1 2006-12-08 Sebastien Pouliot <sebastien@ximian.com>
3 * ClientSessionCache.cs: Fix cache to be really used. Original patch
4 by Roy Versteeg. Fix bug #80175.
6 2006-12-08 Sebastien Pouliot <sebastien@ximian.com>
8 * ClientSessionCache.cs: Check for a new environment variable to
9 control the cache validity period (MONO_TLS_SESSION_CACHE_TIMEOUT).
12 2006-09-11 Sebastien Pouliot <sebastien@ximian.com>
14 * CipherSuite.cs: Avoid creating a CryptoStream and a MemoryStream in
15 EncryptRecord (removing the need to do a keysetup each time). Add
16 helper methods to write inside byte buffers. Decrypt the data in
17 place (without allocating new memory) as the result will always be
18 smaller than the original. Avoid TlsStream in CreatePremasterSecret
19 method. All HMAC access are done with the Negotiating parameters.
20 * ClientRecordProtocol.cs: Set HandshakeState to None if we receive
21 a HelloRequest during an existing session. Remove overidden method
22 ProcessChangeCipherSpec. Skip memory allocation if possible.
23 * Context.cs: Add new SecurityParameters for current, negotiating,
24 read and write (actually only two different instance exists). Change
25 readSequenceNumber and writeSequenceNumber to ulong to match specs.
26 Remove all properties that are moved/replaced with SecurityParameters.
27 Added methods to Start and End a switch of the security parameters.
28 * RecordProtocol.cs: Add code to ProcessChangeCipherSpec (not abstract
29 anymore). Remove ReadShort and it's use. Deal with null alerts in
30 SendAlert method (internal error). Change code to deal with
31 SendChangeCipherSpec inside an existing (encrypted) session. Update
32 Cipher to use the correct one (mostly Read.Cipher or Negotiating.Cipher
33 for ProcessCipherSpecV2Buffer method).
34 * SecurityParameters.cs: New. Deal with all parameters that changes
36 * ServerRecordProtocol.cs: Remove method ProcessChangeCipherSpec.
37 * SslCipherSuite.cs: Don't use TlsStream when computing MAC. Set the
38 MAC keys to the Negotiating security parameters.
39 * SslClientStream.cs: Change calls from Cipher to Negotiating.Cipher.
40 * SslServerStream.cs: Change calls from Cipher to Negotiating.Cipher.
41 Remove debugging dead code (DateTime).
42 * SslStreamBase.cs: Change calls from Cipher to Current.Cipher. Reuse
43 existing memory buffer.
44 * TlsCipherSuite.cs: Don't use TlsStream when computing MAC. Set the
45 MAC keys to the Negotiating security parameters.
46 * TlsClientSettings.cs: Comment code cause compiler warnings.
47 * TlsStream.cs: Avoid/reduce memory allocations when reading or
48 writing small integer values to the stream.
50 2006-09-07 Sebastien Pouliot <sebastien@ximian.com>
52 * HttpsClientStream.cs: Honor ServicePointManager.SecurityProtocol to
53 select between SSL3, TLS1 or, by default, auto. Great for testing :)
55 2006-06-08 Sebastien Pouliot <sebastien@ximian.com>
57 * ClientRecordProtocol.cs: Avoid a NRE when the server request a
58 re-negotiation of the security parameters. Possible fix for #78597.
60 2006-04-21 Sebastien Pouliot <sebastien@ximian.com>
62 * SslCipherSuite.cs: Enable abbreviated handshakes for SSL3 too.
64 2006-04-12 Sebastien Pouliot <sebastien@ximian.com>
66 * ClientSessionCache.cs: Deal with empty (null) master secret, that
67 can find their ways into the cache, and treat them as invalid. Fix
70 2006-04-10 Sebastien Pouliot <sebastien@ximian.com>
72 * ClientSessionCache.cs: The session id can be zero-length (like our
74 * SslServerStream.cs: Adapt code to fixes made in cipher suite and
75 message processing changes in client code.
77 2006-03-16 Sebastien Pouliot <sebastien@ximian.com>
79 * CipherSuiteFactory.cs: Fix bad key exchange values for non-export
80 cihpers. Most certificates have "too much" usages by default so this
82 * SslStreamBase.cs: Safety net. Throw an exception if we're waiting
83 for more than five (5) minutes for an async read or write to complete.
85 2006-03-16 Sebastien Pouliot <sebastien@ximian.com>
87 * ClientSessionCache.cs: New. Handle a client-side session cache to
88 enable the use of abbreviated handshake whenever possible. This will
89 reduce the number of negotiation (a very CPU intensive process) done
91 * Context.cs: Add a property for AbbreviatedHandshake.
92 * RecordProtocol.cs: Don't send Finished record from ChangeCipherSpec
93 as this won't work if the message flow change.
94 * SslClientStream.cs: Line endings.
95 * SslServerStream.cs: Throw an exception if ReceiveRecord return null
96 or an empty buffer (i.e. communication ended with client). Fix #76254.
97 * SslStreamBase.cs: Re-add synchronous implementations for Read and
99 * TlsCipherSuite.cs: Update the client-side session cache with the
101 * TlsStream.cs: Avoid possible buffer underun reading bytes (found by
104 2006-03-08 Sebastien Pouliot <sebastien@ximian.com>
106 * SslStreamBase.cs: Re-implemented the synchronous versions of Read
107 and Write methods so they don't use the async code.
109 2006-03-07 Gonzalo Paniagua Javier <gonzalo@ximian.com>
111 * SslStreamBase.cs: avoid creating the ManualResetEvent whenever
112 possible. Don't lock on an instance of an object that the user can get.
114 2006-03-06 Gonzalo Paniagua Javier <gonzalo@ximian.com>
116 * RecordProtocol.cs: avoid creating the ManualResetEvent whenever
117 possible. Don't lock on an instance of an object that the user can get.
119 2006-03-02 Sebastien Pouliot <sebastien@ximian.com>
121 * RecordProtocol.cs: Fix possible endless loop (#77663). Remove hack
122 for an old, fixed, MCS bug (#67711).
124 2005-10-06 Sebastien Pouliot <sebastien@ximian.com>
126 * ClientRecordProtocol.cs: Update HandshakeMessages after each
127 message. Fix bug #76258.
128 * RecordProtocol.cs: Remove writing into the HandshakeMessages stream
129 at this stage. We may need the data before that. Fix bug #76258.
130 * ServerRecordProtocol.cs: Update HandshakeMessages after each
131 message. Fix bug #76258.
132 * SslServerStream.cs: Changed check for the presence of client
133 certificates during handshake.
135 2005-09-02 Sebastien Pouliot <sebastien@ximian.com>
137 * SslStreamBase.cs, ServerRecordProtocol.cs, SslClientStream.cs,
138 ClientRecordProtocol.cs, RecordProtocol.cs, SslServerStream.cs:
139 Re-written async support for Ssl[Client|Server]Stream from JD Conley
140 <jd.conley@coversant.net> with minor changes. Fix bug #75687 (and a
141 lot of other known problems).
143 2005-07-01 Sebastien Pouliot <sebastien@ximian.com>
145 * ServerContext.cs: Build the list of trusted certificates from all
146 the trusted root for the current user and the local machine.
147 * SslServerStream.cs: Add support for client certificate (and the
148 callback for optional mutual authentication with SSL3).
150 2005-06-22 Sebastien Pouliot <sebastien@ximian.com>
152 * SslClientStream.cs: Removed failsafe timeout of 5 minutes as some
153 protocols can go idle for longer than this.
155 2005-06-14 Sebastien Pouliot <sebastien@ximian.com>
157 * SslClientStream.cs: Add support for _optional_ mutual authentication.
158 SSL3 and TLS1 deals differently with this. SSL3 tested with OpenSSL,
159 TSL1 tested with OpenSSL and LDAPS/AD.
161 2005-06-06 Sebastien Pouliot <sebastien@ximian.com>
163 * Alert.cs: Add NoCertificate (41) which _should_ be used in SSL3
164 if we don't want to send a certificate when requested by a server
165 (e.g. in the case the mutual authentication is optional).
166 * CipherSuite.cs: Fixed recursive property. Changed type to short so
167 it can hold 256 bits (valid value). Fixed ctor so it doesn't assign
170 2005-05-13 Sebastien Pouliot <sebastien@ximian.com>
172 * SslClientStream.cs: Forgot to set the event in the previous fix.
