1 2010-07-12 Atsushi Enomoto <atsushi@ximian.com>
3 * SslSecurityTokenAuthenticator.cs,
4 AuthenticatorCommunicationObject.cs,
5 SecureConversationSecurityTokenAuthenticator.cs :
6 add timeout argument to negotication requests.
8 2008-02-27 Eyal Alaluf <eyala@mainsoft.com>
10 * InternalEncryptedKeyIdentifierClause.cs IssuedTokenCommunicationObject.cs:
11 Fix compilation warnings.
13 2007-04-17 Atsushi Enomoto <atsushi@ximian.com>
15 * IssuedSecurityTokenParameters.cs :
16 implemented CreateRequestParameters().
18 2007-04-02 Atsushi Enomoto <atsushi@ximian.com>
20 * TlsClientSession.cs, TlsServerSession.cs,
21 SslSecurityTokenProvider.cs : support mutual sslnego.
22 * SslnegoCookieResolver.cs : .net seems to include X509Certificate
23 information in the cookie.
25 2007-04-02 Atsushi Enomoto <atsushi@ximian.com>
27 * SecurityContextSecurityToken.cs : Cookie needs a setter.
28 * SslnegoCookieResolver.cs : set Cookie so that it can be serialized.
29 * SslSecurityTokenProvider.cs, SslSecurityTokenAuthenticator.cs :
30 (At provider) check contextId returned by the server.
31 Reverted ProofToken value (see comments).
32 * CommunicationSecurityTokenAuthenticator.cs : it now implements
33 IIssuanceSecurityTokenAuthenticator.
35 2007-03-30 Atsushi Enomoto <atsushi@ximian.com>
37 * AuthenticatorCommunicationObject.cs : added SecurityBindingElement.
38 * SslSecurityTokenProvider.cs : a few updates, key is now from
40 * SslSecurityTokenAuthenticator.cs :
41 use LocalServiceSecuritySettings.IssuedCookieLifetime.
42 * SpnegoSecurityTokenProvider.cs, SpnegoSecurityTokenAuthenticator.cs,
43 SspiSession.cs : some ongoing updates
44 as well as spnego (kerberos) negotiation handling.
45 * TlsClientSession.cs : by specification it is P_SHA, not PRF
46 (though not sure, as CombinedHash is for PRF).
48 2007-03-30 Atsushi Enomoto <atsushi@ximian.com>
50 * SslnegoCookieResolver.cs : ResolveCookie() should simply return
51 entire SecurityContextToken parsed by dnse:Cookie binary.
53 2007-03-27 Atsushi Enomoto <atsushi@ximian.com>
55 * SslSecurityTokenAuthenticator.cs, SslSecurityTokenProvider.cs :
56 Ongoing implementation. Applied some changes for SSPI support.
57 WSSecurityTokenSerializer is implemented to return binary-secret-
58 aware token, so just return it. Fixed some CK-HASH usage.
59 * IssuedTokenCommunicationObject.cs :
60 Applied some changes for SSPI support.
61 * SpnegoSecurityTokenAuthenticator.cs, SpnegoSecurityTokenProvider.cs,
62 SspiSession.cs : new ongoing implementation for SSPI negotiation.
63 * SspiClientSecurityTokenAuthenticator.cs : spnego authenticator
64 will go here (it is just a stub. Created when opening a channel).
66 2007-03-22 Atsushi Enomoto <atsushi@ximian.com>
68 * TlsClientSession.cs, SslSecurityTokenProvider.cs,
69 SslSecurityTokenAuthenticator.cs : added hash calculation support,
70 not working yet though (probably at service side).
72 2007-03-20 Atsushi Enomoto <atsushi@ximian.com>
74 * SslSecurityTokenAuthenticator.cs : don't reuse ContextId for SCT.
75 Process ServerFinished before ApplicationData exchange.
76 * TlsServerSession.cs : Fixed ClientKeyExchange stream processing.
78 2007-03-20 Atsushi Enomoto <atsushi@ximian.com>
80 * TlsClientSession.cs, TlsServerSession.cs :
81 added ProcessApplicationData()
82 * SslSecurityTokenAuthenticator.cs, SslSecurityTokenProvider.cs :
83 process RequestedProofToken as raw TLS negotiation data.
84 * SslnegoCookieResolver.cs : add comments on data format.
86 2007-03-19 Atsushi Enomoto <atsushi@ximian.com>
88 * TlsClientSession.cs : added CreateAuthHash(), used by authenticator.
89 * SecurityContextSecurityToken.cs : support "probably correct" rawdata
90 creation for cookie. It is not the secret key but some binary xml
92 * SslnegoCookieResolver.cs : added CreateData() for creating
93 binary-xmlized token cookie info.
94 * SslSecurityTokenAuthenticator.cs : create session key (dummy for
95 now) and use it instead of MasterSecret. Support t:Authenticator.
97 2007-03-13 Atsushi Enomoto <atsushi@ximian.com>
99 * SslSecurityTokenAuthenticator.cs, SslSecurityTokenProvider.cs :
100 (The build should be fixed at this state.)
101 Implemented RSTR consumption and RSTR collection creation (as the
102 final stage at sslnego phase).
104 Note that it is still not working, as our binary XmlDictionaryReader
105 is not working fine (and still not sure if it will work when they
106 are working fine, as currently there is no way to check if the
107 byte array binary-serialized and encrypted in the dnse:Cookie is
108 the actual symmetric key).
110 2007-03-13 Atsushi Enomoto <atsushi@ximian.com>
112 * SslSecurityTokenParameters.cs : support SecurityContextSecurityToken
113 in CreateKeyIdentifierClause(). Comment out generic xml token
114 support until we need it for sure.
116 2007-03-13 Atsushi Enomoto <atsushi@ximian.com>
118 * SecurityContextSecurityToken.cs : implemented almost all members.
119 * X509SecurityTokenParameters.cs : added comment on wrong documentation.
121 2007-03-13 Atsushi Enomoto <atsushi@ximian.com>
123 * SslnegoCookieResolver.cs : new file. It contains the resolver for
124 MS's non-standard encrypted sslnego shared key (dnse:Cookie), and
125 more importantly, the description on its data format (which was
126 almost unabled to be guessed, until I use non-protecting
127 SecurityStateEncoder and dug in depth to Binary XmlDictionaryReader).
129 2007-03-13 Atsushi Enomoto <atsushi@ximian.com>
131 * TlsServerSession.cs, TlsClientSession.cs : complete every operations
132 that depends on ReceiveRecord(). Added accessor to MasterSecret.
134 2007-03-09 Atsushi Enomoto <atsushi@ximian.com>
136 * TlsServerSession.cs : now ssl negotiation is functional enough to
137 implement SecurityContextToken(Collection) transmit.
138 * TlsClientSession.cs : cosmetic code consistency fix.
140 2007-03-09 Atsushi Enomoto <atsushi@ximian.com>
142 * TlsClientSession.cs, TlsServerSession.cs :
143 okay, there is RecordProtocol, which makes things much easier and
144 correct. Now client seems to be interoperable with .net.
146 2007-03-08 Atsushi Enomoto <atsushi@ximian.com>
148 * TlsClientSession.cs, TlsServerSession.cs :
149 several fixes; Fixed content type processing (Handshake and
150 ChangeCipherSpec). Fixed chunk output of handshake messages.
151 Set server side key verifier.
152 * SslSecurityTokenProvider.cs : use IssueReply for RSTR (fixed SOAP
154 * SslSecurityTokenAuthenticator.cs : implemented most of TLS
155 negotiation support, except for the final stage (still not clear
158 2007-03-07 Atsushi Enomoto <atsushi@ximian.com>
160 * AuthenticatorCommunicationObject.cs,
161 CommunicationSecurityTokenAuthenticator.cs,
162 SecureConversationSecurityTokenAuthenticator.cs :
163 new classes for negotiation-based token authenticators.
164 * SslSecurityTokenAuthenticator.cs : now it is based on
165 CommunicationSecurityTokenAuthenticator (like corresponding
168 2007-03-06 Atsushi Enomoto <atsushi@ximian.com>
170 * SecureConversationSecurityTokenParameters.cs :
171 implemented protected properties.
172 * X509SecurityTokenParameters.cs : added missing ToString().
174 2007-03-05 Atsushi Enomoto <atsushi@ximian.com>
176 * SslSecurityTokenProvider.cs : implemented some client negotiation
177 based on Mono.Security.Protocols.Tls.* and WSTrust contracts.
178 * TlsServerSession.cs, TlsClientSession.cs : session state transition
179 manager (controls Tls Context).
