Importing GDCM with a FIPS enabled machine crashes

MattTheCuber commented 5 months ago

After running pip install python-gdcm on a FIPS enabled (RHEL) machine, and I run python -c "import gdcm" it throws the following error:

fips.c(145): OpenSSL internal error, assertion failed: FATAL FIPS SELFTEST FAILURE
Aborted (core dumped)

We believe the error is coming from the compiled .../site-packages/_gdcm/_gdcmswig.so file after installation.

99% of the time we see this error it is due to file hashing integrity checks that use MD5. FIPS blocks all MD5 hashing, so many repositories have switched to using SHA1 which is just as fast (or faster) and supported by FIPS. Another Python-specific fix people use is the usedforsecurity=False flag when hashing.

Let me know if you would like me to move this issue to https://sourceforge.net/p/gdcm/bugs/

tfmoraes commented 5 months ago

Hi @MattTheCuber. I think you should move this issue to GDCM. python-gdcm just compiles GDCM.

MattTheCuber commented 5 months ago

Will do, thanks!

MattTheCuber commented 5 months ago

FYI, https://sourceforge.net/p/gdcm/bugs/562/

Feel free to add more language-specific information if you can.

tfmoraes / python-gdcm

Importing GDCM with a FIPS enabled machine crashes #22