Breaking Change: merge BoringSSL branch into master

sdk/lib/io/secure_socket.dart

 // Copyright (c) 2013, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 
 part of dart.io;
 
 /**
  * A high-level class for communicating securely over a TCP socket, using
  * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an
  * [IOSink] interface, making it ideal for using together with
  * other [Stream]s.
  */
 abstract class SecureSocket implements Socket {
   external factory SecureSocket._(RawSecureSocket rawSocket);
 
   /**
    * Constructs a new secure client socket and connect it to the given
    * [host] on port [port]. The returned Future will complete with a
    * [SecureSocket] that is connected and ready for subscription.
    *
-   * If [sendClientCertificate] is set to true, the socket will send a client
-   * certificate if one is requested by the server.
-   *
-   * If [certificateName] is the nickname of a certificate in the certificate
-   * database, that certificate will be sent.
-   *
-   * If [certificateName] is null, which is the usual use case, an
-   * appropriate certificate will be searched for in the database and
-   * sent automatically, based on what the server says it will accept.
-   *
    * [onBadCertificate] is an optional handler for unverifiable certificates.
    * The handler receives the [X509Certificate], and can inspect it and
    * decide (or let the user decide) whether to accept
    * the connection or not.  The handler should return true
    * to continue the [SecureSocket] connection.
    */
   static Future<SecureSocket> connect(
       host,
       int port,
-      {bool sendClientCertificate: false,
-       String certificateName,
+      {SecurityContext context,
        bool onBadCertificate(X509Certificate certificate),
+       bool sendClientCertificate,
        List<String> supportedProtocols}) {
     return RawSecureSocket.connect(host,
                                    port,
-                                   sendClientCertificate: sendClientCertificate,
-                                   certificateName: certificateName,
+                                   context: context,
                                    onBadCertificate: onBadCertificate,
                                    supportedProtocols: supportedProtocols)
         .then((rawSocket) => new SecureSocket._(rawSocket));
   }
 
   /**
    * Takes an already connected [socket] and starts client side TLS
    * handshake to make the communication secure. When the returned
    * future completes the [SecureSocket] has completed the TLS
    * handshake. Using this function requires that the other end of the
@@ skipping 14 matching lines @@
    * resulting [SecureSocket] will have the passed in [host] as its
    * host value and the internet address of the already connected
    * socket as its address value.
    *
    * See [connect] for more information on the arguments.
    *
    */
   static Future<SecureSocket> secure(
       Socket socket,
       {host,
-       bool sendClientCertificate: false,
-       String certificateName,
+       SecurityContext context,
        bool onBadCertificate(X509Certificate certificate)}) {
     var completer = new Completer();
     (socket as dynamic)._detachRaw()
         .then((detachedRaw) {
           return RawSecureSocket.secure(
             detachedRaw[0],
             subscription: detachedRaw[1],
             host: host,
-            sendClientCertificate: sendClientCertificate,
+            context: context,
             onBadCertificate: onBadCertificate);
           })
         .then((raw) {
           completer.complete(new SecureSocket._(raw));
         });
     return completer.future;
   }
 
