]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: e2cae9e) | patch
crypto/fips140: add WithoutEnforcement
authorDaniel Morsing <daniel.morsing@gmail.com>
Mon, 24 Nov 2025 13:08:10 +0000 (13:08 +0000)
committerGopher Robot <gobot@golang.org>
Wed, 26 Nov 2025 22:26:06 +0000 (14:26 -0800)
commit86bbea0cfa72041fb4315eb22099b0bc83caa314
tree3c3a008214e4a9d929a2d8f76f98fe1cf2f323d2tree
parente2cae9ecdf944a1cc5d8803ff8932180858b8ce6commit | diff
crypto/fips140: add WithoutEnforcement

WithoutEnforcement lets programs running under GODEBUG=fips140=only
selectively opt out of strict enforcement. This is especially helpful
for non-critical uses of cryptography routines like SHA-1 for content
addressable storage backends (E.g. git).

Fixes #74630

Change-Id: Iabba1f5eb63498db98047aca45e09c5dccf2fbdf
Reviewed-on: https://go-review.googlesource.com/c/go/+/723720
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
32 files changed:
api/next/74630.txt [new file with mode: 0644] blob
doc/next/6-stdlib/99-minor/crypto/fips140/74630.md [new file with mode: 0644] blob
src/crypto/cipher/cbc.go diff | blob | history
src/crypto/cipher/cfb.go diff | blob | history
src/crypto/cipher/ctr.go diff | blob | history
src/crypto/cipher/gcm.go diff | blob | history
src/crypto/cipher/ofb.go diff | blob | history
src/crypto/des/cipher.go diff | blob | history
src/crypto/dsa/dsa.go diff | blob | history
src/crypto/ecdh/nist.go diff | blob | history
src/crypto/ecdh/x25519.go diff | blob | history
src/crypto/ecdsa/ecdsa.go diff | blob | history
src/crypto/ecdsa/ecdsa_legacy.go diff | blob | history
src/crypto/ed25519/ed25519.go diff | blob | history
src/crypto/fips140/enforcement.go [new file with mode: 0644] blob
src/crypto/fips140/enforcement_test.go [new file with mode: 0644] blob
src/crypto/fips140/testdata/enforcement_test.go [new file with mode: 0644] blob
src/crypto/hkdf/hkdf.go diff | blob | history
src/crypto/hmac/hmac.go diff | blob | history
src/crypto/internal/fips140only/fips140only.go diff | blob | history
src/crypto/md5/md5.go diff | blob | history
src/crypto/pbkdf2/pbkdf2.go diff | blob | history
src/crypto/rand/util.go diff | blob | history
src/crypto/rc4/rc4.go diff | blob | history
src/crypto/rsa/fips.go diff | blob | history
src/crypto/rsa/pkcs1v15.go diff | blob | history
src/crypto/rsa/rsa.go diff | blob | history
src/crypto/sha1/sha1.go diff | blob | history
src/go/build/deps_test.go diff | blob | history
src/runtime/fipsbypass.go [new file with mode: 0644] blob
src/runtime/proc.go diff | blob | history
src/runtime/runtime2.go diff | blob | history
Go GOST TLS 1.3