[reportlab-users] Error while working in `FID` enabled systems

Nithin M S nithin at vunetsystems.com
Thu Mar 6 11:45:04 EST 2025 

Hi Andy,

Thanks for getting back quickly. Appreciate it a lot. We are using the open
source version, so I guess we will have to wait for patch to be applied
incase thats going in.

Regards,
Nithin

On Thu, 6 Mar, 2025, 8:57 pm Andy Robinson, <andy at reportlab.com> wrote:

> Hi Nithin,
>
> I wasn't aware of `usedforsecurity` to silence warnings, so thanks for the
> tip.  We'll discuss and could potentially include it in a future release.
>
> If you're working for a commercial enterprise and need a fix or build
> ASAP, please email enquiries at reportlab.com and we can discuss outside of
> the user group.
>
> Best Regards
>
> Andy Robinson
>
>
>
> On Thu, 6 Mar 2025 at 15:00, Nithin M S via reportlab-users <
> reportlab-users at lists2.reportlab.com> wrote:
>
>> Hi All,
>>
>> While working on `Federal Information Processing Standard (FIPS)` enabled
>> systems like `RHEL`, getting the following error:
>> ```
>>   File
>> "./vu_commons/reports/datasource/dashboards/dashboard_data_source.py", line
>> 776, in add_reports_footer
>>   File
>> "/opt/app-root/lib64/python3.11/site-packages/reportlab/pdfgen/canvas.py",
>> line 305, in __init__
>>     self._doc = pdfdoc.PDFDocument(compression=pageCompression,
>>                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>   File
>> "/opt/app-root/lib64/python3.11/site-packages/reportlab/pdfbase/pdfdoc.py",
>> line 137, in __init__
>>     sig = self.signature = md5()
>>                            ^^^^^
>> _hashlib.UnsupportedDigestmodError: [digital envelope routines]
>> unsupported
>> ```
>>
>> I understand that this is an error from the `hashlib` library indicating
>> that the `md5` algorithm is not a safer algorithm.
>> There seems to be a work around for this by using something like
>> `md5(..., usedforsecurity=False)`.
>>
>> Now, my question is whether it makes sense to implement `userforsecurity`
>> in reportlab or a different algorithm altogether to be safer from security
>> compliances.
>>
>> Thanks
>>
>> Regards,
>> Nithin
>> _______________________________________________
>> reportlab-users mailing list
>> reportlab-users at lists2.reportlab.com
>> https://pairlist2.pair.net/mailman/listinfo/reportlab-users
>>
>
>
> --
> Andy Robinson
> Managing Director, ReportLab
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist2.pair.net/pipermail/reportlab-users/attachments/20250306/4990e20a/attachment.htm>

More information about the reportlab-users mailing list