2006-03-06 Gonzalo Paniagua Javier * RecordProtocol.cs: avoid creating the ManualResetEvent whenever possible. Don't lock on an instance of an object that the user can get. 2006-03-02 Sebastien Pouliot * RecordProtocol.cs: Fix possible endless loop (#77663). Remove hack for an old, fixed, MCS bug (#67711). 2005-10-06 Sebastien Pouliot * ClientRecordProtocol.cs: Update HandshakeMessages after each message. Fix bug #76258. * RecordProtocol.cs: Remove writing into the HandshakeMessages stream at this stage. We may need the data before that. Fix bug #76258. * ServerRecordProtocol.cs: Update HandshakeMessages after each message. Fix bug #76258. * SslServerStream.cs: Changed check for the presence of client certificates during handshake. 2005-09-02 Sebastien Pouliot * SslStreamBase.cs, ServerRecordProtocol.cs, SslClientStream.cs, ClientRecordProtocol.cs, RecordProtocol.cs, SslServerStream.cs: Re-written async support for Ssl[Client|Server]Stream from JD Conley with minor changes. Fix bug #75687 (and a lot of other known problems). 2005-07-01 Sebastien Pouliot * ServerContext.cs: Build the list of trusted certificates from all the trusted root for the current user and the local machine. * SslServerStream.cs: Add support for client certificate (and the callback for optional mutual authentication with SSL3). 2005-06-22 Sebastien Pouliot * SslClientStream.cs: Removed failsafe timeout of 5 minutes as some protocols can go idle for longer than this. 2005-06-14 Sebastien Pouliot * SslClientStream.cs: Add support for _optional_ mutual authentication. SSL3 and TLS1 deals differently with this. SSL3 tested with OpenSSL, TSL1 tested with OpenSSL and LDAPS/AD. 2005-06-06 Sebastien Pouliot * Alert.cs: Add NoCertificate (41) which _should_ be used in SSL3 if we don't want to send a certificate when requested by a server (e.g. in the case the mutual authentication is optional). * CipherSuite.cs: Fixed recursive property. Changed type to short so it can hold 256 bits (valid value). Fixed ctor so it doesn't assign the it's own value. 2005-05-13 Sebastien Pouliot * SslClientStream.cs: Forgot to set the event in the previous fix. 2005-05-10 Gonzalo Paniagua Javier * SslClientStream.cs: check for the dispose in NetworkReadCallback. Patch by Sebastien "Cryptoman" Pouliot. 2005-04-14 Gonzalo Paniagua Javier * SslClientStream.cs: gotta call EndInvoke, not EndRead. 2005-04-14 Gonzalo Paniagua Javier * SslClientStream.cs: MemoryStream does not implement proper Begin* methods, so we need this to prevent infinite recursion if we have a callback that calls BeginRead. 2005-04-13 Sebastien Pouliot * RecordProtocol.cs: Some API changes so a record can be decoded from any supplied stream (not just the inner network stream). * SslClientStream.cs: BeginRead is now truly async if the Negotiate is called from BeginWrite (where it should be in most case). * SslServerStream.cs: Adapted to API changes in RecordProtocol.cs. 2005-04-12 Sebastien Pouliot * SslHandshakeHash.cs: Changed "SslHash" to "MD5SHA1". Fix #71696. 2005-04-10 Sebastien Pouliot * HttpsClientStream.cs: Added a TrustFailure property so a WebException can now report TrustFailure correctly. Fix bug 74286. 2005-04-07 Sebastien Pouliot * SslCipherSuite.cs: Fix calculation (sequence number) for the server side stream. Patch by Brian Ritchie. 2005-02-04 Sebastien Pouliot * Reverting last changes in SslClientStream and RecordProtocol. This break when sending large files back and forth (echo test). 2005-02-02 Sebastien Pouliot * SslClientStream.cs: Throw exception when we receive a null record. * RecordProtocol.cs: Added code to avoid blocking and endless loops if the data is incomplete or missing - even in the case the server side doesn't close the connection (see new cutcli tool). 2004-12-15 Sebastien Pouliot * CipherSuite.cs: Removed unused MD5 and SHA1 instances created in PRF method (fix compilation warnings). 2004-12-13 Sebastien Pouliot * SslClientStream.cs: New internal property, ServerCertificates, to "easily" retreive the server's certificate chain using reflection. 2004-11-23 Sebastien Pouliot * RecordProtocol.cs: Fixed ClientHelloV2 support. 