OLD | NEW |
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 patch class SecureSocket { | 5 patch class SecureSocket { |
6 /* patch */ factory SecureSocket._(RawSecureSocket rawSocket) => | 6 /* patch */ factory SecureSocket._(RawSecureSocket rawSocket) => |
7 new _SecureSocket(rawSocket); | 7 new _SecureSocket(rawSocket); |
8 | |
9 /* patch */ static void initialize({String database, | |
10 String password, | |
11 bool useBuiltinRoots: true}) | |
12 native "SecureSocket_InitializeLibrary"; | |
13 } | 8 } |
14 | 9 |
15 | 10 |
16 patch class _SecureFilter { | 11 patch class _SecureFilter { |
17 /* patch */ factory _SecureFilter() => new _SecureFilterImpl(); | 12 /* patch */ factory _SecureFilter() => new _SecureFilterImpl(); |
18 } | 13 } |
19 | 14 |
| 15 patch class X509Certificate { |
| 16 /* patch */ factory X509Certificate._() => new _X509CertificateImpl(); |
| 17 } |
20 | 18 |
21 class _SecureSocket extends _Socket implements SecureSocket { | 19 class _SecureSocket extends _Socket implements SecureSocket { |
22 _SecureSocket(RawSecureSocket raw) : super(raw); | 20 _SecureSocket(RawSecureSocket raw) : super(raw); |
23 | 21 |
24 void set onBadCertificate(bool callback(X509Certificate certificate)) { | 22 void set onBadCertificate(bool callback(X509Certificate certificate)) { |
25 if (_raw == null) { | 23 if (_raw == null) { |
26 throw new StateError("onBadCertificate called on destroyed SecureSocket"); | 24 throw new StateError("onBadCertificate called on destroyed SecureSocket"); |
27 } | 25 } |
28 _raw.onBadCertificate = callback; | 26 _raw.onBadCertificate = callback; |
29 } | 27 } |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
72 _SecureFilterImpl() { | 70 _SecureFilterImpl() { |
73 buffers = new List<_ExternalBuffer>(_RawSecureSocket.NUM_BUFFERS); | 71 buffers = new List<_ExternalBuffer>(_RawSecureSocket.NUM_BUFFERS); |
74 for (int i = 0; i < _RawSecureSocket.NUM_BUFFERS; ++i) { | 72 for (int i = 0; i < _RawSecureSocket.NUM_BUFFERS; ++i) { |
75 buffers[i] = new _ExternalBuffer(_RawSecureSocket._isBufferEncrypted(i) ? | 73 buffers[i] = new _ExternalBuffer(_RawSecureSocket._isBufferEncrypted(i) ? |
76 ENCRYPTED_SIZE : | 74 ENCRYPTED_SIZE : |
77 SIZE); | 75 SIZE); |
78 } | 76 } |
79 } | 77 } |
80 | 78 |
81 void connect(String hostName, | 79 void connect(String hostName, |
82 Uint8List sockaddrStorage, | 80 SecurityContext context, |
83 int port, | |
84 bool is_server, | 81 bool is_server, |
85 String certificateName, | |
86 bool requestClientCertificate, | 82 bool requestClientCertificate, |
87 bool requireClientCertificate, | 83 bool requireClientCertificate, |
88 bool sendClientCertificate, | 84 bool sendClientCertificate, |
89 Uint8List protocols) native "SecureSocket_Connect"; | 85 Uint8List protocols) native "SecureSocket_Connect"; |
90 | 86 |
91 void destroy() { | 87 void destroy() { |
92 buffers = null; | 88 buffers = null; |
93 _destroy(); | 89 _destroy(); |
94 } | 90 } |
95 | 91 |
(...skipping 16 matching lines...) Expand all Loading... |
112 native "SecureSocket_RegisterBadCertificateCallback"; | 108 native "SecureSocket_RegisterBadCertificateCallback"; |
113 | 109 |
114 void registerHandshakeCompleteCallback(Function handshakeCompleteHandler) | 110 void registerHandshakeCompleteCallback(Function handshakeCompleteHandler) |
115 native "SecureSocket_RegisterHandshakeCompleteCallback"; | 111 native "SecureSocket_RegisterHandshakeCompleteCallback"; |
116 | 112 |
117 // This is a security issue, as it exposes a raw pointer to Dart code. | 113 // This is a security issue, as it exposes a raw pointer to Dart code. |
118 int _pointer() native "SecureSocket_FilterPointer"; | 114 int _pointer() native "SecureSocket_FilterPointer"; |
119 | 115 |
120 List<_ExternalBuffer> buffers; | 116 List<_ExternalBuffer> buffers; |
121 } | 117 } |
| 118 |
| 119 patch class SecurityContext { |
| 120 /* patch */ factory SecurityContext() { |
| 121 return new _SecurityContext(); |
| 122 } |
| 123 |
| 124 /* patch */ static SecurityContext get defaultContext { |
| 125 return _SecurityContext.defaultContext; |
| 126 } |
| 127 } |
| 128 |
| 129 class _SecurityContext |
| 130 extends NativeFieldWrapperClass1 |
| 131 implements SecurityContext { |
| 132 _SecurityContext() { |
| 133 _createNativeContext(); |
| 134 } |
| 135 |
| 136 void _createNativeContext() native "SecurityContext_Allocate"; |
| 137 |
| 138 static final SecurityContext defaultContext = |
| 139 new _SecurityContext().._trustBuiltinRoots(); |
| 140 |
| 141 void usePrivateKey(String keyFile, {String password}) |
| 142 native "SecurityContext_UsePrivateKey"; |
| 143 void setTrustedCertificates({String file, String directory}) |
| 144 native "SecurityContext_SetTrustedCertificates"; |
| 145 void useCertificateChain(String file) |
| 146 native "SecurityContext_UseCertificateChain"; |
| 147 void setClientAuthorities(String file) |
| 148 native "SecurityContext_SetClientAuthorities"; |
| 149 void setAlpnProtocols(List<String> protocols, bool isServer) { |
| 150 Uint8List encodedProtocols = |
| 151 SecurityContext._protocolsToLengthEncoding(protocols); |
| 152 _setAlpnProtocols(encodedProtocols, isServer); |
| 153 } |
| 154 void _setAlpnProtocols(Uint8List protocols, bool isServer) |
| 155 native "SecurityContext_SetAlpnProtocols"; |
| 156 void _trustBuiltinRoots() |
| 157 native "SecurityContext_TrustBuiltinRoots"; |
| 158 } |
| 159 |
| 160 /** |
| 161 * _X509CertificateImpl wraps an X509 certificate object held by the BoringSSL |
| 162 * library. It exposes the fields of the certificate object. |
| 163 */ |
| 164 class _X509CertificateImpl extends NativeFieldWrapperClass1 |
| 165 implements X509Certificate { |
| 166 // The native field must be set manually on a new object, in native code. |
| 167 // This is done by WrappedX509 in secure_socket.cc. |
| 168 _X509CertificateImpl(); |
| 169 |
| 170 String get subject native "X509_Subject"; |
| 171 String get issuer native "X509_Issuer"; |
| 172 DateTime get startValidity { |
| 173 return new DateTime.fromMillisecondsSinceEpoch(_startValidity(), |
| 174 isUtc: true); |
| 175 } |
| 176 DateTime get endValidity { |
| 177 return new DateTime.fromMillisecondsSinceEpoch(_endValidity(), |
| 178 isUtc: true); |
| 179 } |
| 180 int _startValidity() native "X509_StartValidity"; |
| 181 int _endValidity() native "X509_EndValidity"; |
| 182 } |
OLD | NEW |