use sha256 if using a fips provider

bryopsida · bryopsida · commit 9c2e9bd12f0c · 2025-10-03T16:25:58.000-05:00
diff --git a/lib/cam.js b/lib/cam.js
@@ -387,23 +387,31 @@ Cam.prototype.updateNC = function() {
 	return String(this._nc).padStart(8, '0');
 };
 
+Cam.prototype._getHashAlgorithm = function() {
+  if (crypto.getFips() === 1) {
+    return 'sha256';
+  } else {
+    return 'md5';
+  }
+}
+
 Cam.prototype.digestAuth = function(wwwAuthenticate, reqOptions) {
 	const challenge = this._parseChallenge(wwwAuthenticate);
-	const ha1 = crypto.createHash('md5');
+	const ha1 = crypto.createHash(this._getHashAlgorithm());
 	ha1.update([this.username, challenge.realm, this.password].join(':'));
-	const ha2 = crypto.createHash('md5');
+	const ha2 = crypto.createHash(this._getHashAlgorithm());
 	ha2.update([reqOptions.method, reqOptions.path].join(':'));
 
 	let cnonce = null;
 	let nc = null;
 	if (typeof challenge.qop === 'string') {
-		const cnonceHash = crypto.createHash('md5');
+		const cnonceHash = crypto.createHash(this._getHashAlgorithm());
 		cnonceHash.update(Math.random().toString(36));
 		cnonce = cnonceHash.digest('hex').substring(0, 8);
 		nc = this.updateNC();
 	}
 
-	const response = crypto.createHash('md5');
+	const response = crypto.createHash(this._getHashAlgorithm());
 	const responseParams = [
 		ha1.digest('hex'),
 		challenge.nonce
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "onvif",
-  "version": "0.8.1",
+  "version": "0.9.0",
   "author": "Andrew D.Laptev <a.d.laptev@gmail.com>",
   "description": "Client to ONVIF NVT devices Profile S: cameras",
   "main": "lib/onvif.js",

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "onvif",`
`3`		`- "version": "0.8.1",`
	`3`	`+ "version": "0.9.0",`
`4`	`4`	`"author": "Andrew D.Laptev <[email protected]>",`
`5`	`5`	`"description": "Client to ONVIF NVT devices Profile S: cameras",`
`6`	`6`	`"main": "lib/onvif.js",`