1 2010-03-11 Gonzalo Paniagua Javier <gonzalo@novell.com>
3 * OSX509Certificates.cs: moved to System.dll.
5 2010-02-27 Miguel de Icaza <miguel@novell.com>
7 * OSX509Certificates.cs: Add support to validate X509 certificate
8 chains using the OSX certificates API.
10 2008-09-12 Sebastien Pouliot <sebastien@ximian.com>
12 * PKCS12.cs, X509Store.cs: Use File.Create instead of OpenWrite to
13 make sure nothing else if left at the end of the file. Issue reported
14 by Christophe Chevalier.
16 2008-06-03 Sebastien Pouliot <sebastien@ximian.com>
18 * X509Certificate.cs: Accept text before the PEM certificate itself.
21 2007-05-09 Sebastien Pouliot <sebastien@ximian.com>
23 * PKCS12.cs: Adds SecretBag support. Patch by Jay Miller.
24 * X509Certificate.cs: Fix IsCurrent (use UTC).
26 2006-12-14 Sebastien Pouliot <sebastien@ximian.com>
28 * X501Name.cs: Added support for (some cases of) T.61 strings, like
29 the latin-1 encoded accentued characters founds in some DN. Fix bug
32 2006-12-11 Sebastien Pouliot <sebastien@ximian.com>
34 * PKCS12.cs: Fix DSA certificates (with parameters) and don't throw
35 an exception in the case where parameters aren't part of the
36 certificate. This fix makes all 405 PKCS#12 test cases from PKITS
39 2006-12-06 Sebastien Pouliot <sebastien@ximian.com>
41 * X501Name.cs: Add decoding of RFC3280 mandatory and optional
42 attributes types for dnQualifier, title, surname, givenName and
44 * X520Attributes.cs: Add encoding of RFC3280 mandatory and
45 optional attributes types for dnQualifier, title, surname, givenName
48 2006-12-05 Sebastien Pouliot <sebastien@ximian.com>
50 * X509Certificate.cs: Resurrect the (fixed) support for [Issuer|
51 Subject]UniqueIdentifier, including new properties.
52 * X509CRL.cs: Fix DSA signature verification when numbers aren't
53 exactly 20 bytes long (e.g. too short or negative with an extra 0x00).
55 2006-12-05 Sebastien Pouliot <sebastien@ximian.com>
57 * X509CRL.cs: Expose the Hash and RawData properties to make it easier
58 to support CRL into stores.
59 * X509Store.cs: Add support to Import and Remove CRL from stores.
60 Refactor the code to get unique identificators.
61 * X509Stores.cs: Change default, for Open, to stores that supports
64 2006-12-04 Sebastien Pouliot <sebastien@ximian.com>
66 * X509Certificate.cs: Added support for inherited DSA key parameters.
68 2006-11-22 Sebastien Pouliot <sebastien@ximian.com>
70 * X509Store.cs: Add new Open method to access any certificate store
71 by any names (required to support 2.0 features).
73 2006-11-13 Sebastien Pouliot <sebastien@ximian.com>
75 * X509Certificate.cs: Add support for PEM encoded (base64) x.509
76 certificates (supported in 2.0).
78 2006-11-08 Sebastien Pouliot <sebastien@ximian.com>
80 * X501Name.cs: Fix build as the first build of 2.0's System.dll
81 may depend on a Mono.Security.dll without the new ToString overload.
83 2006-11-08 Sebastien Pouliot <sebastien@ximian.com>
85 * X501Name.cs: Refactor ToString method to allow most options available
87 * X509Certificate.cs: Add methods to retrieve the Issuer and Subject
88 Distinguished Names in binary (ASN.1) form. Reverse (actually correct)
89 the text representation of Issuer and Subject for 2.0.
91 2006-10-08 Sebastien Pouliot <sebastien@ximian.com>
93 * PKCS12.cs: A String.Empty is different from a null password. Fix bug
96 2006-09-05 Sebastien Pouliot <sebastien@ximian.com>
98 * X509Certificate.cs: Don't reset RSA or DSA property if the new value
99 is null (part of the fix for #79262).
