FIPS 140-3 complaint without turning checksum off

[bander-1]

Description

ibm-cos-sdk uses MD5 intensively as a checksum method. MD5 is not FIPS 140-3 complaint algorithm.

When enabling FIPS mode in our go application we face lots of error similler to below:

"ContentMD5: failed to compute body MD5\ncaused by: crypto/md5: use of MD5 is not allowed in FIPS 140-only mode"

we overcame this by setting S3DisableContentMD5Validation to true.
This option is part of aws-sdk-go and not anymore available in aws-sdk-go-v2 since they are not using MD5 by default, aws/aws-sdk-go-v2#2769

Request

provide alternative checksum method to MD5 that is FIPS complaint such as x-amz-checksum-sha256
https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjects.html

[IBM-Deeksha]

Hello @bander-1
IBM COS is currently in development phase and will provide support for additional checksum algorithms: SHA-1, SHA-256, CRC-32, CRC-32C, CRC-64/NVME