diff --git a/zvmsdk/sdkwsgi/handlers/file.py b/zvmsdk/sdkwsgi/handlers/file.py index a829ec3e8..d48d0923f 100644 --- a/zvmsdk/sdkwsgi/handlers/file.py +++ b/zvmsdk/sdkwsgi/handlers/file.py @@ -68,7 +68,7 @@ def file_import(self, fileobj): target_fpath = '/'.join([importDir, fname]) # The following steps save the imported file into sdkserver - checksum = hashlib.md5() + checksum = utils.get_hash_object() bytes_written = 0 with open(target_fpath, 'wb') as f: diff --git a/zvmsdk/smtclient.py b/zvmsdk/smtclient.py index 9a014d6c3..08dd429c6 100644 --- a/zvmsdk/smtclient.py +++ b/zvmsdk/smtclient.py @@ -2902,7 +2902,7 @@ def _scheme2backend(self, scheme): def _get_md5sum(self, fpath): """Calculate the md5sum of the specific image file""" try: - current_md5 = hashlib.md5() + current_md5 = zvmutils.get_hash_object() if isinstance(fpath, six.string_types) and os.path.exists(fpath): with open(fpath, "rb") as fh: for chunk in self._read_chunks(fh): diff --git a/zvmsdk/utils.py b/zvmsdk/utils.py index 5a7127805..fe0c361e3 100755 --- a/zvmsdk/utils.py +++ b/zvmsdk/utils.py @@ -36,6 +36,7 @@ import traceback import threading import string +import hashlib from zvmsdk import config from zvmsdk import constants @@ -1315,3 +1316,22 @@ def get_lpar_name(zhypinfo=None): zhypinfo = get_zhypinfo(filter='all') lpar_name = zhypinfo['lpar']['layer_name'] return lpar_name + + +def is_fips_enabled(): + if not os.path.exists('/proc/sys/crypto/fips_enabled'): + return False + + try: + with open('/proc/sys/crypto/fips_enabled', 'r') as infile: + return infile.read().strip() == '1' + except Exception as ex: + LOG.warning(f'Encountered error while checking FIPS status. Error={str(ex)}') + return False + + +def get_hash_object(): + if is_fips_enabled(): + return hashlib.sha256() + else: + return hashlib.md5()