101 2006-07-25 Sebastien Pouliot <sebastien@ximian.com>
103 * X509CRL.cs: Fix the case where no entry are present in the CRL (as
104 the structure is optional) *and* when there are no x.509 certificate
107 2006-01-24 Sebastien Pouliot <sebastien@ximian.com>
109 * PKCS12.cs: Consider String.Empty as a null password (e.g. don't
110 throw an IndexOutOfRangeException). Fix part of bug #77342.
112 2006-01-05 Sebastien Pouliot <sebastien@ximian.com>
114 * X509Extension.cs: Extension data may be encapsulated (i.e. ASN.1
115 data inside the octet string) if it comes from the X509Certificate
118 2006-01-04 Sebastien Pouliot <sebastien@ximian.com>
120 * X509Extension.cs: Added setter for Critical property (fix #77154).
121 Fixed asymmetry between encoding and decoding (fix #75781).
123 2005-12-16 Sebastien Pouliot <sebastien@ximian.com>
125 * X509Chain.cs: Fix chain building. Patch from Vincent Cote-Roy.
127 2005-11-18 Sebastien Pouliot <sebastien@ximian.com>
129 * X509Extension.cs: Changed default ctor to protected to help
130 extensibility outside of Mono.Security.dll (fix bug #76742).
132 2005-11-04 Sebastien Pouliot <sebastien@ximian.com>
134 * PKCS12.cs: It's now possible to add multiple keys of the same size
135 inside a pkcs12 file. Fix bug #76627.
137 2005-11-04 Sebastien Pouliot <sebastien@ximian.com>
139 * PKCS12.cs: Added MaximumPasswordLength property to allow decoding
140 the password with a length limits like MS PFXImportCertStore does.
141 In this case you just have to assign the value CryptoApiPasswordLimit
142 to the new static property.
144 2005-10-11 Sebastien Pouliot <sebastien@ximian.com>
146 * X509Certificate.cs: Fixed bug #76407. ValidFrom and ValidUntil are
147 local date/time so IsCurrent most also use a local date/time.
148 * X509CRL.cs: ValidFrom and ValidUntil are local date/time so
149 IsCurrent most also use a local date/time.
151 2005-10-06 Sebastien Pouliot <sebastien@ximian.com>
153 * X509Chain.cs: Fixed the case where no chain is present (self signed)
155 2005-09-09 Sebastien Pouliot <sebastien@ximian.com>
157 * X509Certificate.cs: Fixed version property (bug #76012). Added
158 ISerializable (for 2.0 so we're not breaking current compatibility).
160 2005-08-29 Sebastien Pouliot <sebastien@ximian.com>
162 * X501Name.cs: Fixed quoted (bug #75780) and escaped values. Added
163 parsing for "direct" OID values. Plugged DC and UID with new X520
165 * X520Attributes.cs: Added support for SerialNumber (fix bug #75783),
166 DomainComponent, UserId and Oid.
168 2005-08-12 Sebastien Pouliot <sebastien@ximian.com>
170 * X520Attributes.cs: Don't select PRINTABLESTRING for non 7bits
171 values. Fix bug #75782. Based on patch from Daniel Granath.
173 2005-06-29 Sebastien Pouliot <sebastien@ximian.com>
175 * X509CRL.cs: Fix the case where no entry are present in the CRL (as
176 the structure is optional).
178 2005-04-26 Sebastien Pouliot <sebastien@ximian.com>
180 * X509Certificate.cs: DSA and RSA properties are now cached. In 2.0
181 they also have a set accessor.
182 * PKCS12.cs: Modified code to allow providing the password as a byte
183 array (the new constructor is available in 2.0).
185 2005-02-25 Sebastien Pouliot <sebastien@ximian.com>
187 * X501Name.cs: Added support for multiple entries in a same set.
189 2005-01-11 Sebastien Pouliot <sebastien@ximian.com>
191 * X509Certificate.cs: Fixed NullReferenceException when asking for
192 data that wasn't a proper X.509 certificate.
194 2004-12-13 Sebastien Pouliot <sebastien@ximian.com>
196 * X509Certificate.cs: Directly use the MD2 class when compiled in
197 Mono.Security.dll assembly (even if not configured in machine.config).
199 2004-09-17 Sebastien Pouliot <sebastien@ximian.com>
201 * PKCS12.cs: Fixed all level 4 compilation warnings.
202 * X501Name.cs: Fixed all level 4 compilation warnings.
