mark all required usages of MD5 so bandit doesn't complain

2025-10-07 01:41:06 +03:00 · 2018-08-29 14:53:58 +02:00 · 2018-08-29 14:53:58 +02:00 · 8d3e82913e
commit 8d3e82913e
parent a089614225
3 changed files with 7 additions and 7 deletions
--- a/fdroidserver/publish.py
+++ b/fdroidserver/publish.py
@ -60,12 +60,12 @@ def key_alias(appid):
        # For this particular app, the key alias is overridden...
        keyalias = config['keyaliases'][appid]
        if keyalias.startswith('@'):
-            m = hashlib.md5()
+            m = hashlib.md5()  # nosec just used to generate a keyalias
            m.update(keyalias[1:].encode('utf-8'))
            keyalias = m.hexdigest()[:8]
        return keyalias
    else:
-        m = hashlib.md5()
+        m = hashlib.md5()  # nosec just used to generate a keyalias
        m.update(appid.encode('utf-8'))
        return m.hexdigest()[:8]
@ -197,7 +197,7 @@ def main():
    vercodes = common.read_pkg_args(options.appid, True)
    allaliases = []
    for appid in allapps:
-        m = hashlib.md5()
+        m = hashlib.md5()  # nosec just used to generate a keyalias
        m.update(appid.encode('utf-8'))
        keyalias = m.hexdigest()[:8]
        if keyalias in allaliases:
@ -307,11 +307,11 @@ def main():
                    # For this particular app, the key alias is overridden...
                    keyalias = config['keyaliases'][appid]
                    if keyalias.startswith('@'):
-                        m = hashlib.md5()
+                        m = hashlib.md5()  # nosec just used to generate a keyalias
                        m.update(keyalias[1:].encode('utf-8'))
                        keyalias = m.hexdigest()[:8]
                else:
-                    m = hashlib.md5()
+                    m = hashlib.md5()  # nosec just used to generate a keyalias
                    m.update(appid.encode('utf-8'))
                    keyalias = m.hexdigest()[:8]
                logging.info("Key alias: " + keyalias)
--- a/fdroidserver/server.py
+++ b/fdroidserver/server.py
@ -192,7 +192,7 @@ def update_awsbucket_libcloud(repo_section):
                    upload = True
                else:
                    # if the sizes match, then compare by MD5
-                    md5 = hashlib.md5()
+                    md5 = hashlib.md5()  # nosec AWS uses MD5
                    with open(file_to_upload, 'rb') as f:
                        while True:
                            data = f.read(8192)
--- a/fdroidserver/update.py
+++ b/fdroidserver/update.py
@ -434,7 +434,7 @@ def getsig(apkpath):
    cert_encoded = common.get_certificate(cert)
-    return hashlib.md5(hexlify(cert_encoded)).hexdigest()
+    return hashlib.md5(hexlify(cert_encoded)).hexdigest()  # nosec just used as ID for signing key
 def get_cache_file():