Rebex WebSocket

WebSocket library for modern and legacy platforms

Download 30-day free trial Buy from $349

Release notes for Rebex WebSocket for .NET

2019 R4.2 #

(build 7320 from 2020-01-15)

Maintenance release

This release solves several issues in the shared functionality.

Detailed list of changes:

  • SSH: Fixed possible deadlock during SSH renegotiation (client-side).
  • TLS/SSL: Fixed renegotiation in TLS 1.2 (has been broken since 2019 R4).
  • Cryptography: Added workaround for RSA signatures shorter than the key size (.NET Core on Linux is unable to handle them).
  • Cryptography: Fixed AsymmetricKeyAlgorithm.GetRawPublicKey() key format when RSA via MS CNG is in use.
  • Cryptography: Only known external plugins are allowed for enhanced security.
  • Cryptography: Saving public key as well when saving X25519 private keys.

2019 R4.1 #

(build 7290 from 2019-12-16)

.NET Core 3.1 support

.NET Core 3.1 is now supported on the following platforms:

  • Windows (x64, x86, ARM32)
  • Windows 10 IoT (x64, x86, ARM32)
  • Linux (x64, ARM32)
  • macOS (x64)

TLS 1.3 improvements

This release fixes several issues in our new TLS 1.3 core. If you are already using TLS 1.3, upgrading to this release is recommended.

Please note that TLS 1.3 support is not enabled by default yet to prevent interoperability issues with legacy third-party servers. To enable it, use SslAllowedVersions setting, as described in our TLS 1.3 support announcement.

Detailed list of changes:

  • All: Added support for .NET Core 3.1.
  • All: Added support for Mono 6.x.
  • Networking: Added missing 'buffer' argument check to some Send/Receive methods in ProxySocket/TlsSocket.
  • Networking: Fixed unhandled ObjectDisposedException or misleading SocketException when ProxySocket.Connect aborted due to timeout.
  • SSH: Added a workaround for a bug introduced in OpenSSH 8.0 that rejects 'sender channel' numbers in the upper half of uint32 range.
  • SSH: Added SshEncryptionMode.AEAD (to replace SshEncryptionMode.GCM).
  • SSH: Added support for ChaCha20-Poly1305 AEAD cipher ('') to SSH client.
  • TLS/SSL: Added support for RSASSA-PSS signatures in TLS 1.2 when TLS 1.3 has been enabled.
  • TLS/SSL: Avoid unwanted truncation of outgoing TLS 1.3 messages when TlsSocket is disposed.
  • TLS/SSL: Enhanced error message when no suitable curve is available.
  • TLS/SSL: Fixed compatibility issue with Xamarin's "Sdk Assemblies Only" option.
  • TLS/SSL: Fixed exception type to TlsException for TLS 1.3 errors.
  • TLS/SSL: Fixed handling of TLS 1.3 PSK-KE.
  • TLS/SSL: Fixed check of signature algorithm in TLS 1.3 CertificateVerify.
  • TLS/SSL: Fixed occasional failure when negotiating TLS 1.2 or lower when TLS 1.3 is allowed.
  • TLS/SSL: Fixed order of supported signature schemes in TLS 1.3 ClientHello message.
  • TLS/SSL: Fixed parsing of fragmented TLS 1.3 handshake messages.
  • TLS/SSL: Fixed parsing of the TLS 1.3 KeyShare extension.
  • TLS/SSL: Fixed potential NullReferenceException when TLS 1.3 negotiation has been interrupted unexpectedly.
  • TLS/SSL: Fixed selection of signature algorithm used in CertificateVerify handshake messages.
  • TLS/SSL: Not announcing support for X.509 certificates with Ed25519 or RSASSA-PSS public key OID (not supported yet).
  • TLS/SSL: Optimizations in TLS 1.3 internals.
  • Cryptography: Added workaround for bad RSA/PSS signature algorithm identifiers with missing parameters.
  • Cryptography: Enabled workaround for private key loading from Mono key store in .NET Standard edition on Mono.
  • Cryptography: Enhanced 'Invalid key format' error message when loading a private key.
  • Cryptography: Fixed serial number handling in CertificateIssuer to conform to RFC 5280 constraints.
  • Common: Binaries for .NET Standard 1.5 now use System.Collections.NonGeneric instead of custom implementations.
  • Common: Enabled Xamarin.Android workarounds in .NET Standard 2.0 edition.
  • Common: Improved ISafeSerializationData support detection.

2019 R4 #

(build 7244 from 2019-10-31)

Support for TLS 1.3

WebSocketClient class features support for WebSocket over TLS 1.3.

Detailed list of changes:

  • TLS/SSL: Added support for ALPN TLS extension to TlsSocket.
  • TLS/SSL: Added TlsBulkCipherMode.AEAD (to replace TlsBulkCipherMode.GCM).
  • TLS/SSL: Removed support for two legacy unsecure anonymous ciphers (DH_anon_EXPORT_WITH_DES40_CBC_SHA and DH_anon_EXPORT_WITH_RC4_40_MD5).
  • Cryptography: Added PkcsBase.LoadSignedOrEnvelopedData method (a replacement for deprecated PkcsBase.Load).
  • WebSocket: Added support for TLS 1.3.
  • WebSocket: Optimized operation with KeepAliveInterval of 0.

2019 R3.3 #

(build 7242 from 2019-10-29)

.NET Compact Framework legacy edition update

This release is only available for .NET Compact Framework legacy editions.

Detailed list of changes:

  • All: This release also includes all updates from 2019 R4 except TLS 1.3 and ALPN support.
  • SSH: Fixed ECDH via CNG on .NET Compact Framework 3.9.
  • TLS/SSL: Enabled ECDH via CNG on .NET Compact Framework 3.9.
  • Cryptography: Optimized memory usage when loading CRLs from cache in the built-in custom certificate validator on .NET Compact Framework.
  • Common: Fixed possible ArgumentOutOfRangeException in custom .NET Compact Framework thread pool.
  • Common: Fixed possible crash on .NET Compact Framework 3.5 when SSPI single sign-on is attempted.

2019 R3.2 #

(build 7206 from 2019-09-23)

.NET Core 3.0 support

This release introduces support for .NET Core 3.0 on the following platforms:

  • Windows (x64, x86, ARM32)
  • Windows 10 IoT (x64, x86, ARM32)
  • Linux (x64, ARM32)
  • macOS (x64)

Windows 10 IoT support

This release introduces support for .NET Core 3.0 on Windows 10 IoT on x64, x86 and ARM32 platforms.

Detailed list of changes:

  • All: Added support for .NET Core 3.0.
  • All: Added support for Windows 10 IoT (via .NET Core 3.0).
  • SSH: Added SshGssApiCredentials.AccountName property to make it possible to specify an account name to be passed to the SSH server.
  • SSH: Added workaround for legacy WS_FTP 7.x servers that encode long SSH packets improperly.
  • SSH: Fixed SshChannel.SendEof method not to send EOF when channel has already been closed.
  • Common: Optimized internal Task infrastructure on old .NET platforms.

2019 R3.1 #

(build 7161 from 2019-08-09)

Removed SSL 3.0 from TlsVersion.Any

TlsVersion.Any is no longer used by any Rebex component, but it might be used in custom applications. This could present a security issue because until now, TlsVersion.Any still used to contain TlsVersion.SSL30. SSL 3.0, a predecessor to TLS 1.0 protocol, has been published in 1996. It is comprehensively broken and should no longer be used. Application that still use it violate RFC 7568, which deprecated SSL 3.0 in 2015.

Serialization on Xamarin.Android and Xamarin.iOS platforms

Added support for classic .NET serialization ([Serializable] attributes and related infrastructure) on Xamarin.Android and Xamarin.iOS platforms.

Detailed list of changes:

  • All: Added support for serialization on Xamarin.Android and Xamarin.iOS platforms.
  • TLS/SSL: Modified TlsVersion.Any to only include TLS 1.0, 1.1 and 1.2.
  • Cryptography: Fixed handling of user-supplied RSACng in AsymmetricKeyAlgorithm and SshPrivateKey on modern platforms.

2019 R3 #

(build 7119 from 2019-06-28)

Support for .NET Standard 2.0 on Mono 5.14 and higher

Binaries of Rebex components targeting .NET Standard 2.0 are now also supported on Mono 5.14 and higher.

End of Standard Support for .NET Compact Framework 3.5 and 3.9

2019 R3 is the last release that includes support for .NET Compact Framework 3.5 and 3.9 in the standard package. Starting with 2019 R4, .NET CF 3.5/3.9 will only be supported with Legacy Editions, which will be available as separate products.

