FIPS compliant

Kobi Gana

unread,

Dec 14, 2022, 12:57:08 PM12/14/22

to golang-dev

Hi all,

I know that recently the boring was merged to main golang code.

Still this relevant only for Linux 64.

Are there any plans to add enable it to Windows/Mac and other OSs?

If there is a conversation that discuss this please refer it to me.

Thanks

Jared Parsons

unread,

Dec 14, 2022, 1:52:31 PM12/14/22

to golang-dev

I do not believe there are any plans to add this support into the upstream Go compiler code base at this time. There was a proposal on making the Go crypto engine more pluggable in #33281. This would've allowed for alternative engines like Windows CNG to be used but that was rejected.

https://github.com/golang/go/issues/33281

Microsoft does maintain a fork of the Go compiler which has FIPS support for Windows as well as Linux using OpenSSL.

https://github.com/microsoft/go

https://github.com/microsoft/go-crypto-winnative

There is also a joint effort from a few companies (RedHat and Microsoft included) to centralize the work on making Go more FIPS compliant across OS. Presently there is no Mac support though.

https://github.com/golang-fips

Kobi Gana

unread,

Dec 14, 2022, 4:54:48 PM12/14/22

to golang-dev

Thank you for the valuable information!

I guess that in some point it will become fips to all OSs.

Just matter of time.

Again, thanks for the info.

Reply all

Reply to author

Forward