blob: 02742f7ca8e0f421e40e23ea9a3a98eaa51298dd [file] [log] [blame]
// Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file
// for details. All rights reserved. Use of this source code is governed by a
// BSD-style license that can be found in the LICENSE file.
* SecureSocket provides a secure (SSL or TLS) client connection to a server.
* The certificate provided by the server is checked
* using the certificate database provided in setCertificateDatabase.
abstract class SecureSocket implements Socket {
* Constructs a new secure client socket and connect it to the given
* host on the given port. The returned socket is not yet connected
* but ready for registration of callbacks. If sendClientCertificate is
* set to true, the socket will send a client certificate if one is
* requested by the server. If clientCertificate is the nickname of
* a certificate in the certificate database, that certificate will be sent.
* If clientCertificate is null, which is the usual use case, an
* appropriate certificate will be searched for in the database and
* sent automatically, based on what the server says it will accept.
factory SecureSocket(String host,
int port,
{bool sendClientCertificate: false,
String certificateName}) {
return new _SecureSocket(host,
is_server: false,
sendClientCertificate: sendClientCertificate);
* Install a handler for unverifiable certificates. The handler can inspect
* the certificate, and decide (or let the user decide) whether to accept
* the connection or not. The callback should return true
* to continue the SecureSocket connection.
void set onBadCertificate(bool callback(X509Certificate certificate));
* Get the peerCertificate for a connected secure socket. For a server
* socket, this will return the client certificate, or null, if no
* client certificate was received. For a client socket, this
* will return the server's certificate.
X509Certificate get peerCertificate;
* Initializes the NSS library with the path to a certificate database
* containing root certificates for verifying certificate paths on
* client connections, and server certificates to provide on server
* connections. The password argument should be used when creating
* secure server sockets, to allow the private key of the server
* certificate to be fetched. If useBuiltinRoots is true (the default),
* then a built-in set of root certificates for trusted certificate
* authorities is merged with the certificates in the database.
* Examples:
* 1) Use only the builtin root certificates:
* SecureSocket.initialize(); or
* 2) Use a specified database and the builtin roots:
* SecureSocket.initialize(database: 'path/to/my/database',
* password: 'my_password');
* 3) Use a specified database, without builtin roots:
* SecureSocket.initialize(database: 'path/to/my/database',
* password: 'my_password'.
* useBuiltinRoots: false);
* The database should be an NSS certificate database directory
* containing a cert9.db file, not a cert8.db file. This version of
* the database can be created using the NSS certutil tool with "sql:" in
* front of the absolute path of the database directory, or setting the
* environment variable NSS_DEFAULT_DB_TYPE to "sql".
external static void initialize({String database,
String password,
bool useBuiltinRoots: true});
* X509Certificate represents an SSL certificate, with accessors to
* get the fields of the certificate.
class X509Certificate {
final String subject;
final String issuer;
final Date startValidity;
final Date endValidity;
class _SecureSocket implements SecureSocket {
// Status states
static final int NOT_CONNECTED = 200;
static final int HANDSHAKE = 201;
static final int CONNECTED = 202;
static final int CLOSED = 203;
// Buffer identifiers.
// These must agree with those in the native C++ implementation.
static final int READ_PLAINTEXT = 0;
static final int WRITE_PLAINTEXT = 1;
static final int READ_ENCRYPTED = 2;
static final int WRITE_ENCRYPTED = 3;
static final int NUM_BUFFERS = 4;
int requestedPort,
String this.certificateName,
{bool this.is_server,
Socket this.socket,
bool this.requestClientCertificate: false,
bool this.requireClientCertificate: false,
bool this.sendClientCertificate: false})
: secureFilter = new _SecureFilter() {
// Throw an ArgumentError if any field is invalid.
