Breaking Change: merge BoringSSL branch into master

runtime/bin/secure_socket_patch.dart

Index: runtime/bin/secure_socket_patch.dart
diff --git a/runtime/bin/secure_socket_patch.dart b/runtime/bin/secure_socket_patch.dart
index 4e22a1440f6e048753b5c3512150cc06c07acfb8..c8b072599bf2ac94f545ed952b9ccbe032ba0e8f 100644
--- a/runtime/bin/secure_socket_patch.dart
+++ b/runtime/bin/secure_socket_patch.dart
@@ -5,11 +5,6 @@
 patch class SecureSocket {
   /* patch */ factory SecureSocket._(RawSecureSocket rawSocket) =>
       new _SecureSocket(rawSocket);
-
-  /* patch */ static void initialize({String database,
-                                      String password,
-                                      bool useBuiltinRoots: true})
-  native "SecureSocket_InitializeLibrary";
 }
 
 
@@ -17,6 +12,9 @@ patch class _SecureFilter {
   /* patch */ factory _SecureFilter() => new _SecureFilterImpl();
 }
 
+patch class X509Certificate {
+  /* patch */ factory X509Certificate._() => new _X509CertificateImpl();
+}
 
 class _SecureSocket extends _Socket implements SecureSocket {
   _SecureSocket(RawSecureSocket raw) : super(raw);
@@ -79,10 +77,8 @@ class _SecureFilterImpl
   }
 
   void connect(String hostName,
-               Uint8List sockaddrStorage,
-               int port,
+               SecurityContext context,
                bool is_server,
-               String certificateName,
                bool requestClientCertificate,
                bool requireClientCertificate,
                bool sendClientCertificate,
@@ -119,3 +115,68 @@ class _SecureFilterImpl
 
   List<_ExternalBuffer> buffers;
 }
+
+patch class SecurityContext {
+  /* patch */ factory SecurityContext() {
+    return new _SecurityContext();
+  }
+
+  /* patch */ static SecurityContext get defaultContext {
+    return _SecurityContext.defaultContext;
+  }
+}
+
+class _SecurityContext
+    extends NativeFieldWrapperClass1
+    implements SecurityContext {
+  _SecurityContext() {
+    _createNativeContext();
+  }
+
+  void _createNativeContext() native "SecurityContext_Allocate";
+
+  static final SecurityContext defaultContext =
+      new _SecurityContext().._trustBuiltinRoots();
+
+  void usePrivateKey(String keyFile, {String password})
+      native "SecurityContext_UsePrivateKey";
+  void setTrustedCertificates({String file, String directory})
+      native "SecurityContext_SetTrustedCertificates";
+  void useCertificateChain(String file)
+      native "SecurityContext_UseCertificateChain";
+  void setClientAuthorities(String file)
+      native "SecurityContext_SetClientAuthorities";
+  void setAlpnProtocols(List<String> protocols, bool isServer) {
+    Uint8List encodedProtocols =
+        SecurityContext._protocolsToLengthEncoding(protocols);
+    _setAlpnProtocols(encodedProtocols, isServer);
+  }
+  void _setAlpnProtocols(Uint8List protocols, bool isServer)
+      native "SecurityContext_SetAlpnProtocols";
+  void _trustBuiltinRoots()
+      native "SecurityContext_TrustBuiltinRoots";
+}
+
+/**
+ * _X509CertificateImpl wraps an X509 certificate object held by the BoringSSL
+ * library. It exposes the fields of the certificate object.
+ */
+class _X509CertificateImpl extends NativeFieldWrapperClass1
+    implements X509Certificate {
+  // The native field must be set manually on a new object, in native code.
+  // This is done by WrappedX509 in secure_socket.cc.
+  _X509CertificateImpl();
+
+  String get subject native "X509_Subject";
+  String get issuer native "X509_Issuer";
+  DateTime get startValidity {
+    return new DateTime.fromMillisecondsSinceEpoch(_startValidity(),
+                                                   isUtc: true);
+  }
+  DateTime get endValidity {
+    return new DateTime.fromMillisecondsSinceEpoch(_endValidity(),
+                                                   isUtc: true);
+  }
+  int _startValidity() native "X509_StartValidity";
+  int _endValidity() native "X509_EndValidity";
+}