Sign upLogin

node-opcua/node-opcua-crypto

View on GitHub
Star

Showing 107 of 107 total issues

Similar blocks of code found in 3 locations. Consider refactoring.
Open

        const { cert } = await createSelfSignedCertificate({
            privateKey,
            notAfter: new Date(2020, 1, 1),
            notBefore: new Date(2019, 1, 1),
            subject: "CN=Test",
Severity: Major
Found in packages/node-opcua-crypto-test/test/test_create_self_signed_certificate.ts and 2 other locations - About 2 hrs to fix
packages/node-opcua-crypto-test/test/test_create_certificate_signing_request.ts on lines 45..54
packages/node-opcua-crypto-test/test/test_create_self_signed_certificate.ts on lines 131..140

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 81.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 2 locations. Consider refactoring.
Open

async function privateKeyToPEM(privateKey: CryptoKey) {
    const crypto = getCrypto();
    const privDer = await crypto.subtle.exportKey("pkcs8", privateKey);
    const privPem = x509.PemConverter.encode(privDer, "PRIVATE KEY");
    return { privPem, privDer };
Severity: Major
Found in packages/node-opcua-crypto-test/test/test_peculiar_edge_case.ts and 1 other location - About 2 hrs to fix
packages/node-opcua-crypto/source/x509/create_key_pair.ts on lines 50..55

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 81.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Function readTbsCertificate has 57 lines of code (exceeds 25 allowed). Consider refactoring.
Open

export function readTbsCertificate(buffer: Buffer, block: BlockInfo): TbsCertificate {
    const blocks = readStruct(buffer, block);

    let version, serialNumber, signature, issuer, validity, subject, subjectFingerPrint, extensions;
    let subjectPublicKeyInfo: SubjectPublicKeyInfo;
Severity: Major
Found in packages/node-opcua-crypto/source/crypto_explore_certificate.ts - About 2 hrs to fix

    Similar blocks of code found in 3 locations. Consider refactoring.
    Open

        it("should parse a SubjectLine ", () => {
        const str = "/C=FR/ST=IDF/L=Paris/O=Local NODE-OPCUA Certificate Authority/CN=Hello";
        const subject = Subject.parse(str);
        subject.commonName!.should.eql("Hello");
        subject.country!.should.eql("FR");
    Severity: Major
    Found in packages/node-opcua-crypto-test/test/test_subject.ts and 2 other locations - About 2 hrs to fix
    packages/node-opcua-crypto-test/test/test_subject.ts on lines 52..58
    packages/node-opcua-crypto-test/test/test_subject.ts on lines 60..65

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 77.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    Similar blocks of code found in 3 locations. Consider refactoring.
    Open

        it("should parse a long CN with slashes SubjectLine ", () => {
        const str = "/CN=PC.DOMAIN.COM/path/scada/server@PC/DC=/O=Sterfive/L=Orleans/C=FR";
        const subject = Subject.parse(str);
        subject.commonName!.should.eql("PC.DOMAIN.COM/path/scada/server@PC");
        subject.domainComponent!.should.eql("");
    Severity: Major
    Found in packages/node-opcua-crypto-test/test/test_subject.ts and 2 other locations - About 2 hrs to fix
    packages/node-opcua-crypto-test/test/test_subject.ts on lines 45..50
    packages/node-opcua-crypto-test/test/test_subject.ts on lines 52..58

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 77.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    Similar blocks of code found in 3 locations. Consider refactoring.
    Open

        it("should parse a SubjectLine ", () => {
        const str = "/DC=MYDOMAIN/CN=Hello";

        const subject = Subject.parse(str);
        subject.commonName!.should.eql("Hello");
    Severity: Major
    Found in packages/node-opcua-crypto-test/test/test_subject.ts and 2 other locations - About 2 hrs to fix
    packages/node-opcua-crypto-test/test/test_subject.ts on lines 45..50
    packages/node-opcua-crypto-test/test/test_subject.ts on lines 60..65

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 77.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    Function parseOID has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring.
    Open

    function parseOID(buffer: Buffer, start: number, end: number): string {
    // ASN.1 JavaScript decoder
    // Copyright (c) 2008-2014 Lapo Luchini <lapo@lapo.it>
    let s = "",
        n = 0,
    Severity: Minor
    Found in packages/node-opcua-crypto/source/asn1.ts - About 2 hrs to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Similar blocks of code found in 2 locations. Consider refactoring.
    Open

        it("WW should fail when verifying a signature with the wrong parent certificate ", () => {
        const certificate1 = readCertificate(path.join(__dirname, "../test-fixtures/certsChain/1000.pem"));
        const certificate2 = readCertificate(path.join(__dirname, "../test-fixtures/certsChain/wrongcacert.pem"));
        verifyCertificateSignature(certificate1, certificate2).should.eql(false);
    });
    Severity: Major
    Found in packages/node-opcua-crypto-test/test/test_verify_certificate_signature.ts and 1 other location - About 1 hr to fix
    packages/node-opcua-crypto-test/test/test_verify_certificate_signature.ts on lines 89..93

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 73.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    Similar blocks of code found in 2 locations. Consider refactoring.
    Open

        it("WW should verify the signature of certificate signed by a CA", () => {
        const certificate1 = readCertificate(path.join(__dirname, "../test-fixtures/certsChain/1000.pem"));
        const certificate2 = readCertificate(path.join(__dirname, "../test-fixtures/certsChain/cacert.pem"));
        verifyCertificateSignature(certificate1, certificate2).should.eql(true);
    });
    Severity: Major
    Found in packages/node-opcua-crypto-test/test/test_verify_certificate_signature.ts and 1 other location - About 1 hr to fix
    packages/node-opcua-crypto-test/test/test_verify_certificate_signature.ts on lines 98..102

