dart:io | Add SecureSocket.importPrivateCertificates, that reads a PKCS#12 file.

tests/standalone/io/private_certificate_test.dart

Index: tests/standalone/io/private_certificate_test.dart
diff --git a/tests/standalone/io/private_certificate_test.dart b/tests/standalone/io/private_certificate_test.dart
new file mode 100644
index 0000000000000000000000000000000000000000..10b31c1db829f00d58e84b7d10682dfb8b0d101c
--- /dev/null
+++ b/tests/standalone/io/private_certificate_test.dart
@@ -0,0 +1,71 @@
+// Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file
+// for details. All rights reserved. Use of this source code is governed by a
+// BSD-style license that can be found in the LICENSE file.
+
+// This test verifies that a server certificate can be verified by a client
+// that loads the certificate authority certificate it depends on at runtime.
+
+import "package:expect/expect.dart";
+import "package:path/path.dart";
+import "dart:io";
+import "dart:async";
+
+Future copyFileToDirectory(String file, String directory) {
+  switch (Platform.operatingSystem) {
+    case 'linux':
+    case 'macos':
+      return Process.run('cp', [file, directory]);
+    case 'windows':
+      return Process.run('cmd.exe', ['/C', 'copy $file $directory']);
+    default:
+      Expect.fail('Unknown operating system ${Platform.operatingSystem}');
+  }
+}
+
+
+void main() {
+  String scriptDirectory = dirname(Platform.script);
+  Directory tempDirectory = new Directory('').createTempSync();
+  String testDirectory = tempDirectory.path;
+  copyFileToDirectory(join(scriptDirectory, 'pkcert', 'cert9.db'),
+                      testDirectory).then((_) =>
+  copyFileToDirectory(join(scriptDirectory, 'pkcert', 'key4.db'),
+                      testDirectory)).then((_) {
+    SecureSocket.initialize(database: testDirectory,
+                            password: 'dartdart',
+                            readOnly: false);
+
+    SecureSocket.removeCertificate('localhost_cert');
+    SecureSocket.removeCertificate('myauthority_cert');
+    // TODO: Check existence of certificates, if we add a getCertificate method.
+
+    var certificate = join(scriptDirectory, 'pkcert', 'localhost.p12');
+    var mycert = new File(certificate).readAsBytesSync();
+    SecureSocket.importPrivateCertificates(mycert, 'dartdart');
+    SecureSocket.removeCertificate('myauthority_cert');
+
+    return runServer();
+  }).then((SecureServerSocket server) {
+      return Process.run(Platform.executable,
+                         ['--checked',
+                        join(scriptDirectory, 'certificate_test_client.dart'),
+                        server.port.toString(),
+                        join(scriptDirectory, 'pkcert', 'myauthority.pem')]);
+  }).then((ProcessResult result) {
+    if (result.exitCode != 0) {
+      print("Client failed with exit code ${result.exitCode}");
+      print("  stdout:");
+      print(result.stdout);
+      print("  stderr:");
+      print(result.stderr);
+      throw new AssertionError();
+    }
+  }).whenComplete(() {
+    tempDirectory.delete(recursive: true);
+  });
+}
+
+Future<SecureServerSocket> runServer() =>
+  SecureServerSocket.bind("localhost", 0, "localhost_cert")
+    .then((server) => server..listen(

[Søren Gjesse, 2013/08/07 07:32:28]

Why ..?

[Bill Hesse, 2013/08/08 17:39:21]

We want to return the SecureServerSocket, not the return value from listen, a
subscription.

+        (socket) => socket.pipe(socket).then((_) => server.close())));