patrickfav/bcrypt

View on GitHub

Showing 30 of 32 total issues

File BCryptOpenBSDProtocol.java has 377 lines of code (exceeds 250 allowed). Consider refactoring.
Open

// Copyright (c) 2006 Damien Miller <djm@mindrot.org>
//
// Permission to use, copy, modify, and distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.

    File BCrypt.java has 360 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    package at.favre.lib.crypto.bcrypt;
    
    import at.favre.lib.bytes.Bytes;
    import at.favre.lib.bytes.BytesTransformer;
    import at.favre.lib.bytes.BytesValidators;
    Severity: Minor
    Found in modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/BCrypt.java - About 4 hrs to fix

      Method parse has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring.
      Open

              @Override
              public BCrypt.HashData parse(byte[] bcryptHash) throws IllegalBCryptFormatException {
      
                  if (bcryptHash == null || bcryptHash.length == 0) {
                      throw new IllegalArgumentException("must provide non-null, non-empty hash");

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method decode has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
      Open

              @Override
              public byte[] decode(byte[] in) {
                  // Ignore trailing '=' padding and whitespace from the input.
                  int limit = in.length;
                  for (; limit > 0; limit--) {

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Method parse has 47 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

              @Override
              public BCrypt.HashData parse(byte[] bcryptHash) throws IllegalBCryptFormatException {
      
                  if (bcryptHash == null || bcryptHash.length == 0) {
                      throw new IllegalArgumentException("must provide non-null, non-empty hash");

        Method decode has 44 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

                @Override
                public byte[] decode(byte[] in) {
                    // Ignore trailing '=' padding and whitespace from the input.
                    int limit = in.length;
                    for (; limit > 0; limit--) {

          Identical blocks of code found in 2 locations. Consider refactoring.
          Open

                  for (i = 0; i < plen; i += 2) {
                      lr[0] ^= streamToWord(data, doffp);
                      lr[1] ^= streamToWord(data, doffp);
                      encipher(P, S, lr, 0);
                      P[i] = lr[0];
          modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/BCryptOpenBSDProtocol.java on lines 400..406

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 102.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Identical blocks of code found in 2 locations. Consider refactoring.
          Open

                  for (i = 0; i < slen; i += 2) {
                      lr[0] ^= streamToWord(data, doffp);
                      lr[1] ^= streamToWord(data, doffp);
                      encipher(P, S, lr, 0);
                      S[i] = lr[0];
          modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/BCryptOpenBSDProtocol.java on lines 391..397

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 102.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Method parse has 29 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

              public static Arg parse(String[] inputArgs) {
                  Options options = setupOptions();
                  CommandLineParser parser = new DefaultParser();
                  Arg argument = new Arg();
          
          

            Method hashRaw has 28 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

                    public HashData hashRaw(int cost, byte[] salt, byte[] password) {
                        if (cost > MAX_COST || cost < MIN_COST) {
                            throw new IllegalArgumentException("cost factor must be between " + MIN_COST + " and " + MAX_COST + ", was " + cost);
                        }
                        if (salt == null) {
            Severity: Minor
            Found in modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/BCrypt.java - About 1 hr to fix

              Method hashRaw has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
              Open

                      public HashData hashRaw(int cost, byte[] salt, byte[] password) {
                          if (cost > MAX_COST || cost < MIN_COST) {
                              throw new IllegalArgumentException("cost factor must be between " + MIN_COST + " and " + MAX_COST + ", was " + cost);
                          }
                          if (salt == null) {
              Severity: Minor
              Found in modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/BCrypt.java - About 1 hr to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method execute has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
              Open

                  static int execute(Arg arguments, PrintStream stream, PrintStream errorStream) {
                      if (arguments == null) {
                          return 2;
                      }
              
              

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method cryptRaw has 27 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                  byte[] cryptRaw(long rounds, byte[] salt, byte[] password, int[] cdata) {
                      if (rounds < 0) {
                          throw new IllegalArgumentException("rounds must not be negative");
                      }
              
              

                Identical blocks of code found in 2 locations. Consider refactoring.
                Open

                        for (i = 0; i < plen; i += 2) {
                            encipher(P, S, lr, 0);
                            P[i] = lr[0];
                            P[i + 1] = lr[1];
                        }
                modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/BCryptOpenBSDProtocol.java on lines 451..455

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 70.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Identical blocks of code found in 2 locations. Consider refactoring.
                Open

                        for (i = 0; i < slen; i += 2) {
                            encipher(P, S, lr, 0);
                            S[i] = lr[0];
                            S[i + 1] = lr[1];
                        }
                modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/BCryptOpenBSDProtocol.java on lines 445..449

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 70.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Method parse has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
                Open

                    public static Arg parse(String[] inputArgs) {
                        Options options = setupOptions();
                        CommandLineParser parser = new DefaultParser();
                        Arg argument = new Arg();
                
                

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Identical blocks of code found in 2 locations. Consider refactoring.
                Open

                        @Override
                        public int hashCode() {
                            int result = Objects.hash(cost, version);
                            result = 31 * result + Arrays.hashCode(rawSalt);
                            result = 31 * result + Arrays.hashCode(rawHash);
                modules/bcrypt-cli/src/main/java/at/favre/lib/crypto/bcrypt/cli/Arg.java on lines 46..53

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 61.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Identical blocks of code found in 2 locations. Consider refactoring.
                Open

                    @Override
                    public int hashCode() {
                
                        int result = Objects.hash(checkBcryptHash, costFactor);
                        result = 31 * result + Arrays.hashCode(password);
                modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/BCrypt.java on lines 372..378

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 61.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Identical blocks of code found in 2 locations. Consider refactoring.
                Open

                                out[index++] = map[((in[i] & 0x03) << 4) | ((in[i + 1] & 0xff) >> 4)];
                modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/Radix64Encoder.java on lines 164..164

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 58.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Identical blocks of code found in 2 locations. Consider refactoring.
                Open

                                    out[index++] = map[((in[end] & 0x03) << 4) | ((in[end + 1] & 0xff) >> 4)];
                modules/bcrypt/src/main/java/at/favre/lib/crypto/bcrypt/Radix64Encoder.java on lines 153..153

                Duplicated Code

                Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

                Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

                When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

                Tuning

                This issue has a mass of 58.

                We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

                The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

                If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

                See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

                Refactorings

                Further Reading

                Severity
                Category
                Status
                Source
                Language