1 2008-02-27 Eyal Alaluf <eyala@mainsoft.com>
3 * InternalEncryptedKeyIdentifierClause.cs IssuedTokenCommunicationObject.cs:
4 Fix compilation warnings.
6 2007-04-17 Atsushi Enomoto <atsushi@ximian.com>
8 * IssuedSecurityTokenParameters.cs :
9 implemented CreateRequestParameters().
11 2007-04-02 Atsushi Enomoto <atsushi@ximian.com>
13 * TlsClientSession.cs, TlsServerSession.cs,
14 SslSecurityTokenProvider.cs : support mutual sslnego.
15 * SslnegoCookieResolver.cs : .net seems to include X509Certificate
16 information in the cookie.
18 2007-04-02 Atsushi Enomoto <atsushi@ximian.com>
20 * SecurityContextSecurityToken.cs : Cookie needs a setter.
21 * SslnegoCookieResolver.cs : set Cookie so that it can be serialized.
22 * SslSecurityTokenProvider.cs, SslSecurityTokenAuthenticator.cs :
23 (At provider) check contextId returned by the server.
24 Reverted ProofToken value (see comments).
25 * CommunicationSecurityTokenAuthenticator.cs : it now implements
26 IIssuanceSecurityTokenAuthenticator.
28 2007-03-30 Atsushi Enomoto <atsushi@ximian.com>
30 * AuthenticatorCommunicationObject.cs : added SecurityBindingElement.
31 * SslSecurityTokenProvider.cs : a few updates, key is now from
33 * SslSecurityTokenAuthenticator.cs :
34 use LocalServiceSecuritySettings.IssuedCookieLifetime.
35 * SpnegoSecurityTokenProvider.cs, SpnegoSecurityTokenAuthenticator.cs,
36 SspiSession.cs : some ongoing updates
37 as well as spnego (kerberos) negotiation handling.
38 * TlsClientSession.cs : by specification it is P_SHA, not PRF
39 (though not sure, as CombinedHash is for PRF).
41 2007-03-30 Atsushi Enomoto <atsushi@ximian.com>
43 * SslnegoCookieResolver.cs : ResolveCookie() should simply return
44 entire SecurityContextToken parsed by dnse:Cookie binary.
46 2007-03-27 Atsushi Enomoto <atsushi@ximian.com>
48 * SslSecurityTokenAuthenticator.cs, SslSecurityTokenProvider.cs :
49 Ongoing implementation. Applied some changes for SSPI support.
50 WSSecurityTokenSerializer is implemented to return binary-secret-
51 aware token, so just return it. Fixed some CK-HASH usage.
52 * IssuedTokenCommunicationObject.cs :
53 Applied some changes for SSPI support.
54 * SpnegoSecurityTokenAuthenticator.cs, SpnegoSecurityTokenProvider.cs,
55 SspiSession.cs : new ongoing implementation for SSPI negotiation.
56 * SspiClientSecurityTokenAuthenticator.cs : spnego authenticator
57 will go here (it is just a stub. Created when opening a channel).
59 2007-03-22 Atsushi Enomoto <atsushi@ximian.com>
61 * TlsClientSession.cs, SslSecurityTokenProvider.cs,
62 SslSecurityTokenAuthenticator.cs : added hash calculation support,
63 not working yet though (probably at service side).
65 2007-03-20 Atsushi Enomoto <atsushi@ximian.com>
67 * SslSecurityTokenAuthenticator.cs : don't reuse ContextId for SCT.
68 Process ServerFinished before ApplicationData exchange.
69 * TlsServerSession.cs : Fixed ClientKeyExchange stream processing.
71 2007-03-20 Atsushi Enomoto <atsushi@ximian.com>
73 * TlsClientSession.cs, TlsServerSession.cs :
74 added ProcessApplicationData()
75 * SslSecurityTokenAuthenticator.cs, SslSecurityTokenProvider.cs :
76 process RequestedProofToken as raw TLS negotiation data.
77 * SslnegoCookieResolver.cs : add comments on data format.
79 2007-03-19 Atsushi Enomoto <atsushi@ximian.com>
81 * TlsClientSession.cs : added CreateAuthHash(), used by authenticator.
82 * SecurityContextSecurityToken.cs : support "probably correct" rawdata
83 creation for cookie. It is not the secret key but some binary xml
85 * SslnegoCookieResolver.cs : added CreateData() for creating
86 binary-xmlized token cookie info.
87 * SslSecurityTokenAuthenticator.cs : create session key (dummy for
88 now) and use it instead of MasterSecret. Support t:Authenticator.
90 2007-03-13 Atsushi Enomoto <atsushi@ximian.com>
92 * SslSecurityTokenAuthenticator.cs, SslSecurityTokenProvider.cs :
93 (The build should be fixed at this state.)
94 Implemented RSTR consumption and RSTR collection creation (as the
95 final stage at sslnego phase).
97 Note that it is still not working, as our binary XmlDictionaryReader
98 is not working fine (and still not sure if it will work when they
99 are working fine, as currently there is no way to check if the
100 byte array binary-serialized and encrypted in the dnse:Cookie is
101 the actual symmetric key).
103 2007-03-13 Atsushi Enomoto <atsushi@ximian.com>
105 * SslSecurityTokenParameters.cs : support SecurityContextSecurityToken
106 in CreateKeyIdentifierClause(). Comment out generic xml token
107 support until we need it for sure.
109 2007-03-13 Atsushi Enomoto <atsushi@ximian.com>
111 * SecurityContextSecurityToken.cs : implemented almost all members.
112 * X509SecurityTokenParameters.cs : added comment on wrong documentation.
114 2007-03-13 Atsushi Enomoto <atsushi@ximian.com>
116 * SslnegoCookieResolver.cs : new file. It contains the resolver for
117 MS's non-standard encrypted sslnego shared key (dnse:Cookie), and
118 more importantly, the description on its data format (which was
119 almost unabled to be guessed, until I use non-protecting
120 SecurityStateEncoder and dug in depth to Binary XmlDictionaryReader).
122 2007-03-13 Atsushi Enomoto <atsushi@ximian.com>
124 * TlsServerSession.cs, TlsClientSession.cs : complete every operations
125 that depends on ReceiveRecord(). Added accessor to MasterSecret.
127 2007-03-09 Atsushi Enomoto <atsushi@ximian.com>
129 * TlsServerSession.cs : now ssl negotiation is functional enough to
130 implement SecurityContextToken(Collection) transmit.
131 * TlsClientSession.cs : cosmetic code consistency fix.
133 2007-03-09 Atsushi Enomoto <atsushi@ximian.com>
135 * TlsClientSession.cs, TlsServerSession.cs :
136 okay, there is RecordProtocol, which makes things much easier and
137 correct. Now client seems to be interoperable with .net.
139 2007-03-08 Atsushi Enomoto <atsushi@ximian.com>
141 * TlsClientSession.cs, TlsServerSession.cs :
142 several fixes; Fixed content type processing (Handshake and
143 ChangeCipherSpec). Fixed chunk output of handshake messages.
144 Set server side key verifier.
145 * SslSecurityTokenProvider.cs : use IssueReply for RSTR (fixed SOAP
147 * SslSecurityTokenAuthenticator.cs : implemented most of TLS
148 negotiation support, except for the final stage (still not clear
151 2007-03-07 Atsushi Enomoto <atsushi@ximian.com>
153 * AuthenticatorCommunicationObject.cs,
154 CommunicationSecurityTokenAuthenticator.cs,
155 SecureConversationSecurityTokenAuthenticator.cs :
156 new classes for negotiation-based token authenticators.
157 * SslSecurityTokenAuthenticator.cs : now it is based on
158 CommunicationSecurityTokenAuthenticator (like corresponding
161 2007-03-06 Atsushi Enomoto <atsushi@ximian.com>
163 * SecureConversationSecurityTokenParameters.cs :
164 implemented protected properties.
165 * X509SecurityTokenParameters.cs : added missing ToString().
167 2007-03-05 Atsushi Enomoto <atsushi@ximian.com>
169 * SslSecurityTokenProvider.cs : implemented some client negotiation
170 based on Mono.Security.Protocols.Tls.* and WSTrust contracts.
171 * TlsServerSession.cs, TlsClientSession.cs : session state transition
172 manager (controls Tls Context).
174 2007-03-05 Atsushi Enomoto <atsushi@ximian.com>
176 * UserNameSecurityTokenParameters.cs,
177 RsaSecurityTokenParameters.cs,
178 IssuedSecurityTokenParameters.cs,
179 SslSecurityTokenParameters.cs
180 SspiSecurityTokenParameters.cs,
181 KerberosSecurityTokenParameters.cs,
182 SecureConversationSecurityTokenParameters.cs : updated
183 InitializeSecurityTokenRequirement() based on updated MSDN docs.
184 Implemented Ssl CreateKeyIdentifierClause().
185 Implemented IssuedToken copy .ctor().
187 2007-03-01 Atsushi Enomoto <atsushi@ximian.com>
189 * ServiceModelSecurityTokenRequirement.cs,
190 RecipientServiceModelSecurityTokenRequirement.cs,
191 InitiatorServiceModelSecurityTokenRequirement.cs :
192 implemented ToString().