if (socket == null) {
socket = new Socket(host, requestedPort);
socket.onConnect = _secureConnectHandler;
socket.onData = _secureDataHandler;
socket.onClosed = _secureCloseHandler;
socket.onError = _secureErrorHandler;
void _verifyFields() {
if (host is! String) throw new ArgumentError(
"SecureSocket constructor: host is not a String");
assert(is_server is bool);
assert(socket == null || socket is Socket);
if (certificateName != null && certificateName is! String) {
throw new ArgumentError(
"SecureSocket constructor: certificateName is not null or a String");
if (certificateName == null && is_server) {
throw new ArgumentError(
"SecureSocket constructor: certificateName is null on a server");
if (requestClientCertificate is! bool) {
throw new ArgumentError(
"SecureSocket constructor: requestClientCertificate is not a bool");
if (requireClientCertificate is! bool) {
throw new ArgumentError(
"SecureSocket constructor: requireClientCertificate is not a bool");
if (sendClientCertificate is! bool) {
throw new ArgumentError(
"SecureSocket constructor: sendClientCertificate is not a bool");
int get port => socket.port;
String get remoteHost => socket.remoteHost;
int get remotePort => socket.remotePort;
void set onClosed(void callback()) {
if (_inputStream != null && callback != null) {
throw new StreamException(
"Cannot set close handler when input stream is used");
_onClosed = callback;
void set _onClosed(void callback()) {
_socketCloseHandler = callback;
void set onConnect(void callback()) {
if (_status == CONNECTED || _status == CLOSED) {
throw new StreamException(
"Cannot set connect handler when already connected");
_onConnect = callback;
void set _onConnect(void callback()) {
_socketConnectHandler = callback;
void set onData(void callback()) {
if (_inputStream != null && callback != null) {
throw new StreamException(
"Cannot set data handler when input stream is used");
_onData = callback;
void set _onData(void callback()) {
_socketDataHandler = callback;
void set onError(void callback(e)) {
_socketErrorHandler = callback;
void set onWrite(void callback()) {
if (_outputStream != null && callback != null) {
throw new StreamException(
"Cannot set write handler when output stream is used");
_onWrite = callback;
void set _onWrite(void callback()) {
_socketWriteHandler = callback;
// Reset the one-shot onWrite handler.
socket.onWrite = _secureWriteHandler;
void set onBadCertificate(bool callback(X509Certificate certificate)) {
if (callback is! Function && callback != null) {
throw new SocketIOException(
"Callback provided to onBadCertificate is not a function or null");
InputStream get inputStream {
if (_inputStream == null) {
if (_socketDataHandler != null || _socketCloseHandler != null) {
throw new StreamException(
"Cannot get input stream when socket handlers are used");
_inputStream = new _SocketInputStream(this);
return _inputStream;
OutputStream get outputStream {
if (_outputStream == null) {
if (_socketWriteHandler != null) {
throw new StreamException(
"Cannot get output stream when socket write handler is used");
_outputStream = new _SocketOutputStream(this);
return _outputStream;
int available() {
throw new UnimplementedError("SecureSocket.available not implemented yet");
void close([bool halfClose = false]) {
if (_status == CLOSED) return;
if (halfClose) {
_closedWrite = true;
if (_filterWriteEmpty) {
_socketClosedWrite = true;
if (_closedRead) {
} else {
_closedWrite = true;
_closedRead = true;
_socketClosedWrite = true;
_socketClosedRead = true;
secureFilter = null;
if (scheduledDataEvent != null) {
_status = CLOSED;
void _closeWrite() => close(true);
List<int> read([int len]) {
if (_closedRead) {
throw new SocketIOException("Reading from a closed socket");
if (_status != CONNECTED) {
return new List<int>(0);
var buffer = secureFilter.buffers[READ_PLAINTEXT];
int toRead = buffer.length;
if (len != null) {
if (len is! int || len < 0) {
throw new ArgumentError(
"Invalid len parameter in (len: $len)");
if (len < toRead) {
toRead = len;
List<int> result =, toRead);
return result;
int readList(List<int> data, int offset, int bytes) {
if (_closedRead) {
throw new SocketIOException("Reading from a closed socket");
if (offset < 0 || bytes < 0 || offset + bytes > data.length) {
throw new ArgumentError(
"Invalid offset or bytes in SecureSocket.readList");
if (_status != CONNECTED && _status != CLOSED) {
return 0;
int bytesRead = 0;
var buffer = secureFilter.buffers[READ_PLAINTEXT];
// TODO(whesse): Currently this fails if the if is turned into a while loop.
