md5 to sha256

usedforsecurity is only for forked openssl implementation which i cannot used

md5 to sha256
1f7d47f0 · Daren Eiri · Frederic Bastien · 98eaa375 · 1f7d47f0 · 1f7d47f0
--- a/theano/gof/params_type.py
+++ b/theano/gof/params_type.py
@@ -295,8 +295,8 @@ class ParamsType(Type):
        # (see c_support_code() below).
        fields_string = ','.join(self.fields).encode('utf-8')
        types_string = ','.join(str(t) for t in self.types).encode('utf-8')
-        fields_hex = hashlib.md5(fields_string, usedforsecurity=False).hexdigest()
+        fields_hex = hashlib.sha256(fields_string).hexdigest()
-        types_hex = hashlib.md5(types_string, usedforsecurity=False).hexdigest()
+        types_hex = hashlib.sha256(types_string).hexdigest()
        return '_Params_%s_%s' % (fields_hex, types_hex)
    def has_type(self, theano_type):

--- a/theano/gof/utils.py
+++ b/theano/gof/utils.py
@@ -546,23 +546,23 @@ if PY3:
    import hashlib
    def hash_from_code(msg):
-        # hashlib.md5() requires an object that supports buffer interface,
+        # hashlib.sha256() requires an object that supports buffer interface,
        # but Python 3 (unicode) strings don't.
        if isinstance(msg, str):
            msg = msg.encode()
        # Python 3 does not like module names that start with
        # a digit.
-        return 'm' + hashlib.md5(msg, usedforsecurity=False).hexdigest()
+        return 'm' + hashlib.sha256(msg).hexdigest()
 else:
    import hashlib
    def hash_from_code(msg):
        try:
-            return hashlib.md5(msg, usedforsecurity=False).hexdigest()
+            return hashlib.sha256(msg).hexdigest()
        except TypeError:
            assert isinstance(msg, np.ndarray)
-            return hashlib.md5(np.getbuffer(msg), usedforsecurity=False).hexdigest()
+            return hashlib.sha256(np.getbuffer(msg)).hexdigest()
 def hash_from_file(file_path):

--- a/theano/printing.py
+++ b/theano/printing.py
@@ -1221,7 +1221,7 @@ def var_descriptor(obj, _prev_obs=None, _tag_generator=None):
        name = '<ndarray:'
        name += 'strides=[' + ','.join(str(stride)
                                       for stride in obj.strides) + ']'
-        name += ',digest=' + hashlib.md5(obj, usedforsecurity=False).hexdigest() + '>'
+        name += ',digest=' + hashlib.sha256(obj).hexdigest() + '>'
    elif hasattr(obj, 'owner') and obj.owner is not None:
        name = str(obj.owner.op) + '('
        name += ','.join(var_descriptor(ipt,
@@ -1265,7 +1265,7 @@ def hex_digest(x):
    Returns a short, mostly hexadecimal hash of a numpy ndarray
    """
    assert isinstance(x, np.ndarray)
-    rval = hashlib.md5(x.tostring(), usedforsecurity=False).hexdigest()
+    rval = hashlib.sha256(x.tostring()).hexdigest()
    # hex digest must be annotated with strides to avoid collisions
    # because the buffer interface only exposes the raw data, not
    # any info about the semantics of how that data should be arranged