languages/dart-sdk
languages/dart-sdk
1
0
Fork 0
mirror of https://github.com/dart-lang/sdk synced 2024-10-01 16:44:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rolls back fix of SecurityContext method names.

Browse source 
R=iposva@google.com

Review URL: https://codereview.chromium.org/1757453002 .
This commit is contained in:
Zachary Anderson 2016-03-01 10:34:15 -08:00
parent 7b6463b708
commit e2729705ff
34 changed files with 191 additions and 234 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
CHANGELOG.md
View file

@ -26,13 +26,8 @@
`SecurityContext.useCertificateChainBytes`,
`SecurityContext.setTrustedCertificatesBytes`, and
`SecurityContext.setClientAuthoritiesBytes`.
* The non-`Bytes` methods of `SecurityContext` are being renamed -`Sync`, as
they will do synchronous IO. The non-`Bytes` and non-`Sync` methods are
deprecated and will be removed in a later release.
* **Breaking** The named `directory` argument of
`SecurityContext.setTrustedCertificates` is no longer supported.
The method now only supports one argument for the PEM file name containing
the trusted certificates.
`SecurityContext.setTrustedCertificates` has been removed.
* Added support to `SecurityContext` for PKCS12 certificate and key
containers.
* All calls in `SecurityContext` that accept certificate data now accept an

25
runtime/bin/secure_socket_patch.dart
View file

@ -137,49 +137,34 @@ class _SecurityContext
static final SecurityContext defaultContext =
new _SecurityContext().._trustBuiltinRoots();
void usePrivateKey(String keyFile, {String password}) {
usePrivateKeySync(keyFile, password: password);
}
void usePrivateKeySync(String keyFile, {String password}) {
List<int> bytes = (new File(keyFile)).readAsBytesSync();
void usePrivateKey(String file, {String password}) {
List<int> bytes = (new File(file)).readAsBytesSync();
usePrivateKeyBytes(bytes, password: password);
}
void usePrivateKeyBytes(List<int> keyBytes, {String password})
native "SecurityContext_UsePrivateKeyBytes";
void setTrustedCertificates(String file, {String password}) {
setTrustedCertificatesSync(file, password: password);
}
void setTrustedCertificatesSync(String file, {String password}) {
List<int> bytes = (new File(file)).readAsBytesSync();
setTrustedCertificatesBytes(bytes, password: password);
}
void setTrustedCertificatesBytes(List<int> certBytes, {String password})
native "SecurityContext_SetTrustedCertificatesBytes";
void useCertificateChain({String file, String directory, String password}) {
if (directory != null) {
throw new UnsupportedError(
"The directory argument to useCertificateChain is not supported.");
}
useCertificateChainSync(file, password: password);
}
void useCertificateChainSync(String chainFile, {String password}) {
List<int> bytes = (new File(chainFile)).readAsBytesSync();
void useCertificateChain(String file, {String password}) {
List<int> bytes = (new File(file)).readAsBytesSync();
useCertificateChainBytes(bytes, password: password);
}
void useCertificateChainBytes(List<int> chainBytes, {String password})
native "SecurityContext_UseCertificateChainBytes";
void setClientAuthorities(String file, {String password}) {
setClientAuthoritiesSync(file, password: password);
}
void setClientAuthoritiesSync(String file, {String password}) {
List<int> bytes = (new File(file)).readAsBytesSync();
setClientAuthoritiesBytes(bytes, password: password);
}
void setClientAuthoritiesBytes(List<int> authCertBytes, {String password})
native "SecurityContext_SetClientAuthoritiesBytes";
void setAlpnProtocols(List<String> protocols, bool isServer) {
Uint8List encodedProtocols =
SecurityContext._protocolsToLengthEncoding(protocols);

4
sdk/lib/io/http.dart
View file

@ -108,8 +108,8 @@ abstract class HttpStatus {
* var key =
* Platform.script.resolve('certificates/server_key.pem')
* .toFilePath();
* context.useCertificateChainSync(chain);
* context.usePrivateKeySync(key, password: 'dartdart');
* context.useCertificateChain(chain);
* context.usePrivateKey(key, password: 'dartdart');
*
* HttpServer
* .bindSecure(InternetAddress.ANY_IP_V6,