// Fix it so that it can loop and read more than one buffer's worth of data.
if (bytes > bytesRead) {
if (buffer.length > 0) {
int toRead = min(bytes - bytesRead, buffer.length);
data.setRange(offset, toRead,, buffer.start);
bytesRead += toRead;
offset += toRead;
return bytesRead;
// Write the data to the socket, and flush it as much as possible
// until it would block. If the write would block, _writeEncryptedData sets
// up handlers to flush the pipeline when possible.
int writeList(List<int> data, int offset, int bytes) {
if (_closedWrite) {
throw new SocketIOException("Writing to a closed socket");
if (_status != CONNECTED) return 0;
var buffer = secureFilter.buffers[WRITE_PLAINTEXT];
if (bytes > {
bytes =;
if (bytes > 0) { + buffer.length, bytes, data, offset);
buffer.length += bytes;
_writeEncryptedData(); // Tries to flush all pipeline stages.
return bytes;
X509Certificate get peerCertificate => secureFilter.peerCertificate;
void _secureConnectHandler() {
_connectPending = true;
requestClientCertificate || requireClientCertificate,
_status = HANDSHAKE;
void _secureWriteHandler() {
if (_filterWriteEmpty && _closedWrite && !_socketClosedWrite) {
if (_status == HANDSHAKE) {
} else if (_status == CONNECTED &&
_socketWriteHandler != null &&
secureFilter.buffers[WRITE_PLAINTEXT].free > 0) {
// We must be able to set onWrite from the onWrite callback.
var handler = _socketWriteHandler;
// Reset the one-shot handler.
_socketWriteHandler = null;
void _secureDataHandler() {
if (_status == HANDSHAKE) {
try {
} catch (e) { _reportError(e, "SecureSocket error"); }
} else {
try {
_writeEncryptedData(); // TODO(whesse): Removing this causes a failure.
} catch (e) { _reportError(e, "SecureSocket error"); }
if (!_filterReadEmpty) {
// Call the onData event.
if (scheduledDataEvent != null) {
scheduledDataEvent = null;
if (_socketDataHandler != null) {
} else if (_socketClosedRead) {
void _secureErrorHandler(e) {
_reportError(e, 'Error on underlying Socket');
void _reportError(error, String message) {
// TODO(whesse): Call _reportError from all internal functions that throw.
var e;
if (error is SocketIOException) {
e = new SocketIOException('$message (${error.message})', error.osError);
} else if (error is OSError) {
e = new SocketIOException(message, error);
} else {
e = new SocketIOException('$message (${error.toString()})', null);
bool reported = false;
if (_socketErrorHandler != null) {
reported = true;
if (_inputStream != null) {
reported = reported || _inputStream._onSocketError(e);
if (_outputStream != null) {
reported = reported || _outputStream._onSocketError(e);
if (!reported) throw e;
void _secureCloseHandler() {
if (_closedRead) return;
_socketClosedRead = true;
if (_filterReadEmpty) {
_closedRead = true;
if (scheduledDataEvent != null) {
if (_socketCloseHandler != null) {
if (_socketClosedWrite) {
void _secureHandshake() {
if (secureFilter.buffers[WRITE_ENCRYPTED].length > 0) {
socket.onWrite = _secureWriteHandler;
void _secureHandshakeCompleteHandler() {
_status = CONNECTED;
if (_connectPending && _socketConnectHandler != null) {
_connectPending = false;
if (_socketWriteHandler != null) {
socket.onWrite = _secureWriteHandler;
// True if the underlying socket is closed, the filter has been emptied of
// all data, and the close event has been fired.
get _closed => _socketClosed;
void _readEncryptedData() {
// Read from the socket, and push it through the filter as far as
// possible.
var encrypted = secureFilter.buffers[READ_ENCRYPTED];
var plaintext = secureFilter.buffers[READ_PLAINTEXT];
bool progress = true;
while (progress) {
progress = false;
// Do not try to read plaintext from the filter while handshaking.
if ((_status == CONNECTED) && > 0) {
int bytes = secureFilter.processBuffer(READ_PLAINTEXT);
if (bytes > 0) {
plaintext.length += bytes;
progress = true;
if (encrypted.length > 0) {
int bytes = secureFilter.processBuffer(READ_ENCRYPTED);
if (bytes > 0) {
progress = true;
if (!_socketClosedRead) {
int bytes = socket.readList(,
encrypted.start + encrypted.length,;
if (bytes > 0) {
encrypted.length += bytes;
progress = true;
// If there is any data in any stages of the filter, there should
// be data in the plaintext buffer after this process.
// TODO(whesse): Verify that this is true, and there can be no
// partial encrypted block stuck in the secureFilter.
