Skip to content

Commit

Permalink
tls: Use SHA1 for sessionIdContext in FIPS mode
Browse files Browse the repository at this point in the history
FIPS 140-2 disallows use of MD5, which is used to derive the
default sessionIdContext for tls.createServer().

PR-URL: #3755
Reviewed-By: Fedor Indutny <fedor@indutny.com>
  • Loading branch information
stefanmb authored and rvagg committed Dec 4, 2015
1 parent 6c8dcc6 commit 8156e14
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 4 deletions.
3 changes: 2 additions & 1 deletion doc/api/tls.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -804,7 +804,8 @@ automatically set as a listener for the [secureConnection][] event. The

- `sessionIdContext`: A string containing an opaque identifier for session
resumption. If `requestCert` is `true`, the default is MD5 hash value
generated from command-line. Otherwise, the default is not provided.
generated from command-line. (In FIPS mode a truncated SHA1 hash is
used instead.) Otherwise, the default is not provided.

- `secureProtocol`: The SSL method to use, e.g. `SSLv3_method` to force
SSL version 3. The possible values depend on your installation of
Expand Down
19 changes: 16 additions & 3 deletions lib/_tls_wrap.js
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,21 @@ const Timer = process.binding('timer_wrap').Timer;
const tls_wrap = process.binding('tls_wrap');
const TCP = process.binding('tcp_wrap').TCP;
const Pipe = process.binding('pipe_wrap').Pipe;
const defaultSessionIdContext = getDefaultSessionIdContext();

function getDefaultSessionIdContext() {
var defaultText = process.argv.join(' ');
/* SSL_MAX_SID_CTX_LENGTH is 128 bits */
if (process.config.variables.openssl_fips) {
return crypto.createHash('sha1')
.update(defaultText)
.digest('hex').slice(0, 32);
} else {
return crypto.createHash('md5')
.update(defaultText)
.digest('hex');
}
}

function onhandshakestart() {
debug('onhandshakestart');
Expand Down Expand Up @@ -872,9 +887,7 @@ Server.prototype.setOptions = function(options) {
if (options.sessionIdContext) {
this.sessionIdContext = options.sessionIdContext;
} else {
this.sessionIdContext = crypto.createHash('md5')
.update(process.argv.join(' '))
.digest('hex');
this.sessionIdContext = defaultSessionIdContext;
}
};

Expand Down

0 comments on commit 8156e14

Please sign in to comment.