mcs/class/Mono.Security/Mono.Security.X509/ChangeLog


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366

2010-03-11 Gonzalo Paniagua Javier <gonzalo@novell.com>

	* OSX509Certificates.cs: moved to System.dll.

2010-02-27  Miguel de Icaza  <miguel@novell.com>

	* OSX509Certificates.cs: Add support to validate X509 certificate
	chains using the OSX certificates API.

2008-09-12  Sebastien Pouliot  <sebastien@ximian.com>

	* PKCS12.cs, X509Store.cs: Use File.Create instead of OpenWrite to
	make sure nothing else if left at the end of the file. Issue reported
	by Christophe Chevalier.

2008-06-03  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: Accept text before the PEM certificate itself.
	[Fix bug #396486]

2007-05-09  Sebastien Pouliot  <sebastien@ximian.com>

	* PKCS12.cs: Adds SecretBag support. Patch by Jay Miller.
	* X509Certificate.cs: Fix IsCurrent (use UTC).

2006-12-14  Sebastien Pouliot  <sebastien@ximian.com>

	* X501Name.cs: Added support for (some cases of) T.61 strings, like
	the latin-1 encoded accentued characters founds in some DN. Fix bug 
	#77295.

2006-12-11  Sebastien Pouliot  <sebastien@ximian.com>

	* PKCS12.cs: Fix DSA certificates (with parameters) and don't throw
	an exception in the case where parameters aren't part of the 
	certificate. This fix makes all 405 PKCS#12 test cases from PKITS 
	works using Mono :).

2006-12-06  Sebastien Pouliot  <sebastien@ximian.com>

	* X501Name.cs: Add decoding of RFC3280 mandatory and optional 
	attributes types for dnQualifier, title, surname, givenName and 
	initial.
	* X520Attributes.cs: Add encoding of RFC3280 mandatory and 
	optional attributes types for dnQualifier, title, surname, givenName 
	and initial.

2006-12-05  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: Resurrect the (fixed) support for [Issuer|
	Subject]UniqueIdentifier, including new properties.
	* X509CRL.cs: Fix DSA signature verification when numbers aren't 
	exactly 20 bytes long (e.g. too short or negative with an extra 0x00).

2006-12-05  Sebastien Pouliot  <sebastien@ximian.com>

	* X509CRL.cs: Expose the Hash and RawData properties to make it easier
	to support CRL into stores.
	* X509Store.cs: Add support to Import and Remove CRL from stores. 
	Refactor the code to get unique identificators.
	* X509Stores.cs: Change default, for Open, to stores that supports 
	CRLs.

2006-12-04  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: Added support for inherited DSA key parameters.

2006-11-22  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Store.cs: Add new Open method to access any certificate store
	by any names (required to support 2.0 features).

2006-11-13  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: Add support for PEM encoded (base64) x.509 
	certificates (supported in 2.0).

2006-11-08  Sebastien Pouliot  <sebastien@ximian.com> 

	* X501Name.cs: Fix build as the first build of 2.0's System.dll 
	may depend on a Mono.Security.dll without the new ToString overload.

2006-11-08  Sebastien Pouliot  <sebastien@ximian.com>

	* X501Name.cs: Refactor ToString method to allow most options available 
	when using fx 2.0.
	* X509Certificate.cs: Add methods to retrieve the Issuer and Subject
	Distinguished Names in binary (ASN.1) form. Reverse (actually correct)
	the text representation of Issuer and Subject for 2.0.

2006-10-08  Sebastien Pouliot  <sebastien@ximian.com>

	* PKCS12.cs: A String.Empty is different from a null password. Fix bug
	#79617.

2006-09-05  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: Don't reset RSA or DSA property if the new value
	is null (part of the fix for #79262).

2006-07-25  Sebastien Pouliot  <sebastien@ximian.com>

	* X509CRL.cs: Fix the case where no entry are present in the CRL (as
	the structure is optional) *and* when there are no x.509 certificate
	extensions.

2006-01-24  Sebastien Pouliot  <sebastien@ximian.com>

	* PKCS12.cs: Consider String.Empty as a null password (e.g. don't
	throw an IndexOutOfRangeException). Fix part of bug #77342.

2006-01-05  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Extension.cs: Extension data may be encapsulated (i.e. ASN.1
	data inside the octet string) if it comes from the X509Certificate 
	parser.

2006-01-04  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Extension.cs: Added setter for Critical property (fix #77154).
	Fixed asymmetry between encoding and decoding (fix #75781).

2005-12-16  Sebastien Pouliot  <sebastien@ximian.com> 

	* X509Chain.cs: Fix chain building. Patch from Vincent Cote-Roy.

2005-11-18  Sebastien Pouliot  <sebastien@ximian.com> 

	* X509Extension.cs: Changed default ctor to protected to help 
	extensibility outside of Mono.Security.dll (fix bug #76742).

2005-11-04  Sebastien Pouliot  <sebastien@ximian.com> 
 
	* PKCS12.cs: It's now possible to add multiple keys of the same size
	inside a pkcs12 file. Fix bug #76627.

2005-11-04  Sebastien Pouliot  <sebastien@ximian.com>

	* PKCS12.cs: Added MaximumPasswordLength property to allow decoding 
	the password with a length limits like MS PFXImportCertStore does.
	In this case you just have to assign the value CryptoApiPasswordLimit
	to the new static property.

2005-10-11  Sebastien Pouliot  <sebastien@ximian.com> 
 
	* X509Certificate.cs: Fixed bug #76407. ValidFrom and ValidUntil are
	local date/time so IsCurrent most also use a local date/time.
	* X509CRL.cs: ValidFrom and ValidUntil are local date/time so 
	IsCurrent most also use a local date/time.

2005-10-06  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Chain.cs: Fixed the case where no chain is present (self signed)

2005-09-09  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: Fixed version property (bug #76012). Added
	ISerializable (for 2.0 so we're not breaking current compatibility).

2005-08-29  Sebastien Pouliot  <sebastien@ximian.com>

	* X501Name.cs: Fixed quoted (bug #75780) and escaped values. Added
	parsing for "direct" OID values. Plugged DC and UID with new X520 
	classes.
	* X520Attributes.cs: Added support for SerialNumber (fix bug #75783),
	DomainComponent, UserId and Oid.

2005-08-12  Sebastien Pouliot  <sebastien@ximian.com>

	* X520Attributes.cs: Don't select PRINTABLESTRING for non 7bits 
	values. Fix bug #75782. Based on patch from Daniel Granath.

2005-06-29  Sebastien Pouliot  <sebastien@ximian.com>

	* X509CRL.cs: Fix the case where no entry are present in the CRL (as
	the structure is optional).

2005-04-26  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: DSA and RSA properties are now cached. In 2.0
	they also have a set accessor.
	* PKCS12.cs: Modified code to allow providing the password as a byte
	array (the new constructor is available in 2.0).

2005-02-25  Sebastien Pouliot  <sebastien@ximian.com>

	* X501Name.cs: Added support for multiple entries in a same set.

2005-01-11  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: Fixed NullReferenceException when asking for
	data that wasn't a proper X.509 certificate.

2004-12-13  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: Directly use the MD2 class when compiled in 
	Mono.Security.dll assembly (even if not configured in machine.config).

2004-09-17  Sebastien Pouliot  <sebastien@ximian.com>

	* PKCS12.cs: Fixed all level 4 compilation warnings.
	* X501Name.cs: Fixed all level 4 compilation warnings.
	* X509Certificate.cs: Fixed all level 4 compilation warnings.
	* X509CertificateBuilder.cs: Fixed all level 4 compilation warnings.
	* X509Extension.cs: In synch with corlib version. Fixed all level 4 
	compilation warnings.
	* X520Attributes.cs: Updated to check upperbounds - which fixed level
	4 compilation warnings.

2004-09-07  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Chain.cs: Fixed a bug when constructing a certificate chain from
	a collection (endless loop). Fixed bug when Reset-ing an empty chain.

2004-08-10  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Store.cs: Now returns empty collection/list for certificates/
	CRL when access to a store is denied.

2004-07-15  Sebastien Pouliot  <sebastien@ximian.com>

	* X501Name.cs: Support for E (email) in FromString.
	* X520Attributes.cs: Added X520.EmailAddress.
	Both patches fix bug #61241 and were contributed by Ianier Munoz.

2004-05-27  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: Rethrow original exception when parsing X.509 
	certificates (inside a CryptographicException) so people can see if 
	their changes affects certificate decoding.

2004-05-12  Jesper Pedersen  <jep@itplus.dk>

	* PKCS12.cs: Removed file exists check from SaveToFile(). Removed 
	Equals() and GetHashCode(). Clone the original iteration count.
	
2004-05-06  Jesper Pedersen  <jep@itplus.dk>

	* PKCS12.cs: Fixed synchronization with X509CertificateCollection in 
	GetBytes ().

2004-05-05  Jesper Pedersen  <jep@itplus.dk>

	* PKCS12.cs: Added support for SafeBag attributes. Added support for 
	Clone() (ICloneable), Equals and GetHashCode. New methods:
	- AddCertificate (X509Certificate cert)
	- AddCertificate (X509Certificate cert, IDictionary attributes)
	- RemoveCertificate (X509Certificate cert)
	- RemoveCertificate (X509Certificate cert, IDictionary attributes)
	- AddPkcs8ShroudedKeyBag (AsymmetricAlgorithm aa)
	- AddPkcs8ShroudedKeyBag (AsymmetricAlgorithm aa, IDictionary attributes)
	- RemovePkcs8ShroudedKeyBag (AsymmetricAlgorithm aa)
	- AddKeyBag (AsymmetricAlgorithm aa)
	- AddKeyBag (AsymmetricAlgorithm aa, IDictionary attributes)
	- RemoveKeyBag (AsymmetricAlgorithm aa)
	- AsymmetricAlgorithm GetAsymmetricAlgorithm (IDictionary attrs)
	- X509Certificate GetCertificate (IDictionary attrs)
	- IDictionary GetAttributes (AsymmetricAlgorithm aa) 
	- IDictionary GetAttributes (X509Certificate cert)

2004-04-22  Sebastien Pouliot  <sebastien@ximian.com>

	* PKCS12.cs: FxCop-ized. CLS compliance.
	* X501Name.cs: FxCop-ized.
	* X509Builder.cs: FxCop-ized. Replaced Array.Copy with 
	Buffer.BlockCopy.
	* X509CRL.cs: FxCop-ized. Replaced Array.Copy with Buffer.BlockCopy.
	* X509Certificate.cs: FxCop-ized. Replaced Array.Copy with 
	Buffer.BlockCopy. Removed unused private method GetHash.
	* X509CertificateBuilder.cs: Ajusted with changes. Replaced 
	Array.Copy with Buffer.BlockCopy.
	* X509CertificateCollection.cs: Added INSIDE_CORLIB as the class is
	shared with corlib assembly.
	* X509Chain.cs: FxCop-ized. Removed old ITrustAnchor support.
	* X509ChainStatusFlags.cs: Added missing [Flags].
	* X509Extension.cs: FxCop-ized. Added Equals, GetHashCode methods.
	* X509Extensions.cs: FxCop-ized. Sealed class, renamed to 
	X509ExtensionCollection and inherit from CollectionBase. Added missing
	methods.
	* X509Store.cs: FxCop-ized.
	* X509StoreManager.cs: FxCop-ized. Sealed class.
	* X509Stores.cs: Added INSIDE_CORLIB as the class is shared with 
	corlib assembly.
	* X520Attributes.cs: FxCop-ized. Added INSIDE_CORLIB.

