Remove the certificate management methods from dart:io

sdk/lib/io/secure_socket.dart

Index: sdk/lib/io/secure_socket.dart
diff --git a/sdk/lib/io/secure_socket.dart b/sdk/lib/io/secure_socket.dart
index f2a33e2bf23599df104bfd38c6be3efad5444f00..18670502cf2c448ff7392687bc1ce014cba92d44 100644
--- a/sdk/lib/io/secure_socket.dart
+++ b/sdk/lib/io/secure_socket.dart
@@ -204,117 +204,7 @@ abstract class SecureSocket implements Socket {
    */
   external static void initialize({String database,
                                    String password,
-                                   bool useBuiltinRoots: true,
-                                   bool readOnly: true});
-
-  /**
-   * Trust strings for use in [addCertificate] and [changeTrust].
-   */
-  static const String TRUST_ISSUE_SERVER_CERTIFICATES = 'C,,';
-  static const String TRUST_ISSUE_CLIENT_CERTIFICATES = 'T,,';
-  static const String TRUST_ISSUE_CLIENT_SERVER_CERTIFICATES = 'TC,,';
-  static const String TRUST_CERTIFICATE = 'P,,';
-
-  /**
-   * Adds a X509 certificate (for SSL and TLS secure networking) to the
-   * in-memory certificate cache.  Returns an X509Certificate object
-   * with information about the added certificate.
-   *
-   * The in-memory certificate cache is different from the certificate
-   * database opened by `SecureSocket.initialize`, and certificates added
-   * by [addCertificate] cannot be modified or removed by [changeTrust]
-   * or [removeCertificate].  However, if the certificate is already in the
-   * database, then [removeCertificate] will remove it from both the database
-   * and the in-memory cache.
-   *
-   * [certificate] must be a list of bytes encoding a certificate in
-   *  PEM format: a base64 encoded DER certificate, enclosed between
-   * "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----".
-   *
-   * [trust] is a string specifying the allowed uses of this certificate.
-   * For example, 'TC,,' specifies that the certificate is for a certificate
-   * authority that is trusted to issue server and client certificates, so
-   * that a server or client certificate signed by this authority will be
-   * accepted.
-   *
-   * See the documentation of NSS certutil at
-   * http://developer.mozilla.org/en-US/docs/NSS_reference/NSS_tools_:_certutil
-   * or
-   * http://blogs.oracle.com/meena/entry/notes_about_trust_flags
-   * for more information about trust attributes.
-   */
-  external static X509Certificate addCertificate(List<int> certificate,
-                                                 String trust);
-
-  /**
-   * Adds a X509 certificates (for SSL and TLS secure networking) with
-   * their private keys to the certificate database.  SecureSocket.initialize
-   * must have been called with the path to a certificate database, and with
-   * readOnly set to `false`.
-   *
-   * [certificates] must be a list containing the bytes of a PKCS #12 encoded
-   * list of certificates and private keys.  These are commonly called
-   * `.pfx` or `.p12` files.  Only PKCS #12 files using
-   * 3-key triple-DES and 40 bit RC2 encryption are accepted.
-   *
-   * All certificates are imported with no default trust, and the appropriate
-   * uses of each certificate must be added with `SecureSocket.changeTrust`.
-   *
-   * See the documentation of NSS certutil at
-   * http://developer.mozilla.org/en-US/docs/NSS_reference/NSS_tools_:_certutil
-   * or
-   * http://blogs.oracle.com/meena/entry/notes_about_trust_flags
-   * for more information about trust attributes.
-   *
-   * Returns a CertificateError if it fails. The error code -8183 does not
-   * indicate that the PKCS #12 file is corrupt.  It also is returned if
-   * the certificate database is read-only, or is the default internal database,
-   * or if the password for the file or database is incorrect.
-   */
-  external static importCertificatesWithPrivateKeys(List<int> certificates,
-                                                    String password);
-
-  /**
-   * Changes the trust settings for the certificate with nickname [nickname].
-   * This certificate must exist in the certificate database.
-   * SecureSocket.initialize must have been called with the path to a
-   * certificate database, and with readOnly set to false.
-   *
-   * [trust] is a string specifying the allowed uses of this certificate.
-   * For example, 'TC,,' specifies that the certificate is for a certificate
-   * authority that is trusted to issue server and client certificates, so
-   * that a server or client certificate signed by this authority will be
-   * accepted.
-   *
-   * See the documentation of NSS certutil at
-   * http://developer.mozilla.org/en-US/docs/NSS_reference/NSS_tools_:_certutil
-   * or
-   * http://blogs.oracle.com/meena/entry/notes_about_trust_flags
-   * for more information about trust attributes.
-   */
-  external static X509Certificate changeTrust(String nickname,
-                                              String trust);
-
-  /**
-   * Gets the certificate with nickname [nickname] from
-   * the certificate database.  Returns an X509Certificate object with
-   * information about the certificate.
-   *
-   * Throws a CertificateException if it cannot find the certificate with
-   * the given nickname.
-   */
-  external static X509Certificate getCertificate(String nickname);
-
-  /**
-   * Removes the certificate with nickname [nickname] permanently from
-   * the certificate database.
-   * This certificate must exist in the certificate database.
-   * SecureSocket.initialize must have been called with the path to a
-   * certificate database, and with readOnly set to false.
-   *
-   * Returns null if it cannot find the certificate with that nickname.
-   */
-  external static removeCertificate(String nickname);
+                                   bool useBuiltinRoots: true});
 }
 
 
@@ -522,8 +412,7 @@ class _RawSecureSocket extends Stream<RawSocketEvent>
   static final int NUM_BUFFERS = 4;
 
   // Is a buffer identifier for an encrypted buffer?
-  static bool _isBufferEncrypted(int identifier) =>
-      identifier >= READ_ENCRYPTED;
+  static bool _isBufferEncrypted(int identifier) => identifier >= READ_ENCRYPTED;
 
   RawSocket _socket;
   final Completer<_RawSecureSocket> _handshakeComplete =