Open D1plo1d opened 4 years ago
Using esm with NodeJS 9.11 compiled against OpenSSL FIPS-140 Module causes this error:
Error: error:060A80A3:digital envelope routines:FIPS_DIGESTINIT:disabled for fips at new Hash (internal/crypto/hash.js:28:18)
This can be fixed by using SHA256 instead of MD5 per the OpenSSL FIPS Object Module User Guide:
Other non-FIPS approved algorithms such a Blowfish, MD5, IDEA, RC4, etc. aredisabled in FIPS mode.
Adding FIPS support will allow US government organizations to easily use esm in their node servers.
It is expected that this will cause some performance regression but I'm unclear on whether it will be a noticable difference or not.
For reference regarding the performance question here are some benchmark numbers on sha256 vs md5 in nodejs: https://github.com/hex7c0/nodejs-hash-performance
Using esm with NodeJS 9.11 compiled against OpenSSL FIPS-140 Module causes this error:
This can be fixed by using SHA256 instead of MD5 per the OpenSSL FIPS Object Module User Guide:
Adding FIPS support will allow US government organizations to easily use esm in their node servers.
It is expected that this will cause some performance regression but I'm unclear on whether it will be a noticable difference or not.
For reference regarding the performance question here are some benchmark numbers on sha256 vs md5 in nodejs: https://github.com/hex7c0/nodejs-hash-performance