1 2006-12-23 Gonzalo Paniagua Javier <gonzalo@ximian.com>
3 * TlsServerCertificate.cs: typo.
5 2006-09-11 Sebastien Pouliot <sebastien@ximian.com>
7 * TlsClientFinished.cs: Use Write.Cipher instead of Cipher. Remove
8 usage of TlsStream in ProcessAsSsl3.
9 * TlsClientKeyExchange.cs: Use Negotiating.Cipher instead of Cipher.
10 Refactor to avoid code duplication between SSL3 and TLS.
11 * TlsServerCertificate.cs: Use Negotiating.Cipher instead of Cipher.
12 * TlsServerFinished.cs: Use Current.Cipher instead of Cipher. Use
13 Compare to test client and server digests equality. Remove usage of
14 TlsStream in ProcessAsSsl3.
15 * TlsServerHello.cs: Use Negotiating.Cipher instead of Cipher. Remove
16 usage of TlsStream to reduce memory allocations. Remove method
17 CompareSessionId and use the new base class Compare method instead.
19 2006-03-16 Sebastien Pouliot <sebastien@ximian.com>
21 * TlsClientHello.cs: Check to see if we already have a known session
22 (past or concurrent) with the same target host. If so the use this
23 session id to try to resume (i.e. abbreviated handshake).
24 * TlsServerFinished.cs: Don't reset the hasndshake stream here. The
25 stream must be resetted once BOTH the client and the server are done.
26 The order of message can be different if we use an abbreviated
27 handshake sequence which leads to an invalid handshake.
28 * TlsServerHello.cs: Add this session info to the client cache. If the
29 server sends the same session id (as we supplied) then we MUST do an
30 abbreviated handshake.
32 2005-11-23 Sebastien Pouliot <sebastien@ximian.com>
34 * TlsServerCertificate.cs: Add support for Netscape Server Gated
35 Crypto (2.16.840.1.113730.4) as a valid server-side EKU OID. Fix bug
38 2005-06-14 Sebastien Pouliot <sebastien@ximian.com>
40 * TlsClientCertificate.cs: Add support for _optional_ mutual
41 authentication. SSL3 and TLS1 deals differently with this. SSL3 tested
42 with OpenSSL, TSL1 tested with OpenSSL and LDAPS/AD.
44 2005-04-12 Sebastien Pouliot <sebastien@ximian.com>
46 * TlsClientCertificateVerify.cs: Add missing data length (16 bits -
47 not to be confused with the record 24 bits length) before the RSA
48 signature of the MD5SHA1 hash. Fix #71696.
50 2004-05-11 Carlos Guzman Alvarez <carlosga@telefonica.net>
52 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
54 - Added fix for better handling of exceptions when
55 building the X509 Certificate chain.
57 2004-04-22 Sebastien Pouliot <sebastien@ximian.com>
59 * TlsClientCertificateVerify.cs: Use Buffer.BlockCopy instead of
61 * TlsServerCertificate.cs: Changed KeyUsage to KeyUsages and CertType
64 2004-03-19 Sebastien Pouliot <sebastien@ximian.com>
66 * TlsClientKeyExchange.cs: Fixed key pair used to encrypt pre-master
67 secret for exportable ciphers - must use the public key received in
70 2004-03-10 Carlos Guzman Alvarez <carlosga@telefonica.net>
72 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
73 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificateRequest.cs:
74 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
75 * Mono.Security.Protocol.Tls.Handshake.Server/TlsClientCertificateVerify.cs:
76 * Mono.Security.Protocol.Tls.Handshake.Server/TlsServerCertificateRequest.cs:
77 * Mono.Security.Protocol.Tls.Handshake.Server/TlsServerFinished.cs:
79 - Fixed meesage type definition.
81 2004-03-04 Carlos Guzman Alvarez <carlosga@telefonica.net>
83 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerHelloDone.cs:
84 * Mono.Security.Protocol.Tls.Handshake.Server/TlsServerHelloDone.cs:
88 2004-02-26 Sebastien Pouliot <sebastien@ximian.com>
90 * TlsServerCertificate.cs: Certificate validation has been activated.
92 2004-02-26 Carlos Guzman Alvarez <carlosga@telefonica.net>
94 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
96 - Added changes for better handling of ClientHelloRequest messages.
98 2004-02-21 Carlos Guzman Alvarez <carlosga@telefonica.net>
100 * TlsServerHello: Fix for handle SecurityProtocolType.Default.
102 2004-02-20 Sebastien Pouliot <sebastien@ximian.com>
104 * TlsServerCertificate.cs: Added code to validate the server X.509
105 certificate (identity, usage) and it's chain to a trusted root.