194 2007-03-01 Atsushi Enomoto <atsushi@ximian.com>
196 * SslSecurityTokenParameters.cs : more initialization of requirement.
197 * SslSecurityTokenAuthenticator.cs : new file.
199 2007-02-27 Atsushi Enomoto <atsushi@ximian.com>
201 * WrappedKeySecurityToken.cs : okkk, HMAC is extra. Just use SHA1,
202 and not for raw key but for wrapped key.
204 2007-02-27 Atsushi Enomoto <atsushi@ximian.com>
206 * WrappedKeySecurityToken.cs :
207 create HMACSHA1 always with the key to compute hash (I'm not sure
208 it is correct; it is rather to adjust all hash consistent.)
210 2007-02-21 Atsushi Enomoto <atsushi@ximian.com>
212 * DerivedKeySecurityToken.cs : added ReferenceList for corresponding
213 references to this key.
215 2007-02-21 Atsushi Enomoto <atsushi@ximian.com>
217 * DerivedKeySecurityToken.cs : new internal class to represent
218 wssc:DerivedKeyToken.
220 2007-02-16 Atsushi Enomoto <atsushi@ximian.com>
222 * WrappedKeySecurityToken.cs : reverted previous change. Key hash
223 could not be identical for the same key, but EncryptedKeySHA1 is
224 based on the wrapped key. So, there is an issue that .NET returns
225 different key than the one in the request message.
227 2007-02-15 Atsushi Enomoto <atsushi@ximian.com>
229 * WrappedKeySecurityToken.cs : SecurityKey should hold raw key, not
232 2007-02-06 Atsushi Enomoto <atsushi@ximian.com>
234 * WrappedKeySecurityToken.cs : it cannot resolve clauses from its
235 .ctor() argument identifier clauses. Match EncrypedKeySHA1 clause
236 if the hash values match.
237 * InternalEncryptedKeyIdentifierClause.cs :
238 derive from Binary clause.
240 2007-02-05 Atsushi Enomoto <atsushi@ximian.com>
242 * InternalEncryptedKeyIdentifierClause.cs : new file. It might not be
243 required, but for now it is used to write embedded EncryptedKey in
244 o:SecurityTokenReference.
246 2007-01-11 Atsushi Enomoto <atsushi@ximian.com>
248 * WrappedKeySecurityToken.cs : added internal ReferenceList, to
249 output e:ReferenceList (kind of compromised solution; see comments).
251 2007-01-09 Atsushi Enomoto <atsushi@ximian.com>
253 * WrappedKeySecurityToken.cs : GetWrappedKey() return value should
254 be the encrypted value of argument keyToWrap. Added several argument
257 2006-12-09 Atsushi Enomoto <atsushi@ximian.com>
259 * WrappedKeySecurityToken.cs : implemented missing members, except for
260 incomplete MatchKeyIdentifierClause().
261 * SecureConversationSecurityTokenParameters.cs : default
262 ChannelProtectionRequirements should cover all body parts i.e.
263 IsBodyIncluded should be true.
265 2006-12-06 Atsushi Enomoto <atsushi@ximian.com>
267 * SupportingTokenParameters.cs : implemented SetKeyDerivation().
269 2006-10-05 Atsushi Enomoto <atsushi@ximian.com>
271 * X509SecurityTokenParameters.cs : additional constructors.
273 2006-10-03 Atsushi Enomoto <atsushi@ximian.com>
275 * BinarySecretSecurityToken.cs : it does not seem that it uses
276 urn:uuid:blah ("urn:" is extraneous).
278 2006-09-27 Atsushi Enomoto <atsushi@ximian.com>
280 * SecurityTokenParameters.cs : added internal properties to access
281 protected properties.
282 * UserNameSecurityTokenParameters.cs : it's done now.
284 2006-09-19 Atsushi Enomoto <atsushi@ximian.com>
286 * SecurityTokenParameters.cs : removed MonoTODOs.
