More .NET components

Release notes for Rebex Security for .NET

2016-12-19 Version 2016 R3 #
(build number 6198)

Tweakable XTS parameters in FileEncryption class

It's now possible to specify XtsBlockSize and EncryptionKeySize when using XtsAes through FileEncryption object.

Complete list of changes of version 2016 R3

  • Security: Added FileEncryption.XtsBlockSize; fixed FileEncryption.EncryptionKeySize when using XtsAes.
  • Security: XtsStream now flushes the base stream on SetLength.
  • Cryptography: Improved ASN.1 time node parser.
  • Cryptography: Added support for certificate validation on Universal Windows Platform.
  • Cryptography: Added custom X509 certificate validator for .NET Compact Framework with full SHA-2 support on all platforms.
  • Cryptography: Fixed parsing of 'Intended Usage' extension when 'Decipher Only' was specified.
  • Cryptography: Added static Create method to SHA256Managed/SHA384Managed/SHA512Managed classes on .NET Compact Framework.
  • Cryptography: ValidationResult.ErrorCode deprecated and replaced with NativeErrorCode.
  • Cryptography: Optimized memory usage in CMS/PKCS #7 (SingedData/EnvelopedData classes).
  • Cryptography: Added missing argument checks to CertificateIssuer methods.
  • Cryptography: Added support for Base64-encoded files with CRLF end-of-line sequences to CertificateChain.LoadP7b method.
  • Cryptography: Fixed HMAC calculation based on SHA-384 and SHA-521 on NET Compact Framework and Mono platforms.
  • Cryptography: Added Rebex.Security.Certificates.CertificateEngine class to make it possible to implement custom X509 chain building and validation engines.
  • Core: Added ConsoleLogWriter for Xamarin platforms.
  • Core: Added Rebex.TeeLogWriter class that makes it possible to log to multiple log writers.
  • Core: Added LocalItem.GetChecksum methods and related types.

2016-08-26 Version 2016 R2.2 #
(build number 6083)

Maintenance release

This is a maintenance release with enhancements in the shared functionality.

Complete list of changes of version 2016 R2.2

  • Cryptography: Added CheckCertificate/GetIssuingDistributionPoint methods to CertificateRevocationList class and ValidateRevocationList method to Certificate class.
  • Cryptography: Added support for certificates with private keys stored in CNG Key Storage Providers.
  • Cryptography: Enhanced SHA-2 support check on .NET Compact Framework.
  • Cryptography: Fixed SHA-2 support in AsymmetricKeyAlgorithm.SignHash on Windows Server 2008 (and possibly other old platforms).
  • Core: Added workaround for broken FileStream.SetLength on some .NET Compact Framework platforms.

2016-07-28 Version 2016 R2.1 #
(build number 6054)

Maintenance release

This is a maintenance release with enhancements and fixes in the shared functionality.

Complete list of changes of version 2016 R2.1

  • Cryptography: Fixed AsymmetricKeyAlgorithm.SignHash (in 2016 R2, it falls back to RSAManaged without trying to use RSACryptoServiceProvider first).
  • Cryptography: Fixed CertificateIssuer.IssueRevocationList method that ignored signatureHashAlgorithm argument and always used SHA-1.
  • Core: FileLogWriter on Windows Store 8.x / Universal Windows Platform is now thread-safe.
  • Core: Fixed LocalItem(string) constructor on Windows Store 8.x / Universal Windows Platform.
  • Core: Added workaround for broken handling of surrogate pairs when converting to "iso-8859-1" using System.Text.Encoding on Mono 4.x.

2016-06-30 Version 2016 R2 #
(build number 6026)

Support for Xamarin June 2016 Update

June 2016 update of Xamarin.iOS/Xamarin.Android/Xamarin.Mac introduced a breaking change in Mono.Security API that broke compatibility with Rebex components. This issue has been solved in this release.

SHA-2 for all supported .NET Compact Framework platforms

SHA-1 is currently being deprecated, which poses a problem for legacy .NET Compact Framework platforms based on editions of Windows CE with no native SHA-2 support. We added a custom implementation of SHA-2 for these legacy platforms.

Complete list of changes of version 2016 R2

  • Cryptography: Fixed detection of native SHA-2 support in .NET Compact Framework version.
  • Cryptography: Added support for more variants of OpenSSL/OpenSSH (SSLeay) key files.
  • Cryptography: Fixed Certificate.Associate to work with DSA keys.
  • Cryptography: Added CrlNumber property to CertificateRevocationList object.
  • Cryptography: Added support for SHA-2 certificates to Certificate.VerifyHash in .NET 2.0 on Windows with FIPS-compliant mode enabled.
  • Cryptography: Certificate.LoadPfx and CertificateChain.LoadPfx methods now specify Exportable options by default (in addition to UserKeySet).
  • Cryptography: Added workaround for RSA implementations that reject rare signatures shorter than the key size.
  • Core: Enhanced SSPI error messages.
  • Core: Fixed LogWriterBase.Level default value.
  • Core: Fixed compatibility issue in Xamarin edition (caused by a breaking change in June 2016 update of Xamarin).

2016-02-10 Version 2016 R1.1 #
(build number 5885)

Experimental assemblies for Xamarin.Mac

Added experimental binaries of most Rebex components (FTP/SSL, SFTP, File Server, Secure Mail, ZIP, Time, Security) for Xamarin.Mac platforms. They are suitable for targeting Xamarin.Mac Mobile Framework and Xamarin.Mac .NET 4.5 Framework projects.

Maintenance release

Experimental binaries of most Rebex components (FTP/SSL, SFTP, File Server, Secure Mail, ZIP, Time, Security) for the Xamarin.Mac platform are now available. They are suitable for targeting both Xamarin.Mac Mobile and Xamarin.Mac .NET 4.5 Framework projects.

Maintenance release

This release includes several hotfixes.

Complete list of changes of version 2016 R1.1

  • Security: Reusing FileEncryption.Encrypt with different encryption algorithms is now supported without changing the password.

2016-01-11 Version 2016 R1 #
(build number 5855)

Experimental assemblies for Windows Store Apps

Experimental binaries of many Rebex components (SFTP, FTP/SSL, Time, ZIP, File Transfer Pack, Terminal Emulation) for "Windows 8 Store", "Windows 8.1 PCL", and "Windows Universal Platform" are now available. The are suitable for "Store Apps" targeting Windows 8.0, Windows 8.1, Windows Phone 8.1, Windows 10, Windows 10 Mobile and Windows 10 IoT. Visit Rebex Labs for additional information.

Configurable key size

Encryption key size can now be specified for XtsStream class (through XtsSettings passed to the constructor) and for FileEncryption class (through EncryptionKeySize property).

Complete list of changes of version 2016 R1

  • All: Added workaround for Xamarin.Android whose Dns.GetHostEntry resolves 'localhost' to device's external IP address.
  • All: Rebex assemblies are now signed with SHA-256 signatures in addition to legacy SHA-1 signatures.
  • Security: Added XtsSettings class (passed to XtsStream constructor) to make it possible to specify additional options such as key size.
  • Security: Added FileEncryption.EncryptionKeySize property to make it possible to specify encryption algorithm's key size.
  • Cryptography: Enhanced cryptographic provider initialization error message.
  • Cryptography: Added workaround for PuTTY keys with bad data at the end.
  • Core: Fixed multi-file operations to never modify input FileSet's BasePath.
  • Core: ThreadPool is now used to handle background operations instead of a custom implementation.
  • Core: Enhanced multithread operation support in log writers.

2015-08-24 Version 2015 R4.1 #
(build number 5715)

Fixed Xamarin mobile platform detection

Fixed platform detection code on Xamarin.iOS and Xamarin.Android.

Complete list of changes of version 2015 R4.1

  • All: Fixed platform detection on Xamarin.Android and Xamarin.iOS.
  • All: Version and platform added to assembly description.

2015-08-09 Version 2015 R4 #
(build number 5700)

Support for Windows 10, .NET Framework 4.6 and Visual Studio 2015

All Rebex components now ship with full support for Windows 10, .NET Framework 4.6 and Microsoft Visual Studio 2015. Older Visual Studio versions (2005 and higher) and .NET Framework versions (2.0 and higher) are still supported as well.

Public/private key XTS encryption

XtsStream object in Rebex Security supports RSA public/private key encryption.

Complete list of changes of version 2015 R4

  • All: Enhanced platform detection code.
  • Security: Added support for public/private key encryption to XtsStream.
  • Cryptography: Fixed final empty block handling in Twofish/Blowfish/ArcTwo TransformFinalBlock with PKCS #7 padding.
  • Cryptography: SSH and TLS/SSL now use Java-based Diffie-Hellman objects on Xamarin.Android platform to speed up negotiation.
  • Core: Fixed end-of-line sequences in LogWriterBase, optimized FileLogWriter.
  • Core: Added workaround for broken ASN.1 time values with the second part of "60".

