From nithin at vunetsystems.com Thu Mar 6 09:59:57 2025 From: nithin at vunetsystems.com (Nithin M S) Date: Thu, 6 Mar 2025 20:29:57 +0530 Subject: [reportlab-users] Error while working in `FID` enabled systems Message-ID: Hi All, While working on `Federal Information Processing Standard (FIPS)` enabled systems like `RHEL`, getting the following error: ``` File "./vu_commons/reports/datasource/dashboards/dashboard_data_source.py", line 776, in add_reports_footer File "/opt/app-root/lib64/python3.11/site-packages/reportlab/pdfgen/canvas.py", line 305, in __init__ self._doc = pdfdoc.PDFDocument(compression=pageCompression, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/opt/app-root/lib64/python3.11/site-packages/reportlab/pdfbase/pdfdoc.py", line 137, in __init__ sig = self.signature = md5() ^^^^^ _hashlib.UnsupportedDigestmodError: [digital envelope routines] unsupported ``` I understand that this is an error from the `hashlib` library indicating that the `md5` algorithm is not a safer algorithm. There seems to be a work around for this by using something like `md5(..., usedforsecurity=False)`. Now, my question is whether it makes sense to implement `userforsecurity` in reportlab or a different algorithm altogether to be safer from security compliances. Thanks Regards, Nithin -------------- next part -------------- An HTML attachment was scrubbed... URL: From andy at reportlab.com Thu Mar 6 10:27:47 2025 From: andy at reportlab.com (Andy Robinson) Date: Thu, 6 Mar 2025 15:27:47 +0000 Subject: [reportlab-users] Error while working in `FID` enabled systems In-Reply-To: References: Message-ID: Hi Nithin, I wasn't aware of `usedforsecurity` to silence warnings, so thanks for the tip. We'll discuss and could potentially include it in a future release. If you're working for a commercial enterprise and need a fix or build ASAP, please email enquiries at reportlab.com and we can discuss outside of the user group. Best Regards Andy Robinson On Thu, 6 Mar 2025 at 15:00, Nithin M S via reportlab-users < reportlab-users at lists2.reportlab.com> wrote: > Hi All, > > While working on `Federal Information Processing Standard (FIPS)` enabled > systems like `RHEL`, getting the following error: > ``` > File > "./vu_commons/reports/datasource/dashboards/dashboard_data_source.py", line > 776, in add_reports_footer > File > "/opt/app-root/lib64/python3.11/site-packages/reportlab/pdfgen/canvas.py", > line 305, in __init__ > self._doc = pdfdoc.PDFDocument(compression=pageCompression, > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > File > "/opt/app-root/lib64/python3.11/site-packages/reportlab/pdfbase/pdfdoc.py", > line 137, in __init__ > sig = self.signature = md5() > ^^^^^ > _hashlib.UnsupportedDigestmodError: [digital envelope routines] unsupported > ``` > > I understand that this is an error from the `hashlib` library indicating > that the `md5` algorithm is not a safer algorithm. > There seems to be a work around for this by using something like `md5(..., > usedforsecurity=False)`. > > Now, my question is whether it makes sense to implement `userforsecurity` > in reportlab or a different algorithm altogether to be safer from security > compliances. > > Thanks > > Regards, > Nithin > _______________________________________________ > reportlab-users mailing list > reportlab-users at lists2.reportlab.com > https://pairlist2.pair.net/mailman/listinfo/reportlab-users > -- Andy Robinson Managing Director, ReportLab -------------- next part -------------- An HTML attachment was scrubbed... URL: From nithin at vunetsystems.com Thu Mar 6 11:45:04 2025 From: nithin at vunetsystems.com (Nithin M S) Date: Thu, 6 Mar 2025 22:15:04 +0530 Subject: [reportlab-users] Error while working in `FID` enabled systems In-Reply-To: References: Message-ID: Hi Andy, Thanks for getting back quickly. Appreciate it a lot. We are using the open source version, so I guess we will have to wait for patch to be applied incase thats going in. Regards, Nithin On Thu, 6 Mar, 2025, 8:57?pm Andy Robinson, wrote: > Hi Nithin, > > I wasn't aware of `usedforsecurity` to silence warnings, so thanks for the > tip. We'll discuss and could potentially include it in a future release. > > If you're working for a commercial enterprise and need a fix or build > ASAP, please email enquiries at reportlab.com and we can discuss outside of > the user group. > > Best Regards > > Andy Robinson > > > > On Thu, 6 Mar 2025 at 15:00, Nithin M S via reportlab-users < > reportlab-users at lists2.reportlab.com> wrote: > >> Hi All, >> >> While working on `Federal Information Processing Standard (FIPS)` enabled >> systems like `RHEL`, getting the following error: >> ``` >> File >> "./vu_commons/reports/datasource/dashboards/dashboard_data_source.py", line >> 776, in add_reports_footer >> File >> "/opt/app-root/lib64/python3.11/site-packages/reportlab/pdfgen/canvas.py", >> line 305, in __init__ >> self._doc = pdfdoc.PDFDocument(compression=pageCompression, >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> File >> "/opt/app-root/lib64/python3.11/site-packages/reportlab/pdfbase/pdfdoc.py", >> line 137, in __init__ >> sig = self.signature = md5() >> ^^^^^ >> _hashlib.UnsupportedDigestmodError: [digital envelope routines] >> unsupported >> ``` >> >> I understand that this is an error from the `hashlib` library indicating >> that the `md5` algorithm is not a safer algorithm. >> There seems to be a work around for this by using something like >> `md5(..., usedforsecurity=False)`. >> >> Now, my question is whether it makes sense to implement `userforsecurity` >> in reportlab or a different algorithm altogether to be safer from security >> compliances. >> >> Thanks >> >> Regards, >> Nithin >> _______________________________________________ >> reportlab-users mailing list >> reportlab-users at lists2.reportlab.com >> https://pairlist2.pair.net/mailman/listinfo/reportlab-users >> > > > -- > Andy Robinson > Managing Director, ReportLab > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From timr at probo.com Thu Mar 6 15:39:22 2025 From: timr at probo.com (Tim Roberts) Date: Thu, 6 Mar 2025 12:39:22 -0800 Subject: [reportlab-users] Error while working in `FID` enabled systems In-Reply-To: References: Message-ID: <8d00393c-ed47-40c6-8bbb-5b7db90e8f91@probo.com> Nithin M S via reportlab-users wrote: > > Thanks for getting back quickly. Appreciate it a lot. We are using the > open source version, so I guess we will have to wait for patch to be > applied incase thats going in. Well, the beauty of open source is that you can go edit the source file yourself.? You see the file's location and line number. -- Tim Roberts,timr at probo.com -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3665 bytes Desc: S/MIME Cryptographic Signature URL: