go-geomys-fips
packaged by Chainguard

Last changed

Request a free trial

Contact our team to test out this image for free. Please also indicate any other images you would like to evaluate.

Chainguard Container for go-geomys-fips

Container image for building Go applications with the native FIPS 140-3 validated Go Cryptographic Module (Geomys)

Chainguard Containers are regularly-updated, secure-by-default container images.

Download this Container Image

For those with access, this container image is available on cgr.dev:


docker pull cgr.dev/ORGANIZATION/go-geomys-fips:latest

Be sure to replace the ORGANIZATION placeholder with the name used for your organization's private repository within the Chainguard Registry.

FIPS Notes

This go toolchain is based on the upstream Geomys FIPS cryptographic module. The toolchain is further hardened to adhere to Chainguard FIPS Commitment.

The following changes are made to the go toolchain outside of the FIPS boundary:

The go toolchain defaults to using the validated module.
The non-validated snapshot and inprocess modules are removed. It is now impossible to compile binaries without FIPS cryptography.
Many disallowed algorithms are always blocked, even when strict FIPS enforcement is off. Specifically, legacy, broken, insecure, disallowed or non-approved algorithms are always blocked, namely: DES, DSA, non-prime ECDSA curves, Ed25519ctx, RC4, digital signatures with SHA-1.
The WithoutEnforcement API is extended to allow an explicit way to access these non-approved algorithms.
Kernel-independent FIPS is implemented by routing the entropy source to use the validated Go Entropy Source with a CMVP ESV certificate, instead of using kernel entropy.
Guardrails implemented in the default go.env to prevent downloading toolchains without these changes; always use a validated cryptographic module; block telemetry; and opt into x86-64-v2 hardware acceleration by default.
go-fips-test tool is provided that helps you verify if the produced binaries were correctly compiled with the validated cryptographic module.
The toolchain itself (/usr/bin/go) is also compiled using FIPS cryptography and is thus approved to be used inside a FedRAMP boundary. This means that TLS connectivity for fetching go modules and verifying their checksums is performed using FIPS cryptography as well.

All other documentation applies, apart from the changes above.

Comparison with Upstream Go

Feature	Upstream Go	Chainguard `go-geomys-fips`
FIPS cryptographic module	Geomys FIPS module available but opt-in (off by default)	Defaults to using the validated module
Non-validated crypto modules	`snapshot` and `inprocess` modules available	Removed — cannot compile binaries without FIPS cryptography
Disallowed algorithms	Available; manual code review required of all dependencies	Always blocked, even when strict FIPS enforcement is off
Access to non-approved algorithms	Standard APIs	`WithoutEnforcement` API extended to provide an explicit access path
Entropy source	Kernel entropy	Kernel-independent — routes to the validated Go Entropy Source (CMVP ESV cert #E318)
`go.env` guardrails	Default upstream settings	Hardened: prevents downloading non-validated toolchains; always uses validated module; blocks telemetry; opts into x86-64-v2 acceleration by default
FIPS verification tooling	None bundled	`go-fips-test` tool provided to verify binaries use the validated module
Toolchain binary (`/usr/bin/go`) itself	Not necessarily FIPS-compiled	Compiled with FIPS cryptography → approved for use inside a FedRAMP boundary (TLS for module fetch/checksum uses FIPS crypto)
CMVP certification	Not applicable by default	Uses CMVP #5247 with kernel-independent entropy #E318
Default build settings	User-configurable (`GOFIPS140=`, `GODEBUG=fips140=`)	Pre-set (`GOFIPS140=v1.0.0`, `DefaultGODEBUG=fips140=on`); users should not override

The following table is derived from Chainguard's cryptographic compliance test suite, run against the upstream Go toolchain in FIPS mode and the go-geomys-fips build. It shows, for a subset of algorithms and operations, whether each is permitted at runtime — highlighting the key differences in what is blocked.

A ⚠️ Allowed marker indicates an operation that upstream Go in FIPS mode permits but which is legacy, deprecated, non-approved, or disallowed — it is a hazard that these remain available by default. The go-geomys-fips build blocks all of them.

Algorithm / Operation	Upstream Go in FIPS mode	Chainguard `go-geomys-fips`
MD5 digest	✅ Allowed	✅ Allowed
HMAC-MD5	⚠️ Allowed	🚫 Blocked
RSA-PSS signature with MD5	⚠️ Allowed	🚫 Blocked
RSA PKCS#1 v1.5 signature with MD5	⚠️ Allowed	🚫 Blocked
SHA-1 digest	✅ Allowed	✅ Allowed
HMAC-SHA1	⚠️ Allowed	🚫 Blocked
RSA-PSS signature with SHA-1	⚠️ Allowed	🚫 Blocked
RSA PKCS#1 v1.5 signature with SHA-1	⚠️ Allowed	🚫 Blocked
SHA-256 / SHA-512 digest	✅ Allowed	✅ Allowed
HMAC-SHA2	✅ Allowed	✅ Allowed
RSA-PSS signature with SHA-256	✅ Allowed	✅ Allowed
RSA PKCS#1 v1.5 signature with SHA-256	✅ Allowed	✅ Allowed
DES	⚠️ Allowed	🚫 Blocked
Triple DES (3DES)	⚠️ Allowed	🚫 Blocked
RC4	⚠️ Allowed	🚫 Blocked
DSA	⚠️ Allowed	🚫 Blocked
ECDSA P-256	✅ Allowed	✅ Allowed
ECDSA secp256k1 (non-prime curve)	⚠️ Allowed	🚫 Blocked
Ed25519	✅ Allowed	✅ Allowed
Ed25519ctx signing	⚠️ Allowed	🚫 Blocked
Ed25519ctx verification	🚫 Blocked	🚫 Blocked

Note that raw MD5 and SHA-1 digests remain available in both builds for legacy, non-security-sensitive use (e.g. checksums); this is permitted under FIPS 140-3 I.G. 2.4.A. It is only their use in HMAC and digital signatures that is blocked in go-geomys-fips. For more detail, see the Chainguard Academy article on non-approved algorithms.

Ed25519ctx verification is blocked in both upstream and the Chainguard build.

SHA-1 has been deprecated for security purposes such as digital signatures for well over a decade — by the IETF in RFC 6194 and by NIST, which retired SHA-1 in 2022. Despite this, insecure usage persists: as recently as 2026, Chainguard FIPS images prevented the insecure creation of RSA-SHA1 signatures that resulted from out-of-date defaults in an official public cloud SDK. Chainguard also worked with AWS to upgrade those signatures in the SDK.

MD5 is a non-FIPS algorithm, and NIST has never permitted HMAC or digital signatures with MD5. Its only sanctioned use was the MD5-SHA1 combination in TLS 1.0 — itself long obsolete. DES, Triple DES (3DES), and RC4 are all broken algorithms that no longer provide any cryptographic security. DSA was obsoleted by NIST with the publication of FIPS 186-5 in 2023; the transition period for generating DSA signatures ended in 2024, one year after publication.

Golang chooses to allow insecure and broken cryptography by default — even when disallowed by NIST FIPS requirements — owing to its strong backwards compatibility guarantees. This unfortunately pushes the burden of building secure software onto the end developers, requiring them to inspect and audit all of their own code and all of their dependencies. The go-geomys-fips build removes that burden by blocking these algorithms outright. The WithoutEnforcement API remains wired up, so developers who genuinely require a blocked algorithm can still access it explicitly — for legacy or non-security purposes that are compliant with the relevant NIST SP references and implementation guidance.

Getting Started

Follow these instructions when working with the go-geomys-fips Chainguard container image:

Use the image the same way as usual
Do not customize or change any options such as GOFIPS140=, GODEBUG=fips140=
Chainguard recommends stripping debug symbols but keeping symbol tables, as they help validate the active entropy source of the binaries and eliminate false-positive CVEs by exposing symbol-level information to tools such as govulncheck and grype. Use -ldflags -w, but do not use the -s option.

