From ab00904e275c25b84c28ef3da85bbc117886cac1 Mon Sep 17 00:00:00 2001
From: Julia Kreger <juliaashleykreger@gmail.com>
Date: Tue, 18 Feb 2020 10:45:23 -0800
Subject: [PATCH] Catch ValueError for FIPS 140-2 mode

In FIPS 140-2 mode, the underlying operating system will
prevent the loading of certian algorithms for hasing and
encryption. Python hashlib returns a ValueError exception
when the type cannot be instantiated.

This change catches the error and returns a relatively
user understandable reason as to why a failure has occured.

Change-Id: Id1a144b906303caa92ce88793fba8d1b14def738
Story: 2007306
Task: 38788
---
 ironic_python_agent/extensions/standby.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/ironic_python_agent/extensions/standby.py b/ironic_python_agent/extensions/standby.py
index 7b911ead0..94480dde1 100644
--- a/ironic_python_agent/extensions/standby.py
+++ b/ironic_python_agent/extensions/standby.py
@@ -269,7 +269,16 @@ class ImageDownload(object):
             self._hash_algo = hashlib.new(algo)
             self._expected_hash_value = image_info.get('os_hash_value')
         elif image_info.get('checksum'):
-            self._hash_algo = hashlib.md5()
+            try:
+                self._hash_algo = hashlib.md5()
+            except ValueError as e:
+                message = ('Unable to proceed with image {} as the legacy '
+                           'checksum indicator has been used, which makes use '
+                           'the MD5 algorithm. This algorithm failed to load '
+                           'due to the underlying operating system. Error: '
+                           '{}').format(image_info['id'], str(e))
+                LOG.error(message)
+                raise errors.RESTError(details=message)
             self._expected_hash_value = image_info['checksum']
         else:
             message = ('Unable to verify image {} with available checksums. '