languages/dart-sdk
languages/dart-sdk
1
0
Fork 0
mirror of https://github.com/dart-lang/sdk synced 2024-10-01 17:02:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adds SecurityContext.setTrustedCertificatesBytes

Browse source 
Implements SecurityContext.setTrustedCertificates in terms of the new
function. This requires setTrustedCertificates to return a Future,
and removing the `directory` named argument as it is not possible to
implement with BoringSSL without blocking IO.

R=whesse@google.com

Review URL: https://codereview.chromium.org/1665433002 .
This commit is contained in:
Zachary Anderson 2016-02-08 08:41:49 -08:00
parent 46850c69ab
commit 2cf6405ca9
38 changed files with 412 additions and 323 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
CHANGELOG.md
View file

@ -4,6 +4,19 @@
* Added `Uri.queryParametersAll` to handle multiple query parameters with
the same name.
* `dart:io`
* Added `SecurityContext.usePrivateKeyBytes`,
`SecurityContext.useCertificateChainBytes`,
`SecurityContext.setTrustedCertificatesBytes`, and
`SecurityContext.setClientAuthoritiesBytes`.
* The non-`Bytes` methods of `SecurityContext` are being renamed -`Sync`, as
they will do synchronous IO. The non-`Bytes` and non-`Sync` methods are
deprecated and will be removed in a later release.
* **Breaking** The named `directory` argument of
`SecurityContext.setTrustedCertificates` is no longer supported.
The method now only supports one argument for the PEM file name containing
the trusted certificates.
## 1.14.1 - 2016-02-04
Patch release, resolves one issue:

4
runtime/bin/dartutils.h
View file

@ -29,7 +29,9 @@ class OSError;
* API functions return any error handles passed in as arguments, unchanged.
*/
static inline Dart_Handle ThrowIfError(Dart_Handle handle) {
if (Dart_IsError(handle)) Dart_PropagateError(handle);
if (Dart_IsError(handle)) {
Dart_PropagateError(handle);
}
return handle;
}

4
runtime/bin/io_natives.cc
View file

@ -109,8 +109,8 @@ namespace bin {
V(SecurityContext_Allocate, 1) \
V(SecurityContext_UsePrivateKeyBytes, 3) \
V(SecurityContext_SetAlpnProtocols, 3) \
V(SecurityContext_SetClientAuthorities, 2) \
V(SecurityContext_SetTrustedCertificates, 3) \
V(SecurityContext_SetClientAuthoritiesBytes, 2) \
V(SecurityContext_SetTrustedCertificatesBytes, 2) \
V(SecurityContext_TrustBuiltinRoots, 1) \
V(SecurityContext_UseCertificateChainBytes, 2) \
V(ServerSocket_Accept, 2) \

278
runtime/bin/secure_socket.cc
View file

@ -376,17 +376,79 @@ void CheckStatus(int status,
}
// Where the argument to the constructor is the handle for an object
// implementing List<int>, this class creates a scope in which a memory-backed
// BIO is allocated. Leaving the scope cleans up the BIO and the buffer that
// was used to create it.
//
// Do not make Dart_ API calls while in a MemBIOScope.
// Do not call Dart_PropagateError while in a MemBIOScope.
class MemBIOScope {
public:
explicit MemBIOScope(Dart_Handle object) {
if (!Dart_IsTypedData(object) && !Dart_IsList(object)) {
Dart_ThrowException(DartUtils::NewDartArgumentError(
"Argument is not a List<int>"));
}
uint8_t* bytes = NULL;
intptr_t bytes_len = 0;
bool is_typed_data = false;
if (Dart_IsTypedData(object)) {
is_typed_data = true;
Dart_TypedData_Type typ;
ThrowIfError(Dart_TypedDataAcquireData(
object,
&typ,
reinterpret_cast<void**>(&bytes),
&bytes_len));
} else {
ASSERT(Dart_IsList(object));
ThrowIfError(Dart_ListLength(object, &bytes_len));
bytes = Dart_ScopeAllocate(bytes_len);
ASSERT(bytes != NULL);
ThrowIfError(Dart_ListGetAsBytes(object, 0, bytes, bytes_len));
}
object_ = object;
bytes_ = bytes;
bytes_len_ = bytes_len_;
bio_ = BIO_new_mem_buf(bytes, bytes_len);
ASSERT(bio_ != NULL);
is_typed_data_ = is_typed_data;
}
~MemBIOScope() {
ASSERT(bio_ != NULL);
if (is_typed_data_) {
BIO_free(bio_);
ThrowIfError(Dart_TypedDataReleaseData(object_));
} else {
BIO_free(bio_);
}
}
BIO* bio() {
ASSERT(bio_ != NULL);
return bio_;
}
private:
Dart_Handle object_;
uint8_t* bytes_;
intptr_t bytes_len_;
BIO* bio_;
bool is_typed_data_;
DISALLOW_ALLOCATION();
DISALLOW_COPY_AND_ASSIGN(MemBIOScope);
};
void FUNCTION_NAME(SecurityContext_UsePrivateKeyBytes)(
Dart_NativeArguments args) {
SSL_CTX* context = GetSecurityContext(args);
Dart_Handle key_object = ThrowIfError(Dart_GetNativeArgument(args, 1));
if (!Dart_IsTypedData(key_object) && !Dart_IsList(key_object)) {
Dart_ThrowException(DartUtils::NewDartArgumentError(
"keyBytes argument to SecurityContext.usePrivateKeyBytes "
"is not a List<int>"));
}
Dart_Handle password_object = ThrowIfError(Dart_GetNativeArgument(args, 2));
const char* password = NULL;
if (Dart_IsString(password_object)) {
@ -403,39 +465,12 @@ void FUNCTION_NAME(SecurityContext_UsePrivateKeyBytes)(
"SecurityContext.usePrivateKey password is not a String or null"));
}
uint8_t* key_bytes = NULL;
intptr_t key_bytes_len = 0;
bool is_typed_data = false;
if (Dart_IsTypedData(key_object)) {
is_typed_data = true;
Dart_TypedData_Type typ;
ThrowIfError(Dart_TypedDataAcquireData(
key_object,
&typ,
reinterpret_cast<void**>(&key_bytes),
&key_bytes_len));
} else {
ASSERT(Dart_IsList(key_object));
ThrowIfError(Dart_ListLength(key_object, &key_bytes_len));
key_bytes = new uint8_t[key_bytes_len];
Dart_Handle err =
Dart_ListGetAsBytes(key_object, 0, key_bytes, key_bytes_len);
if (Dart_IsError(err)) {
delete[] key_bytes;
Dart_PropagateError(err);
}
}
ASSERT(key_bytes != NULL);
BIO* bio = BIO_new_mem_buf(key_bytes, key_bytes_len);
EVP_PKEY *key = PEM_read_bio_PrivateKey(
bio, NULL, PasswordCallback, const_cast<char*>(password));
int status = SSL_CTX_use_PrivateKey(context, key);
BIO_free(bio);
if (is_typed_data) {
ThrowIfError(Dart_TypedDataReleaseData(key_object));
} else {
delete[] key_bytes;
int status;
{
MemBIOScope bio(ThrowIfError(Dart_GetNativeArgument(args, 1)));
EVP_PKEY *key = PEM_read_bio_PrivateKey(
bio.bio(), NULL, PasswordCallback, const_cast<char*>(password));
status = SSL_CTX_use_PrivateKey(context, key);
}
// TODO(24184): Handle different expected errors here - file missing,
@ -445,29 +480,44 @@ void FUNCTION_NAME(SecurityContext_UsePrivateKeyBytes)(
}
void FUNCTION_NAME(SecurityContext_SetTrustedCertificates)(
Dart_NativeArguments args) {
SSL_CTX* context = GetSecurityContext(args);
Dart_Handle filename_object = ThrowIfError(Dart_GetNativeArgument(args, 1));
const char* filename = NULL;
if (Dart_IsString(filename_object)) {
ThrowIfError(Dart_StringToCString(filename_object, &filename));
}
Dart_Handle directory_object = ThrowIfError(Dart_GetNativeArgument(args, 2));
const char* directory = NULL;
if (Dart_IsString(directory_object)) {
ThrowIfError(Dart_StringToCString(directory_object, &directory));
} else if (Dart_IsNull(directory_object)) {
directory = NULL;
} else {
Dart_ThrowException(DartUtils::NewDartArgumentError(
"Directory argument to SecurityContext.setTrustedCertificates is not "
"a String or null"));
static int SetTrustedCertificatesBytes(SSL_CTX* context, BIO* bio) {
X509_STORE* store = SSL_CTX_get_cert_store(context);
int status = 0;
X509* cert = NULL;
while ((cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)) != NULL) {
status = X509_STORE_add_cert(store, cert);
if (status == 0) {
X509_free(cert);
return status;
}
}
int status = SSL_CTX_load_verify_locations(context, filename, directory);
CheckStatus(
status, "TlsException", "SSL_CTX_load_verify_locations");
uint32_t err = ERR_peek_last_error();
if ((ERR_GET_LIB(err) == ERR_LIB_PEM) &&
(ERR_GET_REASON(err) == PEM_R_NO_START_LINE)) {
// Reached the end of the buffer.
ERR_clear_error();
} else {
// Some real error happened.
status = 0;
}
return status;
}
void FUNCTION_NAME(SecurityContext_SetTrustedCertificatesBytes)(
Dart_NativeArguments args) {
SSL_CTX* context = GetSecurityContext(args);
int status;
{
MemBIOScope bio(ThrowIfError(Dart_GetNativeArgument(args, 1)));
status = SetTrustedCertificatesBytes(context, bio.bio());
}
CheckStatus(status,
"TlsException",
"Failure in setTrustedCertificatesBytes");
}
@ -489,17 +539,10 @@ void FUNCTION_NAME(SecurityContext_TrustBuiltinRoots)(
}
static int UseChainBytes(
SSL_CTX* context, uint8_t* chain_bytes, intptr_t chain_bytes_len) {
static int UseChainBytes(SSL_CTX* context, BIO* bio) {
int status = 0;
BIO* bio = BIO_new_mem_buf(chain_bytes, chain_bytes_len);
if (bio == NULL) {
return 0;
}
X509* x509 = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL);
if (x509 == NULL) {
BIO_free(bio);
return 0;
}
@ -510,7 +553,6 @@ static int UseChainBytes(
}
if (status == 0) {
X509_free(x509);
BIO_free(bio);
return status;
}
@ -525,7 +567,6 @@ static int UseChainBytes(
if (status == 0) {
X509_free(ca);
X509_free(x509);
BIO_free(bio);
return status;
}
// Note that we must not free `ca` if it was successfully added to the
@ -544,7 +585,6 @@ static int UseChainBytes(
}
X509_free(x509);
BIO_free(bio);
return status;
}
@ -552,44 +592,10 @@ static int UseChainBytes(
void FUNCTION_NAME(SecurityContext_UseCertificateChainBytes)(
Dart_NativeArguments args) {
SSL_CTX* context = GetSecurityContext(args);
Dart_Handle chain_object = ThrowIfError(Dart_GetNativeArgument(args, 1));
if (!Dart_IsTypedData(chain_object) && !Dart_IsList(chain_object)) {
Dart_ThrowException(DartUtils::NewDartArgumentError(
"chainBytes argument to SecurityContext.useCertificateChainBytes "
"is not a List<int>"));
}
uint8_t* chain_bytes = NULL;
intptr_t chain_bytes_len = 0;
bool is_typed_data = false;
if (Dart_IsTypedData(chain_object)) {
is_typed_data = true;
Dart_TypedData_Type typ;
ThrowIfError(Dart_TypedDataAcquireData(
chain_object,
&typ,
reinterpret_cast<void**>(&chain_bytes),
&chain_bytes_len));
} else {
ASSERT(Dart_IsList(chain_object));
ThrowIfError(Dart_ListLength(chain_object, &chain_bytes_len));
chain_bytes = new uint8_t[chain_bytes_len];
Dart_Handle err =
Dart_ListGetAsBytes(chain_object, 0, chain_bytes, chain_bytes_len);
if (Dart_IsError(err)) {
delete[] chain_bytes;
Dart_PropagateError(err);
}
}
ASSERT(chain_bytes != NULL);
int status = UseChainBytes(context, chain_bytes, chain_bytes_len);
if (is_typed_data) {
ThrowIfError(Dart_TypedDataReleaseData(chain_object));
} else {
delete[] chain_bytes;
int status;
{
MemBIOScope bio(ThrowIfError(Dart_GetNativeArgument(args, 1)));
status = UseChainBytes(context, bio.bio());
}
CheckStatus(status,
"TlsException",
@ -597,20 +603,50 @@ void FUNCTION_NAME(SecurityContext_UseCertificateChainBytes)(
}
void FUNCTION_NAME(SecurityContext_SetClientAuthorities)(
static STACK_OF(X509_NAME)* GetCertificateNames(BIO* bio) {
STACK_OF(X509_NAME)* result = sk_X509_NAME_new_null();
if (result == NULL) {
return NULL;
}
while (true) {
X509* x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
if (x509 == NULL) {
break;
}
X509_NAME* x509_name = X509_get_subject_name(x509);
if (x509_name == NULL) {
sk_X509_NAME_pop_free(result, X509_NAME_free);
X509_free(x509);
return NULL;
}
// Duplicate the name to put it on the stack.
x509_name = X509_NAME_dup(x509_name);
if (x509_name == NULL) {
sk_X509_NAME_pop_free(result, X509_NAME_free);
X509_free(x509);
return NULL;
}
sk_X509_NAME_push(result, x509_name);
X509_free(x509);
}
return result;
}
void FUNCTION_NAME(SecurityContext_SetClientAuthoritiesBytes)(
Dart_NativeArguments args) {
SSL_CTX* context = GetSecurityContext(args);
Dart_Handle filename_object = ThrowIfError(Dart_GetNativeArgument(args, 1));
const char* filename = NULL;
if (Dart_IsString(filename_object)) {
ThrowIfError(Dart_StringToCString(filename_object, &filename));
} else {
Dart_ThrowException(DartUtils::NewDartArgumentError(
"file argument in SecurityContext.setClientAuthorities"
" is not a String"));
}
STACK_OF(X509_NAME)* certificate_names;
certificate_names = SSL_load_client_CA_file(filename);
{
MemBIOScope bio(ThrowIfError(Dart_GetNativeArgument(args, 1)));
certificate_names = GetCertificateNames(bio.bio());
}
if (certificate_names != NULL) {
SSL_CTX_set_client_CA_list(context, certificate_names);
} else {

