Open nightlark opened 4 weeks ago
The specific error it fails with (on a RHEL8 system) is:
Traceback (most recent call last):
File "/home/mast9/surfactant-docker-scout/surfactant/cmd/generate.py", line 369, in sbom
sw_parent, sw_children = get_software_entry(
File "/home/mast9/surfactant-docker-scout/surfactant/cmd/generate.py", line 37, in get_software_entry
sw_entry = Software.create_software_from_file(filepath)
File "/home/mast9/surfactant-docker-scout/surfactant/sbomtypes/_software.py", line 73, in create_software_from_file
file_hashes = calc_file_hashes(filepath)
File "/home/mast9/surfactant-docker-scout/surfactant/fileinfo.py", line 57, in calc_file_hashes
md5_hash = md5(usedforsecurity=True)
ValueError: [digital envelope routines: EVP_DigestInit_ex] disabled for FIPS
hashlib.md5 gives an error on systems with a FIPS-compliant OpenSSL library. At least for Python versions 3.9+, there is a
usedforsecurity
flag that can be given to hashlib.md5 to make it (hopefully) work on most of those systems.