fips140=only from #70123 breaks any non-FIPS cryptography. Testing a mode designed to break things is tricky.
Running the whole test suite is prohibitive. Instead, we should probably write a dedicated test that goes through things that are expected to work, and things that are not expected to work.
Comment From: gopherbot
Change https://go.dev/cl/631018 mentions this issue: crypto: implement fips140=only mode
Comment From: gabyhelp
Related Code Changes
(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)
Comment From: gopherbot
Change https://go.dev/cl/639196 mentions this issue: cmd/go: disable fips140=only during test binary compilation
Comment From: gopherbot
Change https://go.dev/cl/641096 mentions this issue: cmd/internal/hash: stop using md5, sha1