aws_kinesis_agg fails to run on FIPS compliant python images

Question

aws_kinesis_agg fails to run on FIPS compliant python images

Opened this issue 8 months ago · 1 comments

DIGEST_SIZE = hashlib.md5().digest_size code fails to run in FIPS compliant images with the below error because md5 is no longer trusted.

/app/.venv/lib/python3.10/site-packages/aws_kinesis_agg/__init__.py:21: in <module>
    DIGEST_SIZE = hashlib.md5().digest_size
E   ValueError: [digital envelope routines] unsupported

Since it is only being used to find the DIGETS and not for for cryptographic purpose, the recommendation in hash lib docs is to use DIGEST_SIZE = hashlib.md5(usedforsecurity=True).digest_size

This issue to fix exactly that

Answer 1 · 2024-03-08T22:12:52.000Z

Here is the pull request; #182

Can you please review?