-2003-11-17 Carlos Guzmán Álvarez <carlosga@telefonica.net>\r
-\r
- * Mono.Security.Protocol.Tls/SslClientStream.cs:\r
-\r
- Removed ReadByte method, use innerStream.ReadByte() method instead.\r
-\r
-2003-11-13 Carlos Guzmán Álvarez <carlosga@telefonica.net>\r
-\r
- * Added implementation of an SslClientStream class similar to the MS .NET Framework 1.2 documentation.\r
-\r
- The next files are no more needed:\r
-\r
- - TlsSession.cs\r
-\r
- - TlsNetworkStream.cs\r
-\r
- - TlsSocket.cs\r
-\r
- - TlsSessionState.cs\r
-\r
- The next files are renamed:\r
-\r
- - TlsSessionSettings.cs -> TlsClientSettings.cs\r
-\r
- - TlsSessionContext.cs -> TlsContext.cs\r
-\r
- The next files are new:\r
-\r
- - SslClientStream.cs ( the name is non definitive yet )\r
-\r
- The next files where changed to reflect the new canges:\r
-\r
- - TlsHandshakeMessage.cs\r
-\r
- - TlsClientCertificate.cs\r
-\r
- - TlsClientCertificateVerify.cs\r
-\r
- - TlsClientFinished.cs\r
-\r
- - TlsClientHello.cs\r
-\r
- - TlsClientKeyExchange.cs\r
-\r
- - TlsServerCertificate.cs\r
-\r
- - TlsServerCertificateRequest.cs\r
-\r
- - TlsServerFinished.cs\r
-\r
- - TlsServerHello.cs\r
-\r
- - TlsServerHelloDone.cs\r
-\r
- - TlsServerKeyExchange.cs\r
-\r
- - TlsAlert.cs\r
-\r
- - TlsCloseNotifyAlert.cs\r
-\r
- \r
-2003-11-12 Carlos Guzmán Álvarez <carlosga@telefonica.net>\r
-\r
- * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:\r
- \r
- - Changes for give full error message only in debug mode ( Thanks to Sebastién Pouliot. )\r
- \r
- * Mono.Security.Protocol.Tls/TlsProtocol.cs:\r
- \r
- - Renamed to SecurityProtocolType.cs ( for match .NET 1.2 )\r
- \r
- * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:\r
- \r
- - Renamed to MD5SHA1.cs ( Thanks to Sebastién Pouliot. )\r
- \r
- * Mono.Security.Cryptography/TlsCompressionMethod.cs:\r
- \r
- - Renamed to SecurityCompressionType.\r
- \r
- * Mono.Security.Protocol.Tls/CipherAlgorithmType.cs:\r
- * Mono.Security.Protocol.Tls/HashAlgorithmType.cs:\r
- * Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs:\r
- \r
- - New enumerations that matches .NET 1.2 definitions with some minor differences.\r
- \r
- * Mono.Security.Protocol.Tls/CipherSuite.cs:\r
- * Mono.Security.Protocol.Tls/TlsCipherSuite.cs:\r
- * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:\r
- * Mono.Security.Protocol.Tls/TlsSessionContext.cs:\r
- \r
- - Added changes for make use of new enumerations.\r
- \r
- * Mono.Security.Protocol.Tls/TlsClientStream.cs:\r
- \r
- - Added new informative properties that matches .NET 1.2 SslClientStream\r
- ( Not all the properties are implemented yet ).\r
-\r
-\r
-2003-11-10 Carlos Guzmán Álvarez <carlosga@telefonica.net>\r
-\r
- * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:\r
-\r
- - Fixed invalid alert message.\r
-\r
- * Mono.Security.Protocol.Tls/CipherSuite.cs:\r
- * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:\r
- * Mono.Security.Cryptography/HMAC.cs:\r
- * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:\r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:\r
-\r
- - Changed ( Thanks to Sebastién Pouliot for his feedback )\r
-\r
- SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider();\r
- MD5CryptoServiceProvider sha = new MD5CryptoServiceProvider();\r
-\r
- to\r
-\r
- HashAlgorithm sha = SHA1.Create();\r
- HashAlgorithm md5 = MD5.Create(); \r
+2006-03-16 Sebastien Pouliot <sebastien@ximian.com>
-2003-11-04 Carlos Guzmán Álvarez <carlosga@telefonica.net>\r
-\r
- * Mono.Security.Protocol.Tls/CipherSuite.cs:\r
-\r
- - Added custom padding for record encryption.\r
-\r
-\r
-2003-11-03 Carlos Guzmán Álvarez <carlosga@telefonica.net>\r
-\r
- * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessages.cs:\r
- \r
- - Removed file.\r
-\r
- * Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs:\r
- \r
- - New class for handshake hashes calculation on SSL3 protocol.\r
-\r
- * Mono.Security.Protocol.Tls/TlsSessionContext.cs:\r
- \r
- - Fixed mac keys clearing for SSL3 protocol.\r
-\r
- * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:\r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:\r
- \r
- - Added changes for make use of new TlsSslHandshakeHash class.\r
- \r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:\r
- \r
- - Added initial implementation for SSL3 protocol.\r
- \r
- * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:\r
- \r
- - New class for md5-sha hash calculation.\r
- \r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:\r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:\r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:\r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs:\r
- \r
- - Make use of new MD5SHA1CryptoServiceProvider class.\r
- \r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:\r
- \r
- - Added initial implementation (not finished).\r
- \r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:\r
- \r
- - Minor change to message processing.\r
-\r
- - Changed verify method name to verifySignature.\r
- \r
- * Mono.Security.Protocol.Tls/TlsSessionContext.cs:\r
- \r
- - Changed handshakeHashes member to be an TlsStream.\r
-\r
-2003-10-28 Carlos Guzmán Álvarez <carlosga@telefonica.net>\r
+ * TlsClientHello.cs: Check to see if we already have a known session
+ (past or concurrent) with the same target host. If so the use this
+ session id to try to resume (i.e. abbreviated handshake).
+ * TlsServerFinished.cs: Don't reset the hasndshake stream here. The
+ stream must be resetted once BOTH the client and the server are done.
+ The order of message can be different if we use an abbreviated
+ handshake sequence which leads to an invalid handshake.
+ * TlsServerHello.cs: Add this session info to the client cache. If the
+ server sends the same session id (as we supplied) then we MUST do an
+ abbreviated handshake.
+
+2005-11-23 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsServerCertificate.cs: Add support for Netscape Server Gated
+ Crypto (2.16.840.1.113730.4) as a valid server-side EKU OID. Fix bug
+ #76804.
+
+2005-06-14 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsClientCertificate.cs: Add support for _optional_ mutual
+ authentication. SSL3 and TLS1 deals differently with this. SSL3 tested
+ with OpenSSL, TSL1 tested with OpenSSL and LDAPS/AD.
+
+2005-04-12 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsClientCertificateVerify.cs: Add missing data length (16 bits -
+ not to be confused with the record 24 bits length) before the RSA
+ signature of the MD5SHA1 hash. Fix #71696.
+
+2004-05-11 Carlos Guzman Alvarez <carlosga@telefonica.net>\r
\r
- * Mono.Security.Protocol.Tls/CipherSuite.cs:\r
- * Mono.Security.Protocol.Tls/TlsSessionSettings.cs:\r
- * Mono.Security.Protocol.Tls/TlsServerSettings.cs:\r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:\r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs:\r
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:\r
- * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:\r
-\r
- - Added changes for make use of X509 classes from mono.\r
-\r
-2003-10-23 Carlos Guzmán Álvarez <carlosga@telefonica.net>\r
-\r
+
+ - Added fix for better handling of exceptions when
+ building the X509 Certificate chain.
+
+2004-04-22 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsClientCertificateVerify.cs: Use Buffer.BlockCopy instead of
+ Array.Copy.
+ * TlsServerCertificate.cs: Changed KeyUsage to KeyUsages and CertType
+ to CertTypes.
+
+2004-03-19 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsClientKeyExchange.cs: Fixed key pair used to encrypt pre-master
+ secret for exportable ciphers - must use the public key received in
+ ServerKeyExchange.
+
+2004-03-10 Carlos Guzman Alvarez <carlosga@telefonica.net>
+
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificateRequest.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Server/TlsClientCertificateVerify.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Server/TlsServerCertificateRequest.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Server/TlsServerFinished.cs:
+
+ - Fixed meesage type definition.
+
+2004-03-04 Carlos Guzman Alvarez <carlosga@telefonica.net>
+
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerHelloDone.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Server/TlsServerHelloDone.cs:
+
+ - Fixed message type.
+
+2004-02-26 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsServerCertificate.cs: Certificate validation has been activated.
+
+2004-02-26 Carlos Guzman Alvarez <carlosga@telefonica.net>
+
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
+
+ - Added changes for better handling of ClientHelloRequest messages.
+
+2004-02-21 Carlos Guzman Alvarez <carlosga@telefonica.net>
+
+ * TlsServerHello: Fix for handle SecurityProtocolType.Default.
+
+2004-02-20 Sebastien Pouliot <sebastien@ximian.com>
+
+ * TlsServerCertificate.cs: Added code to validate the server X.509
+ certificate (identity, usage) and it's chain to a trusted root.
+ Note that the verification is commented for the time being.
+
+2004-02-14 Carlos Guzmán Álvarez <carlosga@telefonica.net>
+
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
+
+ - Removed test code.
+
+2003-11-17 Carlos Guzmán Álvarez <carlosga@telefonica.net>
+
+ * Mono.Security.Protocol.Tls/SslClientStream.cs:
+
+ Removed ReadByte method, use innerStream.ReadByte() method instead.
+
+2003-11-13 Carlos Guzmán Álvarez <carlosga@telefonica.net>
+
+ * Added implementation of an SslClientStream class similar to the MS .NET Framework 1.2 documentation.
