SecurityContext class

The object containing the certificates to trust when making a secure client connection, and the certificate chain and private key to serve from a secure server.

The SecureSocket and SecureServerSocket classes take a SecurityContext as an argument to their connect and bind methods.

Certificates and keys can be added to a SecurityContext from either PEM or PKCS12 containers.

iOS note: Some methods to add, remove, and inspect certificates are not yet implemented. However, the platform's built-in trusted certificates can be used, by way of SecurityContext.defaultContext.

Constructors

SecurityContext({bool withTrustedRoots = false})
Creates a new SecurityContext.
factory

Properties

allowLegacyUnsafeRenegotiation bool
If true, the SecurityContext will allow TLS renegotiation. Renegotiation is only supported as a client and the HelloRequest must be received at a quiet point in the application protocol. This is sufficient to support the legacy use case of requesting a new client certificate between an HTTP request and response in (unpipelined) HTTP/1.1. NOTE: Renegotiation is an extremely problematic protocol feature and should only be used to communicate with legacy servers in environments where it is known to be safe.
read / write
hashCode int
The hash code for this object.
read-onlyinherited
runtimeType Type
A representation of the runtime type of the object.
read-onlyinherited

Methods

noSuchMethod(Invocation invocation) → dynamic
Invoked when a nonexistent method or property is accessed.
inherited
setAlpnProtocols(List<String> protocols, bool isServer) → void
Sets the list of application-level protocols supported by a client connection or server connection. The ALPN (application level protocol negotiation) extension to TLS allows a client to send a list of protocols in the TLS client hello message, and the server to pick one and send the selected one back in its server hello message.
setClientAuthorities(String file, {String? password}) → void
Sets the list of authority names that a SecureServerSocket will advertise as accepted when requesting a client certificate from a connecting client.
setClientAuthoritiesBytes(List<int> authCertBytes, {String? password}) → void
Sets the list of authority names that a SecureServerSocket will advertise as accepted, when requesting a client certificate from a connecting client.
setTrustedCertificates(String file, {String? password}) → void
Add a certificate to the set of trusted X509 certificates used by SecureSocket client connections.
setTrustedCertificatesBytes(List<int> certBytes, {String? password}) → void
Add a certificate to the set of trusted X509 certificates used by SecureSocket client connections.
toString() String
A string representation of this object.
inherited
useCertificateChain(String file, {String? password}) → void
Sets the chain of X509 certificates served by SecureServerSocket when making secure connections, including the server certificate.
useCertificateChainBytes(List<int> chainBytes, {String? password}) → void
Sets the chain of X509 certificates served by SecureServerSocket when making secure connections, including the server certificate.
usePrivateKey(String file, {String? password}) → void
Sets the private key for a server certificate or client certificate.
usePrivateKeyBytes(List<int> keyBytes, {String? password}) → void
Sets the private key for a server certificate or client certificate.

Operators

operator ==(Object other) bool
The equality operator.
inherited

Static Properties

alpnSupported bool
Whether the platform supports ALPN. This always returns true and will be removed in a future release.
read-only
defaultContext SecurityContext
The default security context used by most operation requiring one.
read-only