2004-11-10 Sebastien Pouliot * CipherSuiteFactory.cs: Activated RSA_WITH_AES_256_CBC_SHA as it is supported by some browsers. * ContentType.cs: Removed ClientHelloV2 from the enum as it is not a "true" content type (it just looks so where we're processing it). * Context.cs: Added support to switch protocol (e.g. SSL2->SSL3 or SSL2->TLS1). Contributed by Carlos Guzman Alvarez. * RecordProtocol.cs: Added support for ClientHelloV2 message (contributed by Carlos Guzman Alvarez). This is a Handshake message so it must be MACed. Also fixed the challenge length because some browsers implementation don't interpret "This value must be 32." as having 32 bytes. 2004-10-05 Sebastien Pouliot * SslClientStream.cs: Changed InputBuffer to internal (was protected). 2004-10-04 Gonzalo Paniagua Javier * HttpsClientStream.cs: the .ctor receives a pre-read buffer now. * SslClientStream.cs: added InputBuffer property. 2004-09-23 Sebastien Pouliot * RecordProtocol.cs: Fix alert data that could leak into appplication data (e.g. when closing the SSL session). 2004-07-14 Carlos Guzman Alvarez * Removed duplicate license header file from all source files. 2004-07-14 Sebastien Pouliot * SslClientStream.cs: Changed lock to "new object()" and not String.Empty (as the read/write locks points becomes the same). * SslServerStream.cs: Changed lock to "new object()" and not String.Empty (as the read/write locks points becomes the same). 2004-07-14 Gonzalo Paniagua Javier * HttpsClientStream.cs: get an HttpWebRequest so that we can use the ServicePoint it has. No need to get the host now. 2004-05-09 Carlos Guzman Alvarez * Mono.Security.Protocol.Tls/Alert.cs: * Mono.Security.Protocol.Tls/CipherSuite.cs: * Mono.Security.Protocol.Tls/CipherSuiteCollection.cs: * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/SecurityCompressionType.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: * Mono.Security.Protocol.Tls/TlsClientSettings.cs: - Changes for fix FxCop Rules. - Reworked CipherSuiteCollection class. 2004-04-21 Carlos Guzman Alvarez * Mono.Security.Protocol.Tls/DebugHelper.cs: - New class. * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/SslCipherSuite.cs: * Mono.Security.Protocol.Tls/TlsCipherSuite.cs: * Mono.Security.Protocol.Tls/SslClientStream.cs: - Added debug capabilities. * Mono.Security.Protocol.Tls/ServerContext.cs: - Added initialization of requested CertificateTypes and CA's 2004-04-16 Carlos Guzman Alvarez * Mono.Security.Protocol.Tls/TlsException.cs: - Make it public until npgsql people can fix their sources. 2004-03-19 Carlos Guzman Alvarez * Mono.Security.Protocol.Tls/TlsServerSettings.cs: - Added new CertificateRSA property. - Added new UpdateCertfificateRSA method. * Mono.Security.Protocol.Tls/CipherSuite.cs: - Removed CertificateRSA() method. 2004-03-19 Sebastien Pouliot * CipherSuite.cs: Fixed PRF generation when secret is an odd number of bytes (section 5 in RFC2246). * CipherSuiteFactory.cs: Added algorithms RSA_EXPORT_WITH_RC4_40_MD5, RSA_EXPORT_WITH_RC2_CBC_40_MD5, RSA_EXPORT_WITH_DES40_CBC_SHA, RSA_EXPORT_WITH_RC4_56_MD5, RSA_EXPORT_WITH_RC2_CBC_56_MD5, RSA_EXPORT_WITH_DES_CBC_56_SHA and RSA_EXPORT_WITH_RC4_56_SHA to both SSL3 and TLS1 protocols. * SslCipherSuite.cs: Fixed key generation for exportable ciphers. * TlsCipherSuite.cs: Fixed key generation for exportable ciphers. 2004-03-16 Carlos Guzman Alvarez * Mono.Security.Protocol.Tls/SslCipherSuite.cs: - Added changes for allow it to work as server or client. 2004-03-15 Carlos Guzman Alvarez * Mono.Security.Protocol.Tls/TlsStream.cs: * Mono.Security.Protocol.Tls/CipherSuite.cs: * Mono.Security.Protocol.Tls/TlsCipherSuite.cs: * Mono.Security.Protocol.Tls/SslHandshakeHash.cs: * Mono.Security.Protocol.Tls/RecordProtocol.cs: - Use Buffer.BlockCopy instead of System.Array.Copy 2004-03-10 Carlos Guzman Alvarez * Mono.Security.Protocol.Tls/Ciphersuite.cs: - Added generation of the Server encryption algorithms. - Modified encryption/decription methods for work as client or server as needed. * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: - Added new ProcessChangeCipherSpec method. * Mono.Security.Protocol.Tls/Context.cs: - Added new PrintBuffer method ( for debug ). * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: - Callback cleanup. 2004-03-06 Carlos Guzman Alvarez * Mono.Security.Protocol.Tls/SslServerStream.cs: - Initial implementation of the doHandshake method. - Added initial events implementation. * Mono.Security.Protocol.Tls/Ciphersuite.cs: * Mono.Security.Protocol.Tls/TlsCiphersuite.cs: * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: * Mono.Security.Protocol.Tls/ServerRecordProtocol.cs: * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/TlsServerSettings.cs: * Mono.Security.Protocol.Tls/TlsClientSettings.