| OLD | NEW |
|---|
| 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file |
| 2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
| 3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
| 4 | 4 |
| 5 part of dart.io; | 5 part of dart.io; |
| 6 | 6 |
| 7 /** | 7 /** |
| 8 * A high-level class for communicating securely over a TCP socket, using | 8 * A high-level class for communicating securely over a TCP socket, using |
| 9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an | 9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an |
| 10 * [IOSink] interface, making it ideal for using together with | 10 * [IOSink] interface, making it ideal for using together with |
| 11 * other [Stream]s. | 11 * other [Stream]s. |
| 12 */ | 12 */ |
| 13 abstract class SecureSocket implements Socket { | 13 abstract class SecureSocket implements Socket { |
| 14 external factory SecureSocket._(RawSecureSocket rawSocket); | 14 external factory SecureSocket._(RawSecureSocket rawSocket); |
| 15 | 15 |
| 16 /** | 16 /** |
| 17 * Constructs a new secure client socket and connect it to the given | 17 * Constructs a new secure client socket and connects it to the given |
| 18 * [host] on port [port]. The returned Future will complete with a | 18 * [host] on port [port]. The returned Future will complete with a |
| 19 * [SecureSocket] that is connected and ready for subscription. | 19 * [SecureSocket] that is connected and ready for subscription. |
| 20 * | 20 * |
| 21 * The certificate provided by the server is checked | 21 * The certificate provided by the server is checked |
| 22 * using the trusted certificates set in the SecurityContext object. | 22 * using the trusted certificates set in the SecurityContext object. |
| 23 * The default SecurityContext object contains a built-in set of trusted | 23 * The default SecurityContext object contains a built-in set of trusted |
| 24 * root certificates for well-known certificate authorities. | 24 * root certificates for well-known certificate authorities. |
| 25 * | 25 * |
| 26 * [onBadCertificate] is an optional handler for unverifiable certificates. | 26 * [onBadCertificate] is an optional handler for unverifiable certificates. |
| 27 * The handler receives the [X509Certificate], and can inspect it and | 27 * The handler receives the [X509Certificate], and can inspect it and |
| (...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 160 void renegotiate({bool useSessionCache: true, | 160 void renegotiate({bool useSessionCache: true, |
| 161 bool requestClientCertificate: false, | 161 bool requestClientCertificate: false, |
| 162 bool requireClientCertificate: false}); | 162 bool requireClientCertificate: false}); |
| 163 } | 163 } |
| 164 | 164 |
| 165 | 165 |
| 166 /** | 166 /** |
| 167 * RawSecureSocket provides a secure (SSL or TLS) network connection. | 167 * RawSecureSocket provides a secure (SSL or TLS) network connection. |
| 168 * Client connections to a server are provided by calling | 168 * Client connections to a server are provided by calling |
| 169 * RawSecureSocket.connect. A secure server, created with | 169 * RawSecureSocket.connect. A secure server, created with |
| 170 * RawSecureServerSocket, also returns RawSecureSocket objects representing | 170 * [RawSecureServerSocket], also returns RawSecureSocket objects representing |
| 171 * the server end of a secure connection. | 171 * the server end of a secure connection. |
| 172 * The certificate provided by the server is checked | 172 * The certificate provided by the server is checked |
| 173 * using the trusted certificates set in the SecurityContext object. | 173 * using the trusted certificates set in the SecurityContext object. |
| 174 * The default SecurityContext object contains a built-in set of trusted | 174 * The default [SecurityContext] object contains a built-in set of trusted |
| 175 * root certificates for well-known certificate authorities. | 175 * root certificates for well-known certificate authorities. |
| 176 */ | 176 */ |
| 177 abstract class RawSecureSocket implements RawSocket { | 177 abstract class RawSecureSocket implements RawSocket { |
| 178 /** | 178 /** |
| 179 * Constructs a new secure client socket and connect it to the given | 179 * Constructs a new secure client socket and connect it to the given |
| 180 * host on the given port. The returned Future is completed with the | 180 * host on the given port. The returned [Future] is completed with the |
| 181 * RawSecureSocket when it is connected and ready for subscription. | 181 * RawSecureSocket when it is connected and ready for subscription. |
| 182 * | 182 * |
| 183 * The certificate provided by the server is checked | 183 * The certificate provided by the server is checked using the trusted |
| 184 * using the trusted certificates set in the SecurityContext object | 184 * certificates set in the SecurityContext object If a certificate and key are |
| 185 * If a certificate and key are set on the client, using useCertificateChain | 185 * set on the client, using [SecurityContext.useCertificateChain] and |
| 186 * and usePrivateKey, and the server asks for a client certificate, | 186 * [SecurityContext.usePrivateKey], and the server asks for a client |
| 187 * then that client certificate is sent to the server. | 187 * certificate, then that client certificate is sent to the server. |
| 188 * | 188 * |
| 189 * [onBadCertificate] is an optional handler for unverifiable certificates. | 189 * [onBadCertificate] is an optional handler for unverifiable certificates. |
| 190 * The handler receives the [X509Certificate], and can inspect it and | 190 * The handler receives the [X509Certificate], and can inspect it and |
| 191 * decide (or let the user decide) whether to accept | 191 * decide (or let the user decide) whether to accept |
| 192 * the connection or not. The handler should return true | 192 * the connection or not. The handler should return true |
| 193 * to continue the [RawSecureSocket] connection. | 193 * to continue the [RawSecureSocket] connection. |
| 194 */ | 194 */ |
| 195 static Future<RawSecureSocket> connect( | 195 static Future<RawSecureSocket> connect( |
| 196 host, | 196 host, |
| 197 int port, | 197 int port, |
| (...skipping 1028 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1226 /** | 1226 /** |
| 1227 * An exception that happens in the handshake phase of establishing | 1227 * An exception that happens in the handshake phase of establishing |
| 1228 * a secure network connection, when looking up or verifying a | 1228 * a secure network connection, when looking up or verifying a |
| 1229 * certificate. | 1229 * certificate. |
| 1230 */ | 1230 */ |
| 1231 class CertificateException extends TlsException { | 1231 class CertificateException extends TlsException { |
| 1232 const CertificateException([String message = "", | 1232 const CertificateException([String message = "", |
| 1233 OSError osError = null]) | 1233 OSError osError = null]) |
| 1234 : super._("CertificateException", message, osError); | 1234 : super._("CertificateException", message, osError); |
| 1235 } | 1235 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1425533010:
Update documentation for secure networking classes. Remove certificateName parameter. (Closed)
Base URL: git@github.com:dart-lang/sdk.git@master