+
+ The next files are no more needed:
+
+ - TlsSession.cs
+
+ - TlsNetworkStream.cs
+
+ - TlsSocket.cs
+
+ - TlsSessionState.cs
+
+ The next files are renamed:
+
+ - TlsSessionSettings.cs -> TlsClientSettings.cs
+
+ - TlsSessionContext.cs -> TlsContext.cs
+
+ The next files are new:
+
+ - SslClientStream.cs ( the name is non definitive yet )
+
+ The next files where changed to reflect the new canges:
+
+ - TlsHandshakeMessage.cs
+
+ - TlsClientCertificate.cs
+
+ - TlsClientCertificateVerify.cs
+
+ - TlsClientFinished.cs
+
+ - TlsClientHello.cs
+
+ - TlsClientKeyExchange.cs
+
+ - TlsServerCertificate.cs
+
+ - TlsServerCertificateRequest.cs
+
+ - TlsServerFinished.cs
+
+ - TlsServerHello.cs
+
+ - TlsServerHelloDone.cs
+
+ - TlsServerKeyExchange.cs
+
+ - TlsAlert.cs
+
+ - TlsCloseNotifyAlert.cs
+
+
+2003-11-12 Carlos Guzmán Álvarez <carlosga@telefonica.net>
+
+ * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
+
+ - Changes for give full error message only in debug mode ( Thanks to Sebastién Pouliot. )
+
+ * Mono.Security.Protocol.Tls/TlsProtocol.cs:
+
+ - Renamed to SecurityProtocolType.cs ( for match .NET 1.2 )
+
+ * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
+
+ - Renamed to MD5SHA1.cs ( Thanks to Sebastién Pouliot. )
+
+ * Mono.Security.Cryptography/TlsCompressionMethod.cs:
+
+ - Renamed to SecurityCompressionType.
+
+ * Mono.Security.Protocol.Tls/CipherAlgorithmType.cs:
+ * Mono.Security.Protocol.Tls/HashAlgorithmType.cs:
+ * Mono.Security.Protocol.Tls/ExchangeAlgorithmType.cs:
+
+ - New enumerations that matches .NET 1.2 definitions with some minor differences.
+
+ * Mono.Security.Protocol.Tls/CipherSuite.cs:
+ * Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
+ * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
+ * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
+
+ - Added changes for make use of new enumerations.
+
+ * Mono.Security.Protocol.Tls/TlsClientStream.cs:
+
+ - Added new informative properties that matches .NET 1.2 SslClientStream
+ ( Not all the properties are implemented yet ).
+
+
+2003-11-10 Carlos Guzmán Álvarez <carlosga@telefonica.net>
+
+ * Mono.Security.Protocol.Tls.Alerts/TlsAlert.cs:
+
+ - Fixed invalid alert message.
+
+ * Mono.Security.Protocol.Tls/CipherSuite.cs:
+ * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
+ * Mono.Security.Cryptography/HMAC.cs:
+ * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
+
+ - Changed ( Thanks to Sebastién Pouliot for his feedback )
+
+ SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider();
+ MD5CryptoServiceProvider sha = new MD5CryptoServiceProvider();
+
+ to
+
+ HashAlgorithm sha = SHA1.Create();
+ HashAlgorithm md5 = MD5.Create();
+
+2003-11-04 Carlos Guzmán Álvarez <carlosga@telefonica.net>
+
+ * Mono.Security.Protocol.Tls/CipherSuite.cs:
+
+ - Added custom padding for record encryption.
+
+
+2003-11-03 Carlos Guzmán Álvarez <carlosga@telefonica.net>
+
+ * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessages.cs:
+
+ - Removed file.
+
+ * Mono.Security.Protocol.Tls/TlsSslHandshakeHash.cs:
+
+ - New class for handshake hashes calculation on SSL3 protocol.
+
+ * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
+
+ - Fixed mac keys clearing for SSL3 protocol.
+
+ * Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
+
+ - Added changes for make use of new TlsSslHandshakeHash class.
+
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
+
+ - Added initial implementation for SSL3 protocol.
+
+ * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
+
+ - New class for md5-sha hash calculation.
+
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs:
+
+ - Make use of new MD5SHA1CryptoServiceProvider class.
+
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
+
+ - Added initial implementation (not finished).
+
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
+
+ - Minor change to message processing.
+
+ - Changed verify method name to verifySignature.
+
+ * Mono.Security.Protocol.Tls/TlsSessionContext.cs:
+
+ - Changed handshakeHashes member to be an TlsStream.
+
+2003-10-28 Carlos Guzmán Álvarez <carlosga@telefonica.net>
+
+ * Mono.Security.Protocol.Tls/CipherSuite.cs:
+ * Mono.Security.Protocol.Tls/TlsSessionSettings.cs:
+ * Mono.Security.Protocol.Tls/TlsServerSettings.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
+ * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
+
+ - Added changes for make use of X509 classes from mono.
+
+2003-10-23 Carlos Guzmán Álvarez <carlosga@telefonica.net>
+
* Added partial implementation of SSL3 protocol ( not finished yet ).