Migrate dart2js stubs for dart:io

tool/input_sdk/lib/io/secure_socket.dart

+// Copyright (c) 2013, the Dart project authors.  Please see the AUTHORS file
+// for details. All rights reserved. Use of this source code is governed by a
+// BSD-style license that can be found in the LICENSE file.
+
+part of dart.io;
+
+/**
+ * A high-level class for communicating securely over a TCP socket, using
+ * TLS and SSL. The [SecureSocket] exposes both a [Stream] and an
+ * [IOSink] interface, making it ideal for using together with
+ * other [Stream]s.
+ */
+abstract class SecureSocket implements Socket {
+  external factory SecureSocket._(RawSecureSocket rawSocket);
+
+  /**
+   * Constructs a new secure client socket and connects it to the given
+   * [host] on port [port]. The returned Future will complete with a
+   * [SecureSocket] that is connected and ready for subscription.
+   *
+   * The certificate provided by the server is checked
+   * using the trusted certificates set in the SecurityContext object.
+   * The default SecurityContext object contains a built-in set of trusted
+   * root certificates for well-known certificate authorities.
+   *
+   * [onBadCertificate] is an optional handler for unverifiable certificates.
+   * The handler receives the [X509Certificate], and can inspect it and
+   * decide (or let the user decide) whether to accept
+   * the connection or not.  The handler should return true
+   * to continue the [SecureSocket] connection.
+   */
+  static Future<SecureSocket> connect(
+      host,
+      int port,
+      {SecurityContext context,
+       bool onBadCertificate(X509Certificate certificate),
+       List<String> supportedProtocols}) {
+    return RawSecureSocket.connect(host,
+                                   port,
+                                   context: context,
+                                   onBadCertificate: onBadCertificate,
+                                   supportedProtocols: supportedProtocols)
+        .then((rawSocket) => new SecureSocket._(rawSocket));
+  }
+
+  /**
+   * Takes an already connected [socket] and starts client side TLS
+   * handshake to make the communication secure. When the returned
+   * future completes the [SecureSocket] has completed the TLS
+   * handshake. Using this function requires that the other end of the
+   * connection is prepared for TLS handshake.
+   *
+   * If the [socket] already has a subscription, this subscription
+   * will no longer receive and events. In most cases calling
+   * `pause` on this subscription before starting TLS handshake is
+   * the right thing to do.
+   *
+   * If the [host] argument is passed it will be used as the host name
+   * for the TLS handshake. If [host] is not passed the host name from
+   * the [socket] will be used. The [host] can be either a [String] or
+   * an [InternetAddress].
+   *
+   * Calling this function will _not_ cause a DNS host lookup. If the
+   * [host] passed is a [String] the [InternetAddress] for the
+   * resulting [SecureSocket] will have the passed in [host] as its
+   * host value and the internet address of the already connected
+   * socket as its address value.
+   *
+   * See [connect] for more information on the arguments.
+   *
+   */
+  static Future<SecureSocket> secure(
+      Socket socket,
+      {host,
+       SecurityContext context,
+       bool onBadCertificate(X509Certificate certificate)}) {
+    var completer = new Completer();
+    (socket as dynamic)._detachRaw()
+        .then((detachedRaw) {
+          return RawSecureSocket.secure(
+            detachedRaw[0],
+            subscription: detachedRaw[1],
+            host: host,
+            context: context,
+            onBadCertificate: onBadCertificate);
+          })
+        .then((raw) {
+          completer.complete(new SecureSocket._(raw));
+        });
+    return completer.future;
+  }
+
+  /**
+   * Takes an already connected [socket] and starts server side TLS
+   * handshake to make the communication secure. When the returned
+   * future completes the [SecureSocket] has completed the TLS
+   * handshake. Using this function requires that the other end of the
+   * connection is going to start the TLS handshake.
+   *
+   * If the [socket] already has a subscription, this subscription
+   * will no longer receive and events. In most cases calling
+   * [:pause:] on this subscription before starting TLS handshake is
+   * the right thing to do.
+   *
+   * If some of the data of the TLS handshake has already been read
+   * from the socket this data can be passed in the [bufferedData]
+   * parameter. This data will be processed before any other data
+   * available on the socket.
+   *
+   * See [SecureServerSocket.bind] for more information on the
+   * arguments.
+   *
+   */
+  static Future<SecureSocket> secureServer(
+      Socket socket,
+      SecurityContext context,
+      {List<int> bufferedData,
+       bool requestClientCertificate: false,
+       bool requireClientCertificate: false,
+       List<String> supportedProtocols}) {
+    var completer = new Completer();
+    (socket as dynamic)._detachRaw()
+        .then((detachedRaw) {
+          return RawSecureSocket.secureServer(
+            detachedRaw[0],
+            context,
+            subscription: detachedRaw[1],
+            bufferedData: bufferedData,
+            requestClientCertificate: requestClientCertificate,
+            requireClientCertificate: requireClientCertificate,
+            supportedProtocols: supportedProtocols);
+          })
+        .then((raw) {
+          completer.complete(new SecureSocket._(raw));
+        });
+    return completer.future;
+  }
+
+  /**
+   * Get the peer certificate for a connected SecureSocket.  If this
+   * SecureSocket is the server end of a secure socket connection,
+   * [peerCertificate] will return the client certificate, or null, if no
+   * client certificate was received.  If it is the client end,
+   * [peerCertificate] will return the server's certificate.
+   */
+  X509Certificate get peerCertificate;
+
+  /**
+   * Get the protocol which was selected during protocol negotiation.
+   */
+  String get selectedProtocol;
+
+  /**
+   * Renegotiate an existing secure connection, renewing the session keys
+   * and possibly changing the connection properties.
+   *
+   * This repeats the SSL or TLS handshake, with options that allow clearing
+   * the session cache and requesting a client certificate.
+   */
+  void renegotiate({bool useSessionCache: true,
+                    bool requestClientCertificate: false,
+                    bool requireClientCertificate: false});
+}
+
+
+/**
+ * RawSecureSocket provides a secure (SSL or TLS) network connection.
+ * Client connections to a server are provided by calling
+ * RawSecureSocket.connect.  A secure server, created with
+ * [RawSecureServerSocket], also returns RawSecureSocket objects representing
+ * the server end of a secure connection.
+ * The certificate provided by the server is checked
+ * using the trusted certificates set in the SecurityContext object.
+ * The default [SecurityContext] object contains a built-in set of trusted
+ * root certificates for well-known certificate authorities.
+ */
+abstract class RawSecureSocket implements RawSocket {
+  /**
+   * Constructs a new secure client socket and connect it to the given
+   * host on the given port. The returned [Future] is completed with the
+   * RawSecureSocket when it is connected and ready for subscription.
+   *
+   * The certificate provided by the server is checked using the trusted
+   * certificates set in the SecurityContext object If a certificate and key are
+   * set on the client, using [SecurityContext.useCertificateChain] and
+   * [SecurityContext.usePrivateKey], and the server asks for a client
+   * certificate, then that client certificate is sent to the server.
+   *
+   * [onBadCertificate] is an optional handler for unverifiable certificates.
+   * The handler receives the [X509Certificate], and can inspect it and
+   * decide (or let the user decide) whether to accept
+   * the connection or not.  The handler should return true
+   * to continue the [RawSecureSocket] connection.
+   */
+  static Future<RawSecureSocket> connect(
+      host,
+      int port,
+      {SecurityContext context,
+       bool onBadCertificate(X509Certificate certificate),
+       List<String> supportedProtocols}) {
+    _RawSecureSocket._verifyFields(
+        host,
+        port,
+        false,
+        false,
+        false,
+        onBadCertificate);
+    return RawSocket.connect(host, port)
+        .then((socket) {
+          return secure(socket,
+                        context: context,
+                        onBadCertificate: onBadCertificate,
+                        supportedProtocols: supportedProtocols);
+        });
+  }
+
+  /**
+   * Takes an already connected [socket] and starts client side TLS
+   * handshake to make the communication secure. When the returned
+   * future completes the [RawSecureSocket] has completed the TLS
+   * handshake. Using this function requires that the other end of the
+   * connection is prepared for TLS handshake.
+   *
+   * If the [socket] already has a subscription, pass the existing
+   * subscription in the [subscription] parameter. The [secure]
+   * operation will take over the subscription by replacing the
+   * handlers with it own secure processing. The caller must not touch
+   * this subscription anymore. Passing a paused subscription is an
+   * error.
+   *
+   * If the [host] argument is passed it will be used as the host name
+   * for the TLS handshake. If [host] is not passed the host name from
+   * the [socket] will be used. The [host] can be either a [String] or
+   * an [InternetAddress].
+   *
+   * Calling this function will _not_ cause a DNS host lookup. If the
+   * [host] passed is a [String] the [InternetAddress] for the
+   * resulting [SecureSocket] will have this passed in [host] as its
+   * host value and the internet address of the already connected
+   * socket as its address value.
+   *
+   * See [connect] for more information on the arguments.
+   *
+   */
+  static Future<RawSecureSocket> secure(
+      RawSocket socket,
+      {StreamSubscription subscription,
+       host,
+       SecurityContext context,
+       bool onBadCertificate(X509Certificate certificate),
+       List<String> supportedProtocols}) {
+    socket.readEventsEnabled = false;
+    socket.writeEventsEnabled = false;
+    return  _RawSecureSocket.connect(
+        host != null ? host : socket.address.host,
+        socket.port,
+        is_server: false,
+        socket: socket,
+        subscription: subscription,
+        context: context,
+        onBadCertificate: onBadCertificate,
+        supportedProtocols: supportedProtocols);
+  }
+
+  /**
+   * Takes an already connected [socket] and starts server side TLS
+   * handshake to make the communication secure. When the returned
+   * future completes the [RawSecureSocket] has completed the TLS
+   * handshake. Using this function requires that the other end of the
+   * connection is going to start the TLS handshake.
+   *
+   * If the [socket] already has a subscription, pass the existing
+   * subscription in the [subscription] parameter. The [secureServer]
+   * operation will take over the subscription by replacing the
+   * handlers with it own secure processing. The caller must not touch
+   * this subscription anymore. Passing a paused subscription is an
+   * error.
+   *
+   * If some of the data of the TLS handshake has already been read
+   * from the socket this data can be passed in the [bufferedData]
+   * parameter. This data will be processed before any other data
+   * available on the socket.
+   *
+   * See [RawSecureServerSocket.bind] for more information on the
+   * arguments.
