Add SecureSocket.addCertificate.

sdk/lib/io/secure_socket.dart

 // Copyright (c) 2013, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 
 part of dart.io;
 
 /**
  * A high-level class for communicating securely over a TCP socket, using
  * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an
  * [IOSink] interface, making it ideal for using together with
@@ skipping 187 matching lines @@
    *
    * The database should be an NSS certificate database directory
    * containing a cert9.db file, not a cert8.db file.  This version of
    * the database can be created using the NSS certutil tool with "sql:" in
    * front of the absolute path of the database directory, or setting the
    * environment variable [[NSS_DEFAULT_DB_TYPE]] to "sql".
    */
   external static void initialize({String database,
                                    String password,
                                    bool useBuiltinRoots: true});
+
+
+  /**
+   * Adds a X509 certificate (for SSL and TLS secure networking) to the
+   * in-memory certificate database.  Returns an X509Certificate object
+   * with information about the added certificate.
+   *
+   * [certificate] must be a list of bytes encoding a certificate in
+   *  PEM format: a base64 encoded DER certificate, enclosed between
+   * "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----".
+   *
+   * [trust] is a string specifying the allowed uses of this certificate.
+   * For example, 'TC,,' specifies that the certificate is for a certificate

[Søren Gjesse, 2013/07/29 14:12:19]

Could we add some string constants (with dartdoc) for the most commonly used
trust values?

[Bill Hesse, 2013/07/30 10:00:10]

Done.

+   * authority that is trusted to issue server and client certificates, so
+   * that a server or client certificate signed by this authority will be
+   * accepted.
+   * See the documentation of NSS certutil for more about trust attributes.

[Søren Gjesse, 2013/07/29 14:12:19]

Can we add a URL here?

[Bill Hesse, 2013/07/30 10:00:10]

Done.

+   */
+  external static X509Certificate addCertificate(List<int> certificate,
+                                                 String trust);
 }
 
 
 /**
  * RawSecureSocket provides a secure (SSL or TLS) network connection.
  * Client connections to a server are provided by calling
  * RawSecureSocket.connect.  A secure server, created with
  * RawSecureServerSocket, also returns RawSecureSocket objects representing
  * the server end of a secure connection.
  * The certificate provided by the server is checked
@@ skipping 187 matching lines @@
 
   // Buffer identifiers.
   // These must agree with those in the native C++ implementation.
   static final int READ_PLAINTEXT = 0;
   static final int WRITE_PLAINTEXT = 1;
   static final int READ_ENCRYPTED = 2;
   static final int WRITE_ENCRYPTED = 3;
   static final int NUM_BUFFERS = 4;
 
   // Is a buffer identifier for an encrypted buffer?
-  static bool _isBufferEncrypted(int identifier) => identifier >= READ_ENCRYPTED;
+  static bool _isBufferEncrypted(int identifier) =>
+      identifier >= READ_ENCRYPTED;
 
   RawSocket _socket;
   final Completer<_RawSecureSocket> _handshakeComplete =
       new Completer<_RawSecureSocket>();
   StreamController<RawSocketEvent> _controller;
   Stream<RawSocketEvent> _stream;
   StreamSubscription<RawSocketEvent> _socketSubscription;
   List<int> _bufferedData;
   int _bufferedDataIndex = 0;
   final InternetAddress address;
@@ skipping 842 matching lines @@
 /**
  * An exception that happens in the handshake phase of establishing
  * a secure network connection, when looking up or verifying a
  * certificate.
  */
 class CertificateException extends TlsException {
   const CertificateException([String message = "",
                             OSError osError = null])
      : super._("CertificateException", message, osError);
 }