181 2007-03-05 Atsushi Enomoto <atsushi@ximian.com>
183 * UserNameSecurityTokenParameters.cs,
184 RsaSecurityTokenParameters.cs,
185 IssuedSecurityTokenParameters.cs,
186 SslSecurityTokenParameters.cs
187 SspiSecurityTokenParameters.cs,
188 KerberosSecurityTokenParameters.cs,
189 SecureConversationSecurityTokenParameters.cs : updated
190 InitializeSecurityTokenRequirement() based on updated MSDN docs.
191 Implemented Ssl CreateKeyIdentifierClause().
192 Implemented IssuedToken copy .ctor().
194 2007-03-01 Atsushi Enomoto <atsushi@ximian.com>
196 * ServiceModelSecurityTokenRequirement.cs,
197 RecipientServiceModelSecurityTokenRequirement.cs,
198 InitiatorServiceModelSecurityTokenRequirement.cs :
199 implemented ToString().
201 2007-03-01 Atsushi Enomoto <atsushi@ximian.com>
203 * SslSecurityTokenParameters.cs : more initialization of requirement.
204 * SslSecurityTokenAuthenticator.cs : new file.
206 2007-02-27 Atsushi Enomoto <atsushi@ximian.com>
208 * WrappedKeySecurityToken.cs : okkk, HMAC is extra. Just use SHA1,
209 and not for raw key but for wrapped key.
211 2007-02-27 Atsushi Enomoto <atsushi@ximian.com>
213 * WrappedKeySecurityToken.cs :
214 create HMACSHA1 always with the key to compute hash (I'm not sure
215 it is correct; it is rather to adjust all hash consistent.)
217 2007-02-21 Atsushi Enomoto <atsushi@ximian.com>
219 * DerivedKeySecurityToken.cs : added ReferenceList for corresponding
220 references to this key.
222 2007-02-21 Atsushi Enomoto <atsushi@ximian.com>
224 * DerivedKeySecurityToken.cs : new internal class to represent
225 wssc:DerivedKeyToken.
227 2007-02-16 Atsushi Enomoto <atsushi@ximian.com>
229 * WrappedKeySecurityToken.cs : reverted previous change. Key hash
230 could not be identical for the same key, but EncryptedKeySHA1 is
231 based on the wrapped key. So, there is an issue that .NET returns
232 different key than the one in the request message.
234 2007-02-15 Atsushi Enomoto <atsushi@ximian.com>
236 * WrappedKeySecurityToken.cs : SecurityKey should hold raw key, not
239 2007-02-06 Atsushi Enomoto <atsushi@ximian.com>
241 * WrappedKeySecurityToken.cs : it cannot resolve clauses from its
242 .ctor() argument identifier clauses. Match EncrypedKeySHA1 clause
243 if the hash values match.
244 * InternalEncryptedKeyIdentifierClause.cs :
245 derive from Binary clause.
247 2007-02-05 Atsushi Enomoto <atsushi@ximian.com>
249 * InternalEncryptedKeyIdentifierClause.cs : new file. It might not be
250 required, but for now it is used to write embedded EncryptedKey in
251 o:SecurityTokenReference.
253 2007-01-11 Atsushi Enomoto <atsushi@ximian.com>
255 * WrappedKeySecurityToken.cs : added internal ReferenceList, to
256 output e:ReferenceList (kind of compromised solution; see comments).
258 2007-01-09 Atsushi Enomoto <atsushi@ximian.com>
260 * WrappedKeySecurityToken.cs : GetWrappedKey() return value should
261 be the encrypted value of argument keyToWrap. Added several argument
264 2006-12-09 Atsushi Enomoto <atsushi@ximian.com>
266 * WrappedKeySecurityToken.cs : implemented missing members, except for
267 incomplete MatchKeyIdentifierClause().
268 * SecureConversationSecurityTokenParameters.cs : default
269 ChannelProtectionRequirements should cover all body parts i.e.
270 IsBodyIncluded should be true.
272 2006-12-06 Atsushi Enomoto <atsushi@ximian.com>
274 * SupportingTokenParameters.cs : implemented SetKeyDerivation().
276 2006-10-05 Atsushi Enomoto <atsushi@ximian.com>
278 * X509SecurityTokenParameters.cs : additional constructors.
280 2006-10-03 Atsushi Enomoto <atsushi@ximian.com>
282 * BinarySecretSecurityToken.cs : it does not seem that it uses
283 urn:uuid:blah ("urn:" is extraneous).
285 2006-09-27 Atsushi Enomoto <atsushi@ximian.com>
287 * SecurityTokenParameters.cs : added internal properties to access
288 protected properties.
289 * UserNameSecurityTokenParameters.cs : it's done now.
291 2006-09-19 Atsushi Enomoto <atsushi@ximian.com>
293 * SecurityTokenParameters.cs : removed MonoTODOs.