+   *
+   */
+  static Future<RawSecureSocket> secureServer(
+      RawSocket socket,
+      SecurityContext context,
+      {StreamSubscription subscription,
+       List<int> bufferedData,
+       bool requestClientCertificate: false,
+       bool requireClientCertificate: false,
+       List<String> supportedProtocols}) {
+    socket.readEventsEnabled = false;
+    socket.writeEventsEnabled = false;
+    return _RawSecureSocket.connect(
+        socket.address,
+        socket.remotePort,
+        context: context,
+        is_server: true,
+        socket: socket,
+        subscription: subscription,
+        bufferedData: bufferedData,
+        requestClientCertificate: requestClientCertificate,
+        requireClientCertificate: requireClientCertificate,
+        supportedProtocols: supportedProtocols);
+  }
+
+  /**
+   * Renegotiate an existing secure connection, renewing the session keys
+   * and possibly changing the connection properties.
+   *
+   * This repeats the SSL or TLS handshake, with options that allow clearing
+   * the session cache and requesting a client certificate.
+   */
+  void renegotiate({bool useSessionCache: true,
+                    bool requestClientCertificate: false,
+                    bool requireClientCertificate: false});
+
+  /**
+   * Get the peer certificate for a connected RawSecureSocket.  If this
+   * RawSecureSocket is the server end of a secure socket connection,
+   * [peerCertificate] will return the client certificate, or null, if no
+   * client certificate was received.  If it is the client end,
+   * [peerCertificate] will return the server's certificate.
+   */
+  X509Certificate get peerCertificate;
+
+  /**
+   * Get the protocol which was selected during protocol negotiation.
+   */
+  String get selectedProtocol;
+}
+
+
+/**
+ * X509Certificate represents an SSL certificate, with accessors to
+ * get the fields of the certificate.
+ */
+abstract class X509Certificate {
+  external factory X509Certificate._();
+
+  String get subject;
+  String get issuer;
+  DateTime get startValidity;
+  DateTime get endValidity;
+}
+
+
+class _FilterStatus {
+  bool progress = false;  // The filter read or wrote data to the buffers.
+  bool readEmpty = true;  // The read buffers and decryption filter are empty.
+  bool writeEmpty = true;  // The write buffers and encryption filter are empty.
+  // These are set if a buffer changes state from empty or full.
+  bool readPlaintextNoLongerEmpty = false;
+  bool writePlaintextNoLongerFull = false;
+  bool readEncryptedNoLongerFull = false;
+  bool writeEncryptedNoLongerEmpty = false;
+
+  _FilterStatus();
+}
+
+
+class _RawSecureSocket extends Stream<RawSocketEvent>
+                       implements RawSecureSocket {
+  // Status states
+  static final int HANDSHAKE = 201;
+  static final int CONNECTED = 202;
+  static final int CLOSED = 203;
+
+  // Buffer identifiers.
+  // These must agree with those in the native C++ implementation.
+  static final int READ_PLAINTEXT = 0;
+  static final int WRITE_PLAINTEXT = 1;
+  static final int READ_ENCRYPTED = 2;
+  static final int WRITE_ENCRYPTED = 3;
+  static final int NUM_BUFFERS = 4;
+
+  // Is a buffer identifier for an encrypted buffer?
+  static bool _isBufferEncrypted(int identifier) => identifier >= READ_ENCRYPTED;
+
+  RawSocket _socket;
+  final Completer<_RawSecureSocket> _handshakeComplete =
+      new Completer<_RawSecureSocket>();
+  StreamController<RawSocketEvent> _controller;
+  Stream<RawSocketEvent> _stream;
+  StreamSubscription<RawSocketEvent> _socketSubscription;
+  List<int> _bufferedData;
+  int _bufferedDataIndex = 0;
+  final InternetAddress address;
+  final bool is_server;
+  SecurityContext context;
+  final bool requestClientCertificate;
+  final bool requireClientCertificate;
+  final Function onBadCertificate;
+
+  var _status = HANDSHAKE;
+  bool _writeEventsEnabled = true;
+  bool _readEventsEnabled = true;
+  int _pauseCount = 0;
+  bool _pendingReadEvent = false;
+  bool _socketClosedRead = false;  // The network socket is closed for reading.
+  bool _socketClosedWrite = false;  // The network socket is closed for writing.
+  bool _closedRead = false;  // The secure socket has fired an onClosed event.
+  bool _closedWrite = false;  // The secure socket has been closed for writing.
+  Completer _closeCompleter = new Completer();  // The network socket is gone.
