/
ChangeLog
787 lines (494 loc) · 26.9 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
2007-08-16 Sebastien Pouliot <sebastien@ximian.com>
* RecordProtocol.cs, SslStreamBase.cs: Ensure nothing (even the same
thread) can confuse the record decoding code. Fix bug #82145 (LDAP)
which uses several thread over a single SslClientStream instance.
2007-05-23 Gonzalo Paniagua Javier <gonzalo.mono@gmail.com>
* Context.cs: fix the calculation of the unix time.
2007-05-09 Sebastien Pouliot <sebastien@ximian.com>
* HttpsClientStream.cs: Add support for client certificates from
HttpWebRequest if it uses X509Certificate2 instance (which requires
using 2.0 profile) and if the private key is available.
* SslStreamBase.cs: Fix warning in 2.0 because Stream now implements
Dispose. Rework Close (in 2.0) to avoid infinite recursion.
2006-12-08 Sebastien Pouliot <sebastien@ximian.com>
* ClientSessionCache.cs: Fix cache to be really used. Original patch
by Roy Versteeg. Fix bug #80175.
2006-12-08 Sebastien Pouliot <sebastien@ximian.com>
* ClientSessionCache.cs: Check for a new environment variable to
control the cache validity period (MONO_TLS_SESSION_CACHE_TIMEOUT).
Fix bug #80174.
2006-09-11 Sebastien Pouliot <sebastien@ximian.com>
* CipherSuite.cs: Avoid creating a CryptoStream and a MemoryStream in
EncryptRecord (removing the need to do a keysetup each time). Add
helper methods to write inside byte buffers. Decrypt the data in
place (without allocating new memory) as the result will always be
smaller than the original. Avoid TlsStream in CreatePremasterSecret
method. All HMAC access are done with the Negotiating parameters.
* ClientRecordProtocol.cs: Set HandshakeState to None if we receive
a HelloRequest during an existing session. Remove overidden method
ProcessChangeCipherSpec. Skip memory allocation if possible.
* Context.cs: Add new SecurityParameters for current, negotiating,
read and write (actually only two different instance exists). Change
readSequenceNumber and writeSequenceNumber to ulong to match specs.
Remove all properties that are moved/replaced with SecurityParameters.
Added methods to Start and End a switch of the security parameters.
* RecordProtocol.cs: Add code to ProcessChangeCipherSpec (not abstract
anymore). Remove ReadShort and it's use. Deal with null alerts in
SendAlert method (internal error). Change code to deal with
SendChangeCipherSpec inside an existing (encrypted) session. Update
Cipher to use the correct one (mostly Read.Cipher or Negotiating.Cipher
for ProcessCipherSpecV2Buffer method).
* SecurityParameters.cs: New. Deal with all parameters that changes
between negotiations.
* ServerRecordProtocol.cs: Remove method ProcessChangeCipherSpec.
* SslCipherSuite.cs: Don't use TlsStream when computing MAC. Set the
MAC keys to the Negotiating security parameters.
* SslClientStream.cs: Change calls from Cipher to Negotiating.Cipher.
* SslServerStream.cs: Change calls from Cipher to Negotiating.Cipher.
Remove debugging dead code (DateTime).
* SslStreamBase.cs: Change calls from Cipher to Current.Cipher. Reuse
existing memory buffer.
* TlsCipherSuite.cs: Don't use TlsStream when computing MAC. Set the
MAC keys to the Negotiating security parameters.
* TlsClientSettings.cs: Comment code cause compiler warnings.
* TlsStream.cs: Avoid/reduce memory allocations when reading or
writing small integer values to the stream.
2006-09-07 Sebastien Pouliot <sebastien@ximian.com>
* HttpsClientStream.cs: Honor ServicePointManager.SecurityProtocol to
select between SSL3, TLS1 or, by default, auto. Great for testing :)
2006-06-08 Sebastien Pouliot <sebastien@ximian.com>
* ClientRecordProtocol.cs: Avoid a NRE when the server request a
re-negotiation of the security parameters. Possible fix for #78597.
2006-04-21 Sebastien Pouliot <sebastien@ximian.com>
* SslCipherSuite.cs: Enable abbreviated handshakes for SSL3 too.
2006-04-12 Sebastien Pouliot <sebastien@ximian.com>
* ClientSessionCache.cs: Deal with empty (null) master secret, that
can find their ways into the cache, and treat them as invalid. Fix
bug #78085.