77
sdk/lib/io/security_context.dart
View file

@ -14,14 +14,6 @@ part of dart.io;
*
* Certificates and keys can be added to a SecurityContext from either PEM
* or PKCS12 containers.
*
* [usePrivateKey], [setTrustedCertificates], [useCertificateChain], and
* [setClientAuthorities] are deprecated. They have been renamed
* [usePrivateKeySync], [setTrustedCertificatesSync], [useCertificateChainSync],
* and [setClientAuthoritiesSync] to reflect the fact that they do blocking
* IO. Async-friendly versions have been added in [usePrivateKeyBytes],
* [setTrustedCertificatesBytes], [useCertificateChainBytes], and
* [setClientAuthoritiesBytes].
*/
abstract class SecurityContext {
external factory SecurityContext();
@ -42,23 +34,21 @@ abstract class SecurityContext {
*
* A secure connection using this SecurityContext will use this key with
* the server or client certificate to sign and decrypt messages.
* [keyFile] is the path to a PEM or PKCS12 file containing an encrypted
* private key, encrypted with [password]. An unencrypted file can be
* used, but this is not usual.
* [file] is the path to a PEM or PKCS12 file containing an encrypted
* private key, encrypted with [password]. Assuming it is well-formatted, all
* other contents of [file] are ignored. An unencrypted file can be used,
* but this is not usual.
*
* NB: This function calls [ReadFileAsBytesSync], and will block on file IO.
* Prefer using [usePrivateKeyBytes].
*/
void usePrivateKeySync(String keyFile, {String password});
/**
* [usePrivateKey] is deprecated. Use [usePrivateKeySync] or
* [usePrivateKeyBytes].
*/
@deprecated
void usePrivateKey(String keyFile, {String password});
void usePrivateKey(String file, {String password});
/**
* Sets the private key for a server certificate or client certificate.
*
* Like [usePrivateKeyBytesSync], but takes the contents of the file.
* Like [usePrivateKey], but takes the contents of the file as a list
* of bytes.
*/
void usePrivateKeyBytes(List<int> keyBytes, {String password});
@ -69,24 +59,21 @@ abstract class SecurityContext {
* [file] is the path to a PEM or PKCS12 file containing X509 certificates,
* usually root certificates from certificate authorities. For PKCS12 files,
* [password] is the password for the file. For PEM files, [password] is
* ignored. Assuming it is well-formatted, all other contents of [file] are
* ignored.
*
* NB: This function calls [ReadFileAsBytesSync], and will block on file IO.
* Prefer using [setTrustedCertificatesBytes].
*/
void setTrustedCertificatesSync(String file, {String password});
/**
* [setTrustedCertificates] is deprecated. Use [setTrustedCertificatesSync]
* or [setTrustedCertificatesBytes].
*/
@deprecated
void setTrustedCertificates(String file, {String password});
/**
* Sets the set of trusted X509 certificates used by [SecureSocket]
* client connections, when connecting to a secure server.
*
* Like [setTrustedCertificatesSync] but takes the contents of the file.
* Like [setTrustedCertificates] but takes the contents of the file.
*/
void setTrustedCertificatesBytes(List<int> certBytes,{String password});
void setTrustedCertificatesBytes(List<int> certBytes, {String password});
/**
* Sets the chain of X509 certificates served by [SecureServer]
@ -97,22 +84,19 @@ abstract class SecurityContext {
* chain to the server certificate, and ending with the server certificate.
* The private key for the server certificate is set by [usePrivateKey]. For
* PKCS12 files, [password] is the password for the file. For PEM files,
* [password] is ignored.
* [password] is ignored. Assuming it is well-formatted, all
* other contents of [file] are ignored.
*
* NB: This function calls [ReadFileAsBytesSync], and will block on file IO.
* Prefer using [useCertificateChainBytes].
*/
void useCertificateChainSync(String file, {String password});
/**
* [useCertificateChain] is deprecated. Use [useCertificateChainSync]
* or [useCertificateChainBytes].
*/
@deprecated
void useCertificateChain({String file, String directory, String password});
void useCertificateChain(String file, {String password});
/**
* Sets the chain of X509 certificates served by [SecureServer]
* when making secure connections, including the server certificate.
*
* Like [useCertificateChainSync] but takes the contents of the file.
* Like [useCertificateChain] but takes the contents of the file.
*/
void useCertificateChainBytes(List<int> chainBytes, {String password});
@ -124,15 +108,12 @@ abstract class SecurityContext {
* [file] is a PEM or PKCS12 file containing the accepted signing
* authority certificates - the authority names are extracted from the
* certificates. For PKCS12 files, [password] is the password for the file.
* For PEM files, [password] is ignored.
* For PEM files, [password] is ignored. Assuming it is well-formatted, all
* other contents of [file] are ignored.
*
* NB: This function calls [ReadFileAsBytesSync], and will block on file IO.
* Prefer using [setClientAuthoritiesBytes].
*/
void setClientAuthoritiesSync(String file, {String password});
/**
* [setClientAuthorities] is deprecated. Use [setClientAuthoritiesSync]
* or [setClientAuthoritiesBytes].
*/
@deprecated
void setClientAuthorities(String file, {String password});
/**
@ -140,7 +121,7 @@ abstract class SecurityContext {
* as accepted, when requesting a client certificate from a connecting
* client.
*
* Like [setClientAuthoritySync] but takes the contents of the file.
* Like [setClientAuthority] but takes the contents of the file.
*/
void setClientAuthoritiesBytes(List<int> authCertBytes, {String password});

