Skip to content

MLDsaOpenSsl + tests #114485

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Apr 15, 2025
Merged

MLDsaOpenSsl + tests #114485

merged 4 commits into from
Apr 15, 2025

Conversation

krwq
Copy link
Member

@krwq krwq commented Apr 10, 2025

Contributes to: #113502

@Copilot Copilot AI review requested due to automatic review settings April 10, 2025 12:09
@ghost
Copy link

ghost commented Apr 10, 2025

Note regarding the new-api-needs-documentation label:

This serves as a reminder for when your PR is modifying a ref *.cs file and adding/modifying public APIs, please make sure the API implementation in the src *.cs file is documented with triple slash comments, so the PR reviewers can sign off that change.

1 similar comment
@ghost
Copy link

ghost commented Apr 10, 2025

Note regarding the new-api-needs-documentation label:

This serves as a reminder for when your PR is modifying a ref *.cs file and adding/modifying public APIs, please make sure the API implementation in the src *.cs file is documented with triple slash comments, so the PR reviewers can sign off that change.

Copilot
Copilot AI reviewed Apr 10, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 15 out of 18 changed files in this pull request and generated no comments.

Files not reviewed (3)
  • src/libraries/System.Security.Cryptography/src/Resources/Strings.resx: Language not supported
  • src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj: Language not supported
  • src/libraries/System.Security.Cryptography/tests/System.Security.Cryptography.Tests.csproj: Language not supported
Comments suppressed due to low confidence (1)

src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey_ml_dsa.h:8

  • Consider aligning the native enum name with the managed interop naming (e.g. 'PalMLDsaAlgorithmId' instead of 'PalMLDsaId') to improve clarity and reduce potential confusion between layers.
typedef enum

@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

This was referenced Apr 10, 2025
Open
Closed
bartonjs
bartonjs reviewed Apr 10, 2025
View reviewed changes
@bartonjs
Copy link
Member

#114471 is adding a few TODOs regarding MLDsaOpenSsl's future existence. Assuming it's merged before you iterate on this, consider trying to address them in this PR. But if that feels like too much scope creep, it can be a followup.

@vcsjones
Copy link
Member

Merge branch 'main'

Sorry. That was a fat-finger :-/

This was referenced Apr 10, 2025
Open
Open
@krwq

This comment was marked as outdated.

Sign in to view
This was referenced Apr 11, 2025
Open
Open
@krwq
Copy link
Member Author

krwq commented Apr 11, 2025
edited
Loading

I rebased again: first to remove @vcsjones's commit, second to make sure I don't conflict with #114471 but there were no merge related changes and only last two commits can be reviewed (first to address feedback here, second to address #114471 TODOs.

bartonjs
bartonjs reviewed Apr 12, 2025
View reviewed changes
@bartonjs
Copy link
Member

@vcsjones I don't see a way for me to trigger a 3.5 run. Would you mind?

@PranavSenthilnathan
Copy link
Member

@vcsjones-bot test 727a0bc with openssl-3.5

1 similar comment
@vcsjones
Copy link
Member

@vcsjones-bot test 727a0bc with openssl-3.5

@vcsjones
Copy link
Member

The bot ignores everyone except for me, for now. Will work on that later.

@vcsjones
Copy link
Member

The results will be here https://github.com/vcsjones/runtime-ci/actions/runs/14414503783

@bartonjs
Copy link
Member

Looks like the new tests are all happy in https://github.com/vcsjones/runtime-ci/actions/runs/14414503783.

@krwq
Copy link
Member Author

krwq commented Apr 15, 2025

failures look unrelated, merging

@krwq krwq merged commit 46c3e85 into dotnet:main Apr 15, 2025
95 of 100 checks passed
@MichalStrehovsky
Copy link
Member

@krwq I believe this is breaking native AOT outerloop runs on all linux flavors with:

ld.lld(0,0): error : (NETCORE_ENGINEERING_TELEMETRY=Build) undefined symbol: CryptoNative_MLDsaImportSecretKey
ld.lld(0,0): error : (NETCORE_ENGINEERING_TELEMETRY=Build) undefined symbol: CryptoNative_MLDsaImportPublicKey

Sample: https://dev.azure.com/dnceng-public/public/_build/results?buildId=1019203&view=logs&jobId=7e7cde7f-4669-5f41-976b-370a74291e60

Searching through the repo, I see we have a LibraryImport for these APIs, but I can't seem to find an implementation. It's not clear to me why it's not failing on CoreCLR - the only plausible explanation would be that there's no test coverage of these APIs and the codepath is not exercised at runtime. CoreCLR fails just in time for things like this, native AOT fails ahead of time.

Could you please have a look today or revert if the investigation takes longer?

@MichalStrehovsky MichalStrehovsky mentioned this pull request Apr 17, 2025
Merged
@krwq
Copy link
Member Author

krwq commented Apr 17, 2025

@MichalStrehovsky I'll take a look

@PranavSenthilnathan
Copy link
Member

@krwq Those methods are not used so they can be safely removed. I have the changes in https://github.com/dotnet/runtime/pull/114060/files#diff-083ed7205b5ecd53c32df803bd31400a901aba8981fd1b71830817a81ca61378 already but feel free to push them yourself if you don't want to wait for that.

@krwq
Copy link
Member Author

krwq commented Apr 17, 2025

@PranavSenthilnathan if you're planning on merging today then I'll wait, otherwise will send targeted PR tomorrow if this is not addressed yet

@github-actions github-actions bot locked and limited conversation to collaborators May 22, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@PranavSenthilnathan PranavSenthilnathan PranavSenthilnathan left review comments

Copilot code review Copilot Copilot left review comments

@bartonjs bartonjs bartonjs approved these changes

Assignees

@krwq krwq

Labels
area-System.Security new-api-needs-documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@krwq @bartonjs @vcsjones @PranavSenthilnathan @MichalStrehovsky