_filterReadEmpty = (plaintext.length == 0);
void _writeEncryptedData() {
if (_socketClosedWrite) return;
var encrypted = secureFilter.buffers[WRITE_ENCRYPTED];
var plaintext = secureFilter.buffers[WRITE_PLAINTEXT];
while (true) {
if (encrypted.length > 0) {
// Write from the filter to the socket.
int bytes = socket.writeList(,
if (bytes == 0) {
// The socket has blocked while we have data to write.
// We must be notified when it becomes unblocked.
socket.onWrite = _secureWriteHandler;
_filterWriteEmpty = false;
} else {
var plaintext = secureFilter.buffers[WRITE_PLAINTEXT];
if (plaintext.length > 0) {
int plaintext_bytes = secureFilter.processBuffer(WRITE_PLAINTEXT);
int bytes = secureFilter.processBuffer(WRITE_ENCRYPTED);
if (bytes <= 0) {
// We know the WRITE_ENCRYPTED buffer is empty, and the
// filter wrote zero bytes to it, so the filter must be empty.
// Also, the WRITE_PLAINTEXT buffer must have been empty, or
// it would have written to the filter.
// TODO(whesse): Verify that the filter works this way.
_filterWriteEmpty = true;
encrypted.length += bytes;
/* After a read, the onData handler is enabled to fire again.
* We may also have a close event waiting for the SecureFilter to empty.
void _setHandlersAfterRead() {
// If the filter is empty, then we are guaranteed an event when it
// becomes unblocked. Cancel any _secureDataHandler call.
// Otherwise, schedule a _secureDataHandler call since there may data
// available, and this read call enables the data event.
if (_filterReadEmpty) {
if (scheduledDataEvent != null) {
scheduledDataEvent = null;
} else if (scheduledDataEvent == null) {
scheduledDataEvent = new Timer(0, (_) => _secureDataHandler());
if (_socketClosedRead) { // An onClose event is pending.
// _closedRead is false, since we are in a read or readList call.
if (!_filterReadEmpty) {
// _filterReadEmpty may be out of date since read and readList empty
// the plaintext buffer after calling _readEncryptedData.
// TODO(whesse): Fix this as part of fixing read and readList.
if (_filterReadEmpty) {
// This can't be an else clause: the value of _filterReadEmpty changes.
// This must be asynchronous, because we are in a read or readList call.
new Timer(0, (_) => _secureCloseHandler());
bool get _socketClosed => _closedRead;
// _SecureSocket cannot extend _Socket and use _Socket's factory constructor.
Socket socket;
final String host;
final bool is_server;
final String certificateName;
final bool requestClientCertificate;
final bool requireClientCertificate;
final bool sendClientCertificate;
var _status = NOT_CONNECTED;
bool _socketClosedRead = false; // The network socket is closed for reading.
bool _socketClosedWrite = false; // The network socket is closed for writing.
bool _closedRead = false; // The secure socket has fired an onClosed event.
bool _closedWrite = false; // The secure socket has been closed for writing.
bool _filterReadEmpty = true; // There is no buffered data to read.
bool _filterWriteEmpty = true; // There is no buffered data to be written.
_SocketInputStream _inputStream;
_SocketOutputStream _outputStream;
bool _connectPending = false;
Function _socketConnectHandler;
Function _socketWriteHandler;
Function _socketDataHandler;
Function _socketErrorHandler;
Function _socketCloseHandler;
Timer scheduledDataEvent;
_SecureFilter secureFilter;
class _ExternalBuffer {
static final int SIZE = 8 * 1024;
_ExternalBuffer() : start = 0, length = 0;
// TODO(whesse): Consider making this a circular buffer. Only if it helps.
void advanceStart(int numBytes) {
start += numBytes;
length -= numBytes;
if (length == 0) {
start = 0;
int get free => SIZE - (start + length);
List data; // This will be a ExternalByteArray, backed by C allocated data.
int start;
int length;
abstract class _SecureFilter {
external factory _SecureFilter();
void connect(String hostName,
int port,
bool is_server,
String certificateName,
bool requestClientCertificate,
bool requireClientCertificate,
bool sendClientCertificate);
void destroy();
void handshake();
void init();
X509Certificate get peerCertificate;
int processBuffer(int bufferIndex);
void registerBadCertificateCallback(Function callback);
void registerHandshakeCompleteCallback(Function handshakeCompleteHandler);
List<_ExternalBuffer> get buffers;