Bump BoringSSL version to `fips-20220613` to match upstream Go

Question

Bump BoringSSL version to `fips-20220613` to match upstream Go

reedloden opened this issue a year ago · 3 comments

Upstream Go is bumping the BoringSSL FIPS version used for BoringCrypto in order to pull in support for TLS 1.3 prior to the NIST SP 800-52 Rev. 2 deadline of January 1, 2024. This updated version is still in-process with NIST CMVP for FIPS 140-3 ("In Review" as of 2023-11-20).

Filing this as a tracking issue for doing the same thing in boring once this has officially landed and been released upstream. Last bump was done in #97.

Answer 1 · 2024-02-02T17:12:20.000Z

FYI This was reverted in golang/go#65321

Answer 2 · 2024-02-02T17:28:52.000Z

FYI This was reverted in golang/go#65321

Yeah, pending NIST CMVP certification. Hopefully, that will be soon. 🤞