mirror of
https://github.com/minio/minio.git
synced 2025-05-22 18:11:50 -04:00
1d50cae43d
This commit removes FIPS 140-2 related code for the following reasons: - FIPS 140-2 is a compliance, not a security requirement. Being FIPS 140-2 compliant has no security implication on its own. From a tech. perspetive, a FIPS 140-2 compliant implementation is not necessarily secure and a non-FIPS 140-2 compliant implementation is not necessarily insecure. It depends on the concret design and crypto primitives/constructions used. - The boringcrypto branch used to achieve FIPS 140-2 compliance was never officially supported by the Go team and is now in maintainance mode. It is replaced by a built-in FIPS 140-3 module. It will be removed eventually. Ref: https://github.com/golang/go/issues/69536 - FIPS 140-2 modules are no longer re-certified after Sep. 2026. Ref: https://csrc.nist.gov/projects/cryptographic-module-validation-program Signed-off-by: Andreas Auernhammer <github@aead.dev>