287 * X509SecurityTokenParameters.cs :
288 InitializeSecurityTokenRequirement() is done.
290 2006-09-17 Atsushi Enomoto <atsushi@ximian.com>
292 * ProviderCommunicationObject.cs, IssuedTokenCommunicationObject.cs,
293 SslSecurityTokenProvider.cs : both of issued token and ssl requires
294 connection requirement, so commonize the check.
296 2006-09-15 Atsushi Enomoto <atsushi@ximian.com>
298 * X509SecurityTokenParameters.cs,
299 SspiSecurityTokenParameters.cs,
300 UserNameSecurityTokenParameters.cs,
301 RsaSecurityTokenParameters.cs,
302 IssuedSecurityTokenParameters.cs,
303 SslSecurityTokenParameters.cs : implemented security feature
304 declaration properties (HasAsymmetricKey etc.) and implemented
307 2006-09-15 Atsushi Enomoto <atsushi@ximian.com>
309 * RsaSecurityTokenParameters.cs : TokenType fix.
310 * ProviderCommunicationObject.cs,
311 CommunicationSecurityTokenProvider.cs : an abstract token provider
312 that implements ICommunicationObject, and the abstract communication
313 object that is used in the provider.
314 * SslSecurityTokenProvider.cs : a practical example of the above,
316 * IssuedTokenCommunicationObject.cs, IssuedSecurityTokenProvider.cs :
317 it is also significantly refactored like the above.
318 The ICommunicationObject part of this provider class now just wraps
319 the intermediate object.
321 2006-09-12 Atsushi Enomoto <atsushi@ximian.com>
323 * X509SecurityTokenParameters.cs : when token reference style is
324 Internal, use LocalIdKeyIdentifierClause. The default for this type
327 2006-09-05 Atsushi Enomoto <atsushi@ximian.com>
329 * ServiceModelSecurityTokenRequirement.cs : implemented IsInitiator.
330 * InitiatorServiceModelSecurityTokenRequirement.cs :
331 initialize IsInitiator as true.
333 2006-09-05 Atsushi Enomoto <atsushi@ximian.com>
335 * SecurityContextSecurityTokenAuthenticator.cs,
336 SspiSecurityToken.cs : new files.
337 * SupportingTokenParameters.cs : copy ctor became private.
339 2006-08-30 Atsushi Enomoto <atsushi@ximian.com>
341 * X509SecurityTokenParameters.cs,
342 UserNameSecurityTokenParameters.cs : implemented properties.
343 * RsaSecurityTokenParameters.cs : new file.
345 2006-08-28 Atsushi Enomoto <atsushi@ximian.com>
347 * IssuedSecurityTokenProvider.cs : (GetToken) partly implemented
348 response message consumption.
350 2006-08-28 Atsushi Enomoto <atsushi@ximian.com>
352 * X509SecurityTokenParameters.cs :
353 implemented CreateKeyIdentifierClause().
355 2006-08-28 Atsushi Enomoto <atsushi@ximian.com>
357 * SupportingTokenParameters.cs : added some missing members.
359 2006-08-25 Atsushi Enomoto <atsushi@ximian.com>
361 * BinarySecretSecurityToken.cs : some .ctor() are protected.
363 2006-08-25 Atsushi Enomoto <atsushi@ximian.com>
365 * KerberosSecurityTokenParameters.cs : new test.
367 2006-08-25 Atsushi Enomoto <atsushi@ximian.com>
369 * InitiatorServiceModelSecurityTokenRequirement.cs,
370 RecipientServiceModelSecurityTokenRequirement.cs :
371 just use Properties to set and get each property.
372 * SslSecurityTokenParameters.cs : fix ctor chain.
373 hacky InitializeSecurityTokenRequirement implementation.
375 2006-08-24 Atsushi Enomoto <atsushi@ximian.com>
377 * SecureConversationSecurityTokenParameters.cs :
378 fill SecurityAlgorithmSuite to the requirement.
379 * SecurityTokenParameters.cs :
380 added internal IssuerBindingContext property for
381 SecurityBindingElement.SetIssuerBindingContextIfRequired().
382 Use this context in CallInitializeSecurityTokenParameters().
384 2006-08-23 Atsushi Enomoto <atsushi@ximian.com>
386 * IssuedSecurityTokenParameters.cs : oops, oops. fix build.
388 2006-08-23 Atsushi Enomoto <atsushi@ximian.com>
390 * IssuedSecurityTokenParameters.cs : added missing members.