294 * X509SecurityTokenParameters.cs :
295 InitializeSecurityTokenRequirement() is done.
297 2006-09-17 Atsushi Enomoto <atsushi@ximian.com>
299 * ProviderCommunicationObject.cs, IssuedTokenCommunicationObject.cs,
300 SslSecurityTokenProvider.cs : both of issued token and ssl requires
301 connection requirement, so commonize the check.
303 2006-09-15 Atsushi Enomoto <atsushi@ximian.com>
305 * X509SecurityTokenParameters.cs,
306 SspiSecurityTokenParameters.cs,
307 UserNameSecurityTokenParameters.cs,
308 RsaSecurityTokenParameters.cs,
309 IssuedSecurityTokenParameters.cs,
310 SslSecurityTokenParameters.cs : implemented security feature
311 declaration properties (HasAsymmetricKey etc.) and implemented
314 2006-09-15 Atsushi Enomoto <atsushi@ximian.com>
316 * RsaSecurityTokenParameters.cs : TokenType fix.
317 * ProviderCommunicationObject.cs,
318 CommunicationSecurityTokenProvider.cs : an abstract token provider
319 that implements ICommunicationObject, and the abstract communication
320 object that is used in the provider.
321 * SslSecurityTokenProvider.cs : a practical example of the above,
323 * IssuedTokenCommunicationObject.cs, IssuedSecurityTokenProvider.cs :
324 it is also significantly refactored like the above.
325 The ICommunicationObject part of this provider class now just wraps
326 the intermediate object.
328 2006-09-12 Atsushi Enomoto <atsushi@ximian.com>
330 * X509SecurityTokenParameters.cs : when token reference style is
331 Internal, use LocalIdKeyIdentifierClause. The default for this type
334 2006-09-05 Atsushi Enomoto <atsushi@ximian.com>
336 * ServiceModelSecurityTokenRequirement.cs : implemented IsInitiator.
337 * InitiatorServiceModelSecurityTokenRequirement.cs :
338 initialize IsInitiator as true.
340 2006-09-05 Atsushi Enomoto <atsushi@ximian.com>
342 * SecurityContextSecurityTokenAuthenticator.cs,
343 SspiSecurityToken.cs : new files.
344 * SupportingTokenParameters.cs : copy ctor became private.
346 2006-08-30 Atsushi Enomoto <atsushi@ximian.com>
348 * X509SecurityTokenParameters.cs,
349 UserNameSecurityTokenParameters.cs : implemented properties.
350 * RsaSecurityTokenParameters.cs : new file.
352 2006-08-28 Atsushi Enomoto <atsushi@ximian.com>
354 * IssuedSecurityTokenProvider.cs : (GetToken) partly implemented
355 response message consumption.
357 2006-08-28 Atsushi Enomoto <atsushi@ximian.com>
359 * X509SecurityTokenParameters.cs :
360 implemented CreateKeyIdentifierClause().
362 2006-08-28 Atsushi Enomoto <atsushi@ximian.com>
364 * SupportingTokenParameters.cs : added some missing members.
366 2006-08-25 Atsushi Enomoto <atsushi@ximian.com>
368 * BinarySecretSecurityToken.cs : some .ctor() are protected.
370 2006-08-25 Atsushi Enomoto <atsushi@ximian.com>
372 * KerberosSecurityTokenParameters.cs : new test.
374 2006-08-25 Atsushi Enomoto <atsushi@ximian.com>
376 * InitiatorServiceModelSecurityTokenRequirement.cs,
377 RecipientServiceModelSecurityTokenRequirement.cs :
378 just use Properties to set and get each property.
379 * SslSecurityTokenParameters.cs : fix ctor chain.
380 hacky InitializeSecurityTokenRequirement implementation.
382 2006-08-24 Atsushi Enomoto <atsushi@ximian.com>
384 * SecureConversationSecurityTokenParameters.cs :
385 fill SecurityAlgorithmSuite to the requirement.
386 * SecurityTokenParameters.cs :
387 added internal IssuerBindingContext property for
388 SecurityBindingElement.SetIssuerBindingContextIfRequired().
389 Use this context in CallInitializeSecurityTokenParameters().
391 2006-08-23 Atsushi Enomoto <atsushi@ximian.com>
393 * IssuedSecurityTokenParameters.cs : oops, oops. fix build.
395 2006-08-23 Atsushi Enomoto <atsushi@ximian.com>
397 * IssuedSecurityTokenParameters.cs : added missing members.
398 * IssuedSecurityTokenProvider.cs : replacing broken data contract
399 based contracts with message based contract.
400 Support IssuerChannelBehaviors.
401 * SecureConversationSecurityTokenParameters.cs :
402 more InitializeSerurityTokenRequirement().
404 2006-08-23 Atsushi Enomoto <atsushi@ximian.com>
406 * SecurityContextSecurityTokenResolver.cs
407 ISecurityContextSecurityTokenCache.cs
408 SecurityContextSecurityToken.cs : new files.
410 2006-08-22 Atsushi Enomoto <atsushi@ximian.com>
412 * SecureConversationSecurityTokenParameters.cs :
413 partially implemented InitializeSecurityTokenRequirement().
414 * X509SecurityTokenParameters.cs : added X509ReferenceStyle.
415 * SspiSecurityTokenParameters.cs : new file.
417 2006-08-22 Atsushi Enomoto <atsushi@ximian.com>
419 * SslSecurityTokenParameters.cs,
420 SecureConversationSecurityTokenParameters.cs : new files.
421 * SecurityTokenParameters.cs : added internal invoker for
422 InitializeSecurityTokenRequirement().
423 * IssuedSecurityTokenParameters.cs, X509SecurityTokenParameters.cs :
424 implement InitializeSecurityTokenRequirement() (incomplete).
425 * ServiceModelSecurityTokenRequirement.cs :
426 MessageSecurityVersion is of type SecurityTokenVersion.
428 2006-08-17 Atsushi Enomoto <atsushi@ximian.com>
430 * ServiceModelSecurityTokenTypes.cs : new file.
432 2006-08-16 Atsushi Enomoto <atsushi@ximian.com>
434 * IssuedSecurityTokenProvider.cs :
435 WST request and response types are renamed.
437 2006-08-14 Atsushi Enomoto <atsushi@ximian.com>
439 * IssuedSecurityTokenProvider.cs : use new WSTrust proxy (ClientBase)
440 instead of ChannelFactory.
441 * SecurityTokenParameters.cs : added internal helper method for
442 CreateKeyIdentifierClause().
443 * ServiceModelSecurityTokenRequirement.cs : in several properties,
444 use TryGetProperty<T>() instead of having direct fields (so that
445 only setting items to "Properties" also affects on those props).
447 2006-08-11 Atsushi Enomoto <atsushi@ximian.com>
449 * InitiatorServiceModelSecurityTokenRequirement.cs,
450 RecipientServiceModelSecurityTokenRequirement.cs,
451 ServiceModelSecurityTokenRequirement.cs : new files.
453 2006-08-07 Atsushi Enomoto <atsushi@ximian.com>
455 * IssuedSecurityTokenProvider.cs : moved some premise checks from
456 GetTokenCore() to Open().
458 2006-08-04 Atsushi Enomoto <atsushi@ximian.com>
460 * WrappedKeySecurityToken.cs : new file.
462 2006-08-04 Atsushi Enomoto <atsushi@ximian.com>
464 * BinarySecretSecurityToken.cs : new file.
466 2006-08-03 Atsushi Enomoto <atsushi@ximian.com>
468 * UserNameSecurityTokenParameters.cs,
469 X509SecurityTokenParameters.cs : new files.
471 2006-08-02 Atsushi Enomoto <atsushi@ximian.com>
473 * IssuedSecurityTokenProvider.cs : (GetTokenCore) some premise check.
475 2006-08-01 Atsushi Enomoto <atsushi@ximian.com>
477 * IssuedSecurityTokenProvider.cs : implemented some properties.
478 * RenewedSecurityTokenHandler.cs, IssuedSecurityTokenHandler.cs,
479 IIssuanceSecurityTokenAuthenticator.cs : new files.
481 2006-08-01 Atsushi Enomoto <atsushi@ximian.com>
483 * IssuedSecurityTokenProvider.cs, ClaimTypeRequirement.cs : new files.
484 * IssuedSecurityTokenParameters.cs : added some missing members.
486 2006-07-21 Atsushi Enomoto <atsushi@ximian.com>
488 * SecurityTokenReferenceStyle.cs : moved from S.SM.Security namespace.
490 2006-07-21 Atsushi Enomoto <atsushi@ximian.com>
492 * IssuedSecurityTokenParameters.cs, SecurityTokenParameters.cs :
495 2006-07-10 Atsushi Enomoto <atsushi@ximian.com>
497 * SupportingTokenParameters.cs : new file.