o ëɶd® ã@sjddlmZddlZddlZddlZddlZGdd„dƒZdd„Zddd „Zd d „Z d d „Z ddd„Z dS)é)Úabsolute_importNc@seZdZdZdd„ZdS)ÚDevNullza Simple class to supress errors which may occur when importing hashlib in FIPS mode. cCsdS©N©)ÚselfÚmsgrrú,usr/lib/python3.10/site-packages/oci/fips.pyÚwritesz DevNull.writeN)Ú__name__Ú __module__Ú __qualname__Ú__doc__r rrrrr s rcCs<t |¡}| t d¡¡ddl}t|dƒs|j|_dSdS)zQ Override libcrypto and add FIPS_mode function to ssl if it is not there érNÚ FIPS_mode)ÚctypesÚCDLLZ FIPS_mode_setÚc_intÚsslÚhasattrr)Úfips_libcrypto_pathZ _bs_cryptorrrrÚoverride_libcryptos   ÿrÚcCstdƒ‚)zm Placeholder md5 function for hashlib so it won't segfault when called after enabling FIPS mode. zmd5 disabled for fips)Ú ValueError)Zintitial_messagerrrÚmd5!src CsBtj}z tƒt_ddl}Wn ttfyYnw|t_t|_dS)z¬ hashlib.md5 is imported by urllib3, which is required by requests, which is used by oci (python sdk). This will cause errors so we need to patch hashlib. rN)ÚsysÚstderrrÚhashlibÚ RuntimeErrorrr)rrrrrÚpatch_hashlib_md5*s ÿ rcCsXddl}ddl}t|dƒsdS| ¡dkrdSz | d¡ ¡}WdSty+YdSw)zZ Verify that ssl.FIPS_mode() returns 1 and that using md5 raises an exception rNrFró Hello World T)rrrrrÚ hexdigestr)rrÚdigestrrrÚ is_fips_mode;s   ür"cCsÈt d tttƒ¡¡}| t ¡¡|s)dtj vrtj d}n dtj vr)tj d}|rbt |ƒddl }z |  d¡  ¡}tƒWn tyHYnw| d |¡¡tƒr[| d¡dS| d ¡dSdS) zG Enable FIPS mode by overriding libcrypto and patching hashlib z{}.{}ZFIPS_LIBCRYPTO_PATHZ"OCI_PYTHON_SDK_FIPS_LIBCRYPTO_PATHrNrzUsing '{}' for libcyptozFIPS mode is activezFailed to enter FIPS mode)ÚloggingÚ getLoggerÚformatr ÚidÚenable_fips_modeÚ addHandlerÚ NullHandlerÚosÚenvironrrrr rrÚinfor"Úerror)rÚloggerrr!rrrr'Ss*      þír')rr) Ú __future__rrrr#r*rrrrr"r'rrrrÚs