Go 1.24 introduced the fips140=only GODEBUG setting, which strictly enforces
that only FIPS 140-3 compliant cryptography is used, either panicking in or
returning an error from non-compliant functions.

For the vast majority of use cases, this is likely to be overly strict, as
programs will likely need to use non-compliant functions in code paths that do
not require FIPS 140-3 compliant cryptography (for instance, when using
non-compliant hashes for non-cryptographic purposes).

More complex programs would likely benefit from a more selective policy
enforcement framework that either allows marking non-compliant function calls as
acceptable or allows selectively enforcing compliance requirements (or both).

For instance, one possible approach would be to add a function to
crypto/fips140 which takes an options struct and a function. Within this
function, enforcement decisions would be modified by the specified options
(e.g., “allow calls to x, y, and z non-compliant functions” or “strictly enforce
FIPS 140-3 compliance”).

This issue doesn’t propose any explicit changes; it is mainly intended, for
now, to collect ideas from the community. We’d especially like to hear from
users who have experience developing applications that would benefit from this
type of selective enforcement and from those who have experience using similar
frameworks in other languages.