Enabling FIPS mode by using sha256 instead of md5

FIPS does not allow md5, some systems like RHEL needs to have FIPS compliance, in order to execute some routines like when try to use keystone-manage. As a general rule, we should avoid using md5 if we can and move over to SHA wherever possible. Change-Id: Icaeb3305c788db2913fe99792ea6311d218b3410 Closes-Bug: #1767024
author: Raildo Mascena <rmascena@redhat.com> 2018-11-01 11:03:55 -0300
committer: Raildo Mascena <rmascena@redhat.com> 2018-11-01 14:44:42 -0300
commit: b5dfd8dfde46dfce203d517b7b4c28e9d81823cd (patch)
tree: 04e7ee7f1e718b0818171eb97f6b82bfdfce26fb
parent: e74e074c5a030375b94a62e883fb2242646ccc44 (diff)
download: pycadf-b5dfd8dfde46dfce203d517b7b4c28e9d81823cd.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/pycadf/identifier.py b/pycadf/identifier.py
index c3ed918..fe4410b 100644
--- a/pycadf/identifier.py
+++ b/pycadf/identifier.py
@@ -30,8 +30,8 @@ CONF.register_opts(opts, group='audit')
 
 AUDIT_NS = None
 if CONF.audit.namespace:
-    md5_hash = hashlib.md5(CONF.audit.namespace.encode('utf-8'))
-    AUDIT_NS = uuid.UUID(md5_hash.hexdigest())
+    sha256_hash = hashlib.sha256(CONF.audit.namespace.encode('utf-8'))
+    AUDIT_NS = uuid.UUID(sha256_hash.hexdigest()[0:32])
 
 VALID_EXCEPTIONS = ['default', 'initiator', 'observer', 'target']
author	Raildo Mascena <rmascena@redhat.com>	2018-11-01 11:03:55 -0300
committer	Raildo Mascena <rmascena@redhat.com>	2018-11-01 14:44:42 -0300
commit	b5dfd8dfde46dfce203d517b7b4c28e9d81823cd (patch)
tree	04e7ee7f1e718b0818171eb97f6b82bfdfce26fb
parent	e74e074c5a030375b94a62e883fb2242646ccc44 (diff)
download	pycadf-b5dfd8dfde46dfce203d517b7b4c28e9d81823cd.tar.gz