From 2bfaab603d652e43ade90053919abfa39c9e5aeb Mon Sep 17 00:00:00 2001
From: Benjamin Bannier <benjamin.bannier@corelight.com>
Date: Fri, 17 May 2024 14:43:57 +0200
Subject: [PATCH] Remove unneeded test usage of md5

MD5 is not FIPS compliant and we do not need to use it in the majority
of tests. Replace them where not explicitly needed.

(cherry picked from commit 3291846ae8e13e05c6554d0029c25a99fd6b5a10)
---
 testing/btest/Baseline/language.assert-hook-5/out           | 6 +++---
 .../Baseline/scripts.base.protocols.ssh.fingerprints/out    | 4 ++--
 testing/btest/language/assert-hook.zeek                     | 6 +++---
 testing/btest/scripts/base/protocols/ssh/fingerprints.zeek  | 4 ++--
 4 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/testing/btest/Baseline/language.assert-hook-5/out b/testing/btest/Baseline/language.assert-hook-5/out
index cfd12f766e..fb77638793 100644
--- a/testing/btest/Baseline/language.assert-hook-5/out
+++ b/testing/btest/Baseline/language.assert-hook-5/out
@@ -1,8 +1,8 @@
 ### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
-assertion_result T at <...>/assert-hook.zeek:25: md5_hash("") == "d41d8cd98f00b204e9800998ecf8427e"
+assertion_result T at <...>/assert-hook.zeek:25: sha1_hash("x") == "11f6ad8ec52a2984abaafd7c3b516503785c2072"
 assertion_result T at <...>/assert-hook.zeek:30: sha1_hash("") == "da39a3ee5e6b4b0d3255bfef95601890afd80709"
 assertion_result F at <...>/assert-hook.zeek:35: sha1_hash("") == "wrong"
 assertion_failure at <...>/assert-hook.zeek:35: sha1_hash("") == "wrong"
-assertion_result F at <...>/assert-hook.zeek:40: md5_hash("") == "wrong"
-assertion_failure at <...>/assert-hook.zeek:40: md5_hash("") == "wrong"
+assertion_result F at <...>/assert-hook.zeek:40: sha1_hash("x") == "wrong"
+assertion_failure at <...>/assert-hook.zeek:40: sha1_hash("x") == "wrong"
 2 of 4 assertions failed
diff --git a/testing/btest/Baseline/scripts.base.protocols.ssh.fingerprints/out b/testing/btest/Baseline/scripts.base.protocols.ssh.fingerprints/out
index 2dac5bca77..e1eaf86fce 100644
--- a/testing/btest/Baseline/scripts.base.protocols.ssh.fingerprints/out
+++ b/testing/btest/Baseline/scripts.base.protocols.ssh.fingerprints/out
@@ -1,5 +1,5 @@
 ### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
 ssh server host key fingerprint, c7:eb:77:5d:d1:64:31:d6:1b:e8:99:5f:a7:09:a1:d7
-ssh2 server host key fingerprint, c7eb775dd16431d61be8995fa709a1d7
+ssh2 server host key fingerprint, f5ebdf9bfc590ab7f1c91b789db732d704f2fe1e
 ssh server host key fingerprint, 55:17:eb:fa:2e:7f:b3:7b:33:42:7c:9d:44:85:56:da
-ssh1 server host key fingerprint, 5517ebfa2e7fb37b33427c9d448556da
+ssh1 server host key fingerprint, b08d68174a2690de53edf0f6a4e5b0ad8fd66e5b
diff --git a/testing/btest/language/assert-hook.zeek b/testing/btest/language/assert-hook.zeek
index 1f107ff70e..6546a09716 100644
--- a/testing/btest/language/assert-hook.zeek
+++ b/testing/btest/language/assert-hook.zeek
@@ -39,7 +39,7 @@ hook assertion_failure(cond: string, msg: string, bt: Backtrace)
 
 function f()
 	{
-	assert md5_hash("") == "d41d8cd98f00b204e9800998ecf8427e";
+	assert sha1_hash("x") == "11f6ad8ec52a2984abaafd7c3b516503785c2072";
 	assert to_count("5") == 4, fmt("5 is not 4");
 	assert sha1_hash("") == "da39a3ee5e6b4b0d3255bfef95601890afd80709";
 	}
@@ -121,7 +121,7 @@ hook assertion_result(result: bool, cond: string, msg: string, bt: Backtrace)
 
 event zeek_test()
 	{
-	assert md5_hash("") == "d41d8cd98f00b204e9800998ecf8427e";
+	assert sha1_hash("x") == "11f6ad8ec52a2984abaafd7c3b516503785c2072";
 	}
 
 event zeek_test()
@@ -136,7 +136,7 @@ event zeek_test()
 
 event zeek_test()
 	{
-	assert md5_hash("") == "wrong";
+	assert sha1_hash("x") == "wrong";
 	}
 
 event zeek_init()
diff --git a/testing/btest/scripts/base/protocols/ssh/fingerprints.zeek b/testing/btest/scripts/base/protocols/ssh/fingerprints.zeek
index f0ef8fad21..e69be91a4f 100644
--- a/testing/btest/scripts/base/protocols/ssh/fingerprints.zeek
+++ b/testing/btest/scripts/base/protocols/ssh/fingerprints.zeek
@@ -5,12 +5,12 @@
 
 event ssh2_server_host_key(c: connection, key: string)
 	{
-	print "ssh2 server host key fingerprint",  md5_hash(key);
+	print "ssh2 server host key fingerprint", sha1_hash(key);
 	}
 
 event ssh1_server_host_key(c: connection, modulus: string, exponent: string)
 	{
-	print "ssh1 server host key fingerprint", md5_hash(modulus + exponent);
+	print "ssh1 server host key fingerprint", sha1_hash(modulus + exponent);
 	}
 
 event ssh_server_host_key(c: connection, hash: string)