2006-04-10 Sebastien Pouliot <sebastien@ximian.com>
* ClientSessionCache.cs: The session id can be zero-length (like our
own server class).
* SslServerStream.cs: Adapt code to fixes made in cipher suite and
message processing changes in client code.
2006-03-16 Sebastien Pouliot <sebastien@ximian.com>
* CipherSuiteFactory.cs: Fix bad key exchange values for non-export
cihpers. Most certificates have "too much" usages by default so this
was hidden from view.
* SslStreamBase.cs: Safety net. Throw an exception if we're waiting
for more than five (5) minutes for an async read or write to complete.
2006-03-16 Sebastien Pouliot <sebastien@ximian.com>
* ClientSessionCache.cs: New. Handle a client-side session cache to
enable the use of abbreviated handshake whenever possible. This will
reduce the number of negotiation (a very CPU intensive process) done
with the same host.
* Context.cs: Add a property for AbbreviatedHandshake.
* RecordProtocol.cs: Don't send Finished record from ChangeCipherSpec
as this won't work if the message flow change.
* SslClientStream.cs: Line endings.
* SslServerStream.cs: Throw an exception if ReceiveRecord return null
or an empty buffer (i.e. communication ended with client). Fix #76254.
* SslStreamBase.cs: Re-add synchronous implementations for Read and
Write.
* TlsCipherSuite.cs: Update the client-side session cache with the
mastersecret.
* TlsStream.cs: Avoid possible buffer underun reading bytes (found by
Gonzalo).
2006-03-08 Sebastien Pouliot <sebastien@ximian.com>
* SslStreamBase.cs: Re-implemented the synchronous versions of Read
and Write methods so they don't use the async code.
2006-03-07 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* SslStreamBase.cs: avoid creating the ManualResetEvent whenever
possible. Don't lock on an instance of an object that the user can get.
2006-03-06 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* RecordProtocol.cs: avoid creating the ManualResetEvent whenever
possible. Don't lock on an instance of an object that the user can get.
2006-03-02 Sebastien Pouliot <sebastien@ximian.com>
* RecordProtocol.cs: Fix possible endless loop (#77663). Remove hack
for an old, fixed, MCS bug (#67711).
2005-10-06 Sebastien Pouliot <sebastien@ximian.com>
* ClientRecordProtocol.cs: Update HandshakeMessages after each
message. Fix bug #76258.
* RecordProtocol.cs: Remove writing into the HandshakeMessages stream
at this stage. We may need the data before that. Fix bug #76258.
* ServerRecordProtocol.cs: Update HandshakeMessages after each
message. Fix bug #76258.
* SslServerStream.cs: Changed check for the presence of client
certificates during handshake.
2005-09-02 Sebastien Pouliot <sebastien@ximian.com>
* SslStreamBase.cs, ServerRecordProtocol.cs, SslClientStream.cs,
ClientRecordProtocol.cs, RecordProtocol.cs, SslServerStream.cs:
Re-written async support for Ssl[Client|Server]Stream from JD Conley
<jd.conley@coversant.net> with minor changes. Fix bug #75687 (and a
lot of other known problems).
2005-07-01 Sebastien Pouliot <sebastien@ximian.com>
* ServerContext.cs: Build the list of trusted certificates from all
the trusted root for the current user and the local machine.
* SslServerStream.cs: Add support for client certificate (and the
callback for optional mutual authentication with SSL3).
2005-06-22 Sebastien Pouliot <sebastien@ximian.com>
* SslClientStream.cs: Removed failsafe timeout of 5 minutes as some
protocols can go idle for longer than this.
2005-06-14 Sebastien Pouliot <sebastien@ximian.com>
* SslClientStream.cs: Add support for _optional_ mutual authentication.
SSL3 and TLS1 deals differently with this. SSL3 tested with OpenSSL,
TSL1 tested with OpenSSL and LDAPS/AD.
2005-06-06 Sebastien Pouliot <sebastien@ximian.com>
* Alert.cs: Add NoCertificate (41) which _should_ be used in SSL3
if we don't want to send a certificate when requested by a server
(e.g. in the case the mutual authentication is optional).
* CipherSuite.cs: Fixed recursive property. Changed type to short so
it can hold 256 bits (valid value). Fixed ctor so it doesn't assign
the it's own value.
