crypto: align FIPS mode GenerateKey behavior with non-FIPS mode #70772
Assignees
Labels
NeedsFix
The path to resolution is known, but the work has not been done.
okay-after-rc1
Used by release team to mark a release-blocker issue as okay to resolve either before or after rc1
release-blocker
Milestone
Comments
|
Change https://go.dev/cl/635195 mentions this issue: |
cagedmantis
added
the
NeedsFix
|
Does this need to block rc1 or can it be post-rc1? |
|
It only affects FIPS mode, so I think it's ok post-rc1. |
cagedmantis
added
the
okay-after-rc1
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I initially made the GenerateKey functions ignore the rand parameter, because using anything but the FIPS DRBG makes the key non-compliant. However, this is the only subtle behavior difference between FIPS and non-FIPS mode (the others are the explicit change in crypto/tls behavior, and stuff getting slower).
We discussed this with @rsc and @rolandshoemaker and agreed to change it to work like Go+BoringCrypto for now, and then maybe consider ignoring the rand parameter entirely in Go 1.25 (regardless of FIPS mode).
Tracking issue for making the change in Go 1.24. See #69536.
The text was updated successfully, but these errors were encountered: