Class: Rubocop::Cop::Fips::MD5

Inherits:

RuboCop::Cop::Base

Object
RuboCop::Cop::Base
Rubocop::Cop::Fips::MD5

show all

Includes:: Gitlab::Styles::Common::BannedConstants

Defined in:: lib/rubocop/cop/fips/md5.rb

Overview

Checks for the usage of MD5, which is not FIPS-compliant. It suggests using a FIPS-compliant alternative like SHA256.

Examples:

# bad
OpenSSL::Digest::MD5.hexdigest('foo')
Digest::MD5.hexdigest('foo')

# good
OpenSSL::Digest::SHA256.hexdigest('foo')

Constant Summary collapse

MESSAGE_TEMPLATE =

'MD5 is not FIPS-compliant. Use %{replacement} instead.'

REPLACEMENTS =

{
  'OpenSSL::Digest::MD5' => 'OpenSSL::Digest::SHA256',
  'Digest::MD5' => 'OpenSSL::Digest::SHA256'
}.freeze

Instance Attribute Summary

Attributes included from Gitlab::Styles::Common::BannedConstants

#autocorrect, #message_template, #replacements

Instance Method Summary collapse

#initialize(config = nil, options = nil) ⇒ MD5 constructor

A new instance of MD5.

Methods included from Gitlab::Styles::Common::BannedConstants

#on_const

Constructor Details

#initialize(config = nil, options = nil) ⇒ `MD5`

Returns a new instance of MD5.

# File 'lib/rubocop/cop/fips/md5.rb', line 28

def initialize(config = nil, options = nil)
  @message_template = MESSAGE_TEMPLATE
  @replacements = REPLACEMENTS
  @autocorrect = false
  super
end