8
tests/standalone/io/http_proxy_advanced_test.dart
View file

@ -12,12 +12,12 @@ import 'dart:convert';
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
class Server {
HttpServer server;

9
tests/standalone/io/http_proxy_test.dart
View file

@ -12,13 +12,12 @@ import 'dart:convert';
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(
localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
class Server {
HttpServer server;

8
tests/standalone/io/https_bad_certificate_test.dart
View file

@ -14,9 +14,9 @@ final HOST_NAME = 'localhost';
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
class CustomException {}
@ -31,7 +31,7 @@ main() async {
});
SecurityContext goodContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
SecurityContext badContext = new SecurityContext();
SecurityContext defaultContext = SecurityContext.defaultContext;

14
tests/standalone/io/https_client_certificate_test.dart
View file

@ -13,17 +13,17 @@ const HOST_NAME = "localhost";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
// TODO: Specify which client certificate roots to trust.
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'))
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'))
// TODO: Set a client certificate here.
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
void main() {
asyncStart();

8
tests/standalone/io/https_server_test.dart
View file

@ -13,12 +13,12 @@ InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
void testListenOn() {
void test(void onDone()) {

9
tests/standalone/io/https_unauthorized_test.dart
View file

@ -16,13 +16,12 @@ const CERTIFICATE = "localhost_cert";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext untrustedServerContext = new SecurityContext()
..useCertificateChainSync(localFile(
'certificates/untrusted_server_chain.pem'))
..usePrivateKeySync(localFile('certificates/untrusted_server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/untrusted_server_chain.pem'))
..usePrivateKey(localFile('certificates/untrusted_server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
Future<SecureServerSocket> runServer() {
return HttpServer.bindSecure(

8
tests/standalone/io/raw_secure_server_closing_test.dart
View file

@ -17,12 +17,12 @@ InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
void testCloseOneEnd(String toClose) {
asyncStart();

12
tests/standalone/io/raw_secure_server_socket_test.dart
View file

@ -17,12 +17,12 @@ InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
void testSimpleBind() {
asyncStart();
@ -574,13 +574,13 @@ runTests() {
var chain =
Platform.script.resolve('certificates/untrusted_server_chain.pem')
.toFilePath();
context.useCertificateChainSync(chain);
context.useCertificateChain(chain);
testSimpleConnectFail(context, false);
testSimpleConnectFail(context, true);
var key =
Platform.script.resolve('certificates/untrusted_server_key.pem')
.toFilePath();
context.usePrivateKeySync(key, password: 'dartdart');
context.usePrivateKey(key, password: 'dartdart');
testSimpleConnectFail(context, false);
testSimpleConnectFail(context, true);
testServerListenAfterConnect();

8
tests/standalone/io/raw_secure_socket_pause_test.dart
View file

@ -16,12 +16,12 @@ import "dart:isolate";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
Future<HttpServer> startServer() {
return HttpServer.bindSecure(

8
tests/standalone/io/raw_secure_socket_test.dart
View file

@ -16,12 +16,12 @@ import "dart:isolate";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
main() async {
List<int> message = "GET / HTTP/1.0\r\nHost: localhost\r\n\r\n".codeUnits;

8
tests/standalone/io/regress_21160_test.dart
View file

@ -13,12 +13,12 @@ import "dart:typed_data";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
// 10 KiB of i%256 data.
Uint8List DATA = new Uint8List.fromList(

8
tests/standalone/io/secure_bad_certificate_test.dart
View file

@ -14,9 +14,9 @@ final HOST_NAME = 'localhost';
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
class CustomException {}
@ -30,7 +30,7 @@ main() async {
}, onError: (e) { if (e is! HandshakeException) throw e; });
SecurityContext goodContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
SecurityContext badContext = new SecurityContext();
SecurityContext defaultContext = SecurityContext.defaultContext;

8
tests/standalone/io/secure_client_raw_server_test.dart
View file

@ -16,12 +16,12 @@ import "package:expect/expect.dart";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
InternetAddress HOST;
Future<RawSecureServerSocket> startEchoServer() {

8
tests/standalone/io/secure_client_server_test.dart
View file

@ -18,12 +18,12 @@ InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(
..setTrustedCertificates(
localFile('certificates/trusted_certs.pem'));

8
tests/standalone/io/secure_multiple_client_server_test.dart
View file

@ -19,12 +19,12 @@ SecureServerSocket SERVER;
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
Future startServer() {
return SecureServerSocket.bind(HOST, 0, serverContext).then((server) {

26
tests/standalone/io/secure_server_client_certificate_test.dart
View file

@ -14,27 +14,27 @@ String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext(String certType, String password) =>
new SecurityContext()
..useCertificateChainSync(
localFile('certificates/server_chain.$certType'), password: password)
..usePrivateKeySync(
localFile('certificates/server_key.$certType'), password: password)
..setTrustedCertificatesSync(localFile(
..useCertificateChain(localFile(
'certificates/server_chain.$certType'), password: password)
..usePrivateKey(localFile(
'certificates/server_key.$certType'), password: password)
..setTrustedCertificates(localFile(
'certificates/client_authority.$certType'), password: password)
..setClientAuthoritiesSync(localFile(
..setClientAuthorities(localFile(
'certificates/client_authority.$certType'), password: password);
SecurityContext clientCertContext(String certType, String password) =>
new SecurityContext()
..setTrustedCertificatesSync(
localFile('certificates/trusted_certs.$certType'), password: password)
..useCertificateChainSync(
localFile('certificates/client1.$certType'), password: password)
..usePrivateKeySync(
localFile('certificates/client1_key.$certType'), password: password);
..setTrustedCertificates(localFile(
'certificates/trusted_certs.$certType'), password: password)
..useCertificateChain(localFile(
'certificates/client1.$certType'), password: password)
..usePrivateKey(localFile(
'certificates/client1_key.$certType'), password: password);
SecurityContext clientNoCertContext(String certType, String password) =>
new SecurityContext()
..setTrustedCertificatesSync(localFile(
..setTrustedCertificates(localFile(
'certificates/trusted_certs.$certType'), password: password);
Future testClientCertificate(

9
tests/standalone/io/secure_server_closing_test.dart
View file

@ -18,13 +18,12 @@ InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(
localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
void testCloseOneEnd(String toClose) {
asyncStart();

8
tests/standalone/io/secure_server_socket_test.dart
View file

@ -18,12 +18,12 @@ InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
void testSimpleBind() {
asyncStart();

8
tests/standalone/io/secure_session_resume_test.dart
View file

@ -28,12 +28,12 @@ InternetAddress HOST;
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
Future<SecureServerSocket> startServer() {
return SecureServerSocket.bind(HOST,

8
tests/standalone/io/secure_socket_alpn_test.dart
View file

@ -17,12 +17,12 @@ const String MESSAGE_LENGTH_ERROR =
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext clientContext() => new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
SecurityContext serverContext() => new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
// Tests that client/server with same protocol can securely establish a
// connection, negotiate the protocol and can send data to each other.

2
tests/standalone/io/secure_socket_renegotiate_client.dart
View file

@ -15,7 +15,7 @@ const HOST_NAME = "localhost";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
class ExpectException implements Exception {
ExpectException(this.message);

6
tests/standalone/io/secure_socket_renegotiate_test.dart
View file

@ -17,9 +17,9 @@ const HOST_NAME = "localhost";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
Future<SecureServerSocket> runServer() {
return SecureServerSocket.bind(HOST_NAME, 0, serverContext)