+  _FilterStatus _filterStatus = new _FilterStatus();
+  bool _connectPending = true;
+  bool _filterPending = false;
+  bool _filterActive = false;
+
+  _SecureFilter _secureFilter = new _SecureFilter();
+  String _selectedProtocol;
+
+  static Future<_RawSecureSocket> connect(
+      dynamic/*String|InternetAddress*/ host,
+      int requestedPort,
+      {bool is_server,
+       SecurityContext context,
+       RawSocket socket,
+       StreamSubscription subscription,
+       List<int> bufferedData,
+       bool requestClientCertificate: false,
+       bool requireClientCertificate: false,
+       bool onBadCertificate(X509Certificate certificate),
+       List<String> supportedProtocols}) {
+    _verifyFields(host, requestedPort, is_server,
+                 requestClientCertificate, requireClientCertificate,
+                 onBadCertificate);
+    if (host is InternetAddress) host = host.host;
+    InternetAddress address = socket.address;
+    if (host != null) {
+      address = InternetAddress._cloneWithNewHost(address, host);
+    }
+    return new _RawSecureSocket(address,
+                                requestedPort,
+                                is_server,
+                                context,
+                                socket,
+                                subscription,
+                                bufferedData,
+                                requestClientCertificate,
+                                requireClientCertificate,
+                                onBadCertificate,
+                                supportedProtocols)
+        ._handshakeComplete.future;
+  }
+
+  _RawSecureSocket(
+      this.address,
+      int requestedPort,
+      this.is_server,
+      this.context,
+      RawSocket this._socket,
+      this._socketSubscription,
+      this._bufferedData,
+      this.requestClientCertificate,
+      this.requireClientCertificate,
+      this.onBadCertificate(X509Certificate certificate),
+      List<String> supportedProtocols) {
+    if (context == null) {
+      context = SecurityContext.defaultContext;
+    }
+    _controller = new StreamController<RawSocketEvent>(
+        sync: true,
+        onListen: _onSubscriptionStateChange,
+        onPause: _onPauseStateChange,
+        onResume: _onPauseStateChange,
+        onCancel: _onSubscriptionStateChange);
+    _stream = _controller.stream;
+    // Throw an ArgumentError if any field is invalid.  After this, all
+    // errors will be reported through the future or the stream.
+    _secureFilter.init();
+    _secureFilter.registerHandshakeCompleteCallback(
+        _secureHandshakeCompleteHandler);
+    if (onBadCertificate != null) {
+      _secureFilter.registerBadCertificateCallback(_onBadCertificateWrapper);
+    }
+    _socket.readEventsEnabled = true;
+    _socket.writeEventsEnabled = false;
+    if (_socketSubscription == null) {
+      // If a current subscription is provided use this otherwise
+      // create a new one.
+      _socketSubscription = _socket.listen(_eventDispatcher,
+                                           onError: _reportError,
+                                           onDone: _doneHandler);
+    } else {
+      if (_socketSubscription.isPaused) {
+        _socket.close();
+        throw new ArgumentError(
+            "Subscription passed to TLS upgrade is paused");
+      }
+      // If we are upgrading a socket that is already closed for read,
+      // report an error as if we received READ_CLOSED during the handshake.
+      dynamic s = _socket;  // Cast to dynamic to avoid warning.
+      if (s._socket.closedReadEventSent) {
+        _eventDispatcher(RawSocketEvent.READ_CLOSED);
+      }
+      _socketSubscription
+          ..onData(_eventDispatcher)
+          ..onError(_reportError)
+          ..onDone(_doneHandler);
+    }
+    try {
+      var encodedProtocols =
+          SecurityContext._protocolsToLengthEncoding(supportedProtocols);
+      _secureFilter.connect(address.host,
+                            context,
+                            is_server,
+                            requestClientCertificate ||
+                                requireClientCertificate,
+                            requireClientCertificate,
+                            encodedProtocols);
+      _secureHandshake();
+    } catch (e, s) {
+      _reportError(e, s);
+    }
+  }
+
+  StreamSubscription<RawSocketEvent> listen(void onData(RawSocketEvent data),
+                                            {Function onError,
+                                             void onDone(),
+                                             bool cancelOnError}) {
+    _sendWriteEvent();
+    return _stream.listen(onData,
+                          onError: onError,
+                          onDone: onDone,
+                          cancelOnError: cancelOnError);
+  }
+
+  static void _verifyFields(host,
+                            int requestedPort,
+                            bool is_server,
+                            bool requestClientCertificate,
+                            bool requireClientCertificate,
+                            Function onBadCertificate) {
+    if (host is! String && host is! InternetAddress) {
+      throw new ArgumentError("host is not a String or an InternetAddress");
+    }
+    if (requestedPort is! int) {
+      throw new ArgumentError("requestedPort is not an int");
+    }
+    if (requestedPort < 0 || requestedPort > 65535) {
+      throw new ArgumentError("requestedPort is not in the range 0..65535");
+    }
+    if (requestClientCertificate is! bool) {
