Sign upLogin

tlsfuzzer/tlslite-ng

View on GitHub
Star

Showing 324 of 1,708 total issues

Function _server_select_certificate has a Cognitive Complexity of 73 (exceeds 5 allowed). Consider refactoring.
Open

    def _server_select_certificate(self, settings, client_hello,
                                   cipher_suites, cert_chain,
                                   private_key, version):
        """
        This method makes the decision on which certificate/key pair,
Severity: Minor
Found in tlslite/tlsconnection.py - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function _clientSendClientHello has a Cognitive Complexity of 70 (exceeds 5 allowed). Consider refactoring.
Open

    def _clientSendClientHello(self, settings, session, srpUsername,
                                srpParams, certParams, anonParams,
                                serverName, nextProtos, reqTack, alpn):
        #Initialize acceptable ciphersuites
        cipherSuites = [CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Severity: Minor
Found in tlslite/tlsconnection.py - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function _sigHashesToList has a Cognitive Complexity of 69 (exceeds 5 allowed). Consider refactoring.
Open

    def _sigHashesToList(settings, privateKey=None, certList=None,
                         version=(3, 3)):
        """Convert list of valid signature hashes to array of tuples"""
        certType = None
        publicKey = None
Severity: Minor
Found in tlslite/tlsconnection.py - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function readAsync has a Cognitive Complexity of 66 (exceeds 5 allowed). Consider refactoring.
Open

    def readAsync(self, max=None, min=1):
        """Start a read operation on the TLS connection.

        This function returns a generator which behaves similarly to
        read().  Successive invocations of the generator will return 0
Severity: Minor
Found in tlslite/tlsrecordlayer.py - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

File decode.py has 525 lines of code (exceeds 250 allowed). Consider refactoring.
Open

# Copyright 2021 Sidney Markowitz All Rights Reserved.
# Distributed under MIT license.
# See file LICENSE for detail or copy at https://opensource.org/licenses/MIT

from .huffman import HuffmanCode, brotli_build_huffman_table
Severity: Major
Found in tlslite/utils/brotlidecpy/decode.py - About 1 day to fix

    TLSRecordLayer has 59 functions (exceeds 20 allowed). Consider refactoring.
    Open

    class TLSRecordLayer(object):
    """
    This class handles data transmission for a TLS connection.

    Its only subclass is :py:class:`~tlslite.tlsconnection.TLSConnection`.
    Severity: Major
    Found in tlslite/tlsrecordlayer.py - About 1 day to fix

      Function _check_certchain_with_settings has a Cognitive Complexity of 54 (exceeds 5 allowed). Consider refactoring.
      Open

          def _check_certchain_with_settings(self, cert_chain, settings):
        """
        Verify that the key parameters match enabled ones.

        Checks if the certificate key size matches the minimum and maximum
      Severity: Minor
      Found in tlslite/tlsconnection.py - About 1 day to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      File rsakey.py has 491 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      # Author: Trevor Perrin
# See the LICENSE file for legal information regarding use of this file.

"""Abstract class for RSA."""
      Severity: Minor
      Found in tlslite/utils/rsakey.py - About 7 hrs to fix

        Function _handle_srv_pha has a Cognitive Complexity of 43 (exceeds 5 allowed). Consider refactoring.
        Open

            def _handle_srv_pha(self, cert):
        """Process the post-handshake authentication from client."""
        prf_name = 'sha256'
        prf_size = 32
        if self.session.cipherSuite in CipherSuite.sha384PrfSuites:
        Severity: Minor
        Found in tlslite/tlsrecordlayer.py - About 6 hrs to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Function _getFinished has a Cognitive Complexity of 43 (exceeds 5 allowed). Consider refactoring.
        Open

            def _getFinished(self, masterSecret, cipherSuite=None,
                     expect_next_protocol=False, nextProto=None):

        expect_ccs_message = True
        # If we use SessionTicket resumption on client side, there are multiple
        Severity: Minor
        Found in tlslite/tlsconnection.py - About 6 hrs to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        RecordLayer has 45 functions (exceeds 20 allowed). Consider refactoring.
        Open

        class RecordLayer(object):

    """
    Implementation of TLS record layer protocol
        Severity: Minor
        Found in tlslite/recordlayer.py - About 6 hrs to fix

          TLSConnection has 44 functions (exceeds 20 allowed). Consider refactoring.
          Open

          class TLSConnection(TLSRecordLayer):
    """
    This class wraps a socket and provides TLS handshaking and data transfer.

    To use this class, create a new instance, passing a connected
          Severity: Minor
          Found in tlslite/tlsconnection.py - About 6 hrs to fix

            Function read_huffman_code has a Cognitive Complexity of 37 (exceeds 5 allowed). Consider refactoring.
            Open

            def read_huffman_code(alphabet_size, tables, table, br):
    code_lengths = bytearray([0] * alphabet_size)

    # simple_code_or_skip is used as follows:
    # 1 for simple code
            Severity: Minor
            Found in tlslite/utils/brotlidecpy/decode.py - About 5 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function recvRecord has a Cognitive Complexity of 35 (exceeds 5 allowed). Consider refactoring.
            Open

                def recvRecord(self):
        """
        Read, decrypt and check integrity of a single record

        :rtype: tuple
            Severity: Minor
            Found in tlslite/recordlayer.py - About 5 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function parse has a Cognitive Complexity of 34 (exceeds 5 allowed). Consider refactoring.
            Open

                    def parse(s, passwordCallback=None):
            # Skip forward to the first PEM header
            start = s.find("-----BEGIN ")
            if start == -1:
                raise SyntaxError()
            Severity: Minor
            Found in tlslite/utils/openssl_rsakey.py - About 5 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function _parse_pkcs8 has a Cognitive Complexity of 32 (exceeds 5 allowed). Consider refactoring.
            Open

                def _parse_pkcs8(bytes):
        parser = ASN1Parser(bytes)

        # first element in PrivateKeyInfo is an INTEGER
        version = parser.getChild(0).value
            Severity: Minor
            Found in tlslite/utils/python_key.py - About 4 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function _decrefAsync has a Cognitive Complexity of 32 (exceeds 5 allowed). Consider refactoring.
            Open

                def _decrefAsync(self):
        self._refCount -= 1
        if self._refCount == 0 and not self.closed:
            try:
                for result in self._sendMsg(Alert().create(\
            Severity: Minor
            Found in tlslite/tlsrecordlayer.py - About 4 hrs to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            File codec.py has 361 lines of code (exceeds 250 allowed). Consider refactoring.
            Open

            # Author: Trevor Perrin
# See the LICENSE file for legal information regarding use of this file.

"""Classes for reading/writing binary data (such as TLS records)."""
            Severity: Minor
            Found in tlslite/utils/codec.py - About 4 hrs to fix

              Function _filterSuites has a Cognitive Complexity of 29 (exceeds 5 allowed). Consider refactoring.
              Open

                  def _filterSuites(suites, settings, version=None):
        if version is None:
            version = settings.maxVersion
        macNames = settings.macNames
        cipherNames = settings.cipherNames
              Severity: Minor
              Found in tlslite/constants.py - About 4 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Function read_huffman_code_lengths has a Cognitive Complexity of 28 (exceeds 5 allowed). Consider refactoring.
              Open

              def read_huffman_code_lengths(code_length_code_lengths, num_symbols,
                              code_lengths, br):
    symbol = 0
    prev_code_len = kDefaultCodeLength
    repeat = 0
              Severity: Minor
              Found in tlslite/utils/brotlidecpy/decode.py - About 4 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Severity
              Category
              Status
              Source
              Language