12
tests/standalone/io/secure_socket_test.dart
View file

@ -17,15 +17,15 @@ String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext(String certType, String password) =>
new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.$certType'),
password: password)
..usePrivateKeySync(localFile('certificates/server_key.$certType'),
password: password);
..useCertificateChain(localFile('certificates/server_chain.$certType'),
password: password)
..usePrivateKey(localFile('certificates/server_key.$certType'),
password: password);
SecurityContext clientContext(String certType, String password) =>
new SecurityContext()
..setTrustedCertificatesSync(localFile(
'certificates/trusted_certs.$certType'), password: password);
..setTrustedCertificates(localFile('certificates/trusted_certs.$certType'),
password: password);
Future<HttpServer> startServer(String certType, String password) {
return HttpServer.bindSecure(

2
tests/standalone/io/secure_unauthorized_client.dart
View file

@ -11,7 +11,7 @@ import "dart:io";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
class ExpectException implements Exception {
ExpectException(this.message);

7
tests/standalone/io/secure_unauthorized_test.dart
View file

@ -14,10 +14,9 @@ const HOST_NAME = "localhost";
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile(
'certificates/untrusted_server_chain.pem'))
..usePrivateKeySync(localFile('certificates/untrusted_server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/untrusted_server_chain.pem'))
..usePrivateKey(localFile('certificates/untrusted_server_key.pem'),
password: 'dartdart');
Future<SecureServerSocket> runServer() {
return SecureServerSocket.bind(HOST_NAME, 0, serverContext)

62
tests/standalone/io/security_context_argument_test.dart
View file

@ -15,71 +15,71 @@ bool tlsException(e) => e is TlsException;
void testUsePrivateKeyArguments() {
var c = new SecurityContext();
c.useCertificateChainSync(localFile('certificates/server_chain.pem'));
c.useCertificateChain(localFile('certificates/server_chain.pem'));
// Wrong password.
Expect.throws(() => c.usePrivateKeySync(
Expect.throws(() => c.usePrivateKey(
localFile('certificates/server_key.pem')),
tlsException);
Expect.throws(() => c.usePrivateKeySync(
localFile('certificates/server_key.pem'), password: "iHackSites"),
Expect.throws(() => c.usePrivateKey(
localFile('certificates/server_key.pem'), password: "iHackSites"),
tlsException);
Expect.throws(() => c.usePrivateKeySync(
Expect.throws(() => c.usePrivateKey(
localFile('certificates/server_key.p12')),
tlsException);
Expect.throws(() => c.usePrivateKeySync(
localFile('certificates/server_key.p12'), password: "iHackSites"),
Expect.throws(() => c.usePrivateKey(
localFile('certificates/server_key.p12'), password: "iHackSites"),
tlsException);
Expect.throws(() => c.setTrustedCertificatesSync(
Expect.throws(() => c.setTrustedCertificates(
localFile('certificates/server_key.p12')),
tlsException);
Expect.throws(() => c.setTrustedCertificatesSync(
localFile('certificates/server_key.p12'), password: "iHackSites"),
Expect.throws(() => c.setTrustedCertificates(
localFile('certificates/server_key.p12'), password: "iHackSites"),
tlsException);
Expect.throws(() => c.useCertificateChainSync(
Expect.throws(() => c.useCertificateChain(
localFile('certificates/server_key.p12')),
tlsException);
Expect.throws(() => c.useCertificateChainSync(
localFile('certificates/server_key.p12'), password: "iHackSites"),
Expect.throws(() => c.useCertificateChain(
localFile('certificates/server_key.p12'), password: "iHackSites"),
tlsException);
Expect.throws(() => c.setClientAuthoritiesSync(
Expect.throws(() => c.setClientAuthorities(
localFile('certificates/server_key.p12')),
argumentError);
Expect.throws(() => c.setClientAuthoritiesSync(
localFile('certificates/server_key.p12'), password: "iHackSites"),
Expect.throws(() => c.setClientAuthorities(
localFile('certificates/server_key.p12'), password: "iHackSites"),
argumentError);
// File does not exist
Expect.throws(() => c.usePrivateKeySync(
Expect.throws(() => c.usePrivateKey(
localFile('certificates/server_key_oops.pem'),
password: "dartdart"),
fileSystemException);
// Wrong type for file name or data
Expect.throws(() => c.usePrivateKeySync(1), argumentOrTypeError);
Expect.throws(() => c.usePrivateKeySync(null), argumentError);
Expect.throws(() => c.usePrivateKey(1), argumentOrTypeError);
Expect.throws(() => c.usePrivateKey(null), argumentError);
Expect.throws(() => c.usePrivateKeyBytes(1), argumentOrTypeError);
Expect.throws(() => c.usePrivateKeyBytes(null), argumentError);
// Too-long passwords.
Expect.throws(() => c.usePrivateKeySync(
Expect.throws(() => c.usePrivateKey(
localFile('certificates/server_key.pem'), password: "dart" * 1000),
argumentError);
Expect.throws(() => c.usePrivateKeySync(
Expect.throws(() => c.usePrivateKey(
localFile('certificates/server_key.p12'), password: "dart" * 1000),
argumentOrTypeError);
Expect.throws(() => c.setTrustedCertificatesSync(
Expect.throws(() => c.setTrustedCertificates(
localFile('certificates/server_key.p12'), password: "dart" * 1000),
argumentOrTypeError);
Expect.throws(() => c.useCertificateChainSync(
Expect.throws(() => c.useCertificateChain(
localFile('certificates/server_key.p12'), password: "dart" * 1000),
argumentOrTypeError);
Expect.throws(() => c.setClientAuthoritiesSync(
Expect.throws(() => c.setClientAuthorities(
localFile('certificates/server_key.p12'), password: "dart" * 1000),
argumentOrTypeError);
// Bad password type.
Expect.throws(() => c.usePrivateKeySync(
Expect.throws(() => c.usePrivateKey(
localFile('certificates/server_key.pem'), password: 3),
argumentOrTypeError);
Expect.throws(() => c.setTrustedCertificatesBytes(
@ -100,24 +100,24 @@ void testUsePrivateKeyArguments() {
Expect.throws(() => c.setClientAuthoritiesBytes([]), argumentError);
// Malformed PEM certs.
Expect.throws(() => c.usePrivateKeySync(
Expect.throws(() => c.usePrivateKey(
localFile('certificates/client1_key_malformed.pem'),
password: "dartdart"),
tlsException);
Expect.throws(() => c.setTrustedCertificatesSync(
Expect.throws(() => c.setTrustedCertificates(
localFile('certificates/trusted_certs_malformed.pem')),
tlsException);
Expect.throws(() => c.useCertificateChainSync(
Expect.throws(() => c.useCertificateChain(
localFile('certificates/server_chain_malformed1.pem')),
tlsException);
Expect.throws(() => c.useCertificateChainSync(
Expect.throws(() => c.useCertificateChain(
localFile('certificates/server_chain_malformed2.pem')),
tlsException);
Expect.throws(() => c.setClientAuthoritiesSync(
Expect.throws(() => c.setClientAuthorities(
localFile('certificates/client_authority_malformed.pem')),
argumentError);
c.usePrivateKeySync(
c.usePrivateKey(
localFile('certificates/server_key.pem'), password: "dartdart");
}

