OLD | NEW |
---|---|
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 part of dart.io; | 5 part of dart.io; |
6 | 6 |
7 /** | 7 /** |
8 * A high-level class for communicating securely over a TCP socket, using | 8 * A high-level class for communicating securely over a TCP socket, using |
9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an | 9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an |
10 * [IOSink] interface, making it ideal for using together with | 10 * [IOSink] interface, making it ideal for using together with |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
42 bool onBadCertificate(X509Certificate certificate)}) { | 42 bool onBadCertificate(X509Certificate certificate)}) { |
43 return RawSecureSocket.connect(host, | 43 return RawSecureSocket.connect(host, |
44 port, | 44 port, |
45 sendClientCertificate: sendClientCertificate, | 45 sendClientCertificate: sendClientCertificate, |
46 certificateName: certificateName, | 46 certificateName: certificateName, |
47 onBadCertificate: onBadCertificate) | 47 onBadCertificate: onBadCertificate) |
48 .then((rawSocket) => new SecureSocket._(rawSocket)); | 48 .then((rawSocket) => new SecureSocket._(rawSocket)); |
49 } | 49 } |
50 | 50 |
51 /** | 51 /** |
52 * Takes an already connected [socket] and starts client side TLS | |
53 * handshake to make the communication secure. When the returned | |
54 * future completes the [SecureSocket] has completed the TLS | |
55 * handshake. Using this function requires that the other end of the | |
56 * connection is prepared for TLS handshake. | |
57 * | |
58 * If the [socket] already has a subscription, this subscription | |
59 * will no longer receive and events. In most cases calling | |
60 * [:pause:] on this subscription before starting TLS handshake is | |
61 * the right thing to do. | |
62 * | |
63 * See [connect] for more information on the arguments. | |
64 * | |
65 */ | |
66 static Future<SecureSocket> secure( | |
67 Socket socket, | |
68 {bool sendClientCertificate: false, | |
69 String certificateName, | |
70 bool onBadCertificate(X509Certificate certificate)}) { | |
71 var completer = new Completer(); | |
72 socket._detachRaw() | |
73 .then((detachedRaw) { | |
74 return RawSecureSocket.secure( | |
75 detachedRaw[0], | |
76 subscription: detachedRaw[1], | |
77 sendClientCertificate: sendClientCertificate, | |
78 onBadCertificate: onBadCertificate); | |
79 }) | |
80 .then((raw) { | |
81 completer.complete(new SecureSocket._(raw)); | |
82 }); | |
83 return completer.future; | |
84 } | |
85 | |
86 /** | |
87 * Takes an already connected [socket] and starts server side TLS | |
88 * handshake to make the communication secure. When the returned | |
89 * future completes the [SecureSocket] has completed the TLS | |
90 * handshake. Using this function requires that the other end of the | |
91 * connection is going to start the TLS handshake. | |
92 * | |
93 * If the [socket] already has a subscription, this subscription | |
94 * will no longer receive and events. In most cases calling | |
95 * [:pause:] on this subscription before starting TLS handshake is | |
96 * the right thing to do. | |
97 * | |
98 * If some of the data of the TLS handshake has already been read | |
99 * from the socket this data can be passed in the [carryOverData] | |
100 * parameter. This data will be processed before any other data | |
101 * available on the socket. | |
102 * | |
103 * See [SecureServerSocket.bind] for more information on the | |
104 * arguments. | |
105 * | |
106 */ | |
107 static Future<SecureSocket> secureServer( | |
Anders Johnsen
2013/04/22 14:08:17
secureServer can be a bit ambivalent. What about m
Søren Gjesse
2013/04/23 06:51:21
The problem with this is that for the server end t
| |
108 Socket socket, | |
109 String certificateName, | |
110 {List<int> carryOverData, | |
111 bool requestClientCertificate: false, | |
112 bool requireClientCertificate: false}) { | |
113 var completer = new Completer(); | |
114 socket._detachRaw() | |
115 .then((detachedRaw) { | |
116 return RawSecureSocket.secureServer( | |
117 detachedRaw[0], | |
118 certificateName, | |
119 subscription: detachedRaw[1], | |
120 carryOverData: carryOverData, | |
121 requestClientCertificate: requestClientCertificate, | |
122 requireClientCertificate: requireClientCertificate); | |
123 }) | |
124 .then((raw) { | |
125 completer.complete(new SecureSocket._(raw)); | |
126 }); | |
127 return completer.future; | |
128 } | |
129 | |
130 /** | |
52 * Get the peer certificate for a connected SecureSocket. If this | 131 * Get the peer certificate for a connected SecureSocket. If this |
53 * SecureSocket is the server end of a secure socket connection, | 132 * SecureSocket is the server end of a secure socket connection, |
54 * [peerCertificate] will return the client certificate, or null, if no | 133 * [peerCertificate] will return the client certificate, or null, if no |
55 * client certificate was received. If it is the client end, | 134 * client certificate was received. If it is the client end, |
56 * [peerCertificate] will return the server's certificate. | 135 * [peerCertificate] will return the server's certificate. |
57 */ | 136 */ |
58 X509Certificate get peerCertificate; | 137 X509Certificate get peerCertificate; |
59 | 138 |
60 /** | 139 /** |
61 * Initializes the NSS library. If [initialize] is not called, the library | 140 * Initializes the NSS library. If [initialize] is not called, the library |
(...skipping 804 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
866 void destroy(); | 945 void destroy(); |
867 void handshake(); | 946 void handshake(); |
868 void init(); | 947 void init(); |
869 X509Certificate get peerCertificate; | 948 X509Certificate get peerCertificate; |
870 int processBuffer(int bufferIndex); | 949 int processBuffer(int bufferIndex); |
871 void registerBadCertificateCallback(Function callback); | 950 void registerBadCertificateCallback(Function callback); |
872 void registerHandshakeCompleteCallback(Function handshakeCompleteHandler); | 951 void registerHandshakeCompleteCallback(Function handshakeCompleteHandler); |
873 | 952 |
874 List<_ExternalBuffer> get buffers; | 953 List<_ExternalBuffer> get buffers; |
875 } | 954 } |
OLD | NEW |