+      throw new ArgumentError("requestClientCertificate is not a bool");
+    }
+    if (requireClientCertificate is! bool) {
+      throw new ArgumentError("requireClientCertificate is not a bool");
+    }
+    if (onBadCertificate != null && onBadCertificate is! Function) {
+      throw new ArgumentError("onBadCertificate is not null or a Function");
+    }
+   }
+
+  int get port => _socket.port;
+
+  InternetAddress get remoteAddress => _socket.remoteAddress;
+
+  int get remotePort => _socket.remotePort;
+
+  void set _owner(owner) {
+    (_socket as dynamic)._owner = owner;
+  }
+
+  int available() {
+    return _status != CONNECTED ? 0
+                                : _secureFilter.buffers[READ_PLAINTEXT].length;
+  }
+
+  Future<RawSecureSocket> close() {
+    shutdown(SocketDirection.BOTH);
+    return _closeCompleter.future;
+  }
+
+  void _completeCloseCompleter([dummy]) {
+    if (!_closeCompleter.isCompleted) _closeCompleter.complete(this);
+  }
+
+  void _close() {
+    _closedWrite = true;
+    _closedRead = true;
+    if (_socket != null) {
+      _socket.close().then(_completeCloseCompleter);
+    } else {
+      _completeCloseCompleter();
+    }
+    _socketClosedWrite = true;
+    _socketClosedRead = true;
+    if (!_filterActive && _secureFilter != null) {
+      _secureFilter.destroy();
+      _secureFilter = null;
+    }
+    if (_socketSubscription != null) {
+      _socketSubscription.cancel();
+    }
+    _controller.close();
+    _status = CLOSED;
+  }
+
+  void shutdown(SocketDirection direction) {
+    if (direction == SocketDirection.SEND ||
+        direction == SocketDirection.BOTH) {
+      _closedWrite = true;
+      if (_filterStatus.writeEmpty) {
+        _socket.shutdown(SocketDirection.SEND);
+        _socketClosedWrite = true;
+        if (_closedRead) {
+          _close();
+        }
+      }
+    }
+    if (direction == SocketDirection.RECEIVE ||
+        direction == SocketDirection.BOTH) {
+      _closedRead = true;
+      _socketClosedRead = true;
+      _socket.shutdown(SocketDirection.RECEIVE);
+      if (_socketClosedWrite) {
+        _close();
+      }
+    }
+  }
+
+  bool get writeEventsEnabled => _writeEventsEnabled;
+
+  void set writeEventsEnabled(bool value) {
+    _writeEventsEnabled = value;
+    if (value) {
+      Timer.run(() => _sendWriteEvent());
+    }
+  }
+
+  bool get readEventsEnabled => _readEventsEnabled;
+
+  void set readEventsEnabled(bool value) {
+      _readEventsEnabled = value;
+      _scheduleReadEvent();
+  }
+
+  List<int> read([int length]) {
+    if (length != null && (length is! int || length < 0)) {
+        throw new ArgumentError(
+            "Invalid length parameter in SecureSocket.read (length: $length)");
+    }
+    if (_closedRead) {
+      throw new SocketException("Reading from a closed socket");
+    }
+    if (_status != CONNECTED) {
+      return null;
+    }
+    var result = _secureFilter.buffers[READ_PLAINTEXT].read(length);
+    _scheduleFilter();
+    return result;
+  }
+
+  // Write the data to the socket, and schedule the filter to encrypt it.
+  int write(List<int> data, [int offset, int bytes]) {
+    if (bytes != null && (bytes is! int || bytes < 0)) {
+        throw new ArgumentError(
+            "Invalid bytes parameter in SecureSocket.read (bytes: $bytes)");
+    }
+    if (offset != null && (offset is! int || offset < 0)) {
+        throw new ArgumentError(
+            "Invalid offset parameter in SecureSocket.read (offset: $offset)");
+    }
+    if (_closedWrite) {
+      _controller.addError(new SocketException("Writing to a closed socket"));
+      return 0;
+    }
+    if (_status != CONNECTED) return 0;
+    if (offset == null) offset = 0;
+    if (bytes == null) bytes = data.length - offset;
+
+    int written =
+        _secureFilter.buffers[WRITE_PLAINTEXT].write(data, offset, bytes);
+    if (written > 0) {
+      _filterStatus.writeEmpty = false;
+    }
+    _scheduleFilter();
+    return written;
+  }
+
+  X509Certificate get peerCertificate => _secureFilter.peerCertificate;
+
+  String get selectedProtocol => _selectedProtocol;
+
+  bool _onBadCertificateWrapper(X509Certificate certificate) {
+    if (onBadCertificate == null) return false;
+    var result = onBadCertificate(certificate);
+    if (result is bool) return result;
+    throw new HandshakeException(
+        "onBadCertificate callback returned non-boolean $result");
+  }
+
+  bool setOption(SocketOption option, bool enabled) {
+    if (_socket == null) return false;
+    return _socket.setOption(option, enabled);
+  }
+
+  void _eventDispatcher(RawSocketEvent event) {
+    try {
+      if (event == RawSocketEvent.READ) {
+        _readHandler();
+      } else if (event == RawSocketEvent.WRITE) {
+        _writeHandler();
+      } else if (event == RawSocketEvent.READ_CLOSED) {
+        _closeHandler();
+      }
+    } catch (e, stackTrace) {
+      _reportError(e, stackTrace);
+    }
+  }
+
+  void _readHandler() {
+    _readSocket();
+    _scheduleFilter();
+  }
+
+  void _writeHandler() {
+    _writeSocket();
+    _scheduleFilter();
+  }
+
+  void _doneHandler() {
+    if (_filterStatus.readEmpty) {
+      _close();
+    }
+  }
+
+  void _reportError(e, [StackTrace stackTrace]) {
+    if (_status == CLOSED) {
+      return;
+    } else if (_connectPending) {
+      // _connectPending is true until the handshake has completed, and the
+      // _handshakeComplete future returned from SecureSocket.connect has
+      // completed.  Before this point, we must complete it with an error.