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: - Changes for make use of the renamed classes and enums. * Mono.Security.Protocol.Tls/TlsContentType.cs: - Renamed to ContentType.cs ( Enum and file ) * Mono.Security.Protocol.Tls/TlsCiphersuiteCollection.cs: - Renamed to CiphersuiteCollection.cs ( Class and file ) * Mono.Security.Protocol.Tls/TlsCiphersuiteFactory.cs: - Renamed to CiphersuiteCollection.cs ( Class and file ) * Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs: - Renamed to SslHandshakeHash.cs ( Class and file ) * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs: - Renamed to SslCipherSuite.cs ( Class and file ) 2004-02-26 Carlos Guzman Alvarez * Mono.Security.Protocol.Tls/HandshakeState.cs: - New file. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: - Added changes for better handling of ClientHelloRequest messages. 2004-02-25 Sebastien Pouliot * HttpsClientStream.cs: New. Internal glue class between System.dll WebConnection and SslClientStream to reduce reflection. * SslClientStream.cs: RaiseServerCertificateValidation is now virtual to allow HttpsClientStream to override it. 2004-02-24 Carlos Guzman Alvarez * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: - Reimplementation of TLS/SSL Alert Protocol. 2004-02-20 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls.Handshake.Client/SslClientCertificate.cs: - Improved exception handling. 2004-02-18 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls/CipherAlgorithmType.cs: * Mono.Security.Protocol.Tls/HashAlgorithmType.cs: * Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs: - Added Serializable attribute. * Mono.Security.Protocol.Tls/CipherSuite.cs: * Mono.Security.Protocol.Tls/TlsCipherSuite.cs: * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs: * Mono.Security.Protocol.Tls/TlsContext.cs: - Added some optimizations proposed by Sebastien Pouliot. * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs: - Changes on Common Name detection and certificate error handling ( Thanks to Sebastien Pouliot for his feedback ). 2004-02-18 Sebastien Pouliot * SslClientStream.cs: Fixed (inverted) condition for ServerCertificate. * SecurityProtocolType.cs: Added [Serializable] to enum to match MS implementation. 2004-02-17 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls/SslClientStream.cs: - Added changes to security properties for check that the handshake is finished. * Mono.Security.Protocol.Tls/SslClientStream.cs: - Added changes for bring async methods to work ( Thanks to Sebastien Pouliot ) - Reworked the record fragmentation. - Fix for send the close notify alert in the Close method only if the Handshake is fully negotiated. 2004-02-16 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs: - Changed ciphersuites order of preference ( Thanks to Sebastien Pouliot for his feedback ). 2004-02-15 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls/SslClientStream.cs: - Added specific control od available data for Network Streams on Read ( Thanks to Francisco Figueiredo Jr. for his feedback ). - Removed test code. 2004-02-14 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls/SslClientStream.cs: - Removed test code. 2003-11-17 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls/SslClientStream.cs: Removed ReadByte method, use innerStream.ReadByte() method instead. 2003-11-13 Carlos Guzmán Álvarez * Added implementation of an SslClientStream class similar to the MS .NET Framework 1.2 documentation. The next files are no more needed: - TlsSession.cs - TlsNetworkStream.cs - TlsSocket.cs - TlsSessionState.cs The next files are renamed: - TlsSessionSettings.cs -> TlsClientSettings.cs - TlsSessionContext.cs -> TlsContext.cs The next files are new: - SslClientStream.cs ( the name is non definitive yet ) The next files where changed to reflect the new canges: - TlsHandshakeMessage.cs - TlsClientCertificate.cs - TlsClientCertificateVerify.cs - TlsClientFinished.cs - TlsClientHello.cs - TlsClientKeyExchange.cs - TlsServerCertificate.cs - TlsServerCertificateRequest.cs - TlsServerFinished.cs - TlsServerHello.cs - TlsServerHelloDone.cs - TlsServerKeyExchange.cs - TlsAlert.cs - TlsCloseNotifyAlert.cs 2003-11-12 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: - Changes for give full error message only in debug mode ( Thanks to Sebastién Pouliot. ) * Mono.Security.Protocol.Tls/TlsProtocol.cs: - Renamed