Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(194)

Side by Side Diff: sdk/lib/io/secure_socket.dart

Issue 18097007: Add SecureSocket.addCertificate. (Closed) Base URL: https://dart.googlecode.com/svn/branches/bleeding_edge/dart
Patch Set: Improve formatting Created 7 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file
2 // for details. All rights reserved. Use of this source code is governed by a 2 // for details. All rights reserved. Use of this source code is governed by a
3 // BSD-style license that can be found in the LICENSE file. 3 // BSD-style license that can be found in the LICENSE file.
4 4
5 part of dart.io; 5 part of dart.io;
6 6
7 /** 7 /**
8 * A high-level class for communicating securely over a TCP socket, using 8 * A high-level class for communicating securely over a TCP socket, using
9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an 9 * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an
10 * [IOSink] interface, making it ideal for using together with 10 * [IOSink] interface, making it ideal for using together with
(...skipping 187 matching lines...) Expand 10 before | Expand all | Expand 10 after
198 * 198 *
199 * The database should be an NSS certificate database directory 199 * The database should be an NSS certificate database directory
200 * containing a cert9.db file, not a cert8.db file. This version of 200 * containing a cert9.db file, not a cert8.db file. This version of
201 * the database can be created using the NSS certutil tool with "sql:" in 201 * the database can be created using the NSS certutil tool with "sql:" in
202 * front of the absolute path of the database directory, or setting the 202 * front of the absolute path of the database directory, or setting the
203 * environment variable [[NSS_DEFAULT_DB_TYPE]] to "sql". 203 * environment variable [[NSS_DEFAULT_DB_TYPE]] to "sql".
204 */ 204 */
205 external static void initialize({String database, 205 external static void initialize({String database,
206 String password, 206 String password,
207 bool useBuiltinRoots: true}); 207 bool useBuiltinRoots: true});
208
209
210 /**
211 * Adds a X509 certificate (for SSL and TLS secure networking) to the
212 * in-memory certificate database. Returns an X509Certificate object
213 * with information about the added certificate.
214 *
215 * [certificate] must be a list of bytes encoding a certificate in
216 * PEM format: a base64 encoded DER certificate, enclosed between
217 * "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----".
218 *
219 * [trust] is a string specifying the allowed uses of this certificate.
220 * For example, 'TC,,' specifies that the certificate is for a certificate
Søren Gjesse 2013/07/29 14:12:19 Could we add some string constants (with dartdoc)
Bill Hesse 2013/07/30 10:00:10 Done.
221 * authority that is trusted to issue server and client certificates, so
222 * that a server or client certificate signed by this authority will be
223 * accepted.
224 * See the documentation of NSS certutil for more about trust attributes.
Søren Gjesse 2013/07/29 14:12:19 Can we add a URL here?
Bill Hesse 2013/07/30 10:00:10 Done.
225 */
226 external static X509Certificate addCertificate(List<int> certificate,
227 String trust);
208 } 228 }
209 229
210 230
211 /** 231 /**
212 * RawSecureSocket provides a secure (SSL or TLS) network connection. 232 * RawSecureSocket provides a secure (SSL or TLS) network connection.
213 * Client connections to a server are provided by calling 233 * Client connections to a server are provided by calling
214 * RawSecureSocket.connect. A secure server, created with 234 * RawSecureSocket.connect. A secure server, created with
215 * RawSecureServerSocket, also returns RawSecureSocket objects representing 235 * RawSecureServerSocket, also returns RawSecureSocket objects representing
216 * the server end of a secure connection. 236 * the server end of a secure connection.
217 * The certificate provided by the server is checked 237 * The certificate provided by the server is checked
(...skipping 187 matching lines...) Expand 10 before | Expand all | Expand 10 after
405 425
406 // Buffer identifiers. 426 // Buffer identifiers.
407 // These must agree with those in the native C++ implementation. 427 // These must agree with those in the native C++ implementation.
408 static final int READ_PLAINTEXT = 0; 428 static final int READ_PLAINTEXT = 0;
409 static final int WRITE_PLAINTEXT = 1; 429 static final int WRITE_PLAINTEXT = 1;
410 static final int READ_ENCRYPTED = 2; 430 static final int READ_ENCRYPTED = 2;
411 static final int WRITE_ENCRYPTED = 3; 431 static final int WRITE_ENCRYPTED = 3;
412 static final int NUM_BUFFERS = 4; 432 static final int NUM_BUFFERS = 4;
413 433
414 // Is a buffer identifier for an encrypted buffer? 434 // Is a buffer identifier for an encrypted buffer?
415 static bool _isBufferEncrypted(int identifier) => identifier >= READ_ENCRYPTED ; 435 static bool _isBufferEncrypted(int identifier) =>
436 identifier >= READ_ENCRYPTED;
416 437
417 RawSocket _socket; 438 RawSocket _socket;
418 final Completer<_RawSecureSocket> _handshakeComplete = 439 final Completer<_RawSecureSocket> _handshakeComplete =
419 new Completer<_RawSecureSocket>(); 440 new Completer<_RawSecureSocket>();
420 StreamController<RawSocketEvent> _controller; 441 StreamController<RawSocketEvent> _controller;
421 Stream<RawSocketEvent> _stream; 442 Stream<RawSocketEvent> _stream;
422 StreamSubscription<RawSocketEvent> _socketSubscription; 443 StreamSubscription<RawSocketEvent> _socketSubscription;
423 List<int> _bufferedData; 444 List<int> _bufferedData;
424 int _bufferedDataIndex = 0; 445 int _bufferedDataIndex = 0;
425 final InternetAddress address; 446 final InternetAddress address;
(...skipping 842 matching lines...) Expand 10 before | Expand all | Expand 10 after
1268 /** 1289 /**
1269 * An exception that happens in the handshake phase of establishing 1290 * An exception that happens in the handshake phase of establishing
1270 * a secure network connection, when looking up or verifying a 1291 * a secure network connection, when looking up or verifying a
1271 * certificate. 1292 * certificate.
1272 */ 1293 */
1273 class CertificateException extends TlsException { 1294 class CertificateException extends TlsException {
1274 const CertificateException([String message = "", 1295 const CertificateException([String message = "",
1275 OSError osError = null]) 1296 OSError osError = null])
1276 : super._("CertificateException", message, osError); 1297 : super._("CertificateException", message, osError);
1277 } 1298 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698