boring icon indicating copy to clipboard operation
boring copied to clipboard

Published 20 hours ago verified publisher icon cloudflare

Bump BoringSSL version to `fips-20220613` to match upstream Go

Open reedloden opened this issue 1 year ago • 3 comments

Upstream Go is bumping the BoringSSL FIPS version used for BoringCrypto in order to pull in support for TLS 1.3 prior to the NIST SP 800-52 Rev. 2 deadline of January 1, 2024. This updated version is still in-process with NIST CMVP for FIPS 140-3 ("In Review" as of 2023-11-20).

Filing this as a tracking issue for doing the same thing in boring once this has officially landed and been released upstream. Last bump was done in #97.

reedloden avatar Dec 14 '23 17:12 reedloden

FYI This was reverted in https://github.com/golang/go/issues/65321

howardjohn avatar Feb 02 '24 17:02 howardjohn

FYI This was reverted in https://github.com/golang/go/issues/65321

Yeah, pending NIST CMVP certification. Hopefully, that will be soon. 🤞

reedloden avatar Feb 02 '24 17:02 reedloden

The CMVP is ready now: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4735

howardjohn avatar Oct 02 '24 16:10 howardjohn