391 * IssuedSecurityTokenProvider.cs : replacing broken data contract
392 based contracts with message based contract.
393 Support IssuerChannelBehaviors.
394 * SecureConversationSecurityTokenParameters.cs :
395 more InitializeSerurityTokenRequirement().
397 2006-08-23 Atsushi Enomoto <atsushi@ximian.com>
399 * SecurityContextSecurityTokenResolver.cs
400 ISecurityContextSecurityTokenCache.cs
401 SecurityContextSecurityToken.cs : new files.
403 2006-08-22 Atsushi Enomoto <atsushi@ximian.com>
405 * SecureConversationSecurityTokenParameters.cs :
406 partially implemented InitializeSecurityTokenRequirement().
407 * X509SecurityTokenParameters.cs : added X509ReferenceStyle.
408 * SspiSecurityTokenParameters.cs : new file.
410 2006-08-22 Atsushi Enomoto <atsushi@ximian.com>
412 * SslSecurityTokenParameters.cs,
413 SecureConversationSecurityTokenParameters.cs : new files.
414 * SecurityTokenParameters.cs : added internal invoker for
415 InitializeSecurityTokenRequirement().
416 * IssuedSecurityTokenParameters.cs, X509SecurityTokenParameters.cs :
417 implement InitializeSecurityTokenRequirement() (incomplete).
418 * ServiceModelSecurityTokenRequirement.cs :
419 MessageSecurityVersion is of type SecurityTokenVersion.
421 2006-08-17 Atsushi Enomoto <atsushi@ximian.com>
423 * ServiceModelSecurityTokenTypes.cs : new file.
425 2006-08-16 Atsushi Enomoto <atsushi@ximian.com>
427 * IssuedSecurityTokenProvider.cs :
428 WST request and response types are renamed.
430 2006-08-14 Atsushi Enomoto <atsushi@ximian.com>
432 * IssuedSecurityTokenProvider.cs : use new WSTrust proxy (ClientBase)
433 instead of ChannelFactory.
434 * SecurityTokenParameters.cs : added internal helper method for
435 CreateKeyIdentifierClause().
436 * ServiceModelSecurityTokenRequirement.cs : in several properties,
437 use TryGetProperty<T>() instead of having direct fields (so that
438 only setting items to "Properties" also affects on those props).
440 2006-08-11 Atsushi Enomoto <atsushi@ximian.com>
442 * InitiatorServiceModelSecurityTokenRequirement.cs,
443 RecipientServiceModelSecurityTokenRequirement.cs,
444 ServiceModelSecurityTokenRequirement.cs : new files.
446 2006-08-07 Atsushi Enomoto <atsushi@ximian.com>
448 * IssuedSecurityTokenProvider.cs : moved some premise checks from
449 GetTokenCore() to Open().
451 2006-08-04 Atsushi Enomoto <atsushi@ximian.com>
453 * WrappedKeySecurityToken.cs : new file.
455 2006-08-04 Atsushi Enomoto <atsushi@ximian.com>
457 * BinarySecretSecurityToken.cs : new file.
459 2006-08-03 Atsushi Enomoto <atsushi@ximian.com>
461 * UserNameSecurityTokenParameters.cs,
462 X509SecurityTokenParameters.cs : new files.
464 2006-08-02 Atsushi Enomoto <atsushi@ximian.com>
466 * IssuedSecurityTokenProvider.cs : (GetTokenCore) some premise check.
468 2006-08-01 Atsushi Enomoto <atsushi@ximian.com>
470 * IssuedSecurityTokenProvider.cs : implemented some properties.
471 * RenewedSecurityTokenHandler.cs, IssuedSecurityTokenHandler.cs,
472 IIssuanceSecurityTokenAuthenticator.cs : new files.
474 2006-08-01 Atsushi Enomoto <atsushi@ximian.com>
476 * IssuedSecurityTokenProvider.cs, ClaimTypeRequirement.cs : new files.
477 * IssuedSecurityTokenParameters.cs : added some missing members.
479 2006-07-21 Atsushi Enomoto <atsushi@ximian.com>
481 * SecurityTokenReferenceStyle.cs : moved from S.SM.Security namespace.
483 2006-07-21 Atsushi Enomoto <atsushi@ximian.com>
485 * IssuedSecurityTokenParameters.cs, SecurityTokenParameters.cs :
488 2006-07-10 Atsushi Enomoto <atsushi@ximian.com>
490 * SupportingTokenParameters.cs : new file.