49
runtime/bin/secure_socket_patch.dart
View file

@ -137,24 +137,49 @@ class _SecurityContext
static final SecurityContext defaultContext =
new _SecurityContext().._trustBuiltinRoots();
Future usePrivateKey(String keyFile, {String password}) {
return (new File(keyFile)).readAsBytes().then((bytes) {
usePrivateKeyBytes(bytes, password: password);
});
void usePrivateKey(String keyFile, {String password}) {
usePrivateKeySync(keyFile, password: password);
}
void usePrivateKeySync(String keyFile, {String password}) {
List<int> bytes = (new File(keyFile)).readAsBytesSync();
usePrivateKeyBytes(bytes, password: password);
}
void usePrivateKeyBytes(List<int> keyBytes, {String password})
native "SecurityContext_UsePrivateKeyBytes";
void setTrustedCertificates({String file, String directory})
native "SecurityContext_SetTrustedCertificates";
Future useCertificateChain(String chainFile) {
return (new File(chainFile)).readAsBytes().then((bytes) {
useCertificateChainBytes(bytes);
});
void setTrustedCertificates(String file) {
setTrustedCertificatesSync(file);
}
void setTrustedCertificatesSync(String file) {
List<int> bytes = (new File(file)).readAsBytesSync();
setTrustedCertificatesBytes(bytes);
}
void setTrustedCertificatesBytes(List<int> certBytes)
native "SecurityContext_SetTrustedCertificatesBytes";
void useCertificateChain({String file, String directory}) {
if (directory != null) {
throw new UnsupportedError(
"The directory argument to useCertificateChain is not supported.");
}
useCertificateChainSync(file);
}
void useCertificateChainSync(String chainFile) {
List<int> bytes = (new File(chainFile)).readAsBytesSync();
useCertificateChainBytes(bytes);
}
void useCertificateChainBytes(List<int> chainBytes)
native "SecurityContext_UseCertificateChainBytes";
void setClientAuthorities(String file)
native "SecurityContext_SetClientAuthorities";
void setClientAuthorities(String file) {
setClientAuthoritiesSync(file);
}
void setClientAuthoritiesSync(String file) {
List<int> bytes = (new File(file)).readAsBytesSync();
setClientAuthoritiesBytes(bytes);
}
void setClientAuthoritiesBytes(List<int> authCertBytes)
native "SecurityContext_SetClientAuthoritiesBytes";
void setAlpnProtocols(List<String> protocols, bool isServer) {
Uint8List encodedProtocols =
SecurityContext._protocolsToLengthEncoding(protocols);

