OLD | NEW |
1 // Copyright (c) 2015, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2015, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 part of dart.io; | 5 part of dart.io; |
6 | 6 |
7 /** | 7 /** |
8 * The object containing the certificates to trust when making | 8 * The object containing the certificates to trust when making |
9 * a secure client connection, and the certificate chain and | 9 * a secure client connection, and the certificate chain and |
10 * private key to serve from a secure server. | 10 * private key to serve from a secure server. |
11 * | 11 * |
12 * The [SecureSocket] and [SecureServer] classes take a SecurityContext | 12 * The [SecureSocket] and [SecureServer] classes take a SecurityContext |
13 * as an argument to their connect and bind methods. | 13 * as an argument to their connect and bind methods. |
14 * | 14 * |
15 * Certificates and keys can be added to a SecurityContext from either PEM | 15 * Certificates and keys can be added to a SecurityContext from either PEM |
16 * or PKCS12 containers. | 16 * or PKCS12 containers. |
| 17 * |
| 18 * iOS note: methods to add, remove, and inspect certificates are not yet |
| 19 * implemented. That is, only the platform's built-in trusted certificates can |
| 20 * be used, by way of [SecurityContext.defaultContext]. |
17 */ | 21 */ |
18 abstract class SecurityContext { | 22 abstract class SecurityContext { |
19 external factory SecurityContext(); | 23 external factory SecurityContext(); |
20 | 24 |
21 /** | 25 /** |
22 * Secure networking classes with an optional `context` parameter | 26 * Secure networking classes with an optional `context` parameter |
23 * use the [defaultContext] object if the parameter is omitted. | 27 * use the [defaultContext] object if the parameter is omitted. |
24 * This object can also be accessed, and modified, directly. | 28 * This object can also be accessed, and modified, directly. |
25 * Each isolate has a different [defaultContext] object. | 29 * Each isolate has a different [defaultContext] object. |
26 * The [defaultContext] object uses a list of well-known trusted | 30 * The [defaultContext] object uses a list of well-known trusted |
27 * certificate authorities as its trusted roots. This list is | 31 * certificate authorities as its trusted roots. On Linux and Windows, this |
28 * taken from Mozilla, who maintains it as part of Firefox. | 32 * list is taken from Mozilla, who maintains it as part of Firefox. On, |
| 33 * MacOS, iOS, and Android, this list comes from the trusted certificates |
| 34 * stores built in to the platforms. |
29 */ | 35 */ |
30 external static SecurityContext get defaultContext; | 36 external static SecurityContext get defaultContext; |
31 | 37 |
32 /** | 38 /** |
33 * Sets the private key for a server certificate or client certificate. | 39 * Sets the private key for a server certificate or client certificate. |
34 * | 40 * |
35 * A secure connection using this SecurityContext will use this key with | 41 * A secure connection using this SecurityContext will use this key with |
36 * the server or client certificate to sign and decrypt messages. | 42 * the server or client certificate to sign and decrypt messages. |
37 * [file] is the path to a PEM or PKCS12 file containing an encrypted | 43 * [file] is the path to a PEM or PKCS12 file containing an encrypted |
38 * private key, encrypted with [password]. Assuming it is well-formatted, all | 44 * private key, encrypted with [password]. Assuming it is well-formatted, all |
(...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
235 } | 241 } |
236 | 242 |
237 if (bytes.length >= (1 << 13)) { | 243 if (bytes.length >= (1 << 13)) { |
238 throw new ArgumentError( | 244 throw new ArgumentError( |
239 'The maximum message length supported is 2^13-1.'); | 245 'The maximum message length supported is 2^13-1.'); |
240 } | 246 } |
241 | 247 |
242 return new Uint8List.fromList(bytes); | 248 return new Uint8List.fromList(bytes); |
243 } | 249 } |
244 } | 250 } |
OLD | NEW |