1 2005-11-23 Sebastien Pouliot <sebastien@ximian.com>
3 * TlsServerCertificate.cs: Add support for Netscape Server Gated
4 Crypto (2.16.840.1.113730.4) as a valid server-side EKU OID. Fix bug
7 2005-06-14 Sebastien Pouliot <sebastien@ximian.com>
9 * TlsClientCertificate.cs: Add support for _optional_ mutual
10 authentication. SSL3 and TLS1 deals differently with this. SSL3 tested
11 with OpenSSL, TSL1 tested with OpenSSL and LDAPS/AD.
13 2005-04-12 Sebastien Pouliot <sebastien@ximian.com>
15 * TlsClientCertificateVerify.cs: Add missing data length (16 bits -
16 not to be confused with the record 24 bits length) before the RSA
17 signature of the MD5SHA1 hash. Fix #71696.
19 2004-05-11 Carlos Guzman Alvarez <carlosga@telefonica.net>
\r
21 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
\r
23 - Added fix for better handling of exceptions when
24 building the X509 Certificate chain.
26 2004-04-22 Sebastien Pouliot <sebastien@ximian.com>
28 * TlsClientCertificateVerify.cs: Use Buffer.BlockCopy instead of
30 * TlsServerCertificate.cs: Changed KeyUsage to KeyUsages and CertType
33 2004-03-19 Sebastien Pouliot <sebastien@ximian.com>
35 * TlsClientKeyExchange.cs: Fixed key pair used to encrypt pre-master
36 secret for exportable ciphers - must use the public key received in
39 2004-03-10 Carlos Guzman Alvarez <carlosga@telefonica.net>
41 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
42 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificateRequest.cs:
43 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
44 * Mono.Security.Protocol.Tls.Handshake.Server/TlsClientCertificateVerify.cs:
45 * Mono.Security.Protocol.Tls.Handshake.Server/TlsServerCertificateRequest.cs:
46 * Mono.Security.Protocol.Tls.Handshake.Server/TlsServerFinished.cs:
48 - Fixed meesage type definition.
50 2004-03-04 Carlos Guzman Alvarez <carlosga@telefonica.net>
52 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerHelloDone.cs:
53 * Mono.Security.Protocol.Tls.Handshake.Server/TlsServerHelloDone.cs:
57 2004-02-26 Sebastien Pouliot <sebastien@ximian.com>
59 * TlsServerCertificate.cs: Certificate validation has been activated.
61 2004-02-26 Carlos Guzman Alvarez <carlosga@telefonica.net>
63 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
65 - Added changes for better handling of ClientHelloRequest messages.
67 2004-02-21 Carlos Guzman Alvarez <carlosga@telefonica.net>
69 * TlsServerHello: Fix for handle SecurityProtocolType.Default.
71 2004-02-20 Sebastien Pouliot <sebastien@ximian.com>
73 * TlsServerCertificate.cs: Added code to validate the server X.509
74 certificate (identity, usage) and it's chain to a trusted root.
75 Note that the verification is commented for the time being.
77 2004-02-14 Carlos Guzmán Álvarez <carlosga@telefonica.net>
79 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
83 2003-11-17 Carlos Guzmán Álvarez <carlosga@telefonica.net>
85 * Mono.Security.Protocol.Tls/SslClientStream.cs:
87 Removed ReadByte method, use innerStream.ReadByte() method instead.
89 2003-11-13 Carlos Guzmán Álvarez <carlosga@telefonica.net>
91 * Added implementation of an SslClientStream class similar to the MS .NET Framework 1.2 documentation.
93 The next files are no more needed:
103 The next files are renamed:
105 - TlsSessionSettings.cs -> TlsClientSettings.cs
107 - TlsSessionContext.cs -> TlsContext.cs
109 The next files are new:
111 - SslClientStream.cs ( the name is non definitive yet )
113 The next files where changed to reflect the new canges:
115 - TlsHandshakeMessage.cs
117 - TlsClientCertificate.cs
119 - TlsClientCertificateVerify.cs
121 - TlsClientFinished.cs
125 - TlsClientKeyExchange.cs
127 - TlsServerCertificate.cs
129 - TlsServerCertificateRequest.cs
131 - TlsServerFinished.cs
135 - TlsServerHelloDone.cs
137 - TlsServerKeyExchange.cs
141 - TlsCloseNotifyAlert.cs
144 2003-11-12 Carlos Guzmán Álvarez <carlosga@telefonica.net>
146 * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
148 - Changes for give full error message only in debug mode ( Thanks to Sebastién Pouliot. )
150 * Mono.Security.Protocol.Tls/TlsProtocol.cs:
152 - Renamed to SecurityProtocolType.cs ( for match .NET 1.2 )
154 * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
156 - Renamed to MD5SHA1.cs ( Thanks to Sebastién Pouliot. )
158 * Mono.Security.Cryptography/TlsCompressionMethod.cs:
160 - Renamed to SecurityCompressionType.
162 * Mono.Security.Protocol.Tls/CipherAlgorithmType.cs:
163 * Mono.Security.Protocol.Tls/HashAlgorithmType.cs:
164 * Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs:
166 - New enumerations that matches .NET 1.2 definitions with some minor differences.
168 * Mono.Security.Protocol.Tls/CipherSuite.cs:
169 * Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
170 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
171 * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
173 - Added changes for make use of new enumerations.
175 * Mono.Security.Protocol.Tls/TlsClientStream.cs:
177 - Added new informative properties that matches .NET 1.2 SslClientStream
178 ( Not all the properties are implemented yet ).
181 2003-11-10 Carlos Guzmán Álvarez <carlosga@telefonica.net>
183 * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
185 - Fixed invalid alert message.
187 * Mono.Security.Protocol.Tls/CipherSuite.cs:
188 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
189 * Mono.Security.Cryptography/HMAC.cs:
190 * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
191 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
193 - Changed ( Thanks to Sebastién Pouliot for his feedback )
195 SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider();
196 MD5CryptoServiceProvider sha = new MD5CryptoServiceProvider();
200 HashAlgorithm sha = SHA1.Create();
201 HashAlgorithm md5 = MD5.Create();
203 2003-11-04 Carlos Guzmán Álvarez <carlosga@telefonica.net>
205 * Mono.Security.Protocol.Tls/CipherSuite.cs:
207 - Added custom padding for record encryption.
210 2003-11-03 Carlos Guzmán Álvarez <carlosga@telefonica.net>
212 * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessages.cs:
216 * Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs:
218 - New class for handshake hashes calculation on SSL3 protocol.
220 * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
222 - Fixed mac keys clearing for SSL3 protocol.
224 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
225 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
227 - Added changes for make use of new TlsSslHandshakeHash class.
229 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
231 - Added initial implementation for SSL3 protocol.
233 * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
235 - New class for md5-sha hash calculation.
237 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
238 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
239 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
240 * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs:
242 - Make use of new MD5SHA1CryptoServiceProvider class.
244 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
246 - Added initial implementation (not finished).
248 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
250 - Minor change to message processing.
252 - Changed verify method name to verifySignature.
254 * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
256 - Changed handshakeHashes member to be an TlsStream.
258 2003-10-28 Carlos Guzmán Álvarez <carlosga@telefonica.net>
260 * Mono.Security.Protocol.Tls/CipherSuite.cs:
261 * Mono.Security.Protocol.Tls/TlsSessionSettings.cs:
262 * Mono.Security.Protocol.Tls/TlsServerSettings.cs:
263 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
264 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs:
265 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
266 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
268 - Added changes for make use of X509 classes from mono.
270 2003-10-23 Carlos Guzmán Álvarez <carlosga@telefonica.net>
272 * Added partial implementation of SSL3 protocol ( not finished yet ).