Sign upLogin

tlsfuzzer/tlslite-ng

View on GitHub
Star

Showing 324 of 1,708 total issues

Function _serverGetClientHello has a Cognitive Complexity of 584 (exceeds 5 allowed). Consider refactoring.
Open

    def _serverGetClientHello(self, settings, private_key, cert_chain,
                              verifierDB,
                              sessionCache, anon, alpn, sni):
        # Tentatively set version to most-desirable version, so if an error
        # occurs parsing the ClientHello, this will be the version we'll use
Severity: Minor
Found in tlslite/tlsconnection.py - About 1 wk to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

File tlsconnection.py has 3887 lines of code (exceeds 250 allowed). Consider refactoring.
Open

# Authors:
#   Trevor Perrin
#   Google - added reqCAs parameter
#   Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support
#   Google - FALLBACK_SCSV
Severity: Major
Found in tlslite/tlsconnection.py - About 1 wk to fix

    File messages.py has 2125 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    # Authors:
#   Trevor Perrin
#   Google - handling CertificateRequest.certificate_types
#   Google (adapted by Sam Rushing and Marcelo Fernandez) - NPN support
#   Dimitris Moraitis - Anon ciphersuites
    Severity: Major
    Found in tlslite/messages.py - About 5 days to fix

      File extensions.py has 1694 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      # Copyright (c) 2014, 2015 Hubert Kario
#
# See the LICENSE file for legal information regarding use of this file.

""" Helper package for handling TLS extensions encountered in ClientHello
      Severity: Major
      Found in tlslite/extensions.py - About 4 days to fix

        Function _getMsg has a Cognitive Complexity of 182 (exceeds 5 allowed). Consider refactoring.
        Open

            def _getMsg(self, expectedType, secondaryType=None, constructorType=None):
        try:
            if not isinstance(expectedType, tuple):
                expectedType = (expectedType,)
        Severity: Minor
        Found in tlslite/tlsrecordlayer.py - About 3 days to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        File constants.py has 1353 lines of code (exceeds 250 allowed). Consider refactoring.
        Open

        # Authors:
#   Trevor Perrin
#   Google - defining ClientCertificateType
#   Google (adapted by Sam Rushing) - NPN support
#   Dimitris Moraitis - Anon ciphersuites
        Severity: Major
        Found in tlslite/constants.py - About 3 days to fix

          Function _serverTLS13Handshake has a Cognitive Complexity of 149 (exceeds 5 allowed). Consider refactoring.
          Open

              def _serverTLS13Handshake(self, settings, clientHello, cipherSuite,
                              privateKey, serverCertChain, version, scheme,
                              srv_alpns, reqCert):
        """Perform a TLS 1.3 handshake"""
        prf_name, prf_size = self._getPRFParams(cipherSuite)
          Severity: Minor
          Found in tlslite/tlsconnection.py - About 3 days to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          File tlsrecordlayer.py has 1163 lines of code (exceeds 250 allowed). Consider refactoring.
          Open

          # Authors:
#   Trevor Perrin
#   Google (adapted by Sam Rushing) - NPN support
#   Google - minimal padding
#   Martin von Loewis - python 3 port
          Severity: Major
          Found in tlslite/tlsrecordlayer.py - About 2 days to fix

            Function _clientTLS13Handshake has a Cognitive Complexity of 141 (exceeds 5 allowed). Consider refactoring.
            Open

                def _clientTLS13Handshake(self, settings, session, clientHello,
                              clientCertChain, privateKey, serverHello):
        """Perform TLS 1.3 handshake as a client."""
        prfName, prf_size = self._getPRFParams(serverHello.cipher_suite)
            Severity: Minor
            Found in tlslite/tlsconnection.py - About 2 days to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function _clientGetServerHello has a Cognitive Complexity of 141 (exceeds 5 allowed). Consider refactoring.
            Open

                def _clientGetServerHello(self, settings, session, clientHello):
        client_hello_hash = self._handshake_hash.copy()
        for result in self._getMsg(ContentType.handshake,
                                   HandshakeType.server_hello):
            if result in (0,1): yield result
            Severity: Minor
            Found in tlslite/tlsconnection.py - About 2 days to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            File recordlayer.py has 1047 lines of code (exceeds 250 allowed). Consider refactoring.
            Open

