Adds SecurityContext.usePrivateKeyBytes

runtime/bin/secure_socket.cc

 // Copyright (c) 2012, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 
 #include "bin/secure_socket.h"
 
 #include <errno.h>
 #include <fcntl.h>
 #include <sys/stat.h>
 #include <stdio.h>
@@ skipping 397 matching lines @@
                                            filename,
                                            SSL_FILETYPE_PEM);
   // TODO(24184): Handle different expected errors here - file missing,
   // incorrect password, file not a PEM, and throw exceptions.
   // CheckStatus should also throw an exception in uncaught cases.
   CheckStatus(status, "TlsException", "Failure in usePrivateKey");
   SSL_CTX_set_default_passwd_cb_userdata(context, NULL);
 }
 
 
+void FUNCTION_NAME(SecurityContext_UsePrivateKeyBytes)(
+    Dart_NativeArguments args) {
+  SSL_CTX* context = GetSecurityContext(args);
+
+  Dart_Handle key_object = ThrowIfError(Dart_GetNativeArgument(args, 1));
+  if (!Dart_IsTypedData(key_object) && !Dart_IsList(key_object)) {
+    Dart_ThrowException(DartUtils::NewDartArgumentError(
+        "keyBytes argument to SecurityContext.usePrivateKey "
+        "is not a List<int>"));
+  }
+
+  Dart_Handle password_object = ThrowIfError(Dart_GetNativeArgument(args, 2));
+  const char* password = NULL;
+  if (Dart_IsString(password_object)) {
+    ThrowIfError(Dart_StringToCString(password_object, &password));
+    if (strlen(password) > PEM_BUFSIZE - 1) {
+      Dart_ThrowException(DartUtils::NewDartArgumentError(
+        "SecurityContext.usePrivateKey password length is greater than"
+        " 1023 (PEM_BUFSIZE)"));
+    }
+  } else if (Dart_IsNull(password_object)) {
+    password = "";
+  } else {
+    Dart_ThrowException(DartUtils::NewDartArgumentError(
+        "SecurityContext.usePrivateKey password is not a String or null"));
+  }
+
+  uint8_t* key_bytes = NULL;
+  intptr_t key_bytes_len = 0;
+  bool is_typed_data = false;
+  if (Dart_IsTypedData(key_object)) {
+    is_typed_data = true;
+    Dart_TypedData_Type typ;
+    ThrowIfError(Dart_TypedDataAcquireData(
+        key_object,
+        &typ,
+        reinterpret_cast<void**>(&key_bytes),
+        &key_bytes_len));
+  } else {
+    ASSERT(Dart_IsList(key_object));
+    ThrowIfError(Dart_ListLength(key_object, &key_bytes_len));
+    key_bytes = new uint8_t[key_bytes_len];
+    ThrowIfError(Dart_ListGetAsBytes(key_object, 0, key_bytes, key_bytes_len));
+  }
+  ASSERT(key_bytes != NULL);
+
+  BIO* bio = BIO_new_mem_buf(key_bytes, key_bytes_len);
+  EVP_PKEY *key = PEM_read_bio_PrivateKey(
+      bio, NULL, PasswordCallback, const_cast<char*>(password));
+  int status = SSL_CTX_use_PrivateKey(context, key);
+  BIO_free(bio);
+  if (is_typed_data) {
+    ThrowIfError(Dart_TypedDataReleaseData(key_object));
+  } else {
+    delete key_bytes;
+  }
+
+  // TODO(24184): Handle different expected errors here - file missing,
+  // incorrect password, file not a PEM, and throw exceptions.
+  // CheckStatus should also throw an exception in uncaught cases.
+  CheckStatus(status, "TlsException", "Failure in usePrivateKey");
+}
+
+
 void FUNCTION_NAME(SecurityContext_SetTrustedCertificates)(
     Dart_NativeArguments args) {
   SSL_CTX* context = GetSecurityContext(args);
   Dart_Handle filename_object = ThrowIfError(Dart_GetNativeArgument(args, 1));
   const char* filename = NULL;
   if (Dart_IsString(filename_object)) {
     ThrowIfError(Dart_StringToCString(filename_object, &filename));
   }
   Dart_Handle directory_object = ThrowIfError(Dart_GetNativeArgument(args, 2));
   const char* directory = NULL;
@@ skipping 689 matching lines @@
     } else {
       if (SSL_LOG_DATA) Log::Print(
           "WriteEncrypted  BIO_read wrote %d bytes\n", bytes_processed);
     }
   }
   return bytes_processed;
 }
 
 }  // namespace bin
 }  // namespace dart