174 2005-05-10 Gonzalo Paniagua Javier <gonzalo@ximian.com>
176 * SslClientStream.cs: check for the dispose in NetworkReadCallback.
177 Patch by Sebastien "Cryptoman" Pouliot.
179 2005-04-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
181 * SslClientStream.cs: gotta call EndInvoke, not EndRead.
183 2005-04-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
185 * SslClientStream.cs: MemoryStream does not implement proper Begin*
186 methods, so we need this to prevent infinite recursion if we have a
187 callback that calls BeginRead.
189 2005-04-13 Sebastien Pouliot <sebastien@ximian.com>
191 * RecordProtocol.cs: Some API changes so a record can be decoded from
192 any supplied stream (not just the inner network stream).
193 * SslClientStream.cs: BeginRead is now truly async if the Negotiate is
194 called from BeginWrite (where it should be in most case).
195 * SslServerStream.cs: Adapted to API changes in RecordProtocol.cs.
197 2005-04-12 Sebastien Pouliot <sebastien@ximian.com>
199 * SslHandshakeHash.cs: Changed "SslHash" to "MD5SHA1". Fix #71696.
201 2005-04-10 Sebastien Pouliot <sebastien@ximian.com>
203 * HttpsClientStream.cs: Added a TrustFailure property so a
204 WebException can now report TrustFailure correctly. Fix bug 74286.
206 2005-04-07 Sebastien Pouliot <sebastien@ximian.com>
208 * SslCipherSuite.cs: Fix calculation (sequence number) for the server
209 side stream. Patch by Brian Ritchie.
211 2005-02-04 Sebastien Pouliot <sebastien@ximian.com>
213 * Reverting last changes in SslClientStream and RecordProtocol. This
214 break when sending large files back and forth (echo test).
216 2005-02-02 Sebastien Pouliot <sebastien@ximian.com>
218 * SslClientStream.cs: Throw exception when we receive a null record.
219 * RecordProtocol.cs: Added code to avoid blocking and endless loops
220 if the data is incomplete or missing - even in the case the server
221 side doesn't close the connection (see new cutcli tool).
223 2004-12-15 Sebastien Pouliot <sebastien@ximian.com>
225 * CipherSuite.cs: Removed unused MD5 and SHA1 instances created in
226 PRF method (fix compilation warnings).
228 2004-12-13 Sebastien Pouliot <sebastien@ximian.com>
230 * SslClientStream.cs: New internal property, ServerCertificates, to
231 "easily" retreive the server's certificate chain using reflection.
233 2004-11-23 Sebastien Pouliot <sebastien@ximian.com>
235 * RecordProtocol.cs: Fixed ClientHelloV2 support.
237 2004-11-10 Sebastien Pouliot <sebastien@ximian.com>
239 * CipherSuiteFactory.cs: Activated RSA_WITH_AES_256_CBC_SHA as it is
240 supported by some browsers.
241 * ContentType.cs: Removed ClientHelloV2 from the enum as it is not a
242 "true" content type (it just looks so where we're processing it).
243 * Context.cs: Added support to switch protocol (e.g. SSL2->SSL3 or
244 SSL2->TLS1). Contributed by Carlos Guzman Alvarez.
245 * RecordProtocol.cs: Added support for ClientHelloV2 message
246 (contributed by Carlos Guzman Alvarez). This is a Handshake message
247 so it must be MACed. Also fixed the challenge length because some
248 browsers implementation don't interpret "This value must be 32." as
251 2004-10-05 Sebastien Pouliot <sebastien@ximian.com>
253 * SslClientStream.cs: Changed InputBuffer to internal (was protected).
255 2004-10-04 Gonzalo Paniagua Javier <gonzalo@ximian.com>
257 * HttpsClientStream.cs: the .ctor receives a pre-read buffer now.
258 * SslClientStream.cs: added InputBuffer property.
260 2004-09-23 Sebastien Pouliot <sebastien@ximian.com>
262 * RecordProtocol.cs: Fix alert data that could leak into appplication
263 data (e.g. when closing the SSL session).
