chg: [feeds] FIPS: when MD5 hashes are generated for fast-lookup it's not for security.

hashlib provides an option to tell if the hash is used for security or
not. By default, it's set to True. For the feed cache generation, it's
not. Then usedforsecurity=False

Ref: https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402annexa.pdf

examples/feed-generator-from-redis/generator.py

@@ -121,16 +121,16 @@ class FeedGenerator:
         if ('|' in attr_type or attr_type == 'malware-sample'):
             split = attr_value.split('|')
             self.attributeHashes.append([
-                hashlib.md5(str(split[0]).encode("utf-8")).hexdigest(),
+                hashlib.md5(str(split[0]).encode("utf-8"), usedforsecurity=False).hexdigest(),
                 self.current_event_uuid
             ])
             self.attributeHashes.append([
-                hashlib.md5(str(split[1]).encode("utf-8")).hexdigest(),
+                hashlib.md5(str(split[1]).encode("utf-8"), usedforsecurity=False).hexdigest(),
                 self.current_event_uuid
             ])
         else:
             self.attributeHashes.append([
-                hashlib.md5(str(attr_value).encode("utf-8")).hexdigest(),
+                hashlib.md5(str(attr_value).encode("utf-8"), usedforsecurity=False).hexdigest(),
                 self.current_event_uuid
             ])
 

pymisp/mispevent.py

@@ -353,7 +353,7 @@ class MISPAttribute(AbstractMISP):
         if '|' in self.type or self.type == 'malware-sample':
             hashes = []
             for v in self.value.split('|'):
-                h = hashlib.new(algorithm)
+                h = hashlib.new(algorithm, usedforsecurity=False)
                 h.update(v.encode("utf-8"))
                 hashes.append(h.hexdigest())
             return hashes