Rebex .NET components 2017 R1: New component and security enhancements

  |   Lukas Pokorny

This year's first release brings the long-awaited HTTP/HTTPS component with support for modern TLS/SSL features such as TLS 1.2, SHA-2 or server name indication. These are supported on all platforms including .NET Compact Frameworks and .NET Framework 2.0

In addition to this, we enhanced all Rebex components based on TLS or SSH.

New SSH algorithms

We added support for two new host key / client key algorithms (rsa-sha2-256, rsa-sha2-512) and three new key exchange algorithms (diffie-hellman-group14-sha256, diffie-hellman-group15-sha512, diffie-hellman-group16-sha512).

Renegotiation indication extension in TLS

All Rebex components based on TLS/SSL now support secure renegotiation indication extension. This fixes a vulnerability in the TLS/SSL protocol that makes it possible for an attacker to hijact TLS/SSL connections during renegotiation in some scenarios.

Support for new OpenSSH key format

Our SSH based components can now load and save private keys using the new OpenSSH key format (Base64-encoded keys with BEGIN OPENSSH PRIVATE KEY header). This format is used by OpenSSH for storing Elliptic Curve DSA and Ed25519 keys, but it's suitable for RSA and DSA keys as well.

Enhanced SFTP throughput

We enlarged default size of SFTP request read/write queues, which should enhance the transfer speed in most scenarios. To change queue lengths, use Sftp.Settings.DownloadQueueLength and Sftp.Settings.UploadQueueLength properties.

(For a complete list of changes in 2017 R1, see the release history.)