OLD | NEW |
---|---|
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 part of dart.io; | 5 part of dart.io; |
6 | 6 |
7 /** | 7 /** |
8 * A high-level class for communicating securely over a TCP socket, using | 8 * A high-level class for communicating securely over a TCP socket, using |
9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an | 9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an |
10 * [IOSink] interface, making it ideal for using together with | 10 * [IOSink] interface, making it ideal for using together with |
(...skipping 187 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
198 * | 198 * |
199 * The database should be an NSS certificate database directory | 199 * The database should be an NSS certificate database directory |
200 * containing a cert9.db file, not a cert8.db file. This version of | 200 * containing a cert9.db file, not a cert8.db file. This version of |
201 * the database can be created using the NSS certutil tool with "sql:" in | 201 * the database can be created using the NSS certutil tool with "sql:" in |
202 * front of the absolute path of the database directory, or setting the | 202 * front of the absolute path of the database directory, or setting the |
203 * environment variable [[NSS_DEFAULT_DB_TYPE]] to "sql". | 203 * environment variable [[NSS_DEFAULT_DB_TYPE]] to "sql". |
204 */ | 204 */ |
205 external static void initialize({String database, | 205 external static void initialize({String database, |
206 String password, | 206 String password, |
207 bool useBuiltinRoots: true}); | 207 bool useBuiltinRoots: true}); |
208 | |
209 | |
210 /** | |
211 * Adds a X509 certificate (for SSL and TLS secure networking) to the | |
212 * in-memory certificate database. Returns an X509Certificate object | |
213 * with information about the added certificate. | |
214 * | |
215 * [certificate] must be a list of bytes encoding a certificate in | |
216 * PEM format: a base64 encoded DER certificate, enclosed between | |
217 * "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----". | |
218 * | |
219 * [trust] is a string specifying the allowed uses of this certificate. | |
220 * For example, 'TC,,' specifies that the certificate is for a certificate | |
Søren Gjesse
2013/07/29 14:12:19
Could we add some string constants (with dartdoc)
Bill Hesse
2013/07/30 10:00:10
Done.
| |
221 * authority that is trusted to issue server and client certificates, so | |
222 * that a server or client certificate signed by this authority will be | |
223 * accepted. | |
224 * See the documentation of NSS certutil for more about trust attributes. | |
Søren Gjesse
2013/07/29 14:12:19
Can we add a URL here?
Bill Hesse
2013/07/30 10:00:10
Done.
| |
225 */ | |
226 external static X509Certificate addCertificate(List<int> certificate, | |
227 String trust); | |
208 } | 228 } |
209 | 229 |
210 | 230 |
211 /** | 231 /** |
212 * RawSecureSocket provides a secure (SSL or TLS) network connection. | 232 * RawSecureSocket provides a secure (SSL or TLS) network connection. |
213 * Client connections to a server are provided by calling | 233 * Client connections to a server are provided by calling |
214 * RawSecureSocket.connect. A secure server, created with | 234 * RawSecureSocket.connect. A secure server, created with |
215 * RawSecureServerSocket, also returns RawSecureSocket objects representing | 235 * RawSecureServerSocket, also returns RawSecureSocket objects representing |
216 * the server end of a secure connection. | 236 * the server end of a secure connection. |
217 * The certificate provided by the server is checked | 237 * The certificate provided by the server is checked |
(...skipping 187 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
405 | 425 |
406 // Buffer identifiers. | 426 // Buffer identifiers. |
407 // These must agree with those in the native C++ implementation. | 427 // These must agree with those in the native C++ implementation. |
408 static final int READ_PLAINTEXT = 0; | 428 static final int READ_PLAINTEXT = 0; |
409 static final int WRITE_PLAINTEXT = 1; | 429 static final int WRITE_PLAINTEXT = 1; |
410 static final int READ_ENCRYPTED = 2; | 430 static final int READ_ENCRYPTED = 2; |
411 static final int WRITE_ENCRYPTED = 3; | 431 static final int WRITE_ENCRYPTED = 3; |
412 static final int NUM_BUFFERS = 4; | 432 static final int NUM_BUFFERS = 4; |
413 | 433 |
414 // Is a buffer identifier for an encrypted buffer? | 434 // Is a buffer identifier for an encrypted buffer? |
415 static bool _isBufferEncrypted(int identifier) => identifier >= READ_ENCRYPTED ; | 435 static bool _isBufferEncrypted(int identifier) => |
436 identifier >= READ_ENCRYPTED; | |
416 | 437 |
417 RawSocket _socket; | 438 RawSocket _socket; |
418 final Completer<_RawSecureSocket> _handshakeComplete = | 439 final Completer<_RawSecureSocket> _handshakeComplete = |
419 new Completer<_RawSecureSocket>(); | 440 new Completer<_RawSecureSocket>(); |
420 StreamController<RawSocketEvent> _controller; | 441 StreamController<RawSocketEvent> _controller; |
421 Stream<RawSocketEvent> _stream; | 442 Stream<RawSocketEvent> _stream; |
422 StreamSubscription<RawSocketEvent> _socketSubscription; | 443 StreamSubscription<RawSocketEvent> _socketSubscription; |
423 List<int> _bufferedData; | 444 List<int> _bufferedData; |
424 int _bufferedDataIndex = 0; | 445 int _bufferedDataIndex = 0; |
425 final InternetAddress address; | 446 final InternetAddress address; |
(...skipping 842 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1268 /** | 1289 /** |
1269 * An exception that happens in the handshake phase of establishing | 1290 * An exception that happens in the handshake phase of establishing |
1270 * a secure network connection, when looking up or verifying a | 1291 * a secure network connection, when looking up or verifying a |
1271 * certificate. | 1292 * certificate. |
1272 */ | 1293 */ |
1273 class CertificateException extends TlsException { | 1294 class CertificateException extends TlsException { |
1274 const CertificateException([String message = "", | 1295 const CertificateException([String message = "", |
1275 OSError osError = null]) | 1296 OSError osError = null]) |
1276 : super._("CertificateException", message, osError); | 1297 : super._("CertificateException", message, osError); |
1277 } | 1298 } |
OLD | NEW |