For more information on working with this container image, check out the Getting Started with the Go Chainguard Container guide on Chainguard Academy.

Interactive FIPS Verification

Any go binary can be tested using the go-fips-test utility which is provided for your convenience to validate what type of cryptography is in use. For example:


# go-fips-test /usr/bin/go
/usr/bin/go: go1.26.4
	path	cmd/go
	build	-buildmode=exe
	build	-compiler=gc
	build	-gcflags=cmd/...=-dwarf=false
	build	-ldflags=-w
	build	-tags=fips140v1.0
	build	-trimpath=true
	build	DefaultGODEBUG=fips140=on
	build	CGO_ENABLED=0
	build	GOARCH=amd64
	build	GOFIPS140=v1.0.0-c2097c7c
	build	GOOS=linux
	build	GOAMD64=v2

Binary is using CMVP #5247 with kernel-independent entropy source #E318

This validates that go-geomys-fips toolchain itself is using kernel-independent FIPS.

You can also use this tool to verify your binaries to check which cryptographic module is in use, if any.

Web Application with Multi-Stage Build

The following build demonstrates an application that's accessible by HTTP server. The application renders a message that changes based on the URI. The example uses a multi-stage build, compiling a binary using the go-geomys-fips Chainguard Container and copying it to the static Chainguard Container for execution.

First, create a project folder and change the working directory to that folder:


mkdir -p ~/greet-server && cd $_

Next, run the following command to write a main.go file defining the web application:


cat << 'EOF' > main.go
package main

import (
    "flag"
    "fmt"
    "html"
    "log"
    "net/http"
    "os"
    "runtime/debug"
    "strings"
)

func usage() {
    fmt.Fprintf(os.Stderr, "usage: helloserver [options]\n")
    flag.PrintDefaults()
    os.Exit(2)
}

var (
    greeting = flag.String("g", "Hello", "Greet with `greeting`")
    addr     = flag.String("addr", "0.0.0.0:8080", "address to serve")
)

func main() {
    // Parse flags.
    flag.Usage = usage
    flag.Parse()

    // Parse and validate arguments (none).
    args := flag.Args()
    if len(args) != 0 {
        usage()
    }

    // Register handlers for greeting and version
    http.HandleFunc("/", greet)
    http.HandleFunc("/version", version)

    log.Printf("serving http://%s\n", *addr)
    log.Fatal(http.ListenAndServe(*addr, nil))
}

func version(w http.ResponseWriter, r *http.Request) {
    info, ok := debug.ReadBuildInfo()
    if !ok {
        http.Error(w, "no build information available", 500)
        return
    }

    fmt.Fprintf(w, "<!DOCTYPE html>\n<pre>\n")
    fmt.Fprintf(w, "%s\n", html.EscapeString(info.String()))
}

func greet(w http.ResponseWriter, r *http.Request) {
    name := strings.Trim(r.URL.Path, "/")
    if name == "" {
        name = "Linky 🐙"
    }

    fmt.Fprintf(w, "<!DOCTYPE html>\n")
    fmt.Fprintf(w, "%s, %s!\n", *greeting, html.EscapeString(name))
}
EOF

Next, run the following command to write a go.mod file listing dependencies:


cat << 'EOF' > go.mod
module chainguard.dev/greet-server

go 1.26
EOF

Write a Dockerfile to define your image build:


cat << EOF > Dockerfile
FROM cgr.dev/ORGANIZATION/go-geomys-fips:latest AS builder

COPY . /app
RUN cd /app && CGO_ENABLED=0 go build

FROM cgr.dev/ORGANIZATION/static:latest
COPY --from=builder /app/greet-server /usr/bin/
COPY --from=builder /usr/bin/go-fips-test /usr/bin/

EXPOSE 8080

ENTRYPOINT ["/usr/bin/greet-server"]
EOF

This Dockerfile uses a multi-stage build approach, compiling the application using the go-geomys-fips Chainguard Container, then copying the binary along with the FIPS verification tool to the static Chainguard Container to serve.