4
runtime/bin/secure_socket_unsupported.cc
View file

@ -116,13 +116,13 @@ void FUNCTION_NAME(SecurityContext_SetAlpnProtocols)(
"Secure Sockets unsupported on this platform"));
}
void FUNCTION_NAME(SecurityContext_SetClientAuthorities)(
void FUNCTION_NAME(SecurityContext_SetClientAuthoritiesBytes)(
Dart_NativeArguments args) {
Dart_ThrowException(DartUtils::NewDartArgumentError(
"Secure Sockets unsupported on this platform"));
}
void FUNCTION_NAME(SecurityContext_SetTrustedCertificates)(
void FUNCTION_NAME(SecurityContext_SetTrustedCertificatesBytes)(
Dart_NativeArguments args) {
Dart_ThrowException(DartUtils::NewDartArgumentError(
"Secure Sockets unsupported on this platform"));

6
sdk/lib/io/http.dart
View file

@ -100,7 +100,7 @@ abstract class HttpStatus {
* import 'dart:io';
* import "dart:isolate";
*
* main() async {
* main() {
* SecurityContext context = new SecurityContext();
* var chain =
* Platform.script.resolve('certificates/server_chain.pem')
@ -108,8 +108,8 @@ abstract class HttpStatus {
* var key =
* Platform.script.resolve('certificates/server_key.pem')
* .toFilePath();
* await context.useCertificateChain(chain);
* await context.usePrivateKey(key, password: 'dartdart');
* context.useCertificateChainSync(chain);
* context.usePrivateKeySync(key, password: 'dartdart');
*
* HttpServer
* .bindSecure(InternetAddress.ANY_IP_V6,

78
sdk/lib/io/security_context.dart
View file

@ -18,6 +18,14 @@ part of dart.io;
* "-----BEGIN CERTIFICATE -----" and "-----END CERTIFICATE-----".
* Distinguished encoding rules (DER) is a canonical binary serialization
* of ASN1 objects into an octet string.
*
* [usePrivateKey], [setTrustedCertificates], [useCertificateChain], and
* [setClientAuthorities] are deprecated. They have been renamed
* [usePrivateKeySync], [setTrustedCertificatesSync], [useCertificateChainSync],
* and [setClientAuthoritiesSync] to reflect the fact that they do blocking
* IO. Async-friendly versions have been added in [usePrivateKeyBytes],
* [setTrustedCertificatesBytes], [useCertificateChainBytes], and
* [setClientAuthoritiesBytes].
*/
abstract class SecurityContext {
external factory SecurityContext();
@ -41,11 +49,15 @@ abstract class SecurityContext {
* [keyFile] is a PEM file containing an encrypted
* private key, encrypted with [password]. An unencrypted file can be
* used, but this is not usual.
*
* The function returns a [Future] that completes when the key has been added
* to the context.
*/
Future usePrivateKey(String keyFile, {String password});
void usePrivateKeySync(String keyFile, {String password});
/**
* [usePrivateKey] is deprecated. Use [usePrivateKeySync] or
* [usePrivateKeyBytes].
*/
@deprecated
void usePrivateKey(String keyFile, {String password});
/**
* Sets the private key for a server certificate or client certificate.
@ -62,20 +74,26 @@ abstract class SecurityContext {
* Sets the set of trusted X509 certificates used by [SecureSocket]
* client connections, when connecting to a secure server.
*
* There are two ways to set a set of trusted certificates, with a single
* PEM file, or with a directory containing individual PEM files for
* certificates.
*
* [file] is an optional PEM file containing X509 certificates, usually
* [file] is the path to a PEM file containing X509 certificates, usually
* root certificates from certificate authorities.
*
* [directory] is an optional directory containing PEM files. The directory
* must also have filesystem links added, which link extra filenames based
* on the hash of a certificate's distinguished name (DN) to the file
* containing that certificate. OpenSSL contains a tool called c_rehash
* to create these links in a directory.
*/
void setTrustedCertificates({String file, String directory});
void setTrustedCertificatesSync(String file);
/**
* [setTrustedCertificates] is deprecated. Use [setTrustedCertificatesSync]
* or [setTrustedCertificatesBytes].
*/
@deprecated
void setTrustedCertificates(String file);
/**
* Sets the set of trusted X509 certificates used by [SecureSocket]
* client connections, when connecting to a secure server.
*
* [file] is the contents of a PEM file containing X509 certificates, usually
* root certificates from certificate authorities.
*/
void setTrustedCertificatesBytes(List<int> certBytes);
/**
* Sets the chain of X509 certificates served by [SecureServer]
@ -85,11 +103,15 @@ abstract class SecurityContext {
* the root authority and intermediate authorities forming the signed
* chain to the server certificate, and ending with the server certificate.
* The private key for the server certificate is set by [usePrivateKey].
*
* The function returns a [Future] that completes when the certificate chain
* has been set.
*/
Future useCertificateChain(String file);
void useCertificateChainSync(String file);
/**
* [useCertificateChain] is deprecated. Use [useCertificateChainSync]
* or [useCertificateChainBytes].
*/
@deprecated
void useCertificateChain({String file, String directory});
/**
* Sets the chain of X509 certificates served by [SecureServer]
@ -109,8 +131,24 @@ abstract class SecurityContext {
* client. [file] is a PEM file containing the accepted signing authority
* certificates - the authority names are extracted from the certificates.
*/
void setClientAuthoritiesSync(String file);
/**
* [setClientAuthorities] is deprecated. Use [setClientAuthoritiesSync]
* or [setClientAuthoritiesBytes].
*/
@deprecated
void setClientAuthorities(String file);
/**
* Sets the list of authority names that a [SecureServer] will advertise
* as accepted, when requesting a client certificate from a connecting
* client. [authCertBytes] is the contents of a PEM file containing the
* accepted signing authority certificates - the authority names are extracted
* from the certificates.
*/
void setClientAuthoritiesBytes(List<int> authCertBytes);
/**
* Sets the list of application-level protocols supported by a client
* connection or server connection. The ALPN (application level protocol