   /**
    * Takes an already connected [socket] and starts server side TLS
@@ skipping 11 matching lines @@
    * from the socket this data can be passed in the [bufferedData]
    * parameter. This data will be processed before any other data
    * available on the socket.
    *
    * See [SecureServerSocket.bind] for more information on the
    * arguments.
    *
    */
   static Future<SecureSocket> secureServer(
       Socket socket,
-      String certificateName,
+      SecurityContext context,
       {List<int> bufferedData,
        bool requestClientCertificate: false,
        bool requireClientCertificate: false,
        List<String> supportedProtocols}) {
     var completer = new Completer();
     (socket as dynamic)._detachRaw()
         .then((detachedRaw) {
           return RawSecureSocket.secureServer(
             detachedRaw[0],
-            certificateName,
+            context,
             subscription: detachedRaw[1],
             bufferedData: bufferedData,
             requestClientCertificate: requestClientCertificate,
             requireClientCertificate: requireClientCertificate,
             supportedProtocols: supportedProtocols);
           })
         .then((raw) {
           completer.complete(new SecureSocket._(raw));
         });
     return completer.future;
@@ skipping 16 matching lines @@
   /**
    * Renegotiate an existing secure connection, renewing the session keys
    * and possibly changing the connection properties.
    *
    * This repeats the SSL or TLS handshake, with options that allow clearing
    * the session cache and requesting a client certificate.
    */
   void renegotiate({bool useSessionCache: true,
                     bool requestClientCertificate: false,
                     bool requireClientCertificate: false});
-
-  /**
-   * Initializes the NSS library. If [initialize] is not called, the library
-   * is automatically initialized as if [initialize] were called with no
-   * arguments. If [initialize] is called more than once, or called after
-   * automatic initialization has happened (when a secure connection is made),
-   * then a TlsException is thrown.
-   *
-   * The optional argument [database] is the path to a certificate database
-   * directory containing root certificates for verifying certificate paths on
-   * client connections, and server certificates to provide on server
-   * connections. The argument [password] should be used when creating
-   * secure server sockets, to allow the private key of the server
-   * certificate to be fetched. If [useBuiltinRoots] is true (the default),
-   * then a built-in set of root certificates for trusted certificate
-   * authorities is merged with the certificates in the database.
-   * The list of built-in root certificates, and documentation about this
-   * default database, is available at
-   * http://www.mozilla.org/projects/security/certs/included/ .
-   *
-   * If the [database] argument is omitted, then only the
-   * builtin root certificates are used. If [useBuiltinRoots] is also false,
-   * then no certificates are available.
-   *
-   * Examples:
-   *   1) Use only the builtin root certificates:
-   *     SecureSocket.initialize(); or
-   *
-   *   2) Use a specified database directory and the builtin roots:
-   *     SecureSocket.initialize(database: 'path/to/my/database',
-   *                             password: 'my_password');
-   *
-   *   3) Use a specified database directory, without builtin roots:
-   *     SecureSocket.initialize(database: 'path/to/my/database',
-   *                             password: 'my_password'.
-   *                             useBuiltinRoots: false);
-   *
-   * The database should be an NSS certificate database directory
-   * containing a cert9.db file, not a cert8.db file.  This version of
-   * the database can be created using the NSS certutil tool with "sql:" in
-   * front of the absolute path of the database directory, or setting the
-   * environment variable [[NSS_DEFAULT_DB_TYPE]] to "sql".
-   */
-  external static void initialize({String database,
-                                   String password,
-                                   bool useBuiltinRoots: true});
 }
 
 
 /**
  * RawSecureSocket provides a secure (SSL or TLS) network connection.
  * Client connections to a server are provided by calling
  * RawSecureSocket.connect.  A secure server, created with
  * RawSecureServerSocket, also returns RawSecureSocket objects representing
  * the server end of a secure connection.
  * The certificate provided by the server is checked
- * using the certificate database provided in SecureSocket.initialize, and/or
+ * using the trusted certificates set in the SecurityContext object and/or
  * the default built-in root certificates.
  */
 abstract class RawSecureSocket implements RawSocket {
   /**
    * Constructs a new secure client socket and connect it to the given
    * host on the given port. The returned Future is completed with the
    * RawSecureSocket when it is connected and ready for subscription.
    *
-   * The certificate provided by the server is checked using the certificate
-   * database provided in [SecureSocket.initialize], and/or the default built-in
+   * The certificate provided by the server is checked
+   * using the trusted certificates set in the SecurityContext object and/or
+   * the default built-in
    * root certificates. If [sendClientCertificate] is
    * set to true, the socket will send a client certificate if one is
    * requested by the server. If [certificateName] is the nickname of
    * a certificate in the certificate database, that certificate will be sent.
    * If [certificateName] is null, which is the usual use case, an
    * appropriate certificate will be searched for in the database and
    * sent automatically, based on what the server says it will accept.
    *
    * [onBadCertificate] is an optional handler for unverifiable certificates.
    * The handler receives the [X509Certificate], and can inspect it and
    * decide (or let the user decide) whether to accept
    * the connection or not.  The handler should return true
    * to continue the [RawSecureSocket] connection.
    */
   static Future<RawSecureSocket> connect(
       host,
       int port,
-      {bool sendClientCertificate: false,
-       String certificateName,
+      {SecurityContext context,
        bool onBadCertificate(X509Certificate certificate),
        List<String> supportedProtocols}) {
     _RawSecureSocket._verifyFields(
         host,
         port,
-        certificateName,
         false,
         false,
         false,
-        sendClientCertificate,
         onBadCertificate);
     return RawSocket.connect(host, port)
         .then((socket) {
           return secure(socket,
-                        sendClientCertificate: sendClientCertificate,
-                        certificateName: certificateName,
+                        context: context,
                         onBadCertificate: onBadCertificate,
                         supportedProtocols: supportedProtocols);
         });
   }
 
   /**
    * Takes an already connected [socket] and starts client side TLS
    * handshake to make the communication secure. When the returned
    * future completes the [RawSecureSocket] has completed the TLS
    * handshake. Using this function requires that the other end of the
@@ skipping 17 matching lines @@
    * host value and the internet address of the already connected
    * socket as its address value.
    *
    * See [connect] for more information on the arguments.
    *
    */
   static Future<RawSecureSocket> secure(
       RawSocket socket,
       {StreamSubscription subscription,
        host,
-       bool sendClientCertificate: false,
-       String certificateName,
+       SecurityContext context,
        bool onBadCertificate(X509Certificate certificate),
        List<String> supportedProtocols}) {
     socket.readEventsEnabled = false;
     socket.writeEventsEnabled = false;
     return  _RawSecureSocket.connect(
         host != null ? host : socket.address.host,
         socket.port,
-        certificateName,
         is_server: false,
         socket: socket,
         subscription: subscription,
-        sendClientCertificate: sendClientCertificate,
+        context: context,
         onBadCertificate: onBadCertificate,
         supportedProtocols: supportedProtocols);
   }
 
   /**
    * Takes an already connected [socket] and starts server side TLS
    * handshake to make the communication secure. When the returned
    * future completes the [RawSecureSocket] has completed the TLS
    * handshake. Using this function requires that the other end of the
    * connection is going to start the TLS handshake.
    *
    * If the [socket] already has a subscription, pass the existing
    * subscription in the [subscription] parameter. The [secureServer]
    * operation will take over the subscription by replacing the
    * handlers with it own secure processing. The caller must not touch
    * this subscription anymore. Passing a paused subscription is an
    * error.
    *
    * If some of the data of the TLS handshake has already been read
    * from the socket this data can be passed in the [bufferedData]
    * parameter. This data will be processed before any other data
    * available on the socket.
    *
    * See [RawSecureServerSocket.bind] for more information on the
    * arguments.
    *
    */
   static Future<RawSecureSocket> secureServer(
       RawSocket socket,
-      String certificateName,
+      SecurityContext context,
       {StreamSubscription subscription,
        List<int> bufferedData,
        bool requestClientCertificate: false,
        bool requireClientCertificate: false,
        List<String> supportedProtocols}) {
     socket.readEventsEnabled = false;
     socket.writeEventsEnabled = false;
     return _RawSecureSocket.connect(
         socket.address,
         socket.remotePort,
-        certificateName,
+        context: context,
         is_server: true,
         socket: socket,
         subscription: subscription,
         bufferedData: bufferedData,
         requestClientCertificate: requestClientCertificate,
         requireClientCertificate: requireClientCertificate,
         supportedProtocols: supportedProtocols);
   }
 
   /**
@@ skipping 20 matching lines @@
    * Get the protocol which was selected during protocol negotiation.
    */
   String get selectedProtocol;
 }
 
 
 /**
  * X509Certificate represents an SSL certificate, with accessors to
  * get the fields of the certificate.
  */
-class X509Certificate {
-  X509Certificate(this.subject,
-                  this.issuer,
-                  this.startValidity,
-                  this.endValidity);
-  final String subject;
-  final String issuer;
-  final DateTime startValidity;
-  final DateTime endValidity;
+abstract class X509Certificate {
+  external factory X509Certificate._();
+
+  String get subject;
+  String get issuer;
+  DateTime get startValidity;
+  DateTime get endValidity;
 }
 
 
 class _FilterStatus {
   bool progress = false;  // The filter read or wrote data to the buffers.
   bool readEmpty = true;  // The read buffers and decryption filter are empty.
   bool writeEmpty = true;  // The write buffers and encryption filter are empty.
   // These are set if a buffer changes state from empty or full.
   bool readPlaintextNoLongerEmpty = false;
   bool writePlaintextNoLongerFull = false;
@@ skipping 25 matching lines @@
   RawSocket _socket;
   final Completer<_RawSecureSocket> _handshakeComplete =
       new Completer<_RawSecureSocket>();
   StreamController<RawSocketEvent> _controller;
   Stream<RawSocketEvent> _stream;
   StreamSubscription<RawSocketEvent> _socketSubscription;
   List<int> _bufferedData;
   int _bufferedDataIndex = 0;
   final InternetAddress address;
   final bool is_server;
-  final String certificateName;
+  SecurityContext context;
   final bool requestClientCertificate;
   final bool requireClientCertificate;
-  final bool sendClientCertificate;
   final Function onBadCertificate;
 
   var _status = HANDSHAKE;
   bool _writeEventsEnabled = true;
   bool _readEventsEnabled = true;
   int _pauseCount = 0;
   bool _pendingReadEvent = false;
   bool _socketClosedRead = false;  // The network socket is closed for reading.
   bool _socketClosedWrite = false;  // The network socket is closed for writing.
   bool _closedRead = false;  // The secure socket has fired an onClosed event.
   bool _closedWrite = false;  // The secure socket has been closed for writing.
   Completer _closeCompleter = new Completer();  // The network socket is gone.
   _FilterStatus _filterStatus = new _FilterStatus();
   bool _connectPending = true;
   bool _filterPending = false;
   bool _filterActive = false;
 
   _SecureFilter _secureFilter = new _SecureFilter();
   int _filterPointer;
   String _selectedProtocol;
 
   static Future<_RawSecureSocket> connect(
       host,
       int requestedPort,
-      String certificateName,
       {bool is_server,
+       SecurityContext context,
        RawSocket socket,
        StreamSubscription subscription,
        List<int> bufferedData,
        bool requestClientCertificate: false,
        bool requireClientCertificate: false,
        bool sendClientCertificate: false,
        bool onBadCertificate(X509Certificate certificate),
        List<String> supportedProtocols}) {
-    _verifyFields(host, requestedPort, certificateName, is_server,
+    _verifyFields(host, requestedPort, is_server,
                  requestClientCertificate, requireClientCertificate,
-                 sendClientCertificate, onBadCertificate);
+                 onBadCertificate);
     if (host is InternetAddress) host = host.host;
     var address = socket.address;
     if (host != null) address =  address._cloneWithNewHost(host);
     return new _RawSecureSocket(address,
                                 requestedPort,
-                                certificateName,
                                 is_server,
+                                context,
                                 socket,
                                 subscription,
                                 bufferedData,
                                 requestClientCertificate,
                                 requireClientCertificate,
-                                sendClientCertificate,
                                 onBadCertificate,
                                 supportedProtocols)
         ._handshakeComplete.future;
   }
 
   _RawSecureSocket(
       this.address,
       int requestedPort,
-      this.certificateName,
       this.is_server,
+      this.context,
       RawSocket this._socket,
       this._socketSubscription,
       this._bufferedData,
       this.requestClientCertificate,
       this.requireClientCertificate,
-      this.sendClientCertificate,
       this.onBadCertificate(X509Certificate certificate),
       List<String> supportedProtocols) {
+    if (context == null) {
+      context = SecurityContext.defaultContext;
+    }
     _controller = new StreamController<RawSocketEvent>(
         sync: true,
         onListen: _onSubscriptionStateChange,
         onPause: _onPauseStateChange,
         onResume: _onPauseStateChange,
         onCancel: _onSubscriptionStateChange);
     _stream = _controller.stream;
     // Throw an ArgumentError if any field is invalid.  After this, all
     // errors will be reported through the future or the stream.
     _secureFilter.init();
@@ skipping 22 matching lines @@
       dynamic s = _socket;  // Cast to dynamic to avoid warning.
       if (s._socket.closedReadEventSent) {
         _eventDispatcher(RawSocketEvent.READ_CLOSED);
       }
       _socketSubscription
           ..onData(_eventDispatcher)
           ..onError(_reportError)
           ..onDone(_doneHandler);
     }
     try {
+      var encodedProtocols =
+          SecurityContext._protocolsToLengthEncoding(supportedProtocols);
       _secureFilter.connect(address.host,
-                            (address as dynamic)._in_addr,
-                            port,
+                            context,
                             is_server,
-                            certificateName,
                             requestClientCertificate ||
                                 requireClientCertificate,
                             requireClientCertificate,
-                            sendClientCertificate,
-                            _protocolsToLengthEncoding(supportedProtocols));
+                            // TODO(whesse): Remove sendClientCertificate
+                            // argument, or add it to API.
+                            false, // sendClientCertificate,
+                            encodedProtocols);
       _secureHandshake();
     } catch (e, s) {
       _reportError(e, s);
     }
   }
 
-  /// Encodes a set of supported protocols for ALPN/NPN usage.
-  ///
-  /// The `protocols` list is expected to contain protocols in descending order
-  /// of preference.
-  ///
-  /// See RFC 7301 (https://tools.ietf.org/html/rfc7301) for the encoding of
-  /// `List<String> protocols`:
-  ///     opaque ProtocolName<1..2^8-1>;
-  ///
-  ///     struct {
-  ///         ProtocolName protocol_name_list<2..2^16-1>
-  ///     } ProtocolNameList;
-  ///
-  /// The encoding of the opaque `ProtocolName<lower..upper>` vector is
-  /// described in RFC 2246: 4.3 Vectors.
-  ///
-  /// Note: Even though this encoding scheme would allow a total
-  /// `ProtocolNameList` length of 65535, this limit cannot be reached. Testing
-  /// showed that more than ~ 65480 bytes will fail to negogiate a protocol.
-  /// We will be conservative and support only messages up to (1<<15) -1 bytes.
-  ///
-  /// Our NSS implementation will support ALPN and NPN transparently. The
-  /// default protocol will be the first in the encoded Uint8List.
-  ///
-  /// NOTE: The NSS library will treat the first protocol as the fallback
-  /// protocol. The remaining ones are sorted in (decreasing) priority order.
-  /// We therefore put the protocol least desired to the front, to make it the
-  /// default.
-  Uint8List _protocolsToLengthEncoding(List<String> protocols) {
-    if (protocols == null || protocols.length == 0) {
-      return new Uint8List(0);
-    }
-    int protocolsLength = protocols.length;
-
-    // Calculate the number of bytes we will need if it is ASCII.
-    int expectedLength = protocolsLength;
-    for (int i = 0; i < protocolsLength; i++) {
-      int length = protocols[i].length;
-      if (length > 0 && length <= 255) {
-        expectedLength += length;
-      } else {
-        throw new ArgumentError(
-            'Length of protocol must be between 1 and 255 (was: $length).');
-      }
-    }
-
-    if (expectedLength >= (1 << 15)) {
-      throw new ArgumentError(
-          'The maximum message length supported is 2^15-1.');
-    }
-
-    // Try encoding the `List<String> protocols` array using fast ASCII path.
-    var bytes = new Uint8List(expectedLength);
-    int bytesOffset = 0;
-    for (int i = 0; i < protocolsLength; i++) {
-      // The last protocol will be encoded as the first/default one in the list.
-      // (i.e. rotate `protocols` by 1 to the right).
-      int index = i;
-      if (index == 0) index = protocols.length;
-      String proto = protocols[index - 1];
-
-      // Add length byte.
-      bytes[bytesOffset++] = proto.length;
-      int bits = 0;
-
-      // Add protocol bytes.
-      for (int j = 0; j < proto.length; j++) {
-        var char = proto.codeUnitAt(j);
-        bits |= char;
-        bytes[bytesOffset++] = char & 0xff;
-      }
-
-      // Go slow case if we have encountered anything non-ascii.
-      if (bits > 0x7f) {
-        return _protocolsToLengthEncodingNonAsciiBailout(protocols);
-      }
-    }
-    return bytes;
-  }
-
-  Uint8List _protocolsToLengthEncodingNonAsciiBailout(List<String> protocols) {
-    void addProtocol(List<int> outBytes, String protocol) {
-      var protocolBytes = UTF8.encode(protocol);
-      var len = protocolBytes.length;
-
-      if (len > 255) {
-        throw new ArgumentError(
-            'Length of protocol must be between 1 and 255 (was: $len)');
-      }
-      // Add length byte.
-      outBytes.add(len);
-
-      // Add protocol bytes.
-      outBytes.addAll(protocolBytes);
-    }
-
-    List<int> bytes = [];
-    addProtocol(bytes, protocols.last);
-    for (var i = 0; i < protocols.length -1; i++) {
-      addProtocol(bytes, protocols[i]);
-    }
-
-    if (bytes.length >= (1 << 15)) {
-      throw new ArgumentError(
-          'The maximum message length supported is 2^15-1.');
-    }
-
-    return new Uint8List.fromList(bytes);
-  }
-
-  void _addProtocolBytes(List<int> outBytes, String protocol) {
-    var protocolBytes = UTF8.encode(protocol);
-    var len = protocolBytes.length;
-
-    if (len > 255) {
-      throw new ArgumentError(
-          'Cannot support protocols with more than 255 characters');
-    }
-    outBytes.add(len);
-    outBytes.addAll(protocolBytes);
-  }
-
   StreamSubscription listen(void onData(RawSocketEvent data),
                             {Function onError,
                              void onDone(),
                              bool cancelOnError}) {
     _sendWriteEvent();
     return _stream.listen(onData,
                           onError: onError,
                           onDone: onDone,
                           cancelOnError: cancelOnError);
   }
 
   static void _verifyFields(host,
                             int requestedPort,
-                            String certificateName,
                             bool is_server,
                             bool requestClientCertificate,
                             bool requireClientCertificate,
-                            bool sendClientCertificate,
                             Function onBadCertificate) {
     if (host is! String && host is! InternetAddress) {
       throw new ArgumentError("host is not a String or an InternetAddress");
     }
     if (requestedPort is! int) {
       throw new ArgumentError("requestedPort is not an int");
     }
     if (requestedPort < 0 || requestedPort > 65535) {
       throw new ArgumentError("requestedPort is not in the range 0..65535");
     }
-    if (certificateName != null && certificateName is! String) {
-      throw new ArgumentError("certificateName is not null or a String");
-    }
-    if (certificateName == null && is_server) {
-      throw new ArgumentError("certificateName is null on a server");
-    }
     if (requestClientCertificate is! bool) {
       throw new ArgumentError("requestClientCertificate is not a bool");
     }
     if (requireClientCertificate is! bool) {
       throw new ArgumentError("requireClientCertificate is not a bool");
     }
-    if (sendClientCertificate is! bool) {
-      throw new ArgumentError("sendClientCertificate is not a bool");
-    }
     if (onBadCertificate != null && onBadCertificate is! Function) {
       throw new ArgumentError("onBadCertificate is not null or a Function");
     }
    }
 
   int get port => _socket.port;
 
   InternetAddress get remoteAddress => _socket.remoteAddress;
 
   int get remotePort => _socket.remotePort;
@@ skipping 120 matching lines @@
   }
 
   X509Certificate get peerCertificate => _secureFilter.peerCertificate;
 
   String get selectedProtocol => _selectedProtocol;
 
   bool _onBadCertificateWrapper(X509Certificate certificate) {
     if (onBadCertificate == null) return false;
     var result = onBadCertificate(certificate);
     if (result is bool) return result;
-    throw new ArgumentError(
+    throw new HandshakeException(
         "onBadCertificate callback returned non-boolean $result");
   }
 
   bool setOption(SocketOption option, bool enabled) {
     if (_socket == null) return false;
     return _socket.setOption(option, enabled);
   }
 
   void _eventDispatcher(RawSocketEvent event) {
     try {
@@ skipping 448 matching lines @@
       }
     }
   }
 }
 
 
 abstract class _SecureFilter {
   external factory _SecureFilter();
 
   void connect(String hostName,
-               Uint8List addr,
-               int port,
+               SecurityContext context,
                bool is_server,
-               String certificateName,
                bool requestClientCertificate,
                bool requireClientCertificate,
                bool sendClientCertificate,
                Uint8List protocols);
   void destroy();
   void handshake();
   String selectedProtocol();
   void rehandshake();
   void renegotiate(bool useSessionCache,
                    bool requestClientCertificate,
@@ skipping 52 matching lines @@
 /**
  * An exception that happens in the handshake phase of establishing
  * a secure network connection, when looking up or verifying a
  * certificate.
  */
 class CertificateException extends TlsException {
   const CertificateException([String message = "",
                             OSError osError = null])
      : super._("CertificateException", message, osError);
 }