2004-04-02  Lluis Sanchez Gual  <lluis@ximian.com>

	* X509Chain.cs: Fixed build for net_1_0 profile.

2004-03-17  Jesper Pedersen  <jep@itplus.dk>

	* PKCS12.cs: Fixed sequence problem in Pkcs8ShroudedKeyBag. Fixed key
	bag implementation in GetBytes. Moved key bag implementation in 
	GetBytes to fit OpenSSL. Added NULL digest in MAC (GetBytes) to fit
	OpenSSL. Added SaveToFile method.

2004-03-10  Sebastien Pouliot  <sebastien@ximian.com>

	* PKCS12.cs: Completed GetBytes() so it	is now possible to encode
	/ encrypt PKCS12 files.

2004-02-26  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Store.cs: Changed not to use base64 in filenames as it can 
	conflict with path separators. Now use plain hex. Now catch
	incorrectly encoded certificates / CRL in stores. Added Name property.

2004-02-24  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate.cs: Add support for the OID "1.3.14.3.2.29" (SHA1 
	with RSA). Added a fix for "really" null algorithm parameters.
	* X509CertificateCollection.cs: Fixed Contains and IndexOf (worked
	on objects but not for the same certificate in a different object).

2004-02-23  Sebastien Pouliot  <sebastien@ximian.com>

	* TestAnchors.cs: Removed - no need to be hardcoded anymore.
	* X509Chain.cs: Updated to use the new store for trusted roots.
	* X509CRL.cs: New. Certificate Revocation List v1/v2 support.
	* X509Store.cs: New. Managed each individual store (with or
	without CRL support).
	* X509StoreManager.cs: New. Certificate Store Manager to access
	user and machine stores and to merge them when required.
	* X509Stores.cs: New. Certificate stores group for either the
	current user or the local machine.

2004-02-20  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Chain.cs: Added an option to use a pre-built chain (like TLS
	offers) to save time rebuilding it. Added some validations and more
	detailled status. Still a LOT to do!
	* X509ChainStatusFlags.cs: New. Status code for the results of the
	chain building and verification.

2003-12-15  Sebastien Pouliot  <spouliot@videotron.ca>

	* TrustAnchors.cs: Added a new trusted root, Thawte, for code signing.

2003-12-07  Sebastien Pouliot  <spouliot@videotron.ca>

	* PKCS12.cs: New. PKCS#12 implementation. Only decoding is working
	right now.

2003-09-01  Sebastien Pouliot  <spouliot@videotron.ca>

	* ITrustAnchors.cs: New. Interface to trust anchors.
	* TestAnchors.cs: New. Include 2 tests anchors: Microsoft Root Agency
	(for Windows compatibility) and Mono Test Root.
	* TrustAnchors.cs: New. Include some widely used (commercial) code 
	signing root certificates.
	* X509CertificateCollection.cs: New. Collection for Mono's X509 
	certificates.
	* X509Chain.cs: New. MINIMAL certificate chaining engine to support
	Authenticode(tm). VERY PARTIAL IMPLEMENTATION!!!

2003-03-15  Sebastien Pouliot  <spouliot@videotron.ca>

	* X501Name.cs: New. X.501 Distinguished Names stuff
	* X509Builder.cs: New. Abstract class for building X.509 related
	structures (like certificates and CRLs).
	* X509Certificate.cs: New. A more complete class to handle X.509
	certificates.
	* X509CertificateBuilder.cs: New. Class to build X.509 certificates.
	* X509Extension.cs: New. A base class for all X.509 extensions.
	* X509Extensions.cs: New. X509Extension collection.
	* X520Attributes.cs: New. X.520 attributes (mainly for X501 names)