8
tests/standalone/io/socket_upgrade_to_secure_test.dart
View file

@ -18,12 +18,12 @@ String localFile(path) => Platform.script.resolve(path).toFilePath();
List<int> readLocalFile(path) => (new File(localFile(path))).readAsBytesSync();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
// This test creates a server and a client connects. After connecting
// and an optional initial handshake the connection is secured by

6
tests/standalone/io/web_socket_compression_test.dart
View file

@ -25,9 +25,9 @@ const String HOST_NAME = 'localhost';
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
class SecurityConfiguration {
final bool secure;

8
tests/standalone/io/web_socket_error_test.dart
View file

@ -28,12 +28,12 @@ const String HOST_NAME = 'localhost';
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
/**
* A SecurityConfiguration lets us run the tests over HTTP or HTTPS.

8
tests/standalone/io/web_socket_test.dart
View file

@ -24,12 +24,12 @@ const String HOST_NAME = 'localhost';
String localFile(path) => Platform.script.resolve(path).toFilePath();
SecurityContext serverContext = new SecurityContext()
..useCertificateChainSync(localFile('certificates/server_chain.pem'))
..usePrivateKeySync(localFile('certificates/server_key.pem'),
password: 'dartdart');
..useCertificateChain(localFile('certificates/server_chain.pem'))
..usePrivateKey(localFile('certificates/server_key.pem'),
password: 'dartdart');
SecurityContext clientContext = new SecurityContext()
..setTrustedCertificatesSync(localFile('certificates/trusted_certs.pem'));
..setTrustedCertificates(localFile('certificates/trusted_certs.pem'));
/**
* A SecurityConfiguration lets us run the tests over HTTP or HTTPS.