Commit 7155a800 authored by Dmytro Zaporozhets (DZ)'s avatar Dmytro Zaporozhets (DZ)

Merge branch 'Lint/DeprecatedOpenSSLConstant' into 'master'

Replace OpenSSL constants with strings (CE)

See merge request gitlab-org/gitlab!52432
parents 85972542 8d2e200c
...@@ -155,20 +155,6 @@ Lint/BinaryOperatorWithIdenticalOperands: ...@@ -155,20 +155,6 @@ Lint/BinaryOperatorWithIdenticalOperands:
Lint/ConstantDefinitionInBlock: Lint/ConstantDefinitionInBlock:
Enabled: false Enabled: false
# Offense count: 9
# Cop supports --auto-correct.
Lint/DeprecatedOpenSSLConstant:
Exclude:
- 'app/services/clusters/kubernetes/configure_istio_ingress_service.rb'
- 'ee/lib/gitlab/geo/oauth/logout_state.rb'
- 'lib/gitlab/conan_token.rb'
- 'lib/gitlab/gitaly_client.rb'
- 'lib/gitlab/kubernetes/helm/v2/certificate.rb'
- 'spec/lib/gitlab/conan_token_spec.rb'
- 'spec/services/pages_domains/obtain_lets_encrypt_certificate_service_spec.rb'
- 'spec/support/helpers/smime_helper.rb'
- 'spec/support/shared_contexts/requests/api/conan_packages_shared_context.rb'
# Offense count: 1 # Offense count: 1
Lint/DuplicateRequire: Lint/DuplicateRequire:
Exclude: Exclude:
......
...@@ -60,7 +60,7 @@ module Clusters ...@@ -60,7 +60,7 @@ module Clusters
cert.public_key = key.public_key cert.public_key = key.public_key
cert.subject = name cert.subject = name
cert.issuer = name cert.issuer = name
cert.sign(key, OpenSSL::Digest::SHA256.new) cert.sign(key, OpenSSL::Digest.new('SHA256'))
serverless_domain_cluster.update!( serverless_domain_cluster.update!(
key: key.to_pem, key: key.to_pem,
......
---
title: Replace OpenSSL constants with strings
merge_request: 52432
author: Takuya Noguchi
type: other
...@@ -35,7 +35,7 @@ module Gitlab ...@@ -35,7 +35,7 @@ module Gitlab
def secret def secret
OpenSSL::HMAC.hexdigest( OpenSSL::HMAC.hexdigest(
OpenSSL::Digest::SHA256.new, OpenSSL::Digest.new('SHA256'),
::Settings.attr_encrypted_db_key_base, ::Settings.attr_encrypted_db_key_base,
HMAC_KEY HMAC_KEY
) )
......
...@@ -203,7 +203,7 @@ module Gitlab ...@@ -203,7 +203,7 @@ module Gitlab
def self.authorization_token(storage) def self.authorization_token(storage)
token = token(storage).to_s token = token(storage).to_s
issued_at = real_time.to_i.to_s issued_at = real_time.to_i.to_s
hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, token, issued_at) hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('SHA256'), token, issued_at)
"v2.#{hmac}.#{issued_at}" "v2.#{hmac}.#{issued_at}"
end end
......
...@@ -59,7 +59,7 @@ module Gitlab ...@@ -59,7 +59,7 @@ module Gitlab
cert.add_extension(extension_factory.create_extension('keyUsage', 'cRLSign,keyCertSign', true)) cert.add_extension(extension_factory.create_extension('keyUsage', 'cRLSign,keyCertSign', true))
end end
cert.sign(signed_by&.key || key, OpenSSL::Digest::SHA256.new) cert.sign(signed_by&.key || key, OpenSSL::Digest.new('SHA256'))
new(key, cert) new(key, cert)
end end
......
...@@ -6,7 +6,7 @@ RSpec.describe Gitlab::ConanToken do ...@@ -6,7 +6,7 @@ RSpec.describe Gitlab::ConanToken do
let(:jwt_secret) do let(:jwt_secret) do
OpenSSL::HMAC.hexdigest( OpenSSL::HMAC.hexdigest(
OpenSSL::Digest::SHA256.new, OpenSSL::Digest.new('SHA256'),
base_secret, base_secret,
described_class::HMAC_KEY described_class::HMAC_KEY
) )
......
...@@ -135,7 +135,7 @@ RSpec.describe PagesDomains::ObtainLetsEncryptCertificateService do ...@@ -135,7 +135,7 @@ RSpec.describe PagesDomains::ObtainLetsEncryptCertificateService do
cert.add_extension ef.create_extension("authorityKeyIdentifier", cert.add_extension ef.create_extension("authorityKeyIdentifier",
"keyid:always,issuer:always") "keyid:always,issuer:always")
cert.sign key, OpenSSL::Digest::SHA1.new cert.sign key, OpenSSL::Digest.new('SHA1')
cert.to_pem cert.to_pem
end end
......
...@@ -52,7 +52,7 @@ module SmimeHelper ...@@ -52,7 +52,7 @@ module SmimeHelper
cert.add_extension(extension_factory.create_extension('extendedKeyUsage', 'clientAuth,emailProtection', false)) cert.add_extension(extension_factory.create_extension('extendedKeyUsage', 'clientAuth,emailProtection', false))
end end
cert.sign(signed_by&.fetch(:key, nil) || key, OpenSSL::Digest::SHA256.new) cert.sign(signed_by&.fetch(:key, nil) || key, OpenSSL::Digest.new('SHA256'))
{ key: key, cert: cert } { key: key, cert: cert }
end end
......
...@@ -22,7 +22,7 @@ RSpec.shared_context 'conan api setup' do ...@@ -22,7 +22,7 @@ RSpec.shared_context 'conan api setup' do
let(:jwt_secret) do let(:jwt_secret) do
OpenSSL::HMAC.hexdigest( OpenSSL::HMAC.hexdigest(
OpenSSL::Digest::SHA256.new, OpenSSL::Digest.new('SHA256'),
base_secret, base_secret,
Gitlab::ConanToken::HMAC_KEY Gitlab::ConanToken::HMAC_KEY
) )
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment