OLD | NEW |
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 import "dart:async"; | 5 import "dart:async"; |
6 import "dart:io"; | 6 import "dart:io"; |
7 | 7 |
8 import "package:async_helper/async_helper.dart"; | 8 import "package:async_helper/async_helper.dart"; |
9 import "package:expect/expect.dart"; | 9 import "package:expect/expect.dart"; |
10 | 10 |
11 InternetAddress HOST; | 11 InternetAddress HOST; |
12 const CERTIFICATE = "localhost_cert"; | 12 |
| 13 String localFile(path) => Platform.script.resolve(path).toFilePath(); |
| 14 |
| 15 SecurityContext serverContext = new SecurityContext() |
| 16 ..useCertificateChain(localFile('certificates/server_chain.pem')) |
| 17 ..usePrivateKey(localFile('certificates/server_key.pem'), |
| 18 password: 'dartdart'); |
| 19 |
| 20 SecurityContext clientContext = new SecurityContext() |
| 21 ..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem')); |
13 | 22 |
14 Future testClientCertificate() { | 23 Future testClientCertificate() { |
15 var completer = new Completer(); | 24 var completer = new Completer(); |
16 SecureServerSocket.bind(HOST, | 25 SecureServerSocket.bind(HOST, |
17 0, | 26 0, |
18 CERTIFICATE, | 27 serverContext, |
19 requestClientCertificate: true).then((server) { | 28 requestClientCertificate: true).then((server) { |
20 var clientEndFuture = SecureSocket.connect(HOST, | 29 var clientEndFuture = SecureSocket.connect(HOST, |
21 server.port, | 30 server.port, |
| 31 context: clientContext, |
22 sendClientCertificate: true); | 32 sendClientCertificate: true); |
23 server.listen((serverEnd) { | 33 server.listen((serverEnd) { |
24 X509Certificate certificate = serverEnd.peerCertificate; | 34 X509Certificate certificate = serverEnd.peerCertificate; |
25 Expect.isNotNull(certificate); | 35 Expect.isNotNull(certificate); |
26 Expect.equals("CN=localhost", certificate.subject); | 36 Expect.equals("CN=localhost", certificate.subject); |
27 Expect.equals("CN=myauthority", certificate.issuer); | 37 Expect.equals("CN=myauthority", certificate.issuer); |
28 clientEndFuture.then((clientEnd) { | 38 clientEndFuture.then((clientEnd) { |
29 X509Certificate certificate = clientEnd.peerCertificate; | 39 X509Certificate certificate = clientEnd.peerCertificate; |
30 Expect.isNotNull(certificate); | 40 Expect.isNotNull(certificate); |
31 Expect.equals("CN=localhost", certificate.subject); | 41 Expect.equals("CN=localhost", certificate.subject); |
32 Expect.equals("CN=myauthority", certificate.issuer); | 42 Expect.equals("CN=myauthority", certificate.issuer); |
33 clientEnd.close(); | 43 clientEnd.close(); |
34 serverEnd.close(); | 44 serverEnd.close(); |
35 server.close(); | 45 server.close(); |
36 completer.complete(); | 46 completer.complete(); |
37 }); | 47 }); |
38 }); | 48 }); |
39 }); | 49 }); |
40 return completer.future; | 50 return completer.future; |
41 } | 51 } |
42 | 52 |
43 Future testRequiredClientCertificate() { | 53 Future testRequiredClientCertificate() { |
44 var completer = new Completer(); | 54 var completer = new Completer(); |
45 SecureServerSocket.bind(HOST, | 55 SecureServerSocket.bind(HOST, |
46 0, | 56 0, |
47 CERTIFICATE, | 57 serverContext, |
48 requireClientCertificate: true).then((server) { | 58 requireClientCertificate: true).then((server) { |
49 var clientEndFuture = SecureSocket.connect(HOST, | 59 var clientEndFuture = SecureSocket.connect(HOST, |
50 server.port, | 60 server.port, |
| 61 context: clientContext, |
51 sendClientCertificate: true); | 62 sendClientCertificate: true); |
52 server.listen((serverEnd) { | 63 server.listen((serverEnd) { |
53 X509Certificate certificate = serverEnd.peerCertificate; | 64 X509Certificate certificate = serverEnd.peerCertificate; |
54 Expect.isNotNull(certificate); | 65 Expect.isNotNull(certificate); |
55 Expect.equals("CN=localhost", certificate.subject); | 66 Expect.equals("CN=localhost", certificate.subject); |
56 Expect.equals("CN=myauthority", certificate.issuer); | 67 Expect.equals("CN=myauthority", certificate.issuer); |
57 clientEndFuture.then((clientEnd) { | 68 clientEndFuture.then((clientEnd) { |
58 X509Certificate certificate = clientEnd.peerCertificate; | 69 X509Certificate certificate = clientEnd.peerCertificate; |
59 Expect.isNotNull(certificate); | 70 Expect.isNotNull(certificate); |
60 Expect.equals("CN=localhost", certificate.subject); | 71 Expect.equals("CN=localhost", certificate.subject); |
61 Expect.equals("CN=myauthority", certificate.issuer); | 72 Expect.equals("CN=myauthority", certificate.issuer); |
62 clientEnd.close(); | 73 clientEnd.close(); |
63 serverEnd.close(); | 74 serverEnd.close(); |
64 server.close(); | 75 server.close(); |
65 completer.complete(); | 76 completer.complete(); |
66 }); | 77 }); |
67 }); | 78 }); |
68 }); | 79 }); |
69 return completer.future; | 80 return completer.future; |
70 } | 81 } |
71 | 82 |
72 void main() { | 83 void main() { |
73 String certificateDatabase = Platform.script.resolve('pkcert').toFilePath(); | |
74 SecureSocket.initialize(database: certificateDatabase, | |
75 password: 'dartdart', | |
76 useBuiltinRoots: false); | |
77 | |
78 asyncStart(); | 84 asyncStart(); |
79 InternetAddress.lookup("localhost").then((hosts) => HOST = hosts.first) | 85 InternetAddress.lookup("localhost").then((hosts) => HOST = hosts.first) |
80 .then((_) => testClientCertificate()) | 86 .then((_) => testClientCertificate()) |
81 .then((_) => testRequiredClientCertificate()) | 87 .then((_) => testRequiredClientCertificate()) |
82 .then((_) => asyncEnd()); | 88 .then((_) => asyncEnd()); |
83 } | 89 } |
OLD | NEW |