tls: Use SHA1 for sessionIdContext in FIPS mode#3755
Closed
stefanmb wants to merge 1 commit intonodejs:masterfrom
Closed
tls: Use SHA1 for sessionIdContext in FIPS mode#3755stefanmb wants to merge 1 commit intonodejs:masterfrom
stefanmb wants to merge 1 commit intonodejs:masterfrom
Conversation
Loading
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
By default, a call to tls.createServer() without a sessionIdContext will use a “MD5 hash value generated from command-line” as per documentation.
In FIPS mode MD5 is not allowed, however createServer is often called without specifying an explicit sessionIdContext. A significant number of test cases and applications break. The simple solution is to to use an allowed hash function. I have chosen SHA1 and truncated the output to 128 bits (which is the hardcoded length required by OpenSSL’s SSL_MAX_SID_CTX_LENGTH).
Note that I have opted to maintain the use of MD5 in non-FIPS mode, and updated the documentation accordingly.