patrickfav/armadillo

View on GitHub

Showing 25 of 46 total issues

File ASecureSharedPreferencesTest.java has 503 lines of code (exceeds 250 allowed). Consider refactoring.
Open

package at.favre.lib.armadillo;

import android.content.SharedPreferences;

import junit.framework.TestCase;

    ASecureSharedPreferencesTest has 49 methods (exceeds 20 allowed). Consider refactoring.
    Open

    @SuppressWarnings("deprecation")
    public abstract class ASecureSharedPreferencesTest {
        private static final String DEFAULT_PREF_NAME = "test-prefs";
        SharedPreferences preferences;
    
    

      File SecureSharedPreferences.java has 426 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      package at.favre.lib.armadillo;
      
      import android.annotation.SuppressLint;
      import android.content.Context;
      import android.content.SharedPreferences;

        Builder has 27 methods (exceeds 20 allowed). Consider refactoring.
        Open

            public static final class Builder {
        
                private final SharedPreferences sharedPreferences;
                private final Context context;
                private final String prefName;
        Severity: Minor
        Found in armadillo/src/main/java/at/favre/lib/armadillo/Armadillo.java - About 3 hrs to fix

          SecureSharedPreferences has 25 methods (exceeds 20 allowed). Consider refactoring.
          Open

          @SuppressWarnings( {"unused", "WeakerAccess", "UnusedReturnValue"})
          public final class SecureSharedPreferences implements ArmadilloSharedPreferences {
          
              private static final String PREFERENCES_SALT_KEY = "at.favre.lib.securepref.KEY_RANDOM";
              private static final String PASSWORD_VALIDATION_KEY = "at.favre.lib.securepref.PASSWORD_VALIDATION_KEY";

            Method testUpgradeToNewerProtocolVersion has 60 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

                @Test
                public void testUpgradeToNewerProtocolVersion() {
                    assumeFalse("test not supported on kitkat devices", isKitKatOrBelow());
            
                    // open new preference with old encryption config

              Method testChangePasswordAndKeyStretchingFunction has 45 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                  @Test
                  public void testChangePasswordAndKeyStretchingFunction() {
                      Set<String> testSet = new HashSet<>();
                      testSet.add("t1");
                      testSet.add("t2");

                Method benchmark has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring.
                Open

                    @Test
                    public void benchmark() {
                        List<AbstractBcrypt> contender = Arrays.asList(new FavreBcrypt(), new JBcrypt(), new BC());
                        prepareMap(contender);
                
                

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Method testChangePassword has 43 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                    private void testChangePassword(String name, char[] currentPassword, char[] newPassword, boolean enableCache) {
                        Set<String> testSet = new HashSet<>();
                        testSet.add("t1");
                        testSet.add("t2");
                        testSet.add("t3");

                  Method benchmark has 39 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                      @Test
                      public void benchmark() {
                          List<AbstractBcrypt> contender = Arrays.asList(new FavreBcrypt(), new JBcrypt(), new BC());
                          prepareMap(contender);
                  
                  

                    Method build has a Cognitive Complexity of 12 (exceeds 5 allowed). Consider refactoring.
                    Open

                            public ArmadilloSharedPreferences build() {
                                if (fingerprint == null) {
                                    throw new IllegalArgumentException("No encryption fingerprint is set - see encryptionFingerprint() methods");
                                }
                    
                    
                    Severity: Minor
                    Found in armadillo/src/main/java/at/favre/lib/armadillo/Armadillo.java - About 1 hr to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Method build has 30 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                            public ArmadilloSharedPreferences build() {
                                if (fingerprint == null) {
                                    throw new IllegalArgumentException("No encryption fingerprint is set - see encryptionFingerprint() methods");
                                }
                    
                    
                    Severity: Minor
                    Found in armadillo/src/main/java/at/favre/lib/armadillo/Armadillo.java - About 1 hr to fix

                      Method onChangePasswordClicked has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                          public void onChangePasswordClicked(View view) {
                              if (binding.currentPassword.getText() == null) {
                                  binding.currentPasswordLayout.setError("Enter current password");
                                  return;
                              } else if (binding.newPassword.getText() == null) {

                        Method testInvalidPasswordShouldNotBeAccessible has 27 lines of code (exceeds 25 allowed). Consider refactoring.
                        Open

                            @Test
                            public void testInvalidPasswordShouldNotBeAccessible() {
                                // open new shared pref and add some data
                                ArmadilloSharedPreferences pref = create("testInvalidPassword", "pw1".toCharArray())
                                    .keyStretchingFunction(new FastKeyStretcher()).build();

                          Method decrypt has 26 lines of code (exceeds 25 allowed). Consider refactoring.
                          Open

                              @Override
                              public byte[] decrypt(@NonNull String contentKey, @Nullable char[] password, byte[] encryptedContent) throws EncryptionProtocolException {
                                  long start = System.currentTimeMillis();
                                  byte[] fingerprintBytes = new byte[0];
                                  byte[] key = new byte[0];

                            Method handleBrokenContent has 5 arguments (exceeds 4 allowed). Consider refactoring.
                            Open

                                void handleBrokenContent(EncryptionProtocolException e, String keyHash, @NonNull String base64Encrypted,
                                                         boolean userPasswordUsed, ArmadilloSharedPreferences sharedPreferences)
                            Severity: Minor
                            Found in armadillo/src/main/java/at/favre/lib/armadillo/RecoveryPolicy.java - About 35 mins to fix

                              Method handleBrokenContent has 5 arguments (exceeds 4 allowed). Consider refactoring.
                              Open

                                  public void handleBrokenContent(EncryptionProtocolException e, String keyHash, @NonNull String base64Encrypted,
                                                                  boolean userPasswordUsed, ArmadilloSharedPreferences sharedPreferences) throws SecureSharedPreferenceCryptoException {
                              Severity: Minor
                              Found in armadillo/src/main/java/at/favre/lib/armadillo/SimpleRecoveryPolicy.java - About 35 mins to fix

                                Method keyDerivationFunction has 5 arguments (exceeds 4 allowed). Consider refactoring.
                                Open

                                    private byte[] keyDerivationFunction(String contentKey, byte[] fingerprint, byte[] contentSalt, byte[] preferenceSalt, @Nullable char[] password) {

                                  Method pbkdf2 has 5 arguments (exceeds 4 allowed). Consider refactoring.
                                  Open

                                      private static byte[] pbkdf2(Provider provider, char[] password, byte[] salt, int iterations, int outBytes) throws NoSuchAlgorithmException, InvalidKeySpecException {
                                  Severity: Minor
                                  Found in armadillo/src/main/java/at/favre/lib/armadillo/PBKDF2KeyStretcher.java - About 35 mins to fix

                                    Method verifyMac has 5 arguments (exceeds 4 allowed). Consider refactoring.
                                    Open

                                        private void verifyMac(byte[] rawEncryptionKey, byte[] cipherText, byte[] iv, byte[] mac, @Nullable byte[] associatedData)
                                    Severity: Minor
                                    Found in armadillo/src/main/java/at/favre/lib/armadillo/AesCbcEncryption.java - About 35 mins to fix
                                      Severity
                                      Category
                                      Status
                                      Source
                                      Language