123456789_123456789_123456789_123456789_123456789_

Class: RuboCop::Cop::Lint::DeprecatedOpenSSLConstant

Relationships & Source Files
Super Chains via Extension / Inclusion / Inheritance
Class Chain:
self, ::RuboCop::Cop::AutoCorrector, ::RuboCop::Cop::Base, ::RuboCop::ExcludeLimit, NodePattern::Macros, RuboCop::AST::Sexp
Instance Chain:
Inherits: RuboCop::Cop::Base
Defined in: lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb

Overview

Algorithmic constants for OpenSSL::Cipher and OpenSSL::Digest deprecated since OpenSSL version 2.2.0. Prefer passing a string instead.

Examples:

# bad
OpenSSL::Cipher::AES.new(128, :GCM)

# good
OpenSSL::Cipher.new('aes-128-gcm')

# bad
OpenSSL::Digest::SHA256.new

# good
OpenSSL::Digest.new('SHA256')

# bad
OpenSSL::Digest::SHA256.digest('foo')

# good
OpenSSL::Digest.digest('SHA256', 'foo')

Constant Summary

::RuboCop::Cop::Base - Inherited

EMPTY_OFFENSES, RESTRICT_ON_SEND

::RuboCop::Cop::RangeHelp - Included

BYTE_ORDER_MARK, NOT_GIVEN

Class Attribute Summary

::RuboCop::Cop::AutoCorrector - Extended

::RuboCop::Cop::Base - Inherited

.gem_requirements, .lint?,
.support_autocorrect?

Returns if class supports autocorrect.

.support_multiple_source?

Override if your cop should be called repeatedly for multiple investigations Between calls to on_new_investigation and on_investigation_end, the result of processed_source will remain constant.

Class Method Summary

::RuboCop::Cop::Base - Inherited

.autocorrect_incompatible_with

List of cops that should not try to autocorrect at the same time as this cop.

.badge

Naming.

.callbacks_needed, .cop_name, .department,
.documentation_url

Returns a url to view this cops documentation online.

.exclude_from_registry

Call for abstract Cop classes.

.inherited,
.joining_forces

Override and return the Force class(es) you need to join.

.match?

Returns true if the cop name or the cop namespace matches any of the given names.

.new,
.requires_gem

Register a version requirement for the given gem name.

.restrict_on_send

::RuboCop::ExcludeLimit - Extended

exclude_limit

Sets up a configuration option to have an exclude limit tracked.

transform

Instance Attribute Summary

Instance Method Summary

::RuboCop::Cop::RangeHelp - Included

#add_range, #column_offset_between,
#contents_range

A range containing only the contents of a literal with delimiters (e.g.

#directions,
#effective_column

Returns the column attribute of the range, except if the range is on the first line and there’s a byte order mark at the beginning of that line, in which case 1 is subtracted from the column value.

#final_pos, #move_pos, #move_pos_str, #range_between, #range_by_whole_lines, #range_with_comments, #range_with_comments_and_lines, #range_with_surrounding_comma, #range_with_surrounding_space, #source_range

::RuboCop::Cop::Base - Inherited

#add_global_offense

Adds an offense that has no particular location.

#add_offense

Adds an offense on the specified range (or node with an expression) Unless that offense is disabled for this range, a corrector will be yielded to provide the cop the opportunity to autocorrect the offense.

#begin_investigation

Called before any investigation.

#callbacks_needed,
#cop_config

Configuration Helpers.

#cop_name, #excluded_file?,
#external_dependency_checksum

This method should be overridden when a cop’s behavior depends on state that lives outside of these locations:

#inspect,
#message

Gets called if no message is specified when calling add_offense or add_global_offense Cops are discouraged to override this; instead pass your message directly.

#name

Alias for Base#cop_name.

#offenses,
#on_investigation_end

Called after all on_…​

#on_new_investigation

Called before all on_…​

#on_other_file

Called instead of all on_…​

#parse

There should be very limited reasons for a Cop to do it’s own parsing.

#parser_engine,
#ready

Called between investigations.

#relevant_file?, #target_rails_version, #target_ruby_version, #annotate, #apply_correction, #attempt_correction,
#callback_argument

Reserved for Cop::Cop.

