dart:io | Enable multithreaded secure networking encryption.

runtime/bin/secure_socket_patch.dart

 // Copyright (c) 2012, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 
 patch class SecureSocket {
   /* patch */ factory SecureSocket._(RawSecureSocket rawSocket) =>
       new _SecureSocket(rawSocket);
 
   /* patch */ static void initialize({String database,
                                       String password,
                                       bool useBuiltinRoots: true})
   native "SecureSocket_InitializeLibrary";
 }
 
 
 patch class _SecureFilter {
   /* patch */ factory _SecureFilter() => new _SecureFilterImpl();
+
+  /* patch */ static SendPort _newServicePort()
+      native "SecureSocket_NewServicePort";
 }
 
 
 class _SecureSocket extends _Socket implements SecureSocket {
   _SecureSocket(RawSecureSocket raw) : super(raw);
 
   void set onBadCertificate(bool callback(X509Certificate certificate)) {
     if (_raw == null) {
       throw new StateError("onBadCertificate called on destroyed SecureSocket");
     }
@@ skipping 14 matching lines @@
  * over an encrypted socket.  The filter also handles the handshaking
  * and certificate verification.
  *
  * The filter exposes its input and output buffers as Dart objects that
  * are backed by an external C array of bytes, so that both Dart code and
  * native code can access the same data.
  */
 class _SecureFilterImpl
     extends NativeFieldWrapperClass1
     implements _SecureFilter {
+  // Performance is improved if a full buffer of plaintext fits
+  // in the encrypted buffer, when encrypted.
+  static final int SIZE = 8 * 1024;
+  static final int ENCRYPTED_SIZE = 10 * 1024;
+
   _SecureFilterImpl() {
     buffers = new List<_ExternalBuffer>(_RawSecureSocket.NUM_BUFFERS);
     for (int i = 0; i < _RawSecureSocket.NUM_BUFFERS; ++i) {
-      buffers[i] = new _ExternalBuffer();
+      buffers[i] = new _ExternalBuffer(_RawSecureSocket.isEncrypted(i) ?
+                                       ENCRYPTED_SIZE :
+                                       SIZE);
     }
   }
 
   void connect(String hostName,
                int port,
                bool is_server,
                String certificateName,
                bool requestClientCertificate,
                bool requireClientCertificate,
                bool sendClientCertificate) native "SecureSocket_Connect";
 
   void destroy() {
     buffers = null;
     _destroy();
   }
 
   void _destroy() native "SecureSocket_Destroy";
 
   void handshake() native "SecureSocket_Handshake";
 
   void init() native "SecureSocket_Init";
 
   X509Certificate get peerCertificate native "SecureSocket_PeerCertificate";
 
-  int processBuffer(int bufferIndex) native "SecureSocket_ProcessBuffer";
-
   void registerBadCertificateCallback(Function callback)
       native "SecureSocket_RegisterBadCertificateCallback";
 
   void registerHandshakeCompleteCallback(Function handshakeCompleteHandler)
       native "SecureSocket_RegisterHandshakeCompleteCallback";
 
+  int _pointer() native "SecureSocket_FilterPointer";

[Anders Johnsen, 2013/06/14 06:54:41]

Add comment that this is a security issue, as mirrors can call this and get the
pointer.

[Bill Hesse, 2013/06/14 08:55:02]

Done.

+
   List<_ExternalBuffer> buffers;
 }