1

Has anyone managed to make this work, following the instructions from Node 16.13 BUILDING.md I managed to compile but when I run:

node --enable-fips -p 'crypto.getFips()'

I get:

OpenSSL error when trying to enable FIPS:

00801AB2C97F0000:error:1C8000D5:Provider routines:SELF_TEST_post:missing config data:providers/fips/self_test.c:289: 00801AB2C97F0000:error:1C8000E0:Provider routines:ossl_set_error_state:fips module entering error state:providers/fips/self_test.c:387: 00801AB2C97F0000:error:1C8000D8:Provider routines:OSSL_provider_init_int:self test post failure:providers/fips/fipsprov.c:706: 00801AB2C97F0000:error:078C0105:common libcrypto routines:provider_init:init fail:crypto/provider_core.c:903:name=fips There is a couple of mentions of this issue online, but none is resolved.

Thanks

markobugbg
  • 11
  • 2
  • Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community Nov 24 '21 at 16:32

1 Answers1

0

By default, node looks for a nodejs_conf section in your openssl.cnf; when this is unset - node won't load any provider, which might yield the error you've pasted.

Assuming you're working w/ the default openssl.cnf, I suggest either adding nodejs_conf = opessl_init just after openssl_conf = openssl_init, or alternatively -

you can compile node with the --openssl-conf-name config options and change the conf name it looks for (e.g. ./configure --openssl-conf-name=openssl_conf --openssl-is-fips --shared-openssl, assuming the default config)

Danny Shemesh
  • 67
  • 1
  • 9