#complete_investigation

Called to complete an investigation.

#correct, #current_corrector,
#current_offense_locations

Reserved for Commissioner:

#current_offenses, #currently_disabled_lines, #custom_severity, #default_severity, #disable_uncorrectable, #enabled_line?, #file_name_matches_any?, #find_message, #find_severity, #range_for_original, #range_from_node_or_range,
#reset_investigation

Actually private methods.

#use_corrector

::RuboCop::Cop::AutocorrectLogic - Included

::RuboCop::Cop::IgnoredNode - Included

Constructor Details

This class inherits a constructor from RuboCop::Cop::Base

Instance Method Details

#algorithm_const(node)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 40

def_node_matcher :algorithm_const, <<~PATTERN
  (send
    $(const
      (const
        (const {nil? cbase} :OpenSSL) {:Cipher :Digest})
      _)
    ...)
PATTERN

#algorithm_name(node) (private)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 101

def algorithm_name(node)
  name = node.loc.name.source

  if openssl_class(node) == 'OpenSSL::Cipher' && !NO_ARG_ALGORITHM.include?(name)
    name.scan(/.{3}/).join('-')
  else
    name
  end
end

#autocorrect(corrector, node) (private)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 66

def autocorrect(corrector, node)
  algorithm_constant, = algorithm_const(node)

  corrector.remove(algorithm_constant.loc.double_colon)
  corrector.remove(algorithm_constant.loc.name)

  corrector.replace(
    correction_range(node),
    "#{node.loc.selector.source}(#{replacement_args(node)})"
  )
end

#build_cipher_arguments(node, algorithm_name, no_arguments) (private)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 130

def build_cipher_arguments(node, algorithm_name, no_arguments)
  algorithm_parts = algorithm_name.downcase.split('-')
  size_and_mode = sanitize_arguments(node.arguments).map(&:downcase)

  if NO_ARG_ALGORITHM.include?(algorithm_parts.first.upcase) && no_arguments
    "'#{algorithm_parts.first}'"
  else
    mode = 'cbc' unless size_and_mode == ['cbc']

    "'#{(algorithm_parts + size_and_mode + [mode]).compact.take(3).join('-')}'"
  end
end

#correction_range(node) (private)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 93

def correction_range(node)
  range_between(node.loc.dot.end_pos, node.source_range.end_pos)
end

#digest_const?(node)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 50

def_node_matcher :digest_const?, <<~PATTERN
  (const _ :Digest)
PATTERN

#message(node) (private)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 78

def message(node)
  algorithm_constant, = algorithm_const(node)
  parent_constant = openssl_class(algorithm_constant)
  replacement_args = replacement_args(node)
  method = node.loc.selector.source

  format(
    MSG,
    constant: parent_constant,
    method: method,
    replacement_args: replacement_args,
    original: node.source
  )
end

#on_send(node)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 54

def on_send(node)
  return if node.arguments.any? { |arg| arg.variable? || arg.call_type? || arg.const_type? }
  return if digest_const?(node.receiver)
  return unless algorithm_const(node)

  message = message(node)

  add_offense(node, message: message) { |corrector| autocorrect(corrector, node) }
end

#openssl_class(node) (private)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 97

def openssl_class(node)
  node.children.first.source
end

#replacement_args(node) (private)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 119

def replacement_args(node)
  algorithm_constant, = algorithm_const(node)
  algorithm_name = algorithm_name(algorithm_constant)

  if openssl_class(algorithm_constant) == 'OpenSSL::Cipher'
    build_cipher_arguments(node, algorithm_name, node.arguments.empty?)
  else
    (["'#{algorithm_name}'"] + node.arguments.map(&:source)).join(', ')
  end
end

#sanitize_arguments(arguments) (private)

[ GitHub ]

  
# File 'lib/rubocop/cop/lint/deprecated_open_ssl_constant.rb', line 111

def sanitize_arguments(arguments)
  arguments.flat_map do |arg|
    argument = arg.str_type? ? arg.value : arg.source

    argument.tr(":'", '').split('-')
  end
end