2015-04-08 Version 2015 R3 #
(build number 5577)

Maintenance release

This update brings several enhancements and bugfixes.

Complete list of changes of version 2015 R3

  • All: Fixed Version property of Ftp, Imap, Pop3, Scp, Sftp, Smtp and Ssh classes to return a proper version number. Changed Ftp.Version to a static propery to match the other objects.
  • Cryptography: Enhanced weak signature algorithm detection during certificate validation on Xamarin.iOS.
  • Core: Connect methods no longer require FileIOPermission (used to determine the assembly version for a log).

2015-03-17 Version 2015 R2 #
(build number 5555)

Maintenance release

This update brings several enhancements and bugfixes.

Complete list of changes of version 2015 R2

  • Cryptography: Added support for SSLeay private keys with AES-256-CBC encryption.
  • Cryptography: Fixed broken HashSize property in SHA-2 CSP on .NET Compact Framework.

2015-02-02 Version 2015 R1 #
(build number 5512)

Support for Xamarin Unified API

Added support for the new Unified API. This includes unified 32-bit and 64-bit platform support and makes it simple to share code between iOS and Mac.

Complete list of changes of version 2015 R1

  • All: Added support for Xamarin.iOS unified API.

2014-12-18 Version 2014 R3 #
(build number 5466)

Legacy SSL 3.0 disabled by default in TLS/SSL-enabled components.

TLS 1.1 is now used by default in TLS/SSL-enabled components. Legacy SSL 3.0 support is disabled by default because it is no longer considered secure. Its use is strongly discouraged after disclosure of POODLE Attack.

Maintenance release

This update brings several improvements, workarounds and bugfixes.

Complete list of changes of version 2014 R3

  • All: Added more overloads to asynchronous Connect and Login methods.
  • All: Removed legacy Connect methods and enumerations from Xamarin.iOS and Xamarin.Android version (should never have been there).
  • Cryptography: Fixed SymmetricKeyAlgorithm.Padding for non-CBC modes.
  • Cryptography: Added support for base-64 encoded P7B certificate chains.
  • Cryptography: Changed padding of parameters exported by DSAManaged.ExportParameters to match DSACryptoServiceProvider.
  • Cryptography: Added AsymmetricKeyAlgorithm.PublicOnly property.
  • Cryptography: Added workaround for non-working HMACSHA256/384/512 on some FIPS-only systems.
  • Cryptography: Added CertificateExtension.EnhancedKeyUsage method Useful when constructing certificate requests using CertificateRequest object.
  • Cryptography: Fixed DiffieHellmanManaged.KeySize that sometimes reported shorter bit lengths.
  • Cryptography: Several new AsymmetricKeyAlgorithm-based methods added to Certificate and CertificationRequest.
  • Core: Added LocalItem.Attributes property.
  • Core: PKCS #12 key loading routines changed to not persist keys in Windows key storage by default.
  • Core: Added ConsoleLogWriter, a console-based log writer class.

2014-07-03 Version 2014 R2 #
(build number 5298)

Maintenance release

This update brings several improvements, workarounds and bugfixes.

Complete list of changes of version 2014 R2

  • All: Eliminated "Unknown heap type" warnings in Mono.
  • Cryptography: Added Load, Save and Generate methods to PrivateKeyInfo and PublicKeyInfo classes.
  • Cryptography: Enhanced CertificationRequest class to support request generating in addition to parsing.
  • Cryptography: Fixed behavior with disabled UseFipsAlgorithmOnly on FIPS-only systems.

2014-02-26 Version 2014 R1 #
(build number 5171)

Maintenance release

This update brings several improvements, workarounds and bugfixes.

Complete list of changes of version 2014 R1

  • All: Various small low-level optimizations.
  • Security: FileEncryption.Encrypt an Decrypt methods no longer dispose the target stream.
  • Cryptography: Fixed a bug in MD5SHA1 signature validation on .NET Compact Framework.
  • Cryptography: Fixed AES CSP availability detection in FIPS-compliant mode.
  • Cryptography: Fixed sorting of PKCS #7 signature attributes.
  • Cryptography: Added support for AES-128-CBC SSLeay private keys.
  • Cryptography: Added workaround for certificates and keys in Base64-encoded format ending with a zero octet.
  • Core: Assemblies made more obfuscator-friendly.
  • Core: Fixed null value comparisons in FileSystemItemComparer.