to SecurityProtocolType.cs ( for match .NET 1.2 ) * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs: - Renamed to MD5SHA1.cs ( Thanks to Sebastién Pouliot. ) * Mono.Security.Cryptography/TlsCompressionMethod.cs: - Renamed to SecurityCompressionType. * Mono.Security.Protocol.Tls/CipherAlgorithmType.cs: * Mono.Security.Protocol.Tls/HashAlgorithmType.cs: * Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs: - New enumerations that matches .NET 1.2 definitions with some minor differences. * Mono.Security.Protocol.Tls/CipherSuite.cs: * Mono.Security.Protocol.Tls/TlsCipherSuite.cs: * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs: * Mono.Security.Protocol.Tls/TlsSessionContext.cs: - Added changes for make use of new enumerations. * Mono.Security.Protocol.Tls/TlsClientStream.cs: - Added new informative properties that matches .NET 1.2 SslClientStream ( Not all the properties are implemented yet ). 2003-11-10 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs: - Fixed invalid alert message. * Mono.Security.Protocol.Tls/CipherSuite.cs: * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs: * Mono.Security.Cryptography/HMAC.cs: * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs: - Changed ( Thanks to Sebastién Pouliot for his feedback ) SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider(); MD5CryptoServiceProvider sha = new MD5CryptoServiceProvider(); to HashAlgorithm sha = SHA1.Create(); HashAlgorithm md5 = MD5.Create(); 2003-11-04 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls/CipherSuite.cs: - Added custom padding for record encryption. 2003-11-03 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessages.cs: - Removed file. * Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs: - New class for handshake hashes calculation on SSL3 protocol. * Mono.Security.Protocol.Tls/TlsSessionContext.cs: - Fixed mac keys clearing for SSL3 protocol. * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs: - Added changes for make use of new TlsSslHandshakeHash class. * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs: - Added initial implementation for SSL3 protocol. * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs: - New class for md5-sha hash calculation. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs: - Make use of new MD5SHA1CryptoServiceProvider class. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs: - Added initial implementation (not finished). * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: - Minor change to message processing. - Changed verify method name to verifySignature. * Mono.Security.Protocol.Tls/TlsSessionContext.cs: - Changed handshakeHashes member to be an TlsStream. 2003-10-28 Carlos Guzmán Álvarez * Mono.Security.Protocol.Tls/CipherSuite.cs: * Mono.Security.Protocol.Tls/TlsSessionSettings.cs: * Mono.Security.Protocol.Tls/TlsServerSettings.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: - Added changes for make use of X509 classes from mono. 2003-10-23 Carlos Guzmán Álvarez * Added partial implementation of SSL3 protocol ( not finished yet ). * TlsAbstractCipherSuite.cs: Renamed to CipherSuite.cs. * Removed AssemblyInfo.cs file. 2003-10-21 Carlos Guzmán Álvarez TlsCipherSuiteFactory.cs: Changed names of private methods. TlsSslCipherSuite.cs: Replaced implementations of key generation methods with a throw new NotSupportedException(). 2003-10-20 Carlos Guzmán Álvarez TlsCupherSuite.cs: Fixed padding length calculation on record encryption. TlsSessionContext.cs: Added new CompressionMethod property. Added new MAX_FRAGMENT_SIZE constant. TlsSession.cs: Removed MaxFragmentSize property. TlsSocket.cs: Replaced use of TlsSesison.MaxFragmentSize by TlsSessionContext.MAX_FAGMENT_SIZE TlsSessionSettings.cs: Added new CompressionMethod property. * Abstracted CipherSuite classes for allow work with other protocol versions. * Added new files : TlsAbstractCipherSuite.cs TlsSslCipherSuite.cs TlsCipherSuiteFactory.cs TlsCompressionMethod.cs * Added new cipher suites definitions based on RFC3268 - (http://www.ietf.org/rfc/rfc3268.txt) * Added two new supported ciphersuites for TLS protocol: TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA * Moved key generation stuff to specific cipher suite classes. 2003-10-20 Pedro Martínez Juliá * AssemblyInfo.cs: commented out KeyFile reference. * TlsSession.cs: changed Math.Pow for System.Math.Pow because of MCS bug with namespace resolving.