Open Hack3rDan opened 1 month ago
Hi @Hack3rDan, thanks for your suggestion! I admit I'm not deeply familiar with FIPS compliance. If you could submit a PR with the required changes, we'll review them and see if we can include them in the next release. We need to be mindful that many users still depend on MD5 (for better or worse), so need to preserve that option for backwards-compatibility.
Describe the bug I need to modify this tool to be FIPS compliant and I would love to contribute this back to the community. How would the contributors prefer I contribute to a FIPS compliant version of this app? Pull request, new branch, or create my own fork?
To Reproduce Steps to reproduce the behavior:
Expected behavior Eliminate failures associated with running in FIPS compliant environments.
Screenshots N/A
Desktop (please complete the following information):
Additional context The Iris Investigate app is failing to load because it is not FIPS compliant. Based on what I could see it appears to come down to the fact that this library is packaged within that app and depends on a non-FIPS compliant algorithm (MD5). I would like to contribute a FIPS compliant version back to the community, but would like to follow the guidance from the contributors for this project before doing so.