Release notes for Rebex WebSocket for .NET

2019 R4 #

(build 7244 from 2019-10-31)

Support for TLS 1.3

WebSocketClient class features support for WebSocket over TLS 1.3.

Detailed list of changes:

  • TLS/SSL: Added support for ALPN TLS extension to TlsSocket.
  • TLS/SSL: Added TlsBulkCipherMode.AEAD (to replace TlsBulkCipherMode.GCM).
  • TLS/SSL: Removed support for two legacy unsecure anonymous ciphers (DH_anon_EXPORT_WITH_DES40_CBC_SHA and DH_anon_EXPORT_WITH_RC4_40_MD5).
  • Cryptography: Added PkcsBase.LoadSignedOrEnvelopedData method (a replacement for deprecated PkcsBase.Load).
  • WebSocket: Added support for TLS 1.3.
  • WebSocket: Optimized operation with KeepAliveInterval of 0.
Released
October312019

2019 R3.3 #

(build 7242 from 2019-10-29)

.NET Compact Framework legacy edition update

This release is only available for .NET Compact Framework legacy editions.

Detailed list of changes:

  • All: This release also includes all updates from 2019 R4 except TLS 1.3 and ALPN support.
  • SSH: Fixed ECDH via CNG on .NET Compact Framework 3.9.
  • TLS/SSL: Enabled ECDH via CNG on .NET Compact Framework 3.9.
  • Cryptography: Optimized memory usage when loading CRLs from cache in the built-in custom certificate validator on .NET Compact Framework.
  • Common: Fixed possible ArgumentOutOfRangeException in custom .NET Compact Framework thread pool.
  • Common: Fixed possible crash on .NET Compact Framework 3.5 when SSPI single sign-on is attempted.
Released
October292019

2019 R3.2 #

(build 7206 from 2019-09-23)

.NET Core 3.0 support

This release introduces support for .NET Core 3.0 on the following platforms:

  • Windows (x64, x86, ARM32)
  • Windows 10 IoT (x64, x86, ARM32)
  • macOS (x64)
  • Linux (x64, ARM32)

Windows 10 IoT support

This release introduces support for .NET Core 3.0 on Windows 10 IoT on x64, x86 and ARM32 platforms.

Detailed list of changes:

  • All: Added support for .NET Core 3.0.
  • All: Added support for Windows 10 IoT (via .NET Core 3.0).
  • SSH: Added SshGssApiCredentials.AccountName property to make it possible to specify an account name to be passed to the SSH server.
  • SSH: Added workaround for legacy WS_FTP 7.x servers that encode long SSH packets improperly.
  • SSH: Fixed SshChannel.SendEof method not to send EOF when channel has already been closed.
  • Common: Optimized internal Task infrastructure on old .NET platforms.
Released
September232019

2019 R3.1 #

(build 7161 from 2019-08-09)

Removed SSL 3.0 from TlsVersion.Any

TlsVersion.Any is no longer used by any Rebex component, but it might be used in custom applications. This could present a security issue because until now, TlsVersion.Any still used to contain TlsVersion.SSL30. SSL 3.0, a predecessor to TLS 1.0 protocol, has been published in 1996. It is comprehensively broken and should no longer be used. Application that still use it violate RFC 7568, which deprecated SSL 3.0 in 2015.

Serialization on Xamarin.Android and Xamarin.iOS platforms

Added support for classic .NET serialization ([Serializable] attributes and related infrastructure) on Xamarin.Android and Xamarin.iOS platforms.

Detailed list of changes:

  • All: Added support for serialization on Xamarin.Android and Xamarin.iOS platforms.
  • TLS/SSL: Modified TlsVersion.Any to only include TLS 1.0, 1.1 and 1.2.
  • Cryptography: Fixed handling of user-supplied RSACng in AsymmetricKeyAlgorithm and SshPrivateKey on modern platforms.
Released
August092019

2019 R3 #

(build 7119 from 2019-06-28)

Support for .NET Standard 2.0 on Mono 5.14 and higher

Binaries of Rebex components targeting .NET Standard 2.0 are now also supported on Mono 5.14 and higher.

End of Standard Support for .NET Compact Framework 3.5 and 3.9

2019 R3 is the last release that includes support for .NET Compact Framework 3.5 and 3.9 in the standard package. Starting with 2019 R4, .NET CF 3.5/3.9 will only be supported with Legacy Editions, which will be available as separate products.

Detailed list of changes:

  • All: Binaries targeting .NET Standard 2.0 are now supported on Mono 5.14 or higher.
  • SSH: Added SshPrivateKey.Generate(...) methods on .NET Compact Framework.
  • SSH: Added workaround for broken EtM ciphers in OpenSSH 6.6.
  • SSH: Enhanced GlobalScape SSH server detection.
  • SSH: Enlarged upper limit for non-standard DSA keys to 8192 bits on .NET Framework and .NET Core.
  • SSH: Fixed reporting of SSH_MSG_USERAUTH_GSSAPI_ERROR and SSH_MSG_USERAUTH_GSSAPI_ERRTOK responses.
  • TLS/SSL: Added TlsCipherSuite.Fast enum value.
  • TLS/SSL: Fixed a bug in server-side mode of TlsSocket that caused client certificate authentication to fail.
  • TLS/SSL: Internal changes in the TLS layer (in preparation for the upcoming TLS 1.3 support on mainstream platforms).
  • Cryptography: Added Certificate.GetPrivateKeyInfo() method.
  • Cryptography: Added CertificateEngine.LocalMachine engine and CertificateEngine.Bind method.
  • Cryptography: Added support for SHA-224 hash algorithm.
  • Cryptography: Added support for X25519 key format (RFC 8410).
  • Cryptography: Always using AES by default to encrypt PKCS #8 private keys.
  • Cryptography: Meaningful error message for the CNG AEAD auth tag mismatch.
  • Common: Optimized asynchronous continuations on modern platforms.
  • Common: Upgraded Task infrastructure in Xamarin.Android binaries.
Released
June282019

2019 R2 #

(build 7077 from 2019-05-17)

Support for Visual Studio 2019

All Rebex components are now fully supported in Microsoft Visual Studio 2019.

Support for .NET Framework 4.8

.NET Framework 4.8 is a fully supported platform.

Native elliptic curve cryptography on Linux with .NET Core 2.1 or higher

On Linux, binaries for .NET Standard 2.0 now utilize OpenSSL elliptic curve routines via .NET Core 2.1 (or higher), making it possible to use ECDH and ECDSA ciphers in TLS/SSL and SFTP/SSH with no need of external plugins.

Detailed list of changes:

  • All: Added support for .NET Framework 4.8 and Visual Studio 2019.
  • All: Removed leftover Trace.Write logging.
  • SSH: Added dummy support for SSH_MSG_EXT_INFO (RFC 8308).
  • Cryptography: Added CertificationRequest.Save method.
  • Cryptography: Added support for ECDSA and ECDH on .NET Core 2.1/.2.2 on Linux (no need for external plugins).
  • Cryptography: Added workaround for broken export of RSA keys from the CNG providers on Windows 7.
  • Cryptography: Added workaround for CRLs with redundant trailing data to CertificateRevocationList.
  • Cryptography: Added workaround for legacy versions of Mono with lack of SHA-2 support.
  • Common: Asynchronous infrastructure improvements.
Released
May172019

2019 R1 #

(build 7027 from 2019-03-28)

Improved platform support

This release adds three new sets of binaries targeting the following platforms:

  • .NET Core 2.0/2.1/2.2 (via .NET Standard 2.0)
  • .NET 4.6.x/4.7.x
  • .NET 3.5 SP1

For an overview of available binaries and supported platforms, check out Rebex Support Lifecycle KB article.

Detailed list of changes:

  • All: Added binaries targeting .NET Framework 3.5 SP1.
  • All: Added binaries targeting .NET Framework 4.6 and higher.
  • All: Added binaries targeting .NET Standard 2.0.
  • All: Removed long-deprecated API. Deprecated legacy API.
  • ProxySocket: Fixed passing of state to the callback method in BeginConnect.
  • SSH: Changed behavior of SshFingerprint.ToString() and .ToArray() to use SHA-256.
  • SSH: Improved performance of AES/GCM ciphers on .NET Compact Framework and non-Windows platforms.
  • SSH: RSA host keys are preferred to DSA host keys.
  • SSH: SHA-512 is only used during SSH client authentication when the RSA key length allows it.
  • SSH: SshParameters.MinimumRsaKeySize now applies to client RSA keys as well.
  • SSH: Using standard form of Diffie-Hellman group exchange with GlobalScape servers.
  • TLS/SSL: Fixed passing of state to the callback method in BeginConnect.
  • TLS/SSL: Improved performance of AES/GCM ciphers on .NET Compact Framework and non-Windows platforms.
  • Cryptography: Fixed behavior of HMAC mode in KeyMaterialDeriver.DeriveKeyMaterial method.
  • Cryptography: Fixed garbage collection issue with PFX-based certificate keys on non-Windows platforms.
  • Cryptography: Fixed handling of shared secred padding in AsymmetricKeyAlgorithm.GetKeyMaterialDeriver.
  • Cryptography: Fixed possible NullReferenceException in CertificationRequest.GetAlternativeHostnames method.
  • Common: Fixed Certificate.Associate with permanent bind on .NET Compact Framework to ensure the key is not garbage-collected.
  • Common: LocalItem constructor no longer fails on items with iinvalid paths.
  • WebSocket: Initial release.
Released
March282019