265 2004-07-14 Carlos Guzman Alvarez <carlosga@telefonica.net>
267 * Removed duplicate license header file from
270 2004-07-14 Sebastien Pouliot <sebastien@ximian.com>
272 * SslClientStream.cs: Changed lock to "new object()" and not
273 String.Empty (as the read/write locks points becomes the same).
274 * SslServerStream.cs: Changed lock to "new object()" and not
275 String.Empty (as the read/write locks points becomes the same).
277 2004-07-14 Gonzalo Paniagua Javier <gonzalo@ximian.com>
279 * HttpsClientStream.cs: get an HttpWebRequest so that we can use the
280 ServicePoint it has. No need to get the host now.
282 2004-05-09 Carlos Guzman Alvarez <carlosga@telefonica.net>
284 * Mono.Security.Protocol.Tls/Alert.cs:
285 * Mono.Security.Protocol.Tls/CipherSuite.cs:
286 * Mono.Security.Protocol.Tls/CipherSuiteCollection.cs:
287 * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
288 * Mono.Security.Protocol.Tls/Context.cs:
289 * Mono.Security.Protocol.Tls/RecordProtocol.cs:
290 * Mono.Security.Protocol.Tls/SecurityCompressionType.cs:
291 * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs:
292 * Mono.Security.Protocol.Tls/SslServerStream.cs:
293 * Mono.Security.Protocol.Tls/TlsClientSettings.cs:
295 - Changes for fix FxCop Rules.
297 - Reworked CipherSuiteCollection class.
300 2004-04-21 Carlos Guzman Alvarez <carlosga@telefonica.net>
302 * Mono.Security.Protocol.Tls/DebugHelper.cs:
306 * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
307 * Mono.Security.Protocol.Tls/RecordProtocol.cs:
308 * Mono.Security.Protocol.Tls/Context.cs:
309 * Mono.Security.Protocol.Tls/Context.cs:
310 * Mono.Security.Protocol.Tls/SslCipherSuite.cs:
311 * Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
312 * Mono.Security.Protocol.Tls/SslClientStream.cs:
314 - Added debug capabilities.
316 * Mono.Security.Protocol.Tls/ServerContext.cs:
318 - Added initialization of requested CertificateTypes and CA's
320 2004-04-16 Carlos Guzman Alvarez <carlosga@telefonica.net>
322 * Mono.Security.Protocol.Tls/TlsException.cs:
324 - Make it public until npgsql people can fix their sources.
326 2004-03-19 Carlos Guzman Alvarez <carlosga@telefonica.net>
328 * Mono.Security.Protocol.Tls/TlsServerSettings.cs:
330 - Added new CertificateRSA property.
332 - Added new UpdateCertfificateRSA method.
334 * Mono.Security.Protocol.Tls/CipherSuite.cs:
336 - Removed CertificateRSA() method.
338 2004-03-19 Sebastien Pouliot <sebastien@ximian.com>
340 * CipherSuite.cs: Fixed PRF generation when secret is an odd number of
341 bytes (section 5 in RFC2246).
342 * CipherSuiteFactory.cs: Added algorithms RSA_EXPORT_WITH_RC4_40_MD5,
343 RSA_EXPORT_WITH_RC2_CBC_40_MD5, RSA_EXPORT_WITH_DES40_CBC_SHA,
344 RSA_EXPORT_WITH_RC4_56_MD5, RSA_EXPORT_WITH_RC2_CBC_56_MD5,
345 RSA_EXPORT_WITH_DES_CBC_56_SHA and RSA_EXPORT_WITH_RC4_56_SHA to both
346 SSL3 and TLS1 protocols.
347 * SslCipherSuite.cs: Fixed key generation for exportable ciphers.
348 * TlsCipherSuite.cs: Fixed key generation for exportable ciphers.
350 2004-03-16 Carlos Guzman Alvarez <carlosga@telefonica.net>
352 * Mono.Security.Protocol.Tls/SslCipherSuite.cs:
354 - Added changes for allow it to work as server or client.
356 2004-03-15 Carlos Guzman Alvarez <carlosga@telefonica.net>
358 * Mono.Security.Protocol.Tls/TlsStream.cs:
359 * Mono.Security.Protocol.Tls/CipherSuite.cs:
360 * Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
361 * Mono.Security.Protocol.Tls/SslHandshakeHash.cs:
362 * Mono.Security.Protocol.Tls/RecordProtocol.cs:
364 - Use Buffer.BlockCopy instead of System.Array.Copy
366 2004-03-10 Carlos Guzman Alvarez <carlosga@telefonica.net>
368 * Mono.Security.Protocol.Tls/Ciphersuite.cs:
370 - Added generation of the Server encryption algorithms.
372 - Modified encryption/decription methods for work
373 as client or server as needed.
375 * Mono.Security.Protocol.Tls/RecordProtocol.cs:
376 * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
377 * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs:
379 - Added new ProcessChangeCipherSpec method.
381 * Mono.Security.Protocol.Tls/Context.cs:
383 - Added new PrintBuffer method ( for debug ).
385 * Mono.Security.Protocol.Tls/SslClientStream.cs:
386 * Mono.Security.Protocol.Tls/SslServerStream.cs:
390 2004-03-06 Carlos Guzman Alvarez <carlosga@telefonica.net>
392 * Mono.Security.Protocol.Tls/SslServerStream.cs:
394 - Initial implementation of the doHandshake method.
396 - Added initial events implementation.
398 * Mono.Security.Protocol.Tls/Ciphersuite.cs:
399 * Mono.Security.Protocol.Tls/TlsCiphersuite.cs:
400 * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
401 * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs:
402 * Mono.Security.Protocol.Tls/SslClientStream.cs:
403 * Mono.Security.Protocol.Tls/TlsServerSettings.cs:
404 * Mono.Security.Protocol.Tls/TlsClientSettings.cs:
405 * Mono.Security.Protocol.Tls/ClientContext.cs:
407 - Changes for make use of the renamed classes and enums.
409 * Mono.Security.Protocol.Tls/TlsContentType.cs:
411 - Renamed to ContentType.cs ( Enum and file )
413 * Mono.Security.Protocol.Tls/TlsCiphersuiteCollection.cs:
415 - Renamed to CiphersuiteCollection.cs ( Class and file )
417 * Mono.Security.Protocol.Tls/TlsCiphersuiteFactory.cs:
419 - Renamed to CiphersuiteCollection.cs ( Class and file )
421 * Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs:
423 - Renamed to SslHandshakeHash.cs ( Class and file )
425 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
427 - Renamed to SslCipherSuite.cs ( Class and file )
429 2004-02-26 Carlos Guzman Alvarez <carlosga@telefonica.net>
431 * Mono.Security.Protocol.Tls/HandshakeState.cs:
435 * Mono.Security.Protocol.Tls/SslClientStream.cs:
436 * Mono.Security.Protocol.Tls/SslServerStream.cs:
437 * Mono.Security.Protocol.Tls/Context.cs:
438 * Mono.Security.Protocol.Tls/ClientContext.cs:
439 * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs:
441 - Added changes for better handling of ClientHelloRequest messages.
443 2004-02-25 Sebastien Pouliot <sebastien@ximian.com>
445 * HttpsClientStream.cs: New. Internal glue class between System.dll
446 WebConnection and SslClientStream to reduce reflection.
447 * SslClientStream.cs: RaiseServerCertificateValidation is now virtual
448 to allow HttpsClientStream to override it.
450 2004-02-24 Carlos Guzman Alvarez <carlosga@telefonica.net>
452 * Mono.Security.Protocol.Tls/RecordProtocol.cs:
453 * Mono.Security.Protocol.Tls/SslClientStream.cs:
454 * Mono.Security.Protocol.Tls/SslServerStream.cs:
456 - Reimplementation of TLS/SSL Alert Protocol.
458 2004-02-20 Carlos Guzmán Álvarez <carlosga@telefonica.net>
460 * Mono.Security.Protocol.Tls.Handshake.Client/SslClientCertificate.cs:
462 - Improved exception handling.
464 2004-02-18 Carlos Guzmán Álvarez <carlosga@telefonica.net>
466 * Mono.Security.Protocol.Tls/CipherAlgorithmType.cs:
467 * Mono.Security.Protocol.Tls/HashAlgorithmType.cs:
468 * Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs:
470 - Added Serializable attribute.
