Release notes for Rebex TLS for .NET
2020 R2 #
(build 7450 from 2020-05-24)
Server-side TLS 1.3 support
TlsServerSocket class. Supports server-side TLS 1.3, 1.2, 1.1 and 1.0.
Detailed list of changes:
- SSH: Added new properties to SshCipher to make it possible to determine IDs of active ciphers.
- SSH: Added workaround for a weakness in legacy CBC ciphers.
- TLS Core: Enhanced TlsSocket.Timeout property to apply to subsequent Send, SendAsync, Receive and ReceiveAsync methods even when TLS is already active.
- TLS Core: Fixed availability of TLS 1.3 session ticket when the receive side of the connection has already been closed.
- TLS Core: Fixed behavior of server-side DoNotCacheSessions option (which previously led to connection failures).
- TLS Core: Fixed some cases of missing AggregateException unwrapping.
- TLS Core: Improved and unified behavior of the TlsSocket Shutdown/ShutdownAsync methods when negotiation has not been started.
- TLS Core: Improved TLS exception reporting.
- TLS Core: Logging improvements.
- TLS Core: Optimizations in TLS 1.3 internals.
- TLS Core: Support for the TLS 1.3 record with empty application data payload and random padding.
- TLS Core: Unified TlsSocket.Cipher property behavior across TLS versions.
- TLS: Added TlsServerSocket class. Provides server-side TLS 1.3, 1.2, 1.1 and 1.0 support.
- TLS: Fixed TlsClientSocket.EndConnect method.
- Cryptography: Added ContentInfo.ToStream() method.
- Cryptography: Enhanced Certificate.LoadDerWithKey to support RSASSA-PSS and RSAES-OAEP for RSA keys.
- Cryptography: Fixed AsymmetricKeyAlgorithm.GenerateDiffieHellmanParameters slowness (only affected the previous release).
- Cryptography: Improved AsymmetricKeyAlgorithm to support RSASSA-PSS and RSAES-OAEP with keys loaded via ImportKey method.
- Cryptography: Optimized Certificate and CertificateChain class to only consume native resources when needed.
- Cryptography: Optimized CNG handles cleanup.
2020 R1.1 #
(build 7390 from 2020-03-25)
Fixed several TlsClientSocket omissions
This version fixes several omissions and leftovers in the new
mostly related to legacy parts of its API that have been retained from the existing
Detailed list of changes:
- Networking: Fixed rare race condition in TLS and SSH internals.
- TLS Core: Fixed breaking changes in the behavior of seldom-used parts of TlsSocket API.
- TLS Core: Fixed handling of OperationCanceledException in TLS 1.3 core.
- TLS Core: Improved TLS logging.
- TLS: Added BeginNegotiate/EndNegotiate methods to TlsClientSocket class.
- TLS: Added support for TlsClientSocket.Available property.
- TLS: Fixed disabled BeginConnect/EndConnect on TlsClientSocket.
- TLS: Fixed TlsClientSocket's BeginSend/BeginReceive methods to use truly asynchronous implementation.
- Common: Added DiffieHellmanNative class to Rebex.Common.Native assembly (speeds up Diffie-Hellman calculations on Xamarin.Android).
2020 R1 #
(build 7357 from 2020-02-21)
New component: Rebex TLS
Rebex TLS is a low-level TLS client library. It supports TLS 1.3, TLS 1.2 and earlier versions on all mainstream platforms including .NET Framework 3.5 on Windows 7 (or on Windows XP SP3 with a plugin). SHA-2, SNI, AES/GCM, Chacha20/Poly1305 and other modern TLS features are supported as well.
The new library is available as a standalone package or as a part of Rebex Total Pack.
Detailed list of changes:
- All: !!! WARNING: CMP-22 has no release note. Edit value in JIRA. Use '-' to skip including this case in release notes. !!! !!! WARNING: CMP-22 has no components assigned. Adding fake component. Change it in JIRA. !!!
- All: Binaries targeting .NET Standard 2.0 now support Xamarin.Android and Xamarin.iOS.
- All: Deprecated binaries targeting .NET Standard 1.5, Xamarin.Android and Xamarin.iOS.
- All: Fixed several occurences of culture-sensitive string formatting.
- All: Fixed several occurrences of wrong synchronization context.
- All: Mainstream edition no longer supports .NET Framework 2.0/3.0 and .NET Core 1.0/1.1.
- SSH: Added full support for Elliptic Curve Diffie-Hellman (ECDH) on Windows 10, Windows Server 2016 and Windows Server 2019.
- SSH: Added support for 'curve25519-sha256' key exchange cipher (equivalent to already-supported 'firstname.lastname@example.org').
- SSH: Enhanced performance of ChaCha20-Poly1305 cipher ('email@example.com') in SSH client.
- SSH: Fixed possible deadlock in SSH client when processing incoming EOF packet while waiting for remote receive buffer size to increase.
- TLS Core: Added asynchronous methods to TlsSocket base class.
- TLS Core: Added SetSymmetricCipherSuites/GetSymmetricCipherSuites methods to configure enabled TLS 1.3 cipher suites.
- TLS Core: Added support for ChaCha20-Poly1305 cipher suites to TLS 1.3 and 1.2.
- TLS Core: Fixed behavior of TlsSocket methods after Dispose has been called.
- TLS Core: Fixed behavior of TlsSocket.Shutdown.
- TLS Core: Improved argument checks in TlsSocket base class.
- TLS Core: Improved multi-pass parsing of the TLS 1.3 records.
- TLS Core: Many optimizations in TLS 1.3 core.
- TLS: Initial release of a stand-alone Rebex TLS library.
- Cryptography: Added full support for Elliptic Curve Diffie-Hellman (ECDH) on Windows 10, Windows Server 2016 and Windows Server 2019.
- Cryptography: Added native support for ECDH with X25519 curve on Windows 10, Windows Server 2016 and Windows Server 2019.
- Common: Internal optimizations.