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 73.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    Function _readGeneralNames has 47 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

    function _readGeneralNames(buffer: Buffer, block: BlockInfo) {
    const _data: { [key: number]: { name: string; type: string } } = {
        1: { name: "rfc822Name", type: "IA5String" },
        2: { name: "dNSName", type: "IA5String" },
        3: { name: "x400Address", type: "ORAddress" },
    Severity: Minor
    Found in packages/node-opcua-crypto/source/crypto_explore_certificate.ts - About 1 hr to fix

      Function verifyCertificateChain has 45 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

      export async function verifyCertificateChain(certificateChain: Certificate[]): Promise<{ status: _VerifyStatus; reason: string }> {
    // verify that all the certificate
    // second certificate must be used for CertificateSign

    for (let index = 1; index < certificateChain.length; index++) {
      Severity: Minor
      Found in packages/node-opcua-crypto/source/verify_certificate_signature.ts - About 1 hr to fix

        Function _readTbsCertList has 45 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

        function _readTbsCertList(buffer: Buffer, blockInfo: BlockInfo): TBSCertList {
    const blocks = readStruct(buffer, blockInfo);

    const hasOptionalVersion = blocks[0].tag === TagType.INTEGER;
        Severity: Minor
        Found in packages/node-opcua-crypto/source/explore_certificate_revocation_list.ts - About 1 hr to fix

          Function _readTbsCertList has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring.
          Open

          function _readTbsCertList(buffer: Buffer, blockInfo: BlockInfo): TBSCertList {
    const blocks = readStruct(buffer, blockInfo);

    const hasOptionalVersion = blocks[0].tag === TagType.INTEGER;
          Severity: Minor
          Found in packages/node-opcua-crypto/source/explore_certificate_revocation_list.ts - About 1 hr to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Similar blocks of code found in 2 locations. Consider refactoring.
          Open

              it("should compose a subject with a subject string - starting with a / (like in OpenSSL)", () => {
        const subject = new Subject("/CN=Hello");
        subject.toStringForOPCUA().should.eql("CN=Hello");
        subject.toString().should.eql("/CN=Hello");
    });
          Severity: Major
          Found in packages/node-opcua-crypto-test/test/test_subject.ts and 1 other location - About 1 hr to fix
          packages/node-opcua-crypto-test/test/test_subject.ts on lines 39..43

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 68.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Similar blocks of code found in 2 locations. Consider refactoring.
          Open

              it("should compose a subject with a subject string - correctly starting without a / (like in OPCUA-GDS)", () => {
        const subject = new Subject("CN=Hello");
        subject.toStringForOPCUA().should.eql("CN=Hello");
        subject.toString().should.eql("/CN=Hello");
    });
          Severity: Major
          Found in packages/node-opcua-crypto-test/test/test_subject.ts and 1 other location - About 1 hr to fix
          packages/node-opcua-crypto-test/test/test_subject.ts on lines 33..37

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 68.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Similar blocks of code found in 2 locations. Consider refactoring.
          Open

              it("should parse a quoted string ", () => {
        const subject = new Subject('CN="Hello/Hallo"');
        subject.commonName!.should.eql("Hello/Hallo");
        subject.toString().should.eql('/CN="Hello/Hallo"');
    });
          Severity: Major
          Found in packages/node-opcua-crypto-test/test/test_subject.ts and 1 other location - About 1 hr to fix
          packages/node-opcua-crypto-test/test/test_subject.ts on lines 80..84

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 67.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Similar blocks of code found in 2 locations. Consider refactoring.
          Open

              it("should parse a quoted string ", () => {
        const subject = new Subject("CN=Hello'Hallo'");
        subject.commonName!.should.eql("Hello'Hallo'");
        subject.toString().should.eql("/CN=Hello'Hallo'");
    });
          Severity: Major
          Found in packages/node-opcua-crypto-test/test/test_subject.ts and 1 other location - About 1 hr to fix
          packages/node-opcua-crypto-test/test/test_subject.ts on lines 85..89

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 67.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Function _readAuthorityKeyIdentifier has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
          Open

          function _readAuthorityKeyIdentifier(buffer: Buffer): AuthorityKeyIdentifier {
    /**
     *  where a CA distributes its public key in the form of a "self-signed"
     *  certificate, the authority key identifier MAY be omitted.  Th
     *  signature on a self-signed certificate is generated with the private
          Severity: Minor
          Found in packages/node-opcua-crypto/source/crypto_explore_certificate.ts - About 1 hr to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function _readAuthorityKeyIdentifier has 39 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

          function _readAuthorityKeyIdentifier(buffer: Buffer): AuthorityKeyIdentifier {
    /**
     *  where a CA distributes its public key in the form of a "self-signed"
     *  certificate, the authority key identifier MAY be omitted.  Th
     *  signature on a self-signed certificate is generated with the private
          Severity: Minor
          Found in packages/node-opcua-crypto/source/crypto_explore_certificate.ts - About 1 hr to fix

            Similar blocks of code found in 2 locations. Consider refactoring.
            Open

            export function coercePublicKeyPem(publicKey: PublicKey | PublicKeyPEM): PublicKeyPEM {
    if (isKeyObject(publicKey)) {
        return (publicKey as KeyObject).export({ format: "pem", type: "spki" }).toString();
    }
    assert(typeof publicKey === "string");
            Severity: Major
            Found in packages/node-opcua-crypto/source/crypto_utils2.ts and 1 other location - About 1 hr to fix
            packages/node-opcua-crypto/source/crypto_utils2.ts on lines 107..113

            Duplicated Code

            Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

            Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

            When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

            Tuning

            This issue has a mass of 66.

            We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

            The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

            If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

            See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

            Refactorings

            Further Reading

            Severity
            Category
            Status
            Source
            Language