Using Aim package on FIPS compatible machine results in Error.

[dushyantbehl]

🐛 Bug

Running AIM with any script on a FIPS server results in errors like these making it unusable.

TypeError: 'digest_size' is an invalid keyword argument for openssl_blake2b()
TypeError: 'digest_size' is an invalid keyword argument for openssl_blake2b()
Exception ignored in: 'aim.storage.hashing.hashing.hash_object'
Traceback (most recent call last):
  File "/usr/local/lib64/python3.11/site-packages/aim/storage/context.py", line 40, in _calc_hash
    return hash_auto(self._context)
           ^^^^^^^^^^^^^^^^^^^^^^^^

To reproduce

Install AIM on FIPS enabled machine and run with any script the error seems to be 100% reproducible on our end.

Expected behavior

AIM hash function to generate hash without any error.

Environment

• Aim Version (e.g., 3.0.1) - 3.19.3
• Python version - 3.11
• pip version
• OS (e.g., Linux) - Linux
• Any other relevant information

Additional context

The problem seems to be stemming from python library hashlib, on a FIPS enabled server the _hashlib.get_fips_mode() returns 1

python3.11 
>>> import _hashlib
>>> _hashlib.get_fips_mode()
1

And API call like this fails.

>>> import hashlib
>>> hashlib.blake2b(digest_size=256 //8)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
TypeError: 'digest_size' is an invalid keyword argument for openssl_blake2b()

While on other server it works,

python3.11
>>> import _hashlib
>>> _hashlib.get_fips_mode()
0

>>> import hashlib
>>> hashlib.blake2b(digest_size=256 //8)
<_blake2.blake2b object at 0x7fe3f5d0cc70>

[SGevorg]

@dushyantbehl we don't have access to FIPS servers. would you be open to help us fix this?

[dushyantbehl]

Hey @SGevorg we can try this on our end thanks and let you guys know if the approcah seems okay.

[dushyantbehl]

Hey @SGevorg I have a first version of the patch which fixes this here - #3217
opened the PR for feedback from you guys. Cheers.