Use of hashlib.sha1 causes issue in FIPS build #5448
Description
The use of SHA1 found here:
Line 289 in b90a4f1
prevents applications from running in a FIPS Enabled Environment/OS. The OS will abruptly stop the application from running when it detects a non compliant Hash Algorithm is used.
Describe how to replicate the bug:
Enforce FIPS Enabled on the OS (such as RHEL9)
Unexpected Behavior Error output:
Traceback (most recent call last):
File "/opt/abc-app/app.py", line 1, in <module>
from xxxxxxxxxx import xxxxxxx
File "/opt/abc-app/abc-app_ui.py", line 67, in <module>
sess.init_app(app=app)
File "/opt/abc-app/venv/lib/python3.11/site-packages/flask_session/__init__.py", line 50, in init_app
app.session_interface = self._get_interface(app)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/abc-app/venv/lib/python3.11/site-packages/flask_session/__init__.py", line 79, in _get_interface
session_interface = FileSystemSessionInterface(
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/abc-app/venv/lib/python3.11/site-packages/flask_session/sessions.py", line 312, in __init__
self.cache = FileSystemCache(cache_dir, threshold=threshold, mode=mode)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/abc-app/venv/lib/python3.11/site-packages/cachelib/file.py", line 73, in __init__
self._update_count(value=len(list(self._list_dir())))
File "/opt/abc-app/venv/lib/python3.11/site-packages/cachelib/file.py", line 95, in _update_count
self.set(self._fs_count_file, new_count, mgmt_element=True)
File "/opt/abc-app/venv/lib/python3.11/site-packages/cachelib/file.py", line 244, in set
filename = self._get_filename(key)
^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/abc-app/venv/lib/python3.11/site-packages/cachelib/file.py", line 201, in _get_filename
bkey_hash = self._hash_method(bkey).hexdigest()
^^^^^^^^^^^^^^^^^^^^^^^
_hashlib.UnsupportedDigestmodError: [digital envelope routines] unsupportedEnvironment:
RHEL9 FIPS Enabled and Enforced
- Python version: 3.x
- Flask version: 3.0.2