Crypto/fips140: Documentation request for FIPS 140-3 approved algorithm parameters

Sanjay_S · January 12, 2026, 5:39am

I’m looking for documentation that lists the specific FIPS 140-3 approved parameters for each algorithm in the Go Cryptographic Module (v1.0.0, CAVP A6650).

Specifically, parameters such as:

AES: Approved key sizes (128/192/256?) and modes (GCM/CBC/CTR/CCM?)

For FIPS 140-3 compliance reporting, organizations need to verify that their applications use approved algorithm configurations. Other FIPS-validated modules (e.g., OpenSSL) publish this information in their Security Policy document as “Table 5 - Approved Algorithms” (example: OpenSSL FIPS Security Policy).

I understand Go’s CMVP validation is still in process (“Review Pending” on MIP list). However, having this information documented would help developers

Gohar · January 25, 2026, 10:19am

As of now, Go’s Cryptographic Module v1.0.0 does not publish a finalized FIPS 140-3 Security Policy or an approved-algorithms table like OpenSSL. The authoritative source for approved parameters is the CMVP certificate and Security Policy, which will only be available once validation is completed. Until then, developers must rely on CAVP test coverage and NIST SP 800-38 and SP 800-56 series as guidance, but these are not an official substitute for a FIPS 140-3 approved parameter list.