Detailed list of changes:

  • All: Binaries targeting .NET Standard 2.0 are now supported on Mono 5.14 or higher.
  • SSH: Added SshPrivateKey.Generate(...) methods on .NET Compact Framework.
  • SSH: Added workaround for broken EtM ciphers in OpenSSH 6.6.
  • SSH: Enhanced GlobalScape SSH server detection.
  • SSH: Enlarged upper limit for non-standard DSA keys to 8192 bits on .NET Framework and .NET Core.
  • TLS/SSL: Added TlsCipherSuite.Fast enum value.
  • TLS/SSL: Fixed a bug in server-side mode of TlsSocket that caused client certificate authentication to fail.
  • TLS/SSL: Internal changes in the TLS layer (in preparation for the upcoming TLS 1.3 support on mainstream platforms).
  • Cryptography: Added Certificate.GetPrivateKeyInfo() method.
  • Cryptography: Added CertificateEngine.LocalMachine engine and CertificateEngine.Bind method.
  • Cryptography: Added support for SHA-224 hash algorithm.
  • Cryptography: Added support for X25519 key format (RFC 8410).
  • Cryptography: Always using AES by default to encrypt PKCS #8 private keys.
  • Cryptography: Meaningful error message for the CNG AEAD auth tag mismatch.
  • Common: Optimized asynchronous continuations on modern platforms.
  • Common: Upgraded Task infrastructure in Xamarin.Android binaries.

2019 R2 #

(build 7077 from 2019-05-17)

Support for Visual Studio 2019

All Rebex components are now fully supported in Microsoft Visual Studio 2019.

Support for .NET Framework 4.8

.NET Framework 4.8 is a fully supported platform.

Native elliptic curve cryptography on Linux with .NET Core 2.1 or higher

On Linux, binaries for .NET Standard 2.0 now utilize OpenSSL elliptic curve routines via .NET Core 2.1 (or higher), making it possible to use ECDH and ECDSA ciphers in TLS/SSL and SFTP/SSH with no need of external plugins.

Detailed list of changes:

  • All: Added support for .NET Framework 4.8 and Visual Studio 2019.
  • All: Removed leftover Trace.Write logging.
  • SSH: Added dummy support for SSH_MSG_EXT_INFO (RFC 8308).
  • Cryptography: Added CertificationRequest.Save method.
  • Cryptography: Added support for ECDSA and ECDH on .NET Core 2.1/.2.2 on Linux (no need for external plugins).
  • Cryptography: Added workaround for broken export of RSA keys from the CNG providers on Windows 7.
  • Cryptography: Added workaround for CRLs with redundant trailing data to CertificateRevocationList.
  • Cryptography: Added workaround for legacy versions of Mono with lack of SHA-2 support.
  • Common: Asynchronous infrastructure improvements.

2019 R1 #

(build 7027 from 2019-03-28)

Improved platform support

This release adds three new sets of binaries targeting the following platforms:

  • .NET Core 2.0/2.1/2.2 (via .NET Standard 2.0)
  • .NET 4.6.x/4.7.x
  • .NET 3.5 SP1

For an overview of available binaries and supported platforms, check out Rebex Support Lifecycle KB article.

Detailed list of changes:

  • All: Added binaries targeting .NET Framework 3.5 SP1.
  • All: Added binaries targeting .NET Framework 4.6 and higher.
  • All: Added binaries targeting .NET Standard 2.0.
  • All: Removed long-deprecated API. Deprecated legacy API.
  • ProxySocket: Fixed passing of state to the callback method in BeginConnect.
  • SSH: Changed behavior of SshFingerprint.ToString() and .ToArray() to use SHA-256.
  • SSH: Improved performance of AES/GCM ciphers on .NET Compact Framework and non-Windows platforms.
  • SSH: RSA host keys are preferred to DSA host keys.
  • SSH: SHA-512 is only used during SSH client authentication when the RSA key length allows it.
  • SSH: SshParameters.MinimumRsaKeySize now applies to client RSA keys as well.
  • SSH: Using standard form of Diffie-Hellman group exchange with GlobalScape servers.
  • TLS/SSL: Fixed passing of state to the callback method in BeginConnect.
  • TLS/SSL: Improved performance of AES/GCM ciphers on .NET Compact Framework and non-Windows platforms.
  • Cryptography: Fixed behavior of HMAC mode in KeyMaterialDeriver.DeriveKeyMaterial method.
  • Cryptography: Fixed garbage collection issue with PFX-based certificate keys on non-Windows platforms.
  • Cryptography: Fixed handling of shared secred padding in AsymmetricKeyAlgorithm.GetKeyMaterialDeriver.
  • Cryptography: Fixed possible NullReferenceException in CertificationRequest.GetAlternativeHostnames method.
  • Common: Fixed Certificate.Associate with permanent bind on .NET Compact Framework to ensure the key is not garbage-collected.
  • Common: LocalItem constructor no longer fails on items with invalid paths.
  • WebSocket: Initial release.