9
tests/standalone/io/http_proxy_advanced_test.dart
View file

@ -10,15 +10,14 @@ import "dart:io";
import 'dart:convert';
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
class Server {
HttpServer server;

10
tests/standalone/io/http_proxy_test.dart
View file

@ -10,15 +10,15 @@ import "dart:io";
import 'dart:convert';
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(
localFile('certificates/trusted_certs.pem'));
class Server {
HttpServer server;

9
tests/standalone/io/https_bad_certificate_test.dart
View file

@ -12,12 +12,11 @@ import "package:expect/expect.dart";
final HOST_NAME = 'localhost';
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
class CustomException {}
@ -32,7 +31,7 @@ main() async {
});
SecurityContext goodContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
SecurityContext badContext = new SecurityContext();
SecurityContext defaultContext = SecurityContext.defaultContext;

15
tests/standalone/io/https_client_certificate_test.dart
View file

@ -11,20 +11,19 @@ import "package:path/path.dart";
const HOST_NAME = "localhost";
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
// TODO: Specify which client certificate roots to trust.
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'))
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'))
// TODO: Set a client certificate here.
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
void main() {
asyncStart();

9
tests/standalone/io/https_server_test.dart
View file

@ -11,15 +11,14 @@ import "package:expect/expect.dart";
InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
void testListenOn() {
void test(void onDone()) {

9
tests/standalone/io/https_unauthorized_test.dart
View file

@ -14,16 +14,15 @@ const HOST_NAME = "localhost";
const CERTIFICATE = "localhost_cert";
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext untrustedServerContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile(
..useCertificateChainSync(localFile(
'certificates/untrusted_server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/untrusted_server_key.pem'),
password: 'dartdart');
..usePrivateKeySync(localFile('certificates/untrusted_server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
Future<SecureServerSocket> runServer() {
return HttpServer.bindSecure(

9
tests/standalone/io/raw_secure_server_closing_test.dart
View file

@ -15,15 +15,14 @@ import "package:expect/expect.dart";
InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
void testCloseOneEnd(String toClose) {
asyncStart();

13
tests/standalone/io/raw_secure_server_socket_test.dart
View file

@ -15,15 +15,14 @@ import "package:expect/expect.dart";
InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
void testSimpleBind() {
asyncStart();
@ -575,13 +574,13 @@ runTests() {
var chain =
Platform.script.resolve('certificates/untrusted_server_chain.pem')
.toFilePath();
context.useCertificateChain(chain);
context.useCertificateChainSync(chain);
testSimpleConnectFail(context, false);
testSimpleConnectFail(context, true);
var key =
Platform.script.resolve('certificates/untrusted_server_key.pem')
.toFilePath();
context.usePrivateKey(key, password: 'dartdart');
context.usePrivateKeySync(key, password: 'dartdart');
testSimpleConnectFail(context, false);
testSimpleConnectFail(context, true);
testServerListenAfterConnect();

9
tests/standalone/io/raw_secure_socket_pause_test.dart
View file

@ -14,15 +14,14 @@ import "dart:io";
import "dart:isolate";
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
Future<HttpServer> startServer() {
return HttpServer.bindSecure(

9
tests/standalone/io/raw_secure_socket_test.dart
View file

@ -14,15 +14,14 @@ import "dart:io";
import "dart:isolate";
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
main() async {
List<int> message = "GET / HTTP/1.0\r\nHost: localhost\r\n\r\n".codeUnits;

9
tests/standalone/io/regress_21160_test.dart
View file

@ -11,15 +11,14 @@ import "dart:io";
import "dart:typed_data";
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
// 10 KiB of i%256 data.
Uint8List DATA = new Uint8List.fromList(

9
tests/standalone/io/secure_bad_certificate_test.dart
View file

@ -12,12 +12,11 @@ import "package:expect/expect.dart";
final HOST_NAME = 'localhost';
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
class CustomException {}
@ -31,7 +30,7 @@ main() async {
}, onError: (e) { if (e is! HandshakeException) throw e; });
SecurityContext goodContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
SecurityContext badContext = new SecurityContext();
SecurityContext defaultContext = SecurityContext.defaultContext;

9
tests/standalone/io/secure_client_raw_server_test.dart
View file

@ -14,15 +14,14 @@ import "package:async_helper/async_helper.dart";
import "package:expect/expect.dart";
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
InternetAddress HOST;
Future<RawSecureServerSocket> startEchoServer() {

10
tests/standalone/io/secure_client_server_test.dart
View file

@ -16,15 +16,15 @@ import "package:expect/expect.dart";
InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(
localFile('certificates/trusted_certs.pem'));
Future<SecureServerSocket> startEchoServer() {

9
tests/standalone/io/secure_multiple_client_server_test.dart
View file

@ -17,15 +17,14 @@ InternetAddress HOST;
SecureServerSocket SERVER;
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
Future startServer() {
return SecureServerSocket.bind(HOST, 0, serverContext).then((server) {

21
tests/standalone/io/secure_server_client_certificate_test.dart
View file

@ -11,23 +11,22 @@ import "package:expect/expect.dart";
InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart')
..setTrustedCertificates(file: localFile('certificates/client_authority.pem'))
..setClientAuthorities(localFile('certificates/client_authority.pem'));
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart')
..setTrustedCertificatesSync(localFile('certificates/client_authority.pem'))
..setClientAuthoritiesSync(localFile('certificates/client_authority.pem'));
SecurityContext clientCertContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'))
..useCertificateChainBytes(readLocalFile('certificates/client1.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/client1_key.pem'),
password: 'dartdart');
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'))
..useCertificateChainSync(localFile('certificates/client1.pem'))
..usePrivateKeySync(localFile('certificates/client1_key.pem'),
password: 'dartdart');
SecurityContext clientNoCertContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
Future testClientCertificate({bool required, bool sendCert}) async {
var server = await SecureServerSocket.bind(HOST, 0, serverContext,

10
tests/standalone/io/secure_server_closing_test.dart
View file

@ -16,15 +16,15 @@ import "package:expect/expect.dart";
InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(
localFile('certificates/trusted_certs.pem'));
void testCloseOneEnd(String toClose) {
asyncStart();

9
tests/standalone/io/secure_server_socket_test.dart
View file

@ -16,15 +16,14 @@ import "package:expect/expect.dart";
InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
void testSimpleBind() {
asyncStart();

9
tests/standalone/io/secure_session_resume_test.dart
View file

@ -26,15 +26,14 @@ import "package:async_helper/async_helper.dart";
InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
Future<SecureServerSocket> startServer() {
return SecureServerSocket.bind(HOST,

9
tests/standalone/io/secure_socket_alpn_test.dart
View file

@ -15,15 +15,14 @@ const String MESSAGE_LENGTH_ERROR =
'The maximum message length supported is 2^13-1';
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext clientContext() => new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
SecurityContext serverContext() => new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
// Tests that client/server with same protocol can securely establish a
// connection, negotiate the protocol and can send data to each other.