2005-05-13 Sebastien Pouliot <sebastien@ximian.com>
* SslClientStream.cs: Forgot to set the event in the previous fix.
2005-05-10 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* SslClientStream.cs: check for the dispose in NetworkReadCallback.
Patch by Sebastien "Cryptoman" Pouliot.
2005-04-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* SslClientStream.cs: gotta call EndInvoke, not EndRead.
2005-04-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* SslClientStream.cs: MemoryStream does not implement proper Begin*
methods, so we need this to prevent infinite recursion if we have a
callback that calls BeginRead.
2005-04-13 Sebastien Pouliot <sebastien@ximian.com>
* RecordProtocol.cs: Some API changes so a record can be decoded from
any supplied stream (not just the inner network stream).
* SslClientStream.cs: BeginRead is now truly async if the Negotiate is
called from BeginWrite (where it should be in most case).
* SslServerStream.cs: Adapted to API changes in RecordProtocol.cs.
2005-04-12 Sebastien Pouliot <sebastien@ximian.com>
* SslHandshakeHash.cs: Changed "SslHash" to "MD5SHA1". Fix #71696.
2005-04-10 Sebastien Pouliot <sebastien@ximian.com>
* HttpsClientStream.cs: Added a TrustFailure property so a
WebException can now report TrustFailure correctly. Fix bug 74286.
2005-04-07 Sebastien Pouliot <sebastien@ximian.com>
* SslCipherSuite.cs: Fix calculation (sequence number) for the server
side stream. Patch by Brian Ritchie.
2005-02-04 Sebastien Pouliot <sebastien@ximian.com>
* Reverting last changes in SslClientStream and RecordProtocol. This
break when sending large files back and forth (echo test).
2005-02-02 Sebastien Pouliot <sebastien@ximian.com>
* SslClientStream.cs: Throw exception when we receive a null record.
* RecordProtocol.cs: Added code to avoid blocking and endless loops
if the data is incomplete or missing - even in the case the server
side doesn't close the connection (see new cutcli tool).
2004-12-15 Sebastien Pouliot <sebastien@ximian.com>
* CipherSuite.cs: Removed unused MD5 and SHA1 instances created in
PRF method (fix compilation warnings).
2004-12-13 Sebastien Pouliot <sebastien@ximian.com>
* SslClientStream.cs: New internal property, ServerCertificates, to
"easily" retreive the server's certificate chain using reflection.
2004-11-23 Sebastien Pouliot <sebastien@ximian.com>
* RecordProtocol.cs: Fixed ClientHelloV2 support.
2004-11-10 Sebastien Pouliot <sebastien@ximian.com>
* CipherSuiteFactory.cs: Activated RSA_WITH_AES_256_CBC_SHA as it is
supported by some browsers.
* ContentType.cs: Removed ClientHelloV2 from the enum as it is not a
"true" content type (it just looks so where we're processing it).
* Context.cs: Added support to switch protocol (e.g. SSL2->SSL3 or
SSL2->TLS1). Contributed by Carlos Guzman Alvarez.
* RecordProtocol.cs: Added support for ClientHelloV2 message
(contributed by Carlos Guzman Alvarez). This is a Handshake message
so it must be MACed. Also fixed the challenge length because some
browsers implementation don't interpret "This value must be 32." as
having 32 bytes.
2004-10-05 Sebastien Pouliot <sebastien@ximian.com>
* SslClientStream.cs: Changed InputBuffer to internal (was protected).
2004-10-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* HttpsClientStream.cs: the .ctor receives a pre-read buffer now.
* SslClientStream.cs: added InputBuffer property.
2004-09-23 Sebastien Pouliot <sebastien@ximian.com>
* RecordProtocol.cs: Fix alert data that could leak into appplication
data (e.g. when closing the SSL session).
2004-07-14 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Removed duplicate license header file from
all source files.
2004-07-14 Sebastien Pouliot <sebastien@ximian.com>
* SslClientStream.cs: Changed lock to "new object()" and not
String.Empty (as the read/write locks points becomes the same).
* SslServerStream.cs: Changed lock to "new object()" and not
String.Empty (as the read/write locks points becomes the same).
2004-07-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
* HttpsClientStream.cs: get an HttpWebRequest so that we can use the
ServicePoint it has. No need to get the host now.
