More SecurityContext calls accept a password.

sdk/lib/io/security_context.dart

Index: sdk/lib/io/security_context.dart
diff --git a/sdk/lib/io/security_context.dart b/sdk/lib/io/security_context.dart
index 7fc7287651f58f35f6786e711f488ced6e3a6b6c..fc9defd462aeffe5bd6bd406e2ef5899556e34ef 100644
--- a/sdk/lib/io/security_context.dart
+++ b/sdk/lib/io/security_context.dart
@@ -12,12 +12,8 @@ part of dart.io;
  * The [SecureSocket]  and [SecureServer] classes take a SecurityContext
  * as an argument to their connect and bind methods.
  *
- * Certificates and keys can be added to a SecurityContext from PEM files
- * on the disk.  A PEM file contains one or more base-64 encoded DER-serialized
- * ASN1 objects, surrounded with delimiter strings like
- * "-----BEGIN CERTIFICATE -----" and "-----END CERTIFICATE-----".
- * Distinguished encoding rules (DER) is a canonical binary serialization
- * of ASN1 objects into an octet string.
+ * Certificates and keys can be added to a SecurityContext from either PEM
+ * or PKCS12 containers.
  *
  * [usePrivateKey], [setTrustedCertificates], [useCertificateChain], and
  * [setClientAuthorities] are deprecated. They have been renamed
@@ -46,7 +42,7 @@ abstract class SecurityContext {
    *
    * A secure connection using this SecurityContext will use this key with
    * the server or client certificate to sign and decrypt messages.
-   * [keyFile] is a PEM or PKCS12 file containing an encrypted
+   * [keyFile] is the path to a PEM or PKCS12 file containing an encrypted
    * private key, encrypted with [password].  An unencrypted file can be
    * used, but this is not usual.
    */
@@ -71,18 +67,18 @@ abstract class SecurityContext {
    * client connections, when connecting to a secure server.
    *
    * [file] is the path to a PEM or PKCS12 file containing X509 certificates,
-   * usually root certificates from certificate authorities. When using a
-   * PKCS12 file, it should not contain a private key, and the password should
-   * be the empty string.
+   * usually root certificates from certificate authorities. For PKCS12 files,
+   * [password] is the password for the file. For PEM files, [password] is
+   * ignored.
    */
-  void setTrustedCertificatesSync(String file);
+  void setTrustedCertificatesSync(String file, {String password});
 
   /**
    * [setTrustedCertificates] is deprecated. Use [setTrustedCertificatesSync]
    * or [setTrustedCertificatesBytes].
    */
   @deprecated
-  void setTrustedCertificates(String file);
+  void setTrustedCertificates(String file, {String password});
 
   /**
    * Sets the set of trusted X509 certificates used by [SecureSocket]
@@ -90,7 +86,7 @@ abstract class SecurityContext {
    *
    * Like [setTrustedCertificatesSync] but takes the contents of the file.
    */
-  void setTrustedCertificatesBytes(List<int> certBytes);
+  void setTrustedCertificatesBytes(List<int> certBytes,{String password});
 
   /**
    * Sets the chain of X509 certificates served by [SecureServer]
@@ -99,18 +95,18 @@ abstract class SecurityContext {
    * [file] is a PEM or PKCS12 file containing X509 certificates, starting with
    * the root authority and intermediate authorities forming the signed
    * chain to the server certificate, and ending with the server certificate.
-   * The private key for the server certificate is set by [usePrivateKey]. When
-   * using a PKCS12 file, it should not contain a private key, and the password
-   * should be the empty string.
+   * The private key for the server certificate is set by [usePrivateKey]. For
+   * PKCS12 files, [password] is the password for the file. For PEM files,
+   * [password] is ignored.
    */
-  void useCertificateChainSync(String file);
+  void useCertificateChainSync(String file, {String password});
 
   /**
    * [useCertificateChain] is deprecated. Use [useCertificateChainSync]
    * or [useCertificateChainBytes].
    */
   @deprecated
-  void useCertificateChain({String file, String directory});
+  void useCertificateChain({String file, String directory, String password});
 
   /**
    * Sets the chain of X509 certificates served by [SecureServer]
@@ -118,7 +114,7 @@ abstract class SecurityContext {
    *
    * Like [useCertificateChainSync] but takes the contents of the file.
    */
-  void useCertificateChainBytes(List<int> chainBytes);
+  void useCertificateChainBytes(List<int> chainBytes, {String password});
 
   /**
    * Sets the list of authority names that a [SecureServer] will advertise
@@ -127,17 +123,17 @@ abstract class SecurityContext {
    *
    * [file] is a PEM or PKCS12 file containing the accepted signing
    * authority certificates - the authority names are extracted from the
-   * certificates. When using a PKCS12 file, it should not contain a private
-   * key, and the password should be the empty string.
+   * certificates. For PKCS12 files, [password] is the password for the file.
+   * For PEM files, [password] is ignored.
    */
-  void setClientAuthoritiesSync(String file);
+  void setClientAuthoritiesSync(String file, {String password});
 
   /**
    * [setClientAuthorities] is deprecated. Use [setClientAuthoritiesSync]
    * or [setClientAuthoritiesBytes].
    */
   @deprecated
-  void setClientAuthorities(String file);
+  void setClientAuthorities(String file, {String password});
 
   /**
    * Sets the list of authority names that a [SecureServer] will advertise
@@ -146,7 +142,7 @@ abstract class SecurityContext {
    *
    * Like [setClientAuthoritySync] but takes the contents of the file.
    */
-  void setClientAuthoritiesBytes(List<int> authCertBytes);
+  void setClientAuthoritiesBytes(List<int> authCertBytes, {String password});
 
   /**
    * Sets the list of application-level protocols supported by a client