]> git.feebdaed.xyz Git - 0xmirror/go.git/commit
projects / 0xmirror / go.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d349854) | patch
crypto/hpke: use new gcm.NewGCMForHPKE for FIPS 140-3 compliance
authorFilippo Valsorda <filippo@golang.org>
Mon, 8 Dec 2025 23:41:59 +0000 (00:41 +0100)
committerFilippo Valsorda <filippo@golang.org>
Wed, 10 Dec 2025 21:41:36 +0000 (13:41 -0800)
commit550c0c898b61628aed108aca7d8dbef32458bc09
tree789a75c85ee2d793b277a52102314f887d09aceetree | snapshot
parentd349854de6d814ca2414215ceeb8c1e99e94980acommit | diff
crypto/hpke: use new gcm.NewGCMForHPKE for FIPS 140-3 compliance

It does the exact same thing, but we can document it as an allowed and
enforced nonce scheme in the Security Policy.

Change-Id: I9d95ba53354e5c8112cde24101570d4b6a6a6964
Reviewed-on: https://go-review.googlesource.com/c/go/+/728503
Reviewed-by: David Chase <drchase@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
src/crypto/hpke/aead.go diff | blob | history
src/crypto/hpke/aead_fipsv1.0.go [new file with mode: 0644] blob
src/crypto/hpke/aead_fipsv2.0.go [new file with mode: 0644] blob
src/crypto/internal/fips140/aes/gcm/gcm_nonces.go diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.