feat: Indicate that md5 is used as a CRC

MD5 in storage helpers is used as a CRC function for
non-cryptographically secure purposes. Ensure that md5 is initiated
with `usedforsecurity=False` to ensure that Python in FIPS mode can
fetch MD5 implementation for such non cryptographically secure
purpose.

This is no effective change on non-FIPS mode Python installations.

This improves compatibility with most FIPS mode Python installations.

Author: xnox

google/cloud/storage/_helpers.py

@@ -21,6 +21,7 @@
 import datetime
 from hashlib import md5
 import os
+import sys
 from urllib.parse import urlsplit
 from urllib.parse import urlunsplit
 from uuid import uuid4
@@ -536,7 +537,10 @@ def _base64_md5hash(buffer_object):
     :rtype: str
     :returns: A base64 encoded digest of the MD5 hash.
     """
-    hash_obj = md5()
+    if sys.version_info >= (3, 9):
+        hash_obj = md5(usedforsecurity=False)
+    else:
+        hash_obj = md5()
     _write_buffer_to_hash(buffer_object, hash_obj)
     digest_bytes = hash_obj.digest()
     return base64.b64encode(digest_bytes)

tests/unit/test__helpers.py

@@ -735,7 +735,7 @@ def __init__(self, digest_val):
         self.hash_obj = _MD5Hash(digest_val)
         self._called = []
 
-    def __call__(self, data=None):
+    def __call__(self, data=None, usedforsecurity=True):
         self._called.append(data)
         return self.hash_obj