2
tests/standalone/io/secure_socket_renegotiate_client.dart
View file

@ -15,7 +15,7 @@ const HOST_NAME = "localhost";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
class ExpectException implements Exception {
ExpectException(this.message);

7
tests/standalone/io/secure_socket_renegotiate_test.dart
View file

@ -15,12 +15,11 @@ import "package:path/path.dart";
const HOST_NAME = "localhost";
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
Future<SecureServerSocket> runServer() {
return SecureServerSocket.bind(HOST_NAME, 0, serverContext)

9
tests/standalone/io/secure_socket_test.dart
View file

@ -13,15 +13,14 @@ import "dart:async";
import "dart:io";
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
Future<HttpServer> startServer() {
return HttpServer.bindSecure(

2
tests/standalone/io/secure_unauthorized_client.dart
View file

@ -11,7 +11,7 @@ import "dart:io";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
class ExpectException implements Exception {
ExpectException(this.message);

7
tests/standalone/io/secure_unauthorized_test.dart
View file

@ -12,13 +12,12 @@ import "dart:io";
const HOST_NAME = "localhost";
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile(
..useCertificateChainSync(localFile(
'certificates/untrusted_server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/untrusted_server_key.pem'),
password: 'dartdart');
..usePrivateKeySync(localFile('certificates/untrusted_server_key.pem'),
password: 'dartdart');
Future<SecureServerSocket> runServer() {
return SecureServerSocket.bind(HOST_NAME, 0, serverContext)

34
tests/standalone/io/security_context_argument_test.dart
View file

@ -6,7 +6,6 @@ import "package:expect/expect.dart";
import "dart:io";
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
bool printException(e) { print(e); return true; }
bool argumentError(e) => e is ArgumentError;
@ -16,28 +15,27 @@ bool tlsException(e) => e is TlsException;
void testUsePrivateKeyArguments() {
var c = new SecurityContext();
c.useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'));
Expect.throws(() => c.usePrivateKeyBytes(
readLocalFile('certificates/server_key.pem'),
password: "dart" * 1000),
c.useCertificateChainSync(localFile('certificates/server_chain.pem'));
Expect.throws(() => c.usePrivateKeySync(
localFile('certificates/server_key.pem'), password: "dart" * 1000),
argumentError);
Expect.throws(() => c.usePrivateKeyBytes(
readLocalFile('certificates/server_key.pem')),
Expect.throws(() => c.usePrivateKeySync(
localFile('certificates/server_key.pem')),
tlsException);
Expect.throws(() => c.usePrivateKeyBytes(
readLocalFile('certificates/server_key.pem'), password: "iHackSites"),
Expect.throws(() => c.usePrivateKeySync(
localFile('certificates/server_key.pem'), password: "iHackSites"),
tlsException);
Expect.throws(() => c.usePrivateKeyBytes(
readLocalFile('certificates/server_key_oops.pem'),
password: "dartdart"),
Expect.throws(() => c.usePrivateKeySync(
localFile('certificates/server_key_oops.pem'),
password: "dartdart"),
fileSystemException);
Expect.throws(() => c.usePrivateKeyBytes(1), argumentOrTypeError);
Expect.throws(() => c.usePrivateKeyBytes(null), argumentError);
Expect.throws(() => c.usePrivateKeyBytes(
readLocalFile('certificates/server_key_oops.pem'), password: 3),
Expect.throws(() => c.usePrivateKeySync(1), argumentOrTypeError);
Expect.throws(() => c.usePrivateKeySync(null), argumentError);
Expect.throws(() => c.usePrivateKeySync(
localFile('certificates/server_key_oops.pem'), password: 3),
fileSystemException);
c.usePrivateKeyBytes(
readLocalFile('certificates/server_key.pem'), password: "dartdart");
c.usePrivateKeySync(
localFile('certificates/server_key.pem'), password: "dartdart");
}
void main() {

8
tests/standalone/io/socket_upgrade_to_secure_test.dart
View file

@ -18,12 +18,12 @@ String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
// This test creates a server and a client connects. After connecting
// and an optional initial handshake the connection is secured by

7
tests/standalone/io/web_socket_compression_test.dart
View file

@ -23,12 +23,11 @@ const WEB_SOCKET_GUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
const String HOST_NAME = 'localhost';
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
class SecurityConfiguration {
final bool secure;

9
tests/standalone/io/web_socket_error_test.dart
View file

@ -26,15 +26,14 @@ const String CERT_NAME = 'localhost_cert';
const String HOST_NAME = 'localhost';
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
/**
* A SecurityConfiguration lets us run the tests over HTTP or HTTPS.

9
tests/standalone/io/web_socket_test.dart
View file

@ -22,15 +22,14 @@ const WEB_SOCKET_GUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
const String HOST_NAME = 'localhost';
String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainBytes(readLocalFile('certificates/server_chain.pem'))
..usePrivateKeyBytes(readLocalFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificates(file: localFile('certificates/trusted_certs.pem'));
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
/**
* A SecurityConfiguration lets us run the tests over HTTP or HTTPS.