To nitpick, there is no special crypto/fips140 package. (Ok, there is, but it ju... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		FiloSottile 7 months ago \| parent \| context \| favorite \| on: The FIPS 140-3 Go Cryptographic Module To nitpick, there is no special crypto/fips140 package. (Ok, there is, but it just has an Enabled() bool function.) FIPS 140-3 mode is enabled by building with GOFIPS140=v1.0.0 (or similar, see https://go.dev/doc/security/fips140), but it shares 99% of the code with non-FIPS mode. Still, your message is right, just GOFIPS140=off (the default!), not GOFIPS140=v1.0.0.

tptacek 7 months ago | [–]

Not a nitpick! I was just wrong!

bravesoul2 7 months ago | [–]

That's a nice solution when managing a platform. You can "upgrade" all your teams, and/or easily detect they have upgraded.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact