Skip to content

Instantly share code, notes, and snippets.

@danielwpz

danielwpz/build.sh

Created February 27, 2018 19:10
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save danielwpz/723d45d7f73bc1f54f4fe0ebc857493b to your computer and use it in GitHub Desktop.
Save danielwpz/723d45d7f73bc1f54f4fe0ebc857493b to your computer and use it in GitHub Desktop.
Download ZIP
Shell script for macOS to build node.js in FIPS mode
Raw
build.sh
#!/bin/bash
NODE_VERSION="8.9.3"
OPEN_SSL_FIPS_VERSION="2.0.16"
buildOpenSSLFips() {
curl -L http://www.openssl.org/source/openssl-fips-$OPEN_SSL_FIPS_VERSION.tar.gz -o openssl-fips-$OPEN_SSL_FIPS_VERSION.tar.gz
tar -xvzf openssl-fips-$OPEN_SSL_FIPS_VERSION.tar.gz
pushd openssl-fips-$OPEN_SSL_FIPS_VERSION
chmod u+x Configure
./Configure darwin64-x86_64-cc
make
make install
popd
}
buildNodeFips() {
curl -L https://github.com/nodejs/node/archive/v$NODE_VERSION.zip -o $NODE_VERSION.zip
unzip $NODE_VERSION.zip
pushd "node-$NODE_VERSION"
./configure --openssl-fips=/usr/local/ssl/fips-2.0
make -j4
make install
popd
}
verifyNodeFips() {
cp node-$NODE_VERSION/out/Release/node ./
echo "===== Node has openssl version ====="
./node -p "process.versions.openssl"
echo "===================================="
}
buildOpenSSLFips
buildNodeFips
verifyNodeFips
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment