Skip to content

[AUTOPATCHER-CORE] Upgrade SymCrypt-OpenSSL to 1.9.0 Support digest state exports. #13870

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 12, 2025
Merged

[AUTOPATCHER-CORE] Upgrade SymCrypt-OpenSSL to 1.9.0 Support digest state exports. #13870

merged 3 commits into from
Jun 12, 2025

Conversation

CBL-Mariner-Bot
Copy link
Collaborator

@CBL-Mariner-Bot CBL-Mariner-Bot commented May 22, 2025
edited by tobiasb-ms
Loading

Summary

Update SymCrypt-OpenSSL to release 1.9.0. This adds support for digest state exports.

Upgrade pipeline run -> https://dev.azure.com/mariner-org/mariner/_build/results?buildId=816457&view=results

Change Log
  • Update SymCrypt-OpenSSL to release 1.9.0.
  • Add extra test run that explicitly uses the SymCrypt provider.
Does this affect the toolchain?

NO

Associated issues
Test Methodology

Tested the RPMs produced by the above, varying across AMD64 vs. ARM64 and FIPS vs. non-FIPS (so four total configurations).

  • Basic encrypt/decrypt and sign/verify with openssl
  • openssl speed
  • Built the dotnet runtime and ran the crypto-related tests
  • Ran crypto-related tests for golang 1.24 (both current and the one staged for our next release) and 1.23. All behaved as expected.

@CBL-Mariner-Bot CBL-Mariner-Bot requested a review from a team as a code owner May 22, 2025 18:08
@mfrw mfrw requested a review from Copilot May 26, 2025 04:52
Copilot
Copilot AI reviewed May 26, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR upgrades SymCrypt-OpenSSL from version 1.8.1 to 1.9.0 and adds support for digest state exports.

  • Updated version and download URL in cgmanifest.json
  • Updated version, added a subshell test with an additional test run in the spec file, and updated changelog in the .spec file
  • Revised signatures in the signatures JSON file to match the new version

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
cgmanifest.json Updated version and download URL for SymCrypt-OpenSSL to 1.9.0
SPECS/SymCrypt-OpenSSL/SymCrypt-OpenSSL.spec Updated version number, modified test section for dual test runs, and updated the changelog
SPECS/SymCrypt-OpenSSL/SymCrypt-OpenSSL.signatures.json Updated signature entry to align with version 1.9.0

@tobiasb-ms tobiasb-ms force-pushed the cblmargh/SymCrypt-OpenSSL-upgrade-to-1.9.0-3.0-dev branch from 47e336d to 49b1c7d Compare June 10, 2025 15:28
@tobiasb-ms tobiasb-ms merged commit 6ce5a93 into 3.0-dev Jun 12, 2025
17 checks passed
@tobiasb-ms tobiasb-ms deleted the cblmargh/SymCrypt-OpenSSL-upgrade-to-1.9.0-3.0-dev branch June 12, 2025 16:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@christopherco christopherco christopherco approved these changes

Assignees
No one assigned
Labels
3.0-dev PRs Destined for AzureLinux 3.0 Automatic PR AutoUpgrade Core Packaging
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@CBL-Mariner-Bot @christopherco @tobiasb-ms