Skip to content

Update SCOSSL to 1.8.0#13151

Merged
tobiasb-ms merged 2 commits intomicrosoft:3.0-devfrom
mamckee:mamckee/socssl_1.8.0
Apr 24, 2025
Merged

Update SCOSSL to 1.8.0#13151
tobiasb-ms merged 2 commits intomicrosoft:3.0-devfrom
mamckee:mamckee/socssl_1.8.0

Conversation

@mamckee
Copy link
Copy Markdown
Contributor

@mamckee mamckee commented Mar 27, 2025
edited by tobiasb-ms
Loading

Merge Checklist

All boxes should be checked before merging the PR (just tick any boxes which don't apply to this PR)

  • The toolchain has been rebuilt successfully (or no changes were made to it)
  • The toolchain/worker package manifests are up-to-date
  • Any updated packages successfully build (or no packages were changed)
  • Packages depending on static components modified in this PR (Golang, *-static subpackages, etc.) have had their Release tag incremented.
  • Package tests (%check section) have been verified with RUN_CHECK=y for existing SPEC files, or added to new SPEC files
  • All package sources are available
  • cgmanifest files are up-to-date and sorted (./cgmanifest.json, ./toolkit/scripts/toolchain/cgmanifest.json, .github/workflows/cgmanifest.json)
  • LICENSE-MAP files are up-to-date (./LICENSES-AND-NOTICES/SPECS/data/licenses.json, ./LICENSES-AND-NOTICES/SPECS/LICENSES-MAP.md, ./LICENSES-AND-NOTICES/SPECS/LICENSE-EXCEPTIONS.PHOTON)
  • All source files have up-to-date hashes in the *.signatures.json files
  • sudo make go-tidy-all and sudo make go-test-coverage pass
  • Documentation has been updated to match any changes to the build system
  • Ready to merge
Summary

This PR updates SymCrypt-OpenSSL to 1.8.0 with PBKDF2 and various bugfixes

Change Log
  • Update SymCrypt-OpenSSL to 1.8.0
    • Adds PBKDF2
    • Fixes edge case memory leaks found in testing
    • Fixes outstanding behavior differences between the SymCrypt and default providers
    • Full list of changes can be found here: microsoft/SymCrypt-OpenSSL@v1.7.0...v1.8.0
Does this affect the toolchain?

NO

Associated issues

ADO: https://microsoft.visualstudio.com/OS/_workitems/edit/56918699

Test Methodology

I created the following azure vms, and upgraded SymCrypt-OpenSSL to the version from the buddy build.:

  1. amd64
  2. amd64-fips
  3. arm64
  4. arm64-fips

For each of those, I tested:

  1. openssl list -providers to make sure the provider is updated.
  2. Encrypted/decrypted and signed/verified something simple.
  3. Ran openssl speed -seconds 1 with only known errors (fixed by openssl speed fixes #12992)
  4. Ran golang openssl tests with the system openssl and everything passed.

@mamckee mamckee requested a review from a team as a code owner March 27, 2025 22:26
@mamckee
Copy link
Copy Markdown
Contributor Author

mamckee commented Mar 27, 2025

Updated sources found here: https://github.com/microsoft/SymCrypt-OpenSSL/releases/tag/v1.8.0

@microsoft-github-policy-service microsoft-github-policy-service Bot added Packaging 3.0-dev PRs Destined for AzureLinux 3.0 labels Mar 27, 2025
tobiasb-ms
tobiasb-ms requested changes Mar 28, 2025
View reviewed changes
Comment thread SPECS/SymCrypt-OpenSSL/SymCrypt-OpenSSL.spec
@mamckee mamckee requested a review from tobiasb-ms March 28, 2025 18:41
@jkotas jkotas mentioned this pull request Apr 4, 2025
Closed
@tobiasb-ms tobiasb-ms merged commit 565c0d0 into microsoft:3.0-dev Apr 24, 2025
13 checks passed
sandeepkarambelkar pushed a commit to sandeepkarambelkar/azurelinux that referenced this pull request May 6, 2025
@mamckee @sandeepkarambelkar
Update SCOSSL to 1.8.0 (microsoft#13151)
d41263e
AkarshHCL pushed a commit to AkarshHCL/azurelinux that referenced this pull request Jul 31, 2025
@mamckee @AkarshHCL
Update SCOSSL to 1.8.0 (microsoft#13151)
5976fcb
SumitJenaHCL pushed a commit to SumitJenaHCL/azurelinux that referenced this pull request Aug 20, 2025
@mamckee @SumitJenaHCL
Update SCOSSL to 1.8.0 (microsoft#13151)
db37219
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@christopherco christopherco christopherco approved these changes

@tobiasb-ms tobiasb-ms tobiasb-ms approved these changes

Assignees

No one assigned

Labels

3.0-dev PRs Destined for AzureLinux 3.0 Packaging

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mamckee @christopherco @tobiasb-ms