v1.23.3-1

Microsoft build of Go v1.23.3-1

What's Changed

• Update submodule to latest release-branch.go1.23 in microsoft/release-branch.go1.23 by @microsoft-golang-bot in #1392
• [release-branch.go1.23] Upgrade golang-fips/openssl to 4bcac10661a9 by @qmuntal in #1389
  • [ms-go1.23-support] Fix SupportsHash to correctly detect unsupported OpenSSL 1 hashes - golang-fips/openssl#215

Full Changelog: v1.23.2-1...v1.23.3-1

v1.22.9-1

Microsoft build of Go v1.22.9-1

What's Changed

• Update submodule to latest release-branch.go1.22 in microsoft/release-branch.go1.22 by @microsoft-golang-bot in #1393
• [release-branch.go1.22] Upgrade golang-fips/openssl to 65495925c2cb by @qmuntal in #1390
  • [ms-go1.22-support] Fix SupportsHash to correctly detect unsupported OpenSSL 1 hashes - golang-fips/openssl#216

Full Changelog: v1.22.8-1...v1.22.9-1

v1.23.2-1

Microsoft build of Go v1.23.2-1

v1.22.8-1

Microsoft build of Go v1.22.8-1

v1.23.1-3

Microsoft build of Go v1.23.1-3

What's Changed

• [release-branch.go1.23] Update CNG backend to ms-go1.22-support b29b5cde7fdd by @dagood in #1334
  • Applies this fix: microsoft/go-crypto-winnative#58

    Go's DES and 3DES implementations use the ECB chaining mode. Unfortunately, CNG defaults to CBC chaining mode, and we were not overriding that property when instantiating DES and 3DES keys.

    This PR fixes this mismatch by honoring Go's chaining mode together with a new extensive test suite that ensures we don't regress.

    This a breaking change: data longer than the DES or 3DES block size (8 bytes and 24 bytes respectively) encrypted with the CNG backend won't be decryptable after this fix. Note that the Microsoft Go toolchain has implemented DES and 3DES using the CNG backend since Go 1.22.

    To work around this issue, please follow these steps:

    1. Decrypt the existing encrypted data using a Microsoft Go toolchain that doesn't contain the fix.
    2. Encrypt the just-decrypted data using a Microsoft Go toolchain that contains the fix.

Full Changelog: v1.23.1-2...v1.23.1-3

v1.22.7-3

Microsoft build of Go v1.22.7-3

What's Changed

• [release-branch.go1.22] Update CNG backend to ms-go1.22-support b29b5cde7fdd by @dagood in #1333
  • Applies this fix: microsoft/go-crypto-winnative#58

    Go's DES and 3DES implementations use the ECB chaining mode. Unfortunately, CNG defaults to CBC chaining mode, and we were not overriding that property when instantiating DES and 3DES keys.

    This PR fixes this mismatch by honoring Go's chaining mode together with a new extensive test suite that ensures we don't regress.

    This a breaking change: data longer than the DES or 3DES block size (8 bytes and 24 bytes respectively) encrypted with the CNG backend won't be decryptable after this fix. Note that the Microsoft Go toolchain has implemented DES and 3DES using the CNG backend since Go 1.22.

    To work around this issue, please follow these steps:

    1. Decrypt the existing encrypted data using a Microsoft Go toolchain that doesn't contain the fix.
    2. Encrypt the just-decrypted data using a Microsoft Go toolchain that contains the fix.

Full Changelog: v1.22.7-2...v1.22.7-3

v1.23.1-2

Microsoft build of Go v1.23.1-2

What's Changed

• [microsoft/release-branch.go1.23] Update openssl to ms-go1.23-support, 17d05d3f692c by @dagood in #1307
  • This fixes #1305, "Building app with Go 1.23 OpenSSL backend emits a build warning"
• [microsoft/release-branch.go1.23] Update openssl to ms-go1.23-support, 0a2f211a8f95 by @dagood in #1313
  • This fixes #1290, "With 1.x OpenSSL versions, TripleDES does not panic when expected in some cases"

Full Changelog: v1.23.1-1...v1.23.1-2

v1.22.7-2

Microsoft build of Go v1.22.7-2

What's Changed

• [microsoft/release-branch.go1.22] Update openssl to ms-go1.22-support, 889cd907e03c by @dagood in #1312
  • This fixes #1290, "With 1.x OpenSSL versions, TripleDES does not panic when expected in some cases"

Full Changelog: v1.22.7-1...v1.22.7-2

v1.23.1-1

Microsoft build of Go v1.23.1-1

v1.22.7-1

Microsoft build of Go v1.22.7-1