Hi Devin, The FIPS functionality in Go (which, to be clear, is not supported for use outside of Google) is documented here: go/src/crypto/internal/boring/README.md at release-branch.go1.21 ยท golang/go (github.com) <https://github.com/golang/go/blob/release-branch.go1.21/src/crypto/internal/boring/README.md>, and it's used by setting GOEXPERIMENT=boringcrypto.
The GOEXPERIMENT=systemcrypto is a feature of the Microsoft fork of Go, not official Go. https://github.com/microsoft/go/blob/microsoft/main/eng/doc/fips/README.md is actually hosted in the microsoft/go repository, where that fork is maintained. I work on it, and I'm happy to help. (And, if you have any more questions related to this fork in the future, feel free to file a GitHub issue on microsoft/go directly.) The issue doesn't seem related to Grafana, but rather because *wire *was built with the Microsoft fork of Go but without specifying a backend, but with GOFIPS=1. *wire* isn't able to be compatible with FIPS without a backend, but it sees that FIPS is requested, so it fails safe. It isn't clear what the caller's intent is and failing is an opportunity to catch a mistake. You should either: 1. not set GOFIPS=1 until after calling *wire* (if at all!) or 2. build *wire* with GOEXPERIMENT=systemcrypto. I would default to (1). But if you are trying to make a FIPS compliant package build process, (2) would be the step towards that. Whether or not you need GOFIPS=1 at all depends on the purpose of your script/build process. > using GOFIPS=1 worked just fine on Go 1.20.5, however appears not to be the case anymore. Yes, we only added this failsafe as of 1.21 of Microsoft Go. The first bullet in the 1.21 changelog <https://github.com/microsoft/go/blob/microsoft/main/eng/doc/fips/README.md#go-121-aug-2023> has some details. Hope that helps! -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/690187fc-622d-4c34-af99-2aba98e810b9n%40googlegroups.com.
