dart:io
SecurityContext class
The object containing the certificates to trust when making a secure client connection, and the certificate chain and private key to serve from a secure server.
The SecureSocket and SecureServerSocket classes take a SecurityContext as an argument to their connect and bind methods.
Certificates and keys can be added to a SecurityContext from either PEM or PKCS12 containers.
iOS note: Some methods to add, remove, and inspect certificates are not yet implemented. However, the platform's built-in trusted certificates can be used, by way of SecurityContext.defaultContext.
Constructors
- SecurityContext({bool withTrustedRoots = false})
factory
- Creates a new SecurityContext.
Properties
- allowLegacyUnsafeRenegotiation ↔ bool
read / write
- If
true, the SecurityContext will allow TLS renegotiation. Renegotiation is only supported as a client and the HelloRequest must be received at a quiet point in the application protocol. This is sufficient to support the legacy use case of requesting a new client certificate between an HTTP request and response in (unpipelined) HTTP/1.1. NOTE: Renegotiation is an extremely problematic protocol feature and should only be used to communicate with legacy servers in environments where it is known to be safe. - hashCode → int
read-only, inherited
- The hash code for this object.
- runtimeType → Type
read-only, inherited
- A representation of the runtime type of the object.
Methods
- noSuchMethod(Invocation invocation) → dynamic
inherited
- Invoked when a non-existent method or property is accessed.
- setAlpnProtocols(List<String> protocols, bool isServer) → void
- Sets the list of application-level protocols supported by a client connection or server connection. The ALPN (application level protocol negotiation) extension to TLS allows a client to send a list of protocols in the TLS client hello message, and the server to pick one and send the selected one back in its server hello message.
- setClientAuthorities(String file, {String? password}) → void
- Sets the list of authority names that a SecureServerSocket will advertise as accepted when requesting a client certificate from a connecting client.
- setClientAuthoritiesBytes(List<int> authCertBytes, {String? password}) → void
- Sets the list of authority names that a SecureServerSocket will advertise as accepted, when requesting a client certificate from a connecting client.
- setTrustedCertificates(String file, {String? password}) → void
- Add a certificate to the set of trusted X509 certificates used by SecureSocket client connections.
- setTrustedCertificatesBytes(List<int> certBytes, {String? password}) → void
- Add a certificate to the set of trusted X509 certificates used by SecureSocket client connections.
- toString() → String
inherited
- A string representation of this object.
- useCertificateChain(String file, {String? password}) → void
- Sets the chain of X509 certificates served by SecureServerSocket when making secure connections, including the server certificate.
- useCertificateChainBytes(List<int> chainBytes, {String? password}) → void
- Sets the chain of X509 certificates served by SecureServerSocket when making secure connections, including the server certificate.
- usePrivateKey(String file, {String? password}) → void
- Sets the private key for a server certificate or client certificate.
- usePrivateKeyBytes(List<int> keyBytes, {String? password}) → void
- Sets the private key for a server certificate or client certificate.
Operators
- operator ==(Object other) → bool
inherited
- The equality operator.
Static Properties
- alpnSupported → bool
read-only
- Whether the platform supports ALPN. This always returns true and will be removed in a future release.
- defaultContext → SecurityContext
read-only
- The default security context used by most operation requiring one.