2013-12-02 Version 2013 R3 #
(build number 5085)

Support for Xamarin.iOS and Xamarin.Android

Rebex components now support Xamarin.iOS and Xamarin.Android, making it possible to target iPad/iPhone and Android devices! (The only exception is the Terminal Emulation component whose TerminalControl object relies heavily on Windows Forms and is only available for Windows and Linux at the moment.)

Support for .NET Compact Framework 3.9

In addition to .NET CF 2.0 and 3.5, we now support .NET CF 3.9 as well. This makes it possible to target Windows Embedded Compact 2013, Microsoft's latest incarnation of Window CE.

Assemblies for every supported platform for all

With every purchase, you now get binaries for all supported platforms. Users with active support contract were upgraded for free. This will make it easy to embrace the new trends - we offer a single API that works with .NET, .NET Compact Framework, Mono, Xamarin.iOS and Xamarin.Android.

Support for Visual Studio 2013

All Rebex components now ship with full support for Microsoft Visual Studio 2013. Older Visual Studio versions (2005 and higher) and .NET Framework versions (2.0 and higher) are still supported as well.

Complete list of changes of version 2013 R3

  • All: Xamarin.iOS and Xamarin.Android officially supported in all components except Rebex Terminal Emulation.
  • All: .NET Compact Framework 3.9 officially supported.
  • All: Visual Studio 2013 officially supported.
  • Security: Decrypting with wrong password no longer overwrites the target file.
  • Cryptography: Changed Certificate.FindCertificates method not to include subordinate CAs in the search by default.
  • Cryptography: Fixed CertificateStore.Exists on non-Windows platforms.
  • Cryptography: Added workaround for opening certificate stores in .NET CF that don't exist yet.
  • Cryptography: Added workaround for problem with DSA certificate in .PFX importing code on Windows Embedded Compact 2013.
  • Cryptography: Added .NET CF support for Certificate.Associate(privateKey, permanentBind)
  • Cryptography: Added Certificate.GetAuthorityKeyIdentifier() method.
  • Cryptography: Changed SignerInfo and SignerInfo objects to use NULL parameters for hash algorithms (in order to match RSACryptoServiceProvider behavior).
  • Core: Added FileLogWriter.Path to replace FileLogWriter.Filename.
  • Core: Added LocalItem.ComputeCrc32() method.
  • Core: Signed and encrypted message parsing made more compatible with broken messages.

2013-07-29 Version 2013 R1 #
(build number 4959)

Official support for Mono

All Rebex components now officially support Mono, an open source, cross-platform, implementation of C# and the CLR that is binary compatible with Microsoft.NET. The same assemblies that work on Windows now work on Mono in Linux or Apple's OS X as well.

New component - Rebex Security

We released a new component called Rebex Security. It features XTS-AES encryption stream support and easy-to-use FileEncryption class with support for AES, 3DES, TwoFish and XTS-AES. Also includes PKCS #7 (CMS) API for electronic signatures and encryption of binary data using X509 certificates. Supports .NET Framework, .NET Compact Framework and Mono. Available as a standalone package or as a part of Rebex Total Pack.

Complete list of changes of version 2013 R1

  • All: Added support for Mono.
  • All: Fixed finalizers that used to call state-changed events in some cases.
  • Security: Initial public release.
  • Cryptography: Added support for anyExtendedKeyUsage attribute (in X509 certificates).
  • Cryptography: Added DiffieHellmanCryptoServiceProvider class.
  • Cryptography: Added PrivateKeyFormat.RawPkcs8 format for PrivateKeyInfo.Save and PrivateKeyInfo.Encode methods.
  • Cryptography: RSAManaged.VerifyHash returns false on error.
  • Cryptography: Fixed ArcTwoTransform to treat EffectiveKeySize of 0 as "current KeySize".
  • Cryptography: HMAC fixed to use block length of 128 for algorithms with hashes larger than 256 bits.
  • Cryptography: Fixed certificate verification to better handle server certificate with missing common name (used to throw NullReferenceException).
  • Cryptography: Fixed handle leak in CertificateStore constructor.
  • Core: Enhanced workaround for Stream.Seek on .NET CF.
  • Core: FileLogWriter enhanced to log assembly version when opening log file.
  • Core: Added missing PublicKeyInfo() constructor.
  • Core: Added FileSet.ContainingDirectoriesIncluded option.
  • Core: Added workaround for instances of FileStream that return "[Unknown]" name.
  • Core: EncodingTools support IBM437 charset on all platforms.
  • Core: Added CertificateFindOptions.None.
  • Core: Added FileSystemItemCollection.UsePath property.