed by an external C array of bytes, so that both Dart code and
+ * native code can access the same data.
+ */
+class _TlsFilter extends NativeFieldWrapperClass1 {
+  _TlsFilter() {
+    buffers = new List<_TlsExternalBuffer>(_TlsSocket.kNumBuffers);
+    for (int i = 0; i < _TlsSocket.kNumBuffers; ++i) {
+      buffers[i] = new _TlsExternalBuffer();
+    }
+  }
+
+  void init() native "TlsSocket_Init";
+
+  void connect() native "TlsSocket_Connect";
+
+  void registerHandshakeCallbacks(Function startHandshakeHandler,
+                                  Function finishHandshakeHandler)
+      native "TlsSocket_RegisterHandshakeCallbacks";
+  int processBuffer(int bufferIndex) native "TlsSocket_ProcessBuffer";
+  void destroy() native "TlsSocket_Destroy";
+
+  List<_TlsExternalBuffer> buffers;
+}