203 * X509Certificate.cs: Fixed all level 4 compilation warnings.
204 * X509CertificateBuilder.cs: Fixed all level 4 compilation warnings.
205 * X509Extension.cs: In synch with corlib version. Fixed all level 4
206 compilation warnings.
207 * X520Attributes.cs: Updated to check upperbounds - which fixed level
208 4 compilation warnings.
210 2004-09-07 Sebastien Pouliot <sebastien@ximian.com>
212 * X509Chain.cs: Fixed a bug when constructing a certificate chain from
213 a collection (endless loop). Fixed bug when Reset-ing an empty chain.
215 2004-08-10 Sebastien Pouliot <sebastien@ximian.com>
217 * X509Store.cs: Now returns empty collection/list for certificates/
218 CRL when access to a store is denied.
220 2004-07-15 Sebastien Pouliot <sebastien@ximian.com>
222 * X501Name.cs: Support for E (email) in FromString.
223 * X520Attributes.cs: Added X520.EmailAddress.
224 Both patches fix bug #61241 and were contributed by Ianier Munoz.
226 2004-05-27 Sebastien Pouliot <sebastien@ximian.com>
228 * X509Certificate.cs: Rethrow original exception when parsing X.509
229 certificates (inside a CryptographicException) so people can see if
230 their changes affects certificate decoding.
232 2004-05-12 Jesper Pedersen <jep@itplus.dk>
234 * PKCS12.cs: Removed file exists check from SaveToFile(). Removed
235 Equals() and GetHashCode(). Clone the original iteration count.
237 2004-05-06 Jesper Pedersen <jep@itplus.dk>
239 * PKCS12.cs: Fixed synchronization with X509CertificateCollection in
242 2004-05-05 Jesper Pedersen <jep@itplus.dk>
244 * PKCS12.cs: Added support for SafeBag attributes. Added support for
245 Clone() (ICloneable), Equals and GetHashCode. New methods:
246 - AddCertificate (X509Certificate cert)
247 - AddCertificate (X509Certificate cert, IDictionary attributes)
248 - RemoveCertificate (X509Certificate cert)
249 - RemoveCertificate (X509Certificate cert, IDictionary attributes)
250 - AddPkcs8ShroudedKeyBag (AsymmetricAlgorithm aa)
251 - AddPkcs8ShroudedKeyBag (AsymmetricAlgorithm aa, IDictionary attributes)
252 - RemovePkcs8ShroudedKeyBag (AsymmetricAlgorithm aa)
253 - AddKeyBag (AsymmetricAlgorithm aa)
254 - AddKeyBag (AsymmetricAlgorithm aa, IDictionary attributes)
255 - RemoveKeyBag (AsymmetricAlgorithm aa)
256 - AsymmetricAlgorithm GetAsymmetricAlgorithm (IDictionary attrs)
257 - X509Certificate GetCertificate (IDictionary attrs)
258 - IDictionary GetAttributes (AsymmetricAlgorithm aa)
259 - IDictionary GetAttributes (X509Certificate cert)
261 2004-04-22 Sebastien Pouliot <sebastien@ximian.com>
263 * PKCS12.cs: FxCop-ized. CLS compliance.
264 * X501Name.cs: FxCop-ized.
265 * X509Builder.cs: FxCop-ized. Replaced Array.Copy with
267 * X509CRL.cs: FxCop-ized. Replaced Array.Copy with Buffer.BlockCopy.
268 * X509Certificate.cs: FxCop-ized. Replaced Array.Copy with
269 Buffer.BlockCopy. Removed unused private method GetHash.
270 * X509CertificateBuilder.cs: Ajusted with changes. Replaced
271 Array.Copy with Buffer.BlockCopy.
272 * X509CertificateCollection.cs: Added INSIDE_CORLIB as the class is
273 shared with corlib assembly.
274 * X509Chain.cs: FxCop-ized. Removed old ITrustAnchor support.
275 * X509ChainStatusFlags.cs: Added missing [Flags].
276 * X509Extension.cs: FxCop-ized. Added Equals, GetHashCode methods.
277 * X509Extensions.cs: FxCop-ized. Sealed class, renamed to
278 X509ExtensionCollection and inherit from CollectionBase. Added missing
280 * X509Store.cs: FxCop-ized.