+      _handshakeComplete.completeError(e, stackTrace);
+    } else {
+      _controller.addError(e, stackTrace);
+    }
+    _close();
+  }
+
+  void _closeHandler() {
+    if  (_status == CONNECTED) {
+      if (_closedRead) return;
+      _socketClosedRead = true;
+      if (_filterStatus.readEmpty) {
+        _closedRead = true;
+        _controller.add(RawSocketEvent.READ_CLOSED);
+        if (_socketClosedWrite) {
+          _close();
+        }
+      } else {
+        _scheduleFilter();
+      }
+    } else if (_status == HANDSHAKE) {
+      _socketClosedRead = true;
+      if (_filterStatus.readEmpty) {
+      _reportError(
+          new HandshakeException('Connection terminated during handshake'),
+          null);
+      } else {
+        _secureHandshake();
+      }
+    }
+  }
+
+  void _secureHandshake() {
+    try {
+      _secureFilter.handshake();
+      _filterStatus.writeEmpty = false;
+      _readSocket();
+      _writeSocket();
+      _scheduleFilter();
+    } catch (e, stackTrace) {
+      _reportError(e, stackTrace);
+    }
+  }
+
+  void renegotiate({bool useSessionCache: true,
+                    bool requestClientCertificate: false,
+                    bool requireClientCertificate: false}) {
+    if (_status != CONNECTED) {
+      throw new HandshakeException(
+          "Called renegotiate on a non-connected socket");
+    }
+    _secureFilter.renegotiate(useSessionCache,
+                              requestClientCertificate,
+                              requireClientCertificate);
+    _status = HANDSHAKE;
+    _filterStatus.writeEmpty = false;
+    _scheduleFilter();
+  }
+
+  void _secureHandshakeCompleteHandler() {
+    _status = CONNECTED;
+    if (_connectPending) {
+      _connectPending = false;
+      try {
+        _selectedProtocol = _secureFilter.selectedProtocol();
+        // We don't want user code to run synchronously in this callback.
+        Timer.run(() => _handshakeComplete.complete(this));
+      } catch (error, stack) {
+        _handshakeComplete.completeError(error, stack);
+      }
+    }
+  }
+
+  void _onPauseStateChange() {
+    if (_controller.isPaused) {
+      _pauseCount++;
+    } else {
+      _pauseCount--;
+      if (_pauseCount == 0) {
+        _scheduleReadEvent();
+        _sendWriteEvent();  // Can send event synchronously.
+      }
+    }
+
+    if (!_socketClosedRead || !_socketClosedWrite) {
+      if (_controller.isPaused) {
+        _socketSubscription.pause();
+      } else {
+        _socketSubscription.resume();
+      }
+    }
+  }
+
+  void _onSubscriptionStateChange() {
+    if (_controller.hasListener) {
+      // TODO(ajohnsen): Do something here?
+    }
+  }
+
+  void _scheduleFilter() {
+    _filterPending = true;
+    _tryFilter();
+  }
+
+  void _tryFilter() {
+    if (_status == CLOSED) {
+      return;
+    }
+    if (_filterPending && !_filterActive) {
+      _filterActive = true;
+      _filterPending = false;
+      _pushAllFilterStages().then((status) {
+        _filterStatus = status;
+        _filterActive = false;
+        if (_status == CLOSED) {
+          _secureFilter.destroy();
+          _secureFilter = null;
+          return;
+        }
+        _socket.readEventsEnabled = true;
+        if (_filterStatus.writeEmpty && _closedWrite && !_socketClosedWrite) {
+          // Checks for and handles all cases of partially closed sockets.
+          shutdown(SocketDirection.SEND);
+          if (_status == CLOSED) {
+            return;
+          }
+        }
+        if (_filterStatus.readEmpty && _socketClosedRead && !_closedRead) {
+          if (_status == HANDSHAKE) {
+            _secureFilter.handshake();
+            if (_status == HANDSHAKE) {
+              throw new HandshakeException(
+                  'Connection terminated during handshake');
+            }
+          }
+          _closeHandler();
+        }
+        if (_status == CLOSED) {
+          return;
+        }
+        if (_filterStatus.progress) {
+          _filterPending = true;
+          if (_filterStatus.writeEncryptedNoLongerEmpty) {
+            _writeSocket();
+          }
+          if (_filterStatus.writePlaintextNoLongerFull) {
+            _sendWriteEvent();
+          }
+          if (_filterStatus.readEncryptedNoLongerFull) {
+            _readSocket();
+          }
+          if (_filterStatus.readPlaintextNoLongerEmpty) {
+            _scheduleReadEvent();
+          }
+          if (_status == HANDSHAKE) {
+            _secureHandshake();
+          }
+        }
+        _tryFilter();
+      }).catchError(_reportError);
+    }
+  }
+
+  List<int> _readSocketOrBufferedData(int bytes) {
+    if (_bufferedData != null) {
+      if (bytes > _bufferedData.length - _bufferedDataIndex) {
+        bytes = _bufferedData.length - _bufferedDataIndex;
+      }
+      var result = _bufferedData.sublist(_bufferedDataIndex,
+                                          _bufferedDataIndex + bytes);
+      _bufferedDataIndex += bytes;
+      if (_bufferedData.length == _bufferedDataIndex) {
+        _bufferedData = null;
+      }
+      return result;
+    } else if (!_socketClosedRead) {
+      return _socket.read(bytes);
+    } else {
+      return null;
+    }
+  }
+
+  void _readSocket() {
+    if (_status == CLOSED) return;
+    var buffer = _secureFilter.buffers[READ_ENCRYPTED];
+    if (buffer.writeFromSource(_readSocketOrBufferedData) > 0) {
+      _filterStatus.readEmpty = false;
+    } else {
+      _socket.readEventsEnabled = false;
+    }
+  }
+
+  void _writeSocket() {
+    if (_socketClosedWrite) return;
+    var buffer = _secureFilter.buffers[WRITE_ENCRYPTED];
+    if (buffer.readToSocket(_socket)) {  // Returns true if blocked
+      _socket.writeEventsEnabled = true;
+    }
+  }
+
+  // If a read event should be sent, add it to the controller.
+  _scheduleReadEvent() {
+    if (!_pendingReadEvent &&
+        _readEventsEnabled &&
+        _pauseCount == 0 &&
+        _secureFilter != null &&
+        !_secureFilter.buffers[READ_PLAINTEXT].isEmpty) {
+      _pendingReadEvent = true;
+      Timer.run(_sendReadEvent);
+    }
+  }
+
+  _sendReadEvent() {
+    _pendingReadEvent = false;
+    if (_status != CLOSED &&
+        _readEventsEnabled &&
+        _pauseCount == 0 &&
+        _secureFilter != null &&
+        !_secureFilter.buffers[READ_PLAINTEXT].isEmpty) {
+      _controller.add(RawSocketEvent.READ);
+      _scheduleReadEvent();
+    }
+  }
+
+  // If a write event should be sent, add it to the controller.
+  _sendWriteEvent() {
+    if (!_closedWrite &&
+        _writeEventsEnabled &&
+        _pauseCount == 0 &&
+        _secureFilter != null &&
+        _secureFilter.buffers[WRITE_PLAINTEXT].free > 0) {
+      _writeEventsEnabled = false;
+      _controller.add(RawSocketEvent.WRITE);
+    }
+  }
+
+  Future<_FilterStatus> _pushAllFilterStages() {
+    bool wasInHandshake = _status != CONNECTED;
+    List args = new List(2 + NUM_BUFFERS * 2);
+    args[0] = _secureFilter._pointer();
+    args[1] = wasInHandshake;
+    var bufs = _secureFilter.buffers;
+    for (var i = 0; i < NUM_BUFFERS; ++i) {
+      args[2 * i + 2] = bufs[i].start;
+      args[2 * i + 3] = bufs[i].end;
+    }
+
+    return _IOService._dispatch(_SSL_PROCESS_FILTER, args).then((response) {
+      if (response.length == 2) {
+        if (wasInHandshake) {
+          // If we're in handshake, throw a handshake error.
+          _reportError(
+              new HandshakeException('${response[1]} error ${response[0]}'),
+              null);
+        } else {
+          // If we're connected, throw a TLS error.
+          _reportError(new TlsException('${response[1]} error ${response[0]}'),
+                       null);
+        }
+      }
+      int start(int index) => response[2 * index];
+      int end(int index) => response[2 * index + 1];
+
+      _FilterStatus status = new _FilterStatus();
+      // Compute writeEmpty as "write plaintext buffer and write encrypted
+      // buffer were empty when we started and are empty now".
+      status.writeEmpty = bufs[WRITE_PLAINTEXT].isEmpty &&
+          start(WRITE_ENCRYPTED) == end(WRITE_ENCRYPTED);
+      // If we were in handshake when this started, _writeEmpty may be false
+      // because the handshake wrote data after we checked.
+      if (wasInHandshake) status.writeEmpty = false;
+
+      // Compute readEmpty as "both read buffers were empty when we started
+      // and are empty now".
+      status.readEmpty = bufs[READ_ENCRYPTED].isEmpty &&
+          start(READ_PLAINTEXT) == end(READ_PLAINTEXT);
+
+      _ExternalBuffer buffer = bufs[WRITE_PLAINTEXT];
+      int new_start = start(WRITE_PLAINTEXT);
+      if (new_start != buffer.start) {
+        status.progress = true;
+        if (buffer.free == 0) {
+          status.writePlaintextNoLongerFull = true;
+        }
+        buffer.start = new_start;
+      }
+      buffer = bufs[READ_ENCRYPTED];
+      new_start = start(READ_ENCRYPTED);
+      if (new_start != buffer.start) {
+        status.progress = true;
+        if (buffer.free == 0) {
+          status.readEncryptedNoLongerFull = true;
+        }
+        buffer.start = new_start;
+      }
+      buffer = bufs[WRITE_ENCRYPTED];
+      int new_end = end(WRITE_ENCRYPTED);
+      if (new_end != buffer.end) {
+        status.progress = true;
+        if (buffer.length == 0) {
+          status.writeEncryptedNoLongerEmpty = true;
+        }
+        buffer.end = new_end;
+      }
+      buffer = bufs[READ_PLAINTEXT];
+      new_end = end(READ_PLAINTEXT);
+      if (new_end != buffer.end) {
+        status.progress = true;
+        if (buffer.length == 0) {
+          status.readPlaintextNoLongerEmpty = true;
+        }
+        buffer.end = new_end;
+      }
+      return status;
+    });
+  }
+}
+
+
+/**
+ * A circular buffer backed by an external byte array.  Accessed from
+ * both C++ and Dart code in an unsynchronized way, with one reading
+ * and one writing.  All updates to start and end are done by Dart code.
+ */
+class _ExternalBuffer {
+  List data;  // This will be a ExternalByteArray, backed by C allocated data.
