From: Sean Liao Date: Fri, 21 Nov 2025 22:27:36 +0000 (+0000) Subject: crypto/fips140: add Version X-Git-Tag: go1.26rc1~133 X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=aa093eed83;p=gostls13.git crypto/fips140: add Version Fixes #75301 Change-Id: If953b4382499570d5437491036f91cbe4fec7c01 Reviewed-on: https://go-review.googlesource.com/c/go/+/723101 Reviewed-by: Roland Shoemaker Reviewed-by: Filippo Valsorda LUCI-TryBot-Result: Go LUCI Reviewed-by: Dmitri Shuralyov --- diff --git a/api/next/75301.txt b/api/next/75301.txt new file mode 100644 index 0000000000..8d16837091 --- /dev/null +++ b/api/next/75301.txt @@ -0,0 +1 @@ +pkg crypto/fips140, func Version() string #75301 diff --git a/doc/next/6-stdlib/99-minor/crypto/fips140/75301.md b/doc/next/6-stdlib/99-minor/crypto/fips140/75301.md new file mode 100644 index 0000000000..2dd77f61ef --- /dev/null +++ b/doc/next/6-stdlib/99-minor/crypto/fips140/75301.md @@ -0,0 +1 @@ +[Version] returns the resolved FIPS 140-3 Go Cryptographic Module version when building against a frozen module with GOFIPS140. diff --git a/src/crypto/fips140/fips140.go b/src/crypto/fips140/fips140.go index 830b6f80af..f44f3b399b 100644 --- a/src/crypto/fips140/fips140.go +++ b/src/crypto/fips140/fips140.go @@ -23,3 +23,18 @@ func Enabled() bool { } return fips140.Enabled } + +// Version returns the FIPS 140-3 Go Cryptographic Module version (such as +// "v1.0.0"), as referenced in the Security Policy for the module, if building +// against a frozen module with GOFIPS140. Otherwise, it returns "latest". If an +// alias is in use (such as "inprogress") the actual resolved version is +// returned. +// +// The returned version may not uniquely identify the frozen module which was +// used to build the program, if there are multiple copies of the frozen module +// at the same version. The uniquely identifying version suffix can be found by +// checking the value of the GOFIPS140 setting in +// runtime/debug.BuildInfo.Settings. +func Version() string { + return fips140.Version() +}