boringcrypto and go1.20

[Wade Simmons]

A change was merged before release-branch.go1.20 was cut that switches to a newer tag of BoringCrypto:

- https://go.dev/cl/423362 

That version of BoringCrypto has still not been approved by NIST. If NIST hasn't approved it by the go1.20 release date, anyone that depends on "FIPS approved" cryptography using GOEXPERIMENT=boringcrypto will be unable to build using go1.20 since it will be using a module where approval is still "pending".

Is the Go team expecting NIST approval before the go1.20 release date? Should there be a backup plan in case approval hasn't occurred by that date (either reverting, or a warning in the release notes)?

Thanks!
Wade

[Russ Cox]

Hi,

The version of BoringCrypto used in Go 1.20 is an "in process" module.

Please note that Go using GOEXPERIMENT=boringcrypto is not an officially supported use of Go. We have never documented the use of GOEXPERIMENT=boringcrypto, much less encouraged it. We maintain the code for use at Google, and while we are happy to share it, we make no statements or representations about the suitability of the code in FIPS 140-2 contexts. Interested users need to evaluate for themselves whether the code is useful for their own purposes. Text along these lines is in the original dev.boringcrypto README, and I've sent CL 460515 to add similar text to crypto/internal/boring/README.md in the new tree.

Because we don't advertise or support GOEXPERIMENT=boringcrypto at all, we will not be mentioning anything about it in the release notes. (There is also no mention of it in previous release notes, nor anywhere on the Go website or the Go wiki.)

Best,

Russ

[Filippo Valsorda]

As Russ said, GOEXPERIMENT=boringcrypto is not officially supported, and we make no statements about the suitability of it for FIPS 140 compliance.

That said, as a courtesy, I figured I'd share the link to this recently issued CMVP certificate. https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4407

The tag fips-20210429 mentioned in https://go.dev/cl/423362 is commit 853ca1ea1168dff08011e5d42d94609cc0ca2e27. https://boringssl.googlesource.com/boringssl/+/refs/tags/fips-20210429

Whether that's useful or satisfactory for your purposes is for you to evaluate.

--

You received this message because you are subscribed to the Google Groups "golang-dev" group.

To unsubscribe from this group and stop receiving emails from it, send an email to golang-dev+...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/golang-dev/CAA8EjDTV4HBROHk4seK7pfh16QiNjupaxNoHMD_Xwk6EHNtcTQ%40mail.gmail.com.