+  int start;
+  int end;
+  final size;
+
+  _ExternalBuffer(this.size) {
+    start = end = size ~/ 2;
+  }
+
+  void advanceStart(int bytes) {
+    assert(start > end || start + bytes <= end);
+    start += bytes;
+    if (start >= size) {
+      start -= size;
+      assert(start <= end);
+      assert(start < size);
+    }
+  }
+
+  void advanceEnd(int bytes) {
+    assert(start <= end || start > end + bytes);
+    end += bytes;
+    if (end >= size) {
+      end -= size;
+      assert(end < start);
+      assert(end < size);
+    }
+  }
+
+  bool get isEmpty => end == start;
+
+  int get length =>
+      start > end ? size + end - start : end - start;
+
+  int get linearLength =>
+      start > end ? size - start : end - start;
+
+  int get free =>
+      start > end ? start - end - 1 : size + start - end - 1;
+
+  int get linearFree {
+    if (start > end) return start - end - 1;
+    if (start == 0) return size - end - 1;
+    return size - end;
+  }
+
+  List<int> read(int bytes) {
+    if (bytes == null) {
+      bytes = length;
+    } else {
+      bytes = min(bytes, length);
+    }
+    if (bytes == 0) return null;
+    List<int> result = new Uint8List(bytes);
+    int bytesRead = 0;
+    // Loop over zero, one, or two linear data ranges.
+    while (bytesRead < bytes) {
+      int toRead = min(bytes - bytesRead, linearLength);
+      result.setRange(bytesRead,
+                      bytesRead + toRead,
+                      data,
+                      start);
+      advanceStart(toRead);
+      bytesRead += toRead;
+    }
+    return result;
+  }
+
+  int write(List<int> inputData, int offset, int bytes) {
+    if (bytes > free) {
+      bytes = free;
+    }
+    int written = 0;
+    int toWrite = min(bytes, linearFree);
+    // Loop over zero, one, or two linear data ranges.
+    while (toWrite > 0) {
+      data.setRange(end, end + toWrite, inputData, offset);
+      advanceEnd(toWrite);
+      offset += toWrite;
+      written += toWrite;
+      toWrite = min(bytes - written, linearFree);
+    }
+    return written;
+  }
+
+  int writeFromSource(List<int> getData(int requested)) {
+    int written = 0;
+    int toWrite = linearFree;
+    // Loop over zero, one, or two linear data ranges.
+    while (toWrite > 0) {
+      // Source returns at most toWrite bytes, and it returns null when empty.
+      var inputData = getData(toWrite);
+      if (inputData == null || inputData.length == 0) break;
+      var len = inputData.length;
+      data.setRange(end, end + len, inputData);
+      advanceEnd(len);
+      written += len;
+      toWrite = linearFree;
+    }
+    return written;
+  }
+
+  bool readToSocket(RawSocket socket) {
+    // Loop over zero, one, or two linear data ranges.
+    while (true) {
+      var toWrite = linearLength;
+      if (toWrite == 0) return false;
+      int bytes = socket.write(data, start, toWrite);
+      advanceStart(bytes);
+      if (bytes < toWrite) {
+        // The socket has blocked while we have data to write.
+        return true;
+      }
+    }
+  }
+}
+
+
+abstract class _SecureFilter {
+  external factory _SecureFilter();
+
+  void connect(String hostName,
+               SecurityContext context,
+               bool is_server,
+               bool requestClientCertificate,
+               bool requireClientCertificate,
+               Uint8List protocols);
+  void destroy();
+  void handshake();
+  String selectedProtocol();
+  void rehandshake();
+  void renegotiate(bool useSessionCache,
+                   bool requestClientCertificate,
+                   bool requireClientCertificate);
+  void init();
+  X509Certificate get peerCertificate;
+  int processBuffer(int bufferIndex);
+  void registerBadCertificateCallback(Function callback);
+  void registerHandshakeCompleteCallback(Function handshakeCompleteHandler);
+
+  // This call may cause a reference counted pointer in the native
+  // implementation to be retained. It should only be called when the resulting
+  // value is passed to the IO service through a call to dispatch().
+  int _pointer();
+
+  List<_ExternalBuffer> get buffers;
+}
+
+/** A secure networking exception caused by a failure in the
+ *  TLS/SSL protocol.
+ */
+class TlsException implements IOException {
+  final String type;
+  final String message;
+  final OSError osError;
+
+  const TlsException([String message = "",
+                      OSError osError = null])
+     : this._("TlsException", message, osError);
+
+  const TlsException._(this.type, this.message, this.osError);
+
+  String toString() {
+    StringBuffer sb = new StringBuffer();
+    sb.write(type);
+    if (!message.isEmpty) {
+      sb.write(": $message");
+      if (osError != null) {
+        sb.write(" ($osError)");
+      }
+    } else if (osError != null) {
+      sb.write(": $osError");
+    }
+    return sb.toString();
+  }
+}
+
+
+/**
+ * An exception that happens in the handshake phase of establishing
+ * a secure network connection.
+ */
+class HandshakeException extends TlsException {
+  const HandshakeException([String message = "",
+                            OSError osError = null])
+     : super._("HandshakeException", message, osError);
+}
+
+
+/**
+ * An exception that happens in the handshake phase of establishing
+ * a secure network connection, when looking up or verifying a
+ * certificate.
+ */
+class CertificateException extends TlsException {
+  const CertificateException([String message = "",
+                            OSError osError = null])
+     : super._("CertificateException", message, osError);
+}