I’m working on making our company’s Go program, which relies on crypto/tls
for HTTP-related purposes, FIPS 140-2 compliant. We are considering using BoringCrypto but I’d like to confirm a few observations and assumptions to ensure we’re on the right path.
- My understanding is that, starting with Go version 1.19, we can switch from the standard Go crypto package to BoringCrypto by setting the environment variables
BUILD_GOEXPERIMENT=boringcrypto
andBUILD_CGO_ENABLED=1
before runninggo build
. Is this the correct approach to make the switch? - I’ve come across some discussions suggesting that our program needs to import
_ "crypto/tls/fipsonly"
to restrict all TLS configurations to FIPS-approved settings. Can someone confirm if this step is necessary for ensuring FIPS 140-2 compliance when using BoringCrypto? - In my research, I found that the security policy (p19) under BoringCrypto’s FIPS certificate provides detailed steps for building, compiling, and linking the BoringCrypto module to BoringSSL. Additionally, BoringCrypto’s build.sh script located under
src/crypto/internal/boring
seems to follow these steps using the same tools mentioned in the document to compile BoringSSL and build thegoboringcrypto.syso
. Therefore, my assumption is that for Go v1.19 and above, settingBUILD_GOEXPERIMENT=boringcrypto
ensures that the Go program will use BoringCrypto, statically linked to thegoboringcrypto.syso
, to utilize FIPS 140-2 Approved Algorithms/functions.
Could anyone confirm if my understanding is correct and if this is sufficient for FIPS 140-2 compliance?
I would greatly appreciate any insights or corrections to the above points.
Thanks