            # Copyright (c) 2014, Hubert Kario
#
# See the LICENSE file for legal information regarding use of this file.

"""Implementation of the TLS Record Layer protocol"""
            Severity: Major
            Found in tlslite/recordlayer.py - About 2 days to fix

              File rijndael.py has 1029 lines of code (exceeds 250 allowed). Consider refactoring.
              Open

              # Authors:
#   Bram Cohen
#   Trevor Perrin - various changes
#
# See the LICENSE file for legal information regarding use of this file.
              Severity: Major
              Found in tlslite/utils/rijndael.py - About 2 days to fix

                File keyexchange.py has 1005 lines of code (exceeds 250 allowed). Consider refactoring.
                Open

                # Authors:
#   Hubert Kario (2015)
#
# See the LICENSE file for legal information regarding use of this file.
"""Handling of cryptographic operations for key exchange"""
                Severity: Major
                Found in tlslite/keyexchange.py - About 2 days to fix

                  Function _handshakeServerAsyncHelper has a Cognitive Complexity of 119 (exceeds 5 allowed). Consider refactoring.
                  Open

                      def _handshakeServerAsyncHelper(self, verifierDB,
                                    cert_chain, privateKey, reqCert,
                                    sessionCache, settings, reqCAs, tacks,
                                    activationFlags, nextProtos, anon, alpn,
                                    sni):
                  Severity: Minor
                  Found in tlslite/tlsconnection.py - About 2 days to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Function _serverCertKeyExchange has a Cognitive Complexity of 116 (exceeds 5 allowed). Consider refactoring.
                  Open

                      def _serverCertKeyExchange(self, clientHello, serverHello, sigHashAlg,
                                serverCertChain, keyExchange,
                                reqCert, reqCAs, cipherSuite,
                                settings):
        #Send ServerHello, Certificate or Compressed Certificate
                  Severity: Minor
                  Found in tlslite/tlsconnection.py - About 2 days to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Function _clientKeyExchange has a Cognitive Complexity of 107 (exceeds 5 allowed). Consider refactoring.
                  Open

                      def _clientKeyExchange(self, settings, cipherSuite,
                           clientCertChain, privateKey,
                           certificateType,
                           tackExt, clientRandom, serverRandom,
                           keyExchange):
                  Severity: Minor
                  Found in tlslite/tlsconnection.py - About 2 days to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Function brotli_decompress_buffer has a Cognitive Complexity of 100 (exceeds 5 allowed). Consider refactoring.
                  Open

                  def brotli_decompress_buffer(input_buffer, buffer_limit=None):
    br = BrotliBitReader(input_buffer)
    output_buffer = bytearray([])
    pos = 0
    input_end = 0
                  Severity: Minor
                  Found in tlslite/utils/brotlidecpy/decode.py - About 2 days to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  File mathtls.py has 834 lines of code (exceeds 250 allowed). Consider refactoring.
                  Open

                  # Authors: 
#   Trevor Perrin
#   Dave Baggett (Arcode Corporation) - MD5 support for MAC_SSL
#   Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2
#   Hubert Kario - SHA384 PRF
                  Severity: Major
                  Found in tlslite/mathtls.py - About 2 days to fix

                    Function _handshakeClientAsyncHelper has a Cognitive Complexity of 88 (exceeds 5 allowed). Consider refactoring.
                    Open

                        def _handshakeClientAsyncHelper(self, srpParams, certParams, anonParams,
                               session, settings, serverName, nextProtos,
                               reqTack, alpn):

        self._handshakeStart(client=True)
                    Severity: Minor
                    Found in tlslite/tlsconnection.py - About 1 day to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    File handshakesettings.py has 670 lines of code (exceeds 250 allowed). Consider refactoring.
                    Open

                    # Authors:
#   Trevor Perrin
#   Dave Baggett (Arcode Corporation) - cleanup handling of constants
#   Yngve Pettersen (ported by Paul Sokolovsky) - TLS 1.2
#
                    Severity: Major
                    Found in tlslite/handshakesettings.py - About 1 day to fix
                      Severity
                      Category
                      Status
                      Source
                      Language