From 02bc129341f48d28f36046870c8c00905c26ef99 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Thu, 27 Jan 2022 15:20:57 +0100
Subject: [PATCH] chg: [feeds] FIPS: when MD5 hashes are generated for
 fast-lookup it's not for security.

hashlib provides an option to tell if the hash is used for security or
not. By default, it's set to True. For the feed cache generation, it's
not. Then usedforsecurity=False

Ref: https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402annexa.pdf
---
 examples/feed-generator-from-redis/generator.py | 6 +++---
 pymisp/mispevent.py                             | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/examples/feed-generator-from-redis/generator.py b/examples/feed-generator-from-redis/generator.py
index 388a72d..80aba3e 100755
--- a/examples/feed-generator-from-redis/generator.py
+++ b/examples/feed-generator-from-redis/generator.py
@@ -121,16 +121,16 @@ class FeedGenerator:
         if ('|' in attr_type or attr_type == 'malware-sample'):
             split = attr_value.split('|')
             self.attributeHashes.append([
-                hashlib.md5(str(split[0]).encode("utf-8")).hexdigest(),
+                hashlib.md5(str(split[0]).encode("utf-8"), usedforsecurity=False).hexdigest(),
                 self.current_event_uuid
             ])
             self.attributeHashes.append([
-                hashlib.md5(str(split[1]).encode("utf-8")).hexdigest(),
+                hashlib.md5(str(split[1]).encode("utf-8"), usedforsecurity=False).hexdigest(),
                 self.current_event_uuid
             ])
         else:
             self.attributeHashes.append([
-                hashlib.md5(str(attr_value).encode("utf-8")).hexdigest(),
+                hashlib.md5(str(attr_value).encode("utf-8"), usedforsecurity=False).hexdigest(),
                 self.current_event_uuid
             ])
 
diff --git a/pymisp/mispevent.py b/pymisp/mispevent.py
index 549a926..c5dcf19 100644
--- a/pymisp/mispevent.py
+++ b/pymisp/mispevent.py
@@ -353,7 +353,7 @@ class MISPAttribute(AbstractMISP):
         if '|' in self.type or self.type == 'malware-sample':
             hashes = []
             for v in self.value.split('|'):
-                h = hashlib.new(algorithm)
+                h = hashlib.new(algorithm, usedforsecurity=False)
                 h.update(v.encode("utf-8"))
                 hashes.append(h.hexdigest())
             return hashes