Sign upLogin

tlsfuzzer/tlslite-ng

View on GitHub
Star

Showing 1,708 of 1,708 total issues

File decode.py has 525 lines of code (exceeds 250 allowed). Consider refactoring.
Open

# Copyright 2021 Sidney Markowitz All Rights Reserved.
# Distributed under MIT license.
# See file LICENSE for detail or copy at https://opensource.org/licenses/MIT

from .huffman import HuffmanCode, brotli_build_huffman_table
Severity: Major
Found in tlslite/utils/brotlidecpy/decode.py - About 1 day to fix

    Identical blocks of code found in 2 locations. Consider refactoring.
    Open

            if heartbeat_ext:
            if not settings.use_heartbeat_extension:
                for result in self._sendError(
                        AlertDescription.unsupported_extension,
                        "Server sent Heartbeat extension without one in "
    Severity: Major
    Found in tlslite/tlsconnection.py and 1 other location - About 1 day to fix
    tlslite/tlsconnection.py on lines 1625..1646

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 132.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    Identical blocks of code found in 2 locations. Consider refactoring.
    Open

            if heartbeat_ext:
            if not settings.use_heartbeat_extension:
                for result in self._sendError(
                        AlertDescription.unsupported_extension,
                        "Server sent Heartbeat extension without one in "
    Severity: Major
    Found in tlslite/tlsconnection.py and 1 other location - About 1 day to fix
    tlslite/tlsconnection.py on lines 1155..1176

    Duplicated Code

    Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

    Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

    When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

    Tuning

    This issue has a mass of 132.

    We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

    The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

    If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

    See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

    Refactorings

    Further Reading

    TLSRecordLayer has 59 functions (exceeds 20 allowed). Consider refactoring.
    Open

    class TLSRecordLayer(object):
    """
    This class handles data transmission for a TLS connection.

    Its only subclass is :py:class:`~tlslite.tlsconnection.TLSConnection`.
    Severity: Major
    Found in tlslite/tlsrecordlayer.py - About 1 day to fix

      Function _check_certchain_with_settings has a Cognitive Complexity of 54 (exceeds 5 allowed). Consider refactoring.
      Open

          def _check_certchain_with_settings(self, cert_chain, settings):
        """
        Verify that the key parameters match enabled ones.

        Checks if the certificate key size matches the minimum and maximum
      Severity: Minor
      Found in tlslite/tlsconnection.py - About 1 day to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      File rsakey.py has 491 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      # Author: Trevor Perrin
# See the LICENSE file for legal information regarding use of this file.

"""Abstract class for RSA."""
      Severity: Minor
      Found in tlslite/utils/rsakey.py - About 7 hrs to fix

        Similar blocks of code found in 2 locations. Consider refactoring.
        Open

                    t.append((plaintext[i * 4    ] << 24 |
                      plaintext[i * 4 + 1] << 16 |
                      plaintext[i * 4 + 2] <<  8 |
                      plaintext[i * 4 + 3]        ) ^ Ke[0][i])
        Severity: Major
        Found in tlslite/utils/rijndael.py and 1 other location - About 7 hrs to fix
        tlslite/utils/rijndael.py on lines 1063..1066

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 121.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 2 locations. Consider refactoring.
        Open

                    t[i] = (ciphertext[i * 4    ] << 24 |
                    ciphertext[i * 4 + 1] << 16 |
                    ciphertext[i * 4 + 2] <<  8 |
                    ciphertext[i * 4 + 3]        ) ^ Kd[0][i]
        Severity: Major
        Found in tlslite/utils/rijndael.py and 1 other location - About 7 hrs to fix
        tlslite/utils/rijndael.py on lines 1018..1021

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 121.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Cyclomatic complexity is too high in method _filterSuites. (45)
        Open

            @staticmethod
    def _filterSuites(suites, settings, version=None):
        if version is None:
            version = settings.maxVersion
        macNames = settings.macNames
        Severity: Minor
        Found in tlslite/constants.py by radon

        Cyclomatic Complexity

        Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

        Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

        Construct Effect on CC Reasoning
        if +1 An if statement is a single decision.
        elif +1 The elif statement adds another decision.
        else +0 The else statement does not cause a new decision. The decision is at the if.
        for +1 There is a decision at the start of the loop.
        while +1 There is a decision at the while statement.
        except +1 Each except branch adds a new conditional path of execution.
        finally +0 The finally block is unconditionally executed.
        with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
        assert +1 The assert statement internally roughly equals a conditional statement.
        Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
        Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

        Source: http://radon.readthedocs.org/en/latest/intro.html

        Cyclomatic complexity is too high in method _server_select_certificate. (44)
        Open

            def _server_select_certificate(self, settings, client_hello,
                                   cipher_suites, cert_chain,
                                   private_key, version):
        """
        This method makes the decision on which certificate/key pair,
        Severity: Minor
        Found in tlslite/tlsconnection.py by radon

        Cyclomatic Complexity

        Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

        Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

        Construct Effect on CC Reasoning
        if +1 An if statement is a single decision.
        elif +1 The elif statement adds another decision.
        else +0 The else statement does not cause a new decision. The decision is at the if.
        for +1 There is a decision at the start of the loop.
        while +1 There is a decision at the while statement.
        except +1 Each except branch adds a new conditional path of execution.
        finally +0 The finally block is unconditionally executed.
        with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
        assert +1 The assert statement internally roughly equals a conditional statement.
        Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
        Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

        Source: http://radon.readthedocs.org/en/latest/intro.html

        Identical blocks of code found in 2 locations. Consider refactoring.
        Open

                while j < KC and t < ROUND_KEY_COUNT:
            Ke[t // BC][t % BC] = tk[j]
            Kd[ROUNDS - (t // BC)][t % BC] = tk[j]
            j += 1
            t += 1
        Severity: Major
        Found in tlslite/utils/rijndael.py and 1 other location - About 6 hrs to fix
        tlslite/utils/rijndael.py on lines 979..983

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 111.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Identical blocks of code