472 * Mono.Security.Protocol.Tls/CipherSuite.cs:
473 * Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
474 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
475 * Mono.Security.Protocol.Tls/TlsContext.cs:
477 - Added some optimizations proposed by Sebastien Pouliot.
479 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
481 - Changes on Common Name detection and certificate error handling ( Thanks to Sebastien Pouliot for his feedback ).
483 2004-02-18 Sebastien Pouliot <sebastien@ximian.com>
485 * SslClientStream.cs: Fixed (inverted) condition for ServerCertificate.
486 * SecurityProtocolType.cs: Added [Serializable] to enum to match MS
489 2004-02-17 Carlos Guzmán Álvarez <carlosga@telefonica.net>
491 * Mono.Security.Protocol.Tls/SslClientStream.cs:
493 - Added changes to security properties for check that the handshake is finished.
495 * Mono.Security.Protocol.Tls/SslClientStream.cs:
497 - Added changes for bring async methods to work ( Thanks to Sebastien Pouliot )
499 - Reworked the record fragmentation.
501 - Fix for send the close notify alert in the Close method
502 only if the Handshake is fully negotiated.
505 2004-02-16 Carlos Guzmán Álvarez <carlosga@telefonica.net>
507 * Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs:
509 - Changed ciphersuites order of preference ( Thanks to Sebastien Pouliot for his feedback ).
511 2004-02-15 Carlos Guzmán Álvarez <carlosga@telefonica.net>
513 * Mono.Security.Protocol.Tls/SslClientStream.cs:
515 - Added specific control od available data for Network Streams
516 on Read ( Thanks to Francisco Figueiredo Jr. for his feedback ).
520 2004-02-14 Carlos Guzmán Álvarez <carlosga@telefonica.net>
522 * Mono.Security.Protocol.Tls/SslClientStream.cs:
526 2003-11-17 Carlos Guzmán Álvarez <carlosga@telefonica.net>
528 * Mono.Security.Protocol.Tls/SslClientStream.cs:
530 Removed ReadByte method, use innerStream.ReadByte() method instead.
532 2003-11-13 Carlos Guzmán Álvarez <carlosga@telefonica.net>
534 * Added implementation of an SslClientStream class similar to the MS .NET Framework 1.2 documentation.
536 The next files are no more needed:
540 - TlsNetworkStream.cs
546 The next files are renamed:
548 - TlsSessionSettings.cs -> TlsClientSettings.cs
550 - TlsSessionContext.cs -> TlsContext.cs
552 The next files are new:
554 - SslClientStream.cs ( the name is non definitive yet )
556 The next files where changed to reflect the new canges:
558 - TlsHandshakeMessage.cs
560 - TlsClientCertificate.cs
562 - TlsClientCertificateVerify.cs
564 - TlsClientFinished.cs
568 - TlsClientKeyExchange.cs
570 - TlsServerCertificate.cs
572 - TlsServerCertificateRequest.cs
574 - TlsServerFinished.cs
578 - TlsServerHelloDone.cs
580 - TlsServerKeyExchange.cs
584 - TlsCloseNotifyAlert.cs
587 2003-11-12 Carlos Guzmán Álvarez <carlosga@telefonica.net>
589 * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
591 - Changes for give full error message only in debug mode ( Thanks to Sebastién Pouliot. )
593 * Mono.Security.Protocol.Tls/TlsProtocol.cs:
595 - Renamed to SecurityProtocolType.cs ( for match .NET 1.2 )
597 * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
599 - Renamed to MD5SHA1.cs ( Thanks to Sebastién Pouliot. )
601 * Mono.Security.Cryptography/TlsCompressionMethod.cs:
603 - Renamed to SecurityCompressionType.
605 * Mono.Security.Protocol.Tls/CipherAlgorithmType.cs:
606 * Mono.Security.Protocol.Tls/HashAlgorithmType.cs:
607 * Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs:
609 - New enumerations that matches .NET 1.2 definitions with some minor differences.
611 * Mono.Security.Protocol.Tls/CipherSuite.cs:
612 * Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
613 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
614 * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
616 - Added changes for make use of new enumerations.