281 * X509StoreManager.cs: FxCop-ized. Sealed class.
282 * X509Stores.cs: Added INSIDE_CORLIB as the class is shared with
284 * X520Attributes.cs: FxCop-ized. Added INSIDE_CORLIB.
286 2004-04-02 Lluis Sanchez Gual <lluis@ximian.com>
288 * X509Chain.cs: Fixed build for net_1_0 profile.
290 2004-03-17 Jesper Pedersen <jep@itplus.dk>
292 * PKCS12.cs: Fixed sequence problem in Pkcs8ShroudedKeyBag. Fixed key
293 bag implementation in GetBytes. Moved key bag implementation in
294 GetBytes to fit OpenSSL. Added NULL digest in MAC (GetBytes) to fit
295 OpenSSL. Added SaveToFile method.
297 2004-03-10 Sebastien Pouliot <sebastien@ximian.com>
299 * PKCS12.cs: Completed GetBytes() so it is now possible to encode
300 / encrypt PKCS12 files.
302 2004-02-26 Sebastien Pouliot <sebastien@ximian.com>
304 * X509Store.cs: Changed not to use base64 in filenames as it can
305 conflict with path separators. Now use plain hex. Now catch
306 incorrectly encoded certificates / CRL in stores. Added Name property.
308 2004-02-24 Sebastien Pouliot <sebastien@ximian.com>
310 * X509Certificate.cs: Add support for the OID "1.3.14.3.2.29" (SHA1
311 with RSA). Added a fix for "really" null algorithm parameters.
312 * X509CertificateCollection.cs: Fixed Contains and IndexOf (worked
313 on objects but not for the same certificate in a different object).
315 2004-02-23 Sebastien Pouliot <sebastien@ximian.com>
317 * TestAnchors.cs: Removed - no need to be hardcoded anymore.
318 * X509Chain.cs: Updated to use the new store for trusted roots.
319 * X509CRL.cs: New. Certificate Revocation List v1/v2 support.
320 * X509Store.cs: New. Managed each individual store (with or
321 without CRL support).
322 * X509StoreManager.cs: New. Certificate Store Manager to access
323 user and machine stores and to merge them when required.
324 * X509Stores.cs: New. Certificate stores group for either the
325 current user or the local machine.
327 2004-02-20 Sebastien Pouliot <sebastien@ximian.com>
329 * X509Chain.cs: Added an option to use a pre-built chain (like TLS
330 offers) to save time rebuilding it. Added some validations and more
331 detailled status. Still a LOT to do!
332 * X509ChainStatusFlags.cs: New. Status code for the results of the
333 chain building and verification.
335 2003-12-15 Sebastien Pouliot <spouliot@videotron.ca>
337 * TrustAnchors.cs: Added a new trusted root, Thawte, for code signing.
339 2003-12-07 Sebastien Pouliot <spouliot@videotron.ca>
341 * PKCS12.cs: New. PKCS#12 implementation. Only decoding is working
344 2003-09-01 Sebastien Pouliot <spouliot@videotron.ca>
346 * ITrustAnchors.cs: New. Interface to trust anchors.
347 * TestAnchors.cs: New. Include 2 tests anchors: Microsoft Root Agency
348 (for Windows compatibility) and Mono Test Root.
349 * TrustAnchors.cs: New. Include some widely used (commercial) code
350 signing root certificates.
351 * X509CertificateCollection.cs: New. Collection for Mono's X509
353 * X509Chain.cs: New. MINIMAL certificate chaining engine to support
354 Authenticode(tm). VERY PARTIAL IMPLEMENTATION!!!
356 2003-03-15 Sebastien Pouliot <spouliot@videotron.ca>
358 * X501Name.cs: New. X.501 Distinguished Names stuff
359 * X509Builder.cs: New. Abstract class for building X.509 related
360 structures (like certificates and CRLs).
361 * X509Certificate.cs: New. A more complete class to handle X.509
363 * X509CertificateBuilder.cs: New. Class to build X.509 certificates.
364 * X509Extension.cs: New. A base class for all X.509 extensions.
365 * X509Extensions.cs: New. X509Extension collection.
366 * X520Attributes.cs: New. X.520 attributes (mainly for X501 names)