Build the image, tagging it greet-server:


docker build . -t greet-server

Run the container:


docker run -p 8080:8080 greet-server

Visit http://0.0.0.0:8080/ using a web browser on your host machine. You should see the following:


Hello, Linky 🐙!

Changes to the URI will be routed to the application. Try visiting http://0.0.0.0:8080/Chainguard%20Customer. You should see the following output:


Hello, Chainguard Customer!

The application will also share version information at http://0.0.0.0:8080/version. This page shows that the binary has been compiled with the validated Geomys FIPS module:


go      go1.26.4
path    chainguard.dev/greet-server
mod     chainguard.dev/greet-server     (devel)
...
build	-tags=fips140v1.0
build	DefaultGODEBUG=fips140=on
build	GOFIPS140=v1.0.0-c2097c7c
...

If you're building a web application with the go-geomys-fips Chainguard Container, consider the nginx-fips container image for use as a reverse proxy.

Documentation and Resources

What are Chainguard Containers?

Chainguard's free tier of Starter container images are built with Wolfi, our minimal Linux undistro.

All other Chainguard Containers are built with Chainguard OS, Chainguard's minimal Linux operating system designed to produce container images that meet the requirements of a more secure software supply chain.

The main features of Chainguard Containers include:

Minimal design, without unnecessary software bloat
Daily builds to ensure container images are up-to-date with available security patches
High quality build-time SBOMs attesting to the provenance of all artifacts within the image
Verifiable signatures provided by Sigstore
Reproducible builds with Cosign and apko (read more about reproducibility)

For cases where you need container images with shells and package managers to build or debug, most Chainguard Containers come paired with a development, or -dev, variant.

In all other cases, including Chainguard Containers tagged as :latest or with a specific version number, the container images include only an open-source application and its runtime dependencies. These minimal container images typically do not contain a shell or package manager.

Although the -dev container image variants have similar security features as their more minimal versions, they include additional software that is typically not necessary in production environments. We recommend using multi-stage builds to copy artifacts from the -dev variant into a more minimal production image.

Need additional packages?

To improve security, Chainguard Containers include only essential dependencies. Need more packages? Chainguard customers can use Custom Assembly to add packages, either through the Console, chainctl, or API.

To use Custom Assembly in the Chainguard Console: navigate to the image you'd like to customize in your Organization's list of images, and click on the Customize image button at the top of the page.

Learn More

Refer to our Chainguard Containers documentation on Chainguard Academy. Chainguard also offers VMs and Libraries — contact us for access.

Trademarks

This software listing is packaged by Chainguard. The trademarks set forth in this offering are owned by their respective companies, and use of them does not imply any affiliation, sponsorship, or endorsement by such companies.

Licenses

Chainguard's container images contain software packages that are direct or transitive dependencies. The following licenses were found in the "latest" tag of this image:

Apache-2.0
BSD-2-Clause
BSD-3-Clause
CC-BY-4.0
GCC-exception-3.1
GPL-2.0
GPL-2.0-only

For a complete list of licenses, please refer to this Image's SBOM.

Software license agreement

Compliance

Chainguard Containers are SLSA Level 3 compliant with detailed metadata and documentation about how it was built. We generate build provenance and a Software Bill of Materials (SBOM) for each release, with complete visibility into the software supply chain.

SLSA compliance at Chainguard

This image helps reduce time and effort in establishing PCI DSS 4.0 compliance with low-to-no CVEs.

PCI DSS at Chainguard

This is a FIPS validated image for FedRAMP compliance.

This image is STIG hardened and scanned against the DISA General Purpose Operating System SRG with reports available.

Learn more about STIGs Get started with STIGs

The trusted source for open source

Talk to an expert

Privacy

Terms

© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.