618 * Mono.Security.Protocol.Tls/TlsClientStream.cs:
620 - Added new informative properties that matches .NET 1.2 SslClientStream
621 ( Not all the properties are implemented yet ).
624 2003-11-10 Carlos Guzmán Álvarez <carlosga@telefonica.net>
626 * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
628 - Fixed invalid alert message.
630 * Mono.Security.Protocol.Tls/CipherSuite.cs:
631 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
632 * Mono.Security.Cryptography/HMAC.cs:
633 * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
634 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
636 - Changed ( Thanks to Sebastién Pouliot for his feedback )
638 SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider();
639 MD5CryptoServiceProvider sha = new MD5CryptoServiceProvider();
643 HashAlgorithm sha = SHA1.Create();
644 HashAlgorithm md5 = MD5.Create();
646 2003-11-04 Carlos Guzmán Álvarez <carlosga@telefonica.net>
648 * Mono.Security.Protocol.Tls/CipherSuite.cs:
650 - Added custom padding for record encryption.
653 2003-11-03 Carlos Guzmán Álvarez <carlosga@telefonica.net>
655 * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessages.cs:
659 * Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs:
661 - New class for handshake hashes calculation on SSL3 protocol.
663 * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
665 - Fixed mac keys clearing for SSL3 protocol.
667 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
668 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
670 - Added changes for make use of new TlsSslHandshakeHash class.
672 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
674 - Added initial implementation for SSL3 protocol.
676 * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
678 - New class for md5-sha hash calculation.
680 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
681 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
682 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
683 * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs:
685 - Make use of new MD5SHA1CryptoServiceProvider class.
687 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
689 - Added initial implementation (not finished).
691 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
693 - Minor change to message processing.
695 - Changed verify method name to verifySignature.
697 * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
699 - Changed handshakeHashes member to be an TlsStream.
701 2003-10-28 Carlos Guzmán Álvarez <carlosga@telefonica.net>
703 * Mono.Security.Protocol.Tls/CipherSuite.cs:
704 * Mono.Security.Protocol.Tls/TlsSessionSettings.cs:
705 * Mono.Security.Protocol.Tls/TlsServerSettings.cs:
706 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
707 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs:
708 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
709 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
711 - Added changes for make use of X509 classes from mono.
713 2003-10-23 Carlos Guzmán Álvarez <carlosga@telefonica.net>
715 * Added partial implementation of SSL3 protocol ( not finished yet ).
717 * TlsAbstractCipherSuite.cs: Renamed to CipherSuite.cs.
719 * Removed AssemblyInfo.cs file.
721 2003-10-21 Carlos Guzmán Álvarez <carlosga@telefonica.net>
723 TlsCipherSuiteFactory.cs: Changed names of private methods.
725 TlsSslCipherSuite.cs: Replaced implementations of key generation methods with a throw new NotSupportedException().
728 2003-10-20 Carlos Guzmán Álvarez <carlosga@telefonica.net>
730 TlsCupherSuite.cs: Fixed padding length calculation on record encryption.
732 TlsSessionContext.cs: Added new CompressionMethod property.
733 Added new MAX_FRAGMENT_SIZE constant.
735 TlsSession.cs: Removed MaxFragmentSize property.
737 TlsSocket.cs: Replaced use of TlsSesison.MaxFragmentSize by TlsSessionContext.MAX_FAGMENT_SIZE
739 TlsSessionSettings.cs: Added new CompressionMethod property.
741 * Abstracted CipherSuite classes for allow work with other protocol versions.
745 TlsAbstractCipherSuite.cs
749 TlsCipherSuiteFactory.cs
751 TlsCompressionMethod.cs
753 * Added new cipher suites definitions based on RFC3268 - (http://www.ietf.org/rfc/rfc3268.txt)
755 * Added two new supported ciphersuites for TLS protocol:
757 TLS_RSA_WITH_AES_256_CBC_SHA
759 TLS_RSA_WITH_AES_128_CBC_SHA
761 * Moved key generation stuff to specific cipher suite classes.
763 2003-10-20 Pedro Martínez Juliá <yoros@wanadoo.es>
765 * AssemblyInfo.cs: commented out KeyFile reference.
767 * TlsSession.cs: changed Math.Pow for System.Math.Pow because of MCS
768 bug with namespace resolving.