OLD | NEW |
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 part of dart.io; | 5 part of dart.io; |
6 | 6 |
7 /** | 7 /** |
8 * A high-level class for communicating securely over a TCP socket, using | 8 * A high-level class for communicating securely over a TCP socket, using |
9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an | 9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an |
10 * [IOSink] interface, making it ideal for using together with | 10 * [IOSink] interface, making it ideal for using together with |
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
142 * [peerCertificate] will return the server's certificate. | 142 * [peerCertificate] will return the server's certificate. |
143 */ | 143 */ |
144 X509Certificate get peerCertificate; | 144 X509Certificate get peerCertificate; |
145 | 145 |
146 /** | 146 /** |
147 * Initializes the NSS library. If [initialize] is not called, the library | 147 * Initializes the NSS library. If [initialize] is not called, the library |
148 * is automatically initialized as if [initialize] were called with no | 148 * is automatically initialized as if [initialize] were called with no |
149 * arguments. | 149 * arguments. |
150 * | 150 * |
151 * The optional argument [database] is the path to a certificate database | 151 * The optional argument [database] is the path to a certificate database |
152 * containing root certificates for verifying certificate paths on | 152 * directory containing root certificates for verifying certificate paths on |
153 * client connections, and server certificates to provide on server | 153 * client connections, and server certificates to provide on server |
154 * connections. The argument [password] should be used when creating | 154 * connections. The argument [password] should be used when creating |
155 * secure server sockets, to allow the private key of the server | 155 * secure server sockets, to allow the private key of the server |
156 * certificate to be fetched. If [useBuiltinRoots] is true (the default), | 156 * certificate to be fetched. If [useBuiltinRoots] is true (the default), |
157 * then a built-in set of root certificates for trusted certificate | 157 * then a built-in set of root certificates for trusted certificate |
158 * authorities is merged with the certificates in the database. | 158 * authorities is merged with the certificates in the database. |
| 159 * The list of built-in root certificates, and documentation about this |
| 160 * default database, is available at |
| 161 * http://www.mozilla.org/projects/security/certs/included/ . |
| 162 * |
| 163 * If the [database] argument is omitted, then only the |
| 164 * builtin root certificates are used. If [useBuiltinRoots] is also false, |
| 165 * then no certificates are available. |
159 * | 166 * |
160 * Examples: | 167 * Examples: |
161 * 1) Use only the builtin root certificates: | 168 * 1) Use only the builtin root certificates: |
162 * SecureSocket.initialize(); or | 169 * SecureSocket.initialize(); or |
163 * | 170 * |
164 * 2) Use a specified database and the builtin roots: | 171 * 2) Use a specified database directory and the builtin roots: |
165 * SecureSocket.initialize(database: 'path/to/my/database', | 172 * SecureSocket.initialize(database: 'path/to/my/database', |
166 * password: 'my_password'); | 173 * password: 'my_password'); |
167 * | 174 * |
168 * 3) Use a specified database, without builtin roots: | 175 * 3) Use a specified database directory, without builtin roots: |
169 * SecureSocket.initialize(database: 'path/to/my/database', | 176 * SecureSocket.initialize(database: 'path/to/my/database', |
170 * password: 'my_password'. | 177 * password: 'my_password'. |
171 * useBuiltinRoots: false); | 178 * useBuiltinRoots: false); |
172 * | 179 * |
173 * The database should be an NSS certificate database directory | 180 * The database should be an NSS certificate database directory |
174 * containing a cert9.db file, not a cert8.db file. This version of | 181 * containing a cert9.db file, not a cert8.db file. This version of |
175 * the database can be created using the NSS certutil tool with "sql:" in | 182 * the database can be created using the NSS certutil tool with "sql:" in |
176 * front of the absolute path of the database directory, or setting the | 183 * front of the absolute path of the database directory, or setting the |
177 * environment variable [[NSS_DEFAULT_DB_TYPE]] to "sql". | 184 * environment variable [[NSS_DEFAULT_DB_TYPE]] to "sql". |
178 */ | 185 */ |
(...skipping 787 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
966 void destroy(); | 973 void destroy(); |
967 void handshake(); | 974 void handshake(); |
968 void init(); | 975 void init(); |
969 X509Certificate get peerCertificate; | 976 X509Certificate get peerCertificate; |
970 int processBuffer(int bufferIndex); | 977 int processBuffer(int bufferIndex); |
971 void registerBadCertificateCallback(Function callback); | 978 void registerBadCertificateCallback(Function callback); |
972 void registerHandshakeCompleteCallback(Function handshakeCompleteHandler); | 979 void registerHandshakeCompleteCallback(Function handshakeCompleteHandler); |
973 | 980 |
974 List<_ExternalBuffer> get buffers; | 981 List<_ExternalBuffer> get buffers; |
975 } | 982 } |
OLD | NEW |