SecurityContext class
The object containing the certificates to trust when making a secure client connection, and the certificate chain and private key to serve from a secure server.
The SecureSocket and SecureServerSocket classes take a SecurityContext as an argument to their connect and bind methods.
Certificates and keys can be added to a SecurityContext from either PEM or PKCS12 containers.
iOS note: Some methods to add, remove, and inspect certificates are not yet implemented. However, the platform's built-in trusted certificates can be used, by way of SecurityContext.defaultContext.
Constructors
- SecurityContext({bool withTrustedRoots = false})
-
Creates a new SecurityContext.
factory
Properties
- allowLegacyUnsafeRenegotiation ↔ bool
-
If
true
, the SecurityContext will allow TLS renegotiation. Renegotiation is only supported as a client and the HelloRequest must be received at a quiet point in the application protocol. This is sufficient to support the legacy use case of requesting a new client certificate between an HTTP request and response in (unpipelined) HTTP/1.1. NOTE: Renegotiation is an extremely problematic protocol feature and should only be used to communicate with legacy servers in environments where it is known to be safe.read / write - hashCode → int
-
The hash code for this object.
read-onlyinherited
- runtimeType → Type
-
A representation of the runtime type of the object.
read-onlyinherited
Methods
-
noSuchMethod(
Invocation invocation) → dynamic -
Invoked when a nonexistent method or property is accessed.
inherited
-
setAlpnProtocols(
List< String> protocols, bool isServer) → void - Sets the list of application-level protocols supported by a client connection or server connection. The ALPN (application level protocol negotiation) extension to TLS allows a client to send a list of protocols in the TLS client hello message, and the server to pick one and send the selected one back in its server hello message.
-
setClientAuthorities(
String file, {String? password}) → void - Sets the list of authority names that a SecureServerSocket will advertise as accepted when requesting a client certificate from a connecting client.
-
setClientAuthoritiesBytes(
List< int> authCertBytes, {String? password}) → void - Sets the list of authority names that a SecureServerSocket will advertise as accepted, when requesting a client certificate from a connecting client.
-
setTrustedCertificates(
String file, {String? password}) → void - Add a certificate to the set of trusted X509 certificates used by SecureSocket client connections.
-
setTrustedCertificatesBytes(
List< int> certBytes, {String? password}) → void - Add a certificate to the set of trusted X509 certificates used by SecureSocket client connections.
-
toString(
) → String -
A string representation of this object.
inherited
-
useCertificateChain(
String file, {String? password}) → void - Sets the chain of X509 certificates served by SecureServerSocket when making secure connections, including the server certificate.
-
useCertificateChainBytes(
List< int> chainBytes, {String? password}) → void - Sets the chain of X509 certificates served by SecureServerSocket when making secure connections, including the server certificate.
-
usePrivateKey(
String file, {String? password}) → void - Sets the private key for a server certificate or client certificate.
-
usePrivateKeyBytes(
List< int> keyBytes, {String? password}) → void - Sets the private key for a server certificate or client certificate.
Operators
-
operator ==(
Object other) → bool -
The equality operator.
inherited
Static Properties
- alpnSupported → bool
-
Whether the platform supports ALPN. This always returns true and will be
removed in a future release.
read-only
- defaultContext → SecurityContext
-
The default security context used by most operation requiring one.
read-only