2004-05-09 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/Alert.cs:
* Mono.Security.Protocol.Tls/CipherSuite.cs:
* Mono.Security.Protocol.Tls/CipherSuiteCollection.cs:
* Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
* Mono.Security.Protocol.Tls/Context.cs:
* Mono.Security.Protocol.Tls/RecordProtocol.cs:
* Mono.Security.Protocol.Tls/SecurityCompressionType.cs:
* Mono.Security.Protocol.Tls/ServerRecordProtocol.cs:
* Mono.Security.Protocol.Tls/SslServerStream.cs:
* Mono.Security.Protocol.Tls/TlsClientSettings.cs:
- Changes for fix FxCop Rules.
- Reworked CipherSuiteCollection class.
2004-04-21 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/DebugHelper.cs:
- New class.
* Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
* Mono.Security.Protocol.Tls/RecordProtocol.cs:
* Mono.Security.Protocol.Tls/Context.cs:
* Mono.Security.Protocol.Tls/Context.cs:
* Mono.Security.Protocol.Tls/SslCipherSuite.cs:
* Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
* Mono.Security.Protocol.Tls/SslClientStream.cs:
- Added debug capabilities.
* Mono.Security.Protocol.Tls/ServerContext.cs:
- Added initialization of requested CertificateTypes and CA's
2004-04-16 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/TlsException.cs:
- Make it public until npgsql people can fix their sources.
2004-03-19 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/TlsServerSettings.cs:
- Added new CertificateRSA property.
- Added new UpdateCertfificateRSA method.
* Mono.Security.Protocol.Tls/CipherSuite.cs:
- Removed CertificateRSA() method.
2004-03-19 Sebastien Pouliot <sebastien@ximian.com>
* CipherSuite.cs: Fixed PRF generation when secret is an odd number of
bytes (section 5 in RFC2246).
* CipherSuiteFactory.cs: Added algorithms RSA_EXPORT_WITH_RC4_40_MD5,
RSA_EXPORT_WITH_RC2_CBC_40_MD5, RSA_EXPORT_WITH_DES40_CBC_SHA,
RSA_EXPORT_WITH_RC4_56_MD5, RSA_EXPORT_WITH_RC2_CBC_56_MD5,
RSA_EXPORT_WITH_DES_CBC_56_SHA and RSA_EXPORT_WITH_RC4_56_SHA to both
SSL3 and TLS1 protocols.
* SslCipherSuite.cs: Fixed key generation for exportable ciphers.
* TlsCipherSuite.cs: Fixed key generation for exportable ciphers.
2004-03-16 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/SslCipherSuite.cs:
- Added changes for allow it to work as server or client.
2004-03-15 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/TlsStream.cs:
* Mono.Security.Protocol.Tls/CipherSuite.cs:
* Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
* Mono.Security.Protocol.Tls/SslHandshakeHash.cs:
* Mono.Security.Protocol.Tls/RecordProtocol.cs:
- Use Buffer.BlockCopy instead of System.Array.Copy
2004-03-10 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/Ciphersuite.cs:
- Added generation of the Server encryption algorithms.
- Modified encryption/decription methods for work
as client or server as needed.
* Mono.Security.Protocol.Tls/RecordProtocol.cs:
* Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
* Mono.Security.Protocol.Tls/ServerRecordProtocol.cs:
- Added new ProcessChangeCipherSpec method.
* Mono.Security.Protocol.Tls/Context.cs:
- Added new PrintBuffer method ( for debug ).
* Mono.Security.Protocol.Tls/SslClientStream.cs:
* Mono.Security.Protocol.Tls/SslServerStream.cs:
- Callback cleanup.
2004-03-06 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/SslServerStream.cs:
- Initial implementation of the doHandshake method.
- Added initial events implementation.
* Mono.Security.Protocol.Tls/Ciphersuite.cs:
* Mono.Security.Protocol.Tls/TlsCiphersuite.cs:
* Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
* Mono.Security.Protocol.Tls/ServerRecordProtocol.cs:
* Mono.Security.Protocol.Tls/SslClientStream.cs:
* Mono.Security.Protocol.Tls/TlsServerSettings.cs:
* Mono.Security.Protocol.Tls/TlsClientSettings.cs:
* Mono.Security.Protocol.Tls/ClientContext.cs:
- Changes for make use of the renamed classes and enums.
