Class: Rubocop::Cop::Fips::OpenSSL

Inherits:

RuboCop::Cop::Base

• Object
• RuboCop::Cop::Base
• Rubocop::Cop::Fips::OpenSSL

Extended by:

RuboCop::Cop::AutoCorrector

Includes:

Gitlab::Styles::Common::BannedConstants

Defined in:

lib/rubocop/cop/fips/open_ssl.rb

Overview

Flags usage of the Digest class (which is not FIPS-compliant) and suggests replacing it with OpenSSL::Digest (which is FIPS-compliant).

Examples:

# bad
Digest::SHA1.hexdigest('foo')
Digest::SHA512('foo')

# good
OpenSSL::Digest::SHA1.hexdigest('foo')
OpenSSL::Digest::SHA512.hexdigest('foo')

Constant Summary

MESSAGE_TEMPLATE =

'Usage of this class is not FIPS-compliant. Use %{replacement} instead.'

REPLACEMENTS =

{
  'Digest::SHA1' => 'OpenSSL::Digest::SHA1',
  'Digest::SHA2' => 'OpenSSL::Digest::SHA256',
  'Digest::SHA256' => 'OpenSSL::Digest::SHA256',
  'Digest::SHA384' => 'OpenSSL::Digest::SHA384',
  'Digest::SHA512' => 'OpenSSL::Digest::SHA512'
}.freeze

Instance Attribute Summary

Attributes included from Gitlab::Styles::Common::BannedConstants

#autocorrect, #message_template, #replacements

Instance Method Summary

• #initialize(config = nil, options = nil) ⇒ OpenSSL constructor

  A new instance of OpenSSL.

Methods included from Gitlab::Styles::Common::BannedConstants

#on_const

Constructor Details

#initialize(config = nil, options = nil) ⇒ OpenSSL

Returns a new instance of OpenSSL.

# File 'lib/rubocop/cop/fips/open_ssl.rb', line 33

def initialize(config = nil, options = nil)
  @message_template = MESSAGE_TEMPLATE
  @replacements = REPLACEMENTS
  @autocorrect = true
  super
end