Source file src/crypto/tls/defaults_boring.go 

     1  // Copyright 2025 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  //go:build boringcrypto
     6  
     7  package tls
     8  
     9  import (
    10  	"crypto/ecdsa"
    11  	"crypto/elliptic"
    12  	"crypto/rsa"
    13  	"crypto/x509"
    14  )
    15  
    16  // These Go+BoringCrypto policies mostly match BoringSSL's
    17  // ssl_compliance_policy_fips_202205, which is based on NIST SP 800-52r2.
    18  // https://cs.opensource.google/boringssl/boringssl/+/master:ssl/ssl_lib.cc;l=3289;drc=ea7a88fa
    19  //
    20  // P-521 is allowed per https://go.dev/issue/71757.
    21  //
    22  // They are applied when crypto/tls/fipsonly is imported with GOEXPERIMENT=boringcrypto.
    23  
    24  var (
    25  	allowedSupportedVersionsFIPS = []uint16{
    26  		VersionTLS12,
    27  		VersionTLS13,
    28  	}
    29  	allowedCurvePreferencesFIPS = []CurveID{
    30  		CurveP256,
    31  		CurveP384,
    32  		CurveP521,
    33  	}
    34  	allowedSupportedSignatureAlgorithmsFIPS = []SignatureScheme{
    35  		PSSWithSHA256,
    36  		PSSWithSHA384,
    37  		PSSWithSHA512,
    38  		PKCS1WithSHA256,
    39  		ECDSAWithP256AndSHA256,
    40  		PKCS1WithSHA384,
    41  		ECDSAWithP384AndSHA384,
    42  		PKCS1WithSHA512,
    43  		ECDSAWithP521AndSHA512,
    44  	}
    45  	allowedCipherSuitesFIPS = []uint16{
    46  		TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
    47  		TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
    48  		TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
    49  		TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
    50  	}
    51  	allowedCipherSuitesTLS13FIPS = []uint16{
    52  		TLS_AES_128_GCM_SHA256,
    53  		TLS_AES_256_GCM_SHA384,
    54  	}
    55  )
    56  
    57  func isCertificateAllowedFIPS(c *x509.Certificate) bool {
    58  	// The key must be RSA 2048, RSA 3072, RSA 4096,
    59  	// or ECDSA P-256, P-384, P-521.
    60  	switch k := c.PublicKey.(type) {
    61  	case *rsa.PublicKey:
    62  		size := k.N.BitLen()
    63  		return size == 2048 || size == 3072 || size == 4096
    64  	case *ecdsa.PublicKey:
    65  		return k.Curve == elliptic.P256() || k.Curve == elliptic.P384() || k.Curve == elliptic.P521()
    66  	}
    67  
    68  	return false
    69  }
    70  

View as plain text

go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.