* Mono.Security.Protocol.Tls/TlsContentType.cs:
- Renamed to ContentType.cs ( Enum and file )
* Mono.Security.Protocol.Tls/TlsCiphersuiteCollection.cs:
- Renamed to CiphersuiteCollection.cs ( Class and file )
* Mono.Security.Protocol.Tls/TlsCiphersuiteFactory.cs:
- Renamed to CiphersuiteCollection.cs ( Class and file )
* Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs:
- Renamed to SslHandshakeHash.cs ( Class and file )
* Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
- Renamed to SslCipherSuite.cs ( Class and file )
2004-02-26 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/HandshakeState.cs:
- New file.
* Mono.Security.Protocol.Tls/SslClientStream.cs:
* Mono.Security.Protocol.Tls/SslServerStream.cs:
* Mono.Security.Protocol.Tls/Context.cs:
* Mono.Security.Protocol.Tls/ClientContext.cs:
* Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
- Added changes for better handling of ClientHelloRequest messages.
2004-02-25 Sebastien Pouliot <sebastien@ximian.com>
* HttpsClientStream.cs: New. Internal glue class between System.dll
WebConnection and SslClientStream to reduce reflection.
* SslClientStream.cs: RaiseServerCertificateValidation is now virtual
to allow HttpsClientStream to override it.
2004-02-24 Carlos Guzman Alvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/RecordProtocol.cs:
* Mono.Security.Protocol.Tls/SslClientStream.cs:
* Mono.Security.Protocol.Tls/SslServerStream.cs:
- Reimplementation of TLS/SSL Alert Protocol.
2004-02-20 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls.Handshake.Client/SslClientCertificate.cs:
- Improved exception handling.
2004-02-18 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/CipherAlgorithmType.cs:
* Mono.Security.Protocol.Tls/HashAlgorithmType.cs:
* Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs:
- Added Serializable attribute.
* Mono.Security.Protocol.Tls/CipherSuite.cs:
* Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
* Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
* Mono.Security.Protocol.Tls/TlsContext.cs:
- Added some optimizations proposed by Sebastien Pouliot.
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
- Changes on Common Name detection and certificate error handling ( Thanks to Sebastien Pouliot for his feedback ).
2004-02-18 Sebastien Pouliot <sebastien@ximian.com>
* SslClientStream.cs: Fixed (inverted) condition for ServerCertificate.
* SecurityProtocolType.cs: Added [Serializable] to enum to match MS
implementation.
2004-02-17 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/SslClientStream.cs:
- Added changes to security properties for check that the handshake is finished.
* Mono.Security.Protocol.Tls/SslClientStream.cs:
- Added changes for bring async methods to work ( Thanks to Sebastien Pouliot )
- Reworked the record fragmentation.
- Fix for send the close notify alert in the Close method
only if the Handshake is fully negotiated.
2004-02-16 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs:
- Changed ciphersuites order of preference ( Thanks to Sebastien Pouliot for his feedback ).
2004-02-15 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/SslClientStream.cs:
- Added specific control od available data for Network Streams
on Read ( Thanks to Francisco Figueiredo Jr. for his feedback ).
- Removed test code.
2004-02-14 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/SslClientStream.cs:
- Removed test code.
2003-11-17 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/SslClientStream.cs:
Removed ReadByte method, use innerStream.ReadByte() method instead.
2003-11-13 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Added implementation of an SslClientStream class similar to the MS .NET Framework 1.2 documentation.
The next files are no more needed:
- TlsSession.cs
- TlsNetworkStream.cs
- TlsSocket.cs
- TlsSessionState.cs
The next files are renamed:
- TlsSessionSettings.cs -> TlsClientSettings.cs
- TlsSessionContext.cs -> TlsContext.cs
The next files are new:
- SslClientStream.cs ( the name is non definitive yet )
The next files where changed to reflect the new canges:
- TlsHandshakeMessage.cs
- TlsClientCertificate.cs
- TlsClientCertificateVerify.cs
- TlsClientFinished.cs
- TlsClientHello.cs
- TlsClientKeyExchange.cs
- TlsServerCertificate.cs
- TlsServerCertificateRequest.cs
- TlsServerFinished.cs
- TlsServerHello.cs
- TlsServerHelloDone.cs
- TlsServerKeyExchange.cs
- TlsAlert.cs
- TlsCloseNotifyAlert.cs
2003-11-12 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
- Changes for give full error message only in debug mode ( Thanks to Sebastién Pouliot. )
* Mono.Security.Protocol.Tls/TlsProtocol.cs:
- Renamed to SecurityProtocolType.cs ( for match .NET 1.2 )
* Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
- Renamed to MD5SHA1.cs ( Thanks to Sebastién Pouliot. )
* Mono.Security.Cryptography/TlsCompressionMethod.cs:
- Renamed to SecurityCompressionType.
* Mono.Security.Protocol.Tls/CipherAlgorithmType.cs:
* Mono.Security.Protocol.Tls/HashAlgorithmType.cs:
* Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs:
- New enumerations that matches .NET 1.2 definitions with some minor differences.
* Mono.Security.Protocol.Tls/CipherSuite.cs:
* Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
* Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
* Mono.Security.Protocol.Tls/TlsSessionContext.cs:
- Added changes for make use of new enumerations.
* Mono.Security.Protocol.Tls/TlsClientStream.cs:
- Added new informative properties that matches .NET 1.2 SslClientStream
( Not all the properties are implemented yet ).
2003-11-10 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
- Fixed invalid alert message.
* Mono.Security.Protocol.Tls/CipherSuite.cs:
* Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
* Mono.Security.Cryptography/HMAC.cs:
* Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
- Changed ( Thanks to Sebastién Pouliot for his feedback )
SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider();
MD5CryptoServiceProvider sha = new MD5CryptoServiceProvider();
to
HashAlgorithm sha = SHA1.Create();
HashAlgorithm md5 = MD5.Create();
2003-11-04 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/CipherSuite.cs:
- Added custom padding for record encryption.
2003-11-03 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessages.cs:
- Removed file.
* Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs:
- New class for handshake hashes calculation on SSL3 protocol.
* Mono.Security.Protocol.Tls/TlsSessionContext.cs:
- Fixed mac keys clearing for SSL3 protocol.
* Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
- Added changes for make use of new TlsSslHandshakeHash class.
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
- Added initial implementation for SSL3 protocol.
* Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
- New class for md5-sha hash calculation.
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs:
- Make use of new MD5SHA1CryptoServiceProvider class.
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
- Added initial implementation (not finished).
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
- Minor change to message processing.
- Changed verify method name to verifySignature.
* Mono.Security.Protocol.Tls/TlsSessionContext.cs:
- Changed handshakeHashes member to be an TlsStream.
2003-10-28 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Mono.Security.Protocol.Tls/CipherSuite.cs:
* Mono.Security.Protocol.Tls/TlsSessionSettings.cs:
* Mono.Security.Protocol.Tls/TlsServerSettings.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
- Added changes for make use of X509 classes from mono.
2003-10-23 Carlos Guzmán Álvarez <carlosga@telefonica.net>
* Added partial implementation of SSL3 protocol ( not finished yet ).
* TlsAbstractCipherSuite.cs: Renamed to CipherSuite.cs.
* Removed AssemblyInfo.cs file.
2003-10-21 Carlos Guzmán Álvarez <carlosga@telefonica.net>
TlsCipherSuiteFactory.cs: Changed names of private methods.
TlsSslCipherSuite.cs: Replaced implementations of key generation methods with a throw new NotSupportedException().
2003-10-20 Carlos Guzmán Álvarez <carlosga@telefonica.net>
TlsCupherSuite.cs: Fixed padding length calculation on record encryption.
TlsSessionContext.cs: Added new CompressionMethod property.
Added new MAX_FRAGMENT_SIZE constant.
TlsSession.cs: Removed MaxFragmentSize property.
TlsSocket.cs: Replaced use of TlsSesison.MaxFragmentSize by TlsSessionContext.MAX_FAGMENT_SIZE
TlsSessionSettings.cs: Added new CompressionMethod property.
* Abstracted CipherSuite classes for allow work with other protocol versions.
* Added new files :
TlsAbstractCipherSuite.cs
TlsSslCipherSuite.cs
TlsCipherSuiteFactory.cs
TlsCompressionMethod.cs
* Added new cipher suites definitions based on RFC3268 - (http://www.ietf.org/rfc/rfc3268.txt)
* Added two new supported ciphersuites for TLS protocol:
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
* Moved key generation stuff to specific cipher suite classes.
2003-10-20 Pedro Martínez Juliá <yoros@wanadoo.es>
* AssemblyInfo.cs: commented out KeyFile reference.
* TlsSession.cs: changed Math.Pow for System.Math.Pow because of MCS
bug with namespace resolving.