diff options
| author | Mark Hatle <mark.hatle@kernel.crashing.org> | 2022-02-28 19:30:53 -0600 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-03-02 00:20:50 +0000 |
| commit | d895863af12e15bebd9fa0640290d9a649ece82b (patch) | |
| tree | 50be7032490701053128465002f1be4dece8b81d /bitbake/lib/bb | |
| parent | 1d98b3aaaeca9033eba20a4fbf2a4e9bfa2be6bc (diff) | |
| download | poky-d895863af12e15bebd9fa0640290d9a649ece82b.tar.gz | |
bitbake: utils/ply: Change md5 usages to work on FIPS enabled hosts
hashlib.md5() is not permitted on a FIPS enabled host system. This is due
to md5 not being an approved hash algorithm.
Instead use:
hashlib.new('MD5', usedforsecurity=False)
This is allowed, as it's clear the hash is used for a non-security purpose.
Note: utils.py version should never be used to verify file integrity, but
instead be used to identify if the file may have changed. sha256 should be
used for integrity purposes.
(Bitbake rev: af866dd077867cba0129757bfcc689551445e9d7)
Signed-off-by: Mark Hatle <mark.hatle@xilinx.com>
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'bitbake/lib/bb')
| -rw-r--r-- | bitbake/lib/bb/utils.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/bitbake/lib/bb/utils.py b/bitbake/lib/bb/utils.py index 2e8256101a..fcaeb99162 100644 --- a/bitbake/lib/bb/utils.py +++ b/bitbake/lib/bb/utils.py | |||
| @@ -538,7 +538,7 @@ def md5_file(filename): | |||
| 538 | Return the hex string representation of the MD5 checksum of filename. | 538 | Return the hex string representation of the MD5 checksum of filename. |
| 539 | """ | 539 | """ |
| 540 | import hashlib | 540 | import hashlib |
| 541 | return _hasher(hashlib.md5(), filename) | 541 | return _hasher(hashlib.new('MD5', usedforsecurity=False), filename) |
| 542 | 542 | ||
| 543 | def sha256_file(filename): | 543 | def sha256_file(filename): |
| 544 | """ | 544 | """ |