Help Wanted - FIPS: Is there a way to not add MD5 hash to header on post, this is needed for FIPS

[DonutEspresso]

Copied from restify/node-restify#1637

Node version 6.12.3 Restify version 7.1.0

Hi, we are attempting to run our application with FIPS enabled Node, as per a requirement that we have. When using restify, I noticed that the JSONClient appears to always add an MD5 hash to the headers here in the StringClient.js

`

StringClient.prototype.write = function write(options, body, callback) {

var self = this;
var normalizedBody = body;
var proto = StringClient.prototype;

if (normalizedBody !== null && typeof (normalizedBody) !== 'string') {
    normalizedBody = qs.stringify(normalizedBody);
}

function _write(data) {
    if (data) {
        var hash = crypto.createHash('md5');
        hash.update(data, 'utf8');
        options.headers['content-md5'] = hash.digest('base64');
    }

`

MD5 hashes are not allowed by FIPS, so I need to somehow disable this? If i comment out this MD5 header locally, the request works in FIPS-MODE without issue. The problem is while this code is here the FIPS module will not allow us to move past the point "crypto.createHash"

Do we need the hash with every request? Is there a way to disable this option? I'm not that familiar with restify, and could not find a way to do it.

If not, can we get a new feature added that will allow us to by-pass this piece of code with an option?

[capdac]

Thanks guys, as per the comments in the moved JIRA. If we could get an option created to disable this that would be great.