Open
Description
openedon Jun 30, 2023
Currently with go fips toolchain binaries appear to be universal - i.e. on linux, when fips is enabled, openssl fips is attempted, otherwise regular golang crypto is in use.
With newly contributed SHA3 implementation (microsoft/go-crypto-openssl#58 or golang-fips/openssl#88 ) it would be nice to preserve the same capability for SHA3 imports.
Specifically, ideally any given project that imports golang.org/x/crypto/sha3
and uses it either directly or via crypto APIs, utilises the regular golang crypto.
I am not sure how to design and implement this, hence opening this issue to explore possibilities.
at the very least I hope that hash registration can be highjacked and prevented overrides using x/crypto when in Fips mode.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Metadata
Assignees
Labels
No labels