106 Note that the verification is commented for the time being.
108 2004-02-14 Carlos Guzmán Álvarez <carlosga@telefonica.net>
110 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
114 2003-11-17 Carlos Guzmán Álvarez <carlosga@telefonica.net>
116 * Mono.Security.Protocol.Tls/SslClientStream.cs:
118 Removed ReadByte method, use innerStream.ReadByte() method instead.
120 2003-11-13 Carlos Guzmán Álvarez <carlosga@telefonica.net>
122 * Added implementation of an SslClientStream class similar to the MS .NET Framework 1.2 documentation.
124 The next files are no more needed:
128 - TlsNetworkStream.cs
134 The next files are renamed:
136 - TlsSessionSettings.cs -> TlsClientSettings.cs
138 - TlsSessionContext.cs -> TlsContext.cs
140 The next files are new:
142 - SslClientStream.cs ( the name is non definitive yet )
144 The next files where changed to reflect the new canges:
146 - TlsHandshakeMessage.cs
148 - TlsClientCertificate.cs
150 - TlsClientCertificateVerify.cs
152 - TlsClientFinished.cs
156 - TlsClientKeyExchange.cs
158 - TlsServerCertificate.cs
160 - TlsServerCertificateRequest.cs
162 - TlsServerFinished.cs
166 - TlsServerHelloDone.cs
168 - TlsServerKeyExchange.cs
172 - TlsCloseNotifyAlert.cs
175 2003-11-12 Carlos Guzmán Álvarez <carlosga@telefonica.net>
177 * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
179 - Changes for give full error message only in debug mode ( Thanks to Sebastién Pouliot. )
181 * Mono.Security.Protocol.Tls/TlsProtocol.cs:
183 - Renamed to SecurityProtocolType.cs ( for match .NET 1.2 )
185 * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
187 - Renamed to MD5SHA1.cs ( Thanks to Sebastién Pouliot. )
189 * Mono.Security.Cryptography/TlsCompressionMethod.cs:
191 - Renamed to SecurityCompressionType.
193 * Mono.Security.Protocol.Tls/CipherAlgorithmType.cs:
194 * Mono.Security.Protocol.Tls/HashAlgorithmType.cs:
195 * Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs:
197 - New enumerations that matches .NET 1.2 definitions with some minor differences.
199 * Mono.Security.Protocol.Tls/CipherSuite.cs:
200 * Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
201 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
202 * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
204 - Added changes for make use of new enumerations.
206 * Mono.Security.Protocol.Tls/TlsClientStream.cs:
208 - Added new informative properties that matches .NET 1.2 SslClientStream
209 ( Not all the properties are implemented yet ).
212 2003-11-10 Carlos Guzmán Álvarez <carlosga@telefonica.net>
214 * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
216 - Fixed invalid alert message.
218 * Mono.Security.Protocol.Tls/CipherSuite.cs:
219 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
220 * Mono.Security.Cryptography/HMAC.cs:
221 * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
222 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
224 - Changed ( Thanks to Sebastién Pouliot for his feedback )
226 SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider();
227 MD5CryptoServiceProvider sha = new MD5CryptoServiceProvider();
231 HashAlgorithm sha = SHA1.Create();
232 HashAlgorithm md5 = MD5.Create();
234 2003-11-04 Carlos Guzmán Álvarez <carlosga@telefonica.net>
236 * Mono.Security.Protocol.Tls/CipherSuite.cs:
238 - Added custom padding for record encryption.
241 2003-11-03 Carlos Guzmán Álvarez <carlosga@telefonica.net>
243 * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessages.cs:
247 * Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs:
249 - New class for handshake hashes calculation on SSL3 protocol.
251 * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
253 - Fixed mac keys clearing for SSL3 protocol.
255 * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
256 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
258 - Added changes for make use of new TlsSslHandshakeHash class.
260 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
262 - Added initial implementation for SSL3 protocol.
264 * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
266 - New class for md5-sha hash calculation.
268 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
269 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
270 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
271 * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs:
273 - Make use of new MD5SHA1CryptoServiceProvider class.
275 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
277 - Added initial implementation (not finished).
279 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
281 - Minor change to message processing.
283 - Changed verify method name to verifySignature.
285 * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
287 - Changed handshakeHashes member to be an TlsStream.
289 2003-10-28 Carlos Guzmán Álvarez <carlosga@telefonica.net>
291 * Mono.Security.Protocol.Tls/CipherSuite.cs:
292 * Mono.Security.Protocol.Tls/TlsSessionSettings.cs:
293 * Mono.Security.Protocol.Tls/TlsServerSettings.cs:
294 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
295 * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs:
296 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
297 * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
299 - Added changes for make use of X509 classes from mono.
301 2003-10-23 Carlos Guzmán Álvarez <carlosga@telefonica.net>
303 * Added partial implementation of SSL3 protocol ( not finished yet ).