Tracking items for System.Net.Security

[CIPop]

This issue is tracking TODOs and Shims removal for PR dotnet/corefx#3113:

• Replace Interop.Secur32 names with OS names from the SDK (sspi.h and schannel.h)
• Replace the X509Certificate ctor shim as soon as it is available.
• Move _SSPIWrapper.cs OS specific classes to Interop.SSPI
• Remove StreamAsyncHelper references and implement FixedSizeReader and SslState using TPL instead of APM.
• _SslState.cs:1299: Within FinishWrite() the callback is called under lock (this). We need to investigate if there is any chance of a deadlock.
• Remove SSLv2 support from SslStream.
• Add new Cypher and Hashing algorithms to enums within the contract.
• Split _SecuritySafeHandles.Windows.cs
• In NativeSSPI: Unit/Functional test required to understand the intent and pin behavior between Desktop and CoreFX.

Decrypt checked qop != SECQOP_WRAP_NO_ENCRYPT. Sign used it. Verify just ignores it?

• Replace all usage of ArrayList, Hashtable with appropriate modern collections.
• Behavior impacting: check client certs for the client EKU within private bool AcquireClientCredentials(ref byte[] thumbPrint)
• Replace the implementation of SpnDictionary with Dictionary<> or ConcurrentDictionary<>.
• Provide TPL Stream overrides for SslStream. (By Porting async implementation and adding TPL overrides for SslStream Read/WriteAsync corefx#5541.)
• Investigate ways to bring back the NetworkStream specific optimizations (BeginMultipleWrite, etc)
• Move public parameter checks within their respective public methods. (See comments in Porting async implementation and adding TPL overrides for SslStream Read/WriteAsync corefx#5541)
• In CompleteAuthToken and ApplyControlToken: remove the extra allocation of a CredHandle; refactor the code to avoid duplication; remove the AddRef if the refContext was previously null. (See Adding TLS Alerts corefx#11489)

@CIPop, just wanted to share a thought. In this kind of checklist, GitHub markdown has this feature to reflect the progress.

For instance (syntax tip: space between - and [ is important):

- [ ] Replace `Interop.Secur32` names with OS names from the SDK (`sspi.h` and `schannel.h`).
- [x] Replace the `X509Certificate` ctor shim as soon as it is available.
- [ ] Move `_SSPIWrapper.cs` OS specific classes to `Interop.SSPI`.

will render:

• Replace Interop.Secur32 names with OS names from the SDK (sspi.h and schannel.h).
• Replace the X509Certificate ctor shim as soon as it is available.
• Move _SSPIWrapper.cs OS specific classes to Interop.SSPI.

For the follower/reader, this tells the whole progress tale. :)

Thank you for bringing System.Net.Security to the mix! 😎 👍

[CIPop]

Thanks @jasonwilliams200OK . Making the changes now.

[CIPop]

Some code reorganization done in dotnet/corefx#3825.

@CIPop, some TODOs are left. I think it was closed automatically with the merge (due the keyword Fix dotnet/corefx#3114 in the PR description).

[CIPop]

Thanks @jasonwilliams200OK. Reopened and updated the checklist.

[karelz]

Looks like lots of nice to haves. We shipped this way for a long time, we don't think we will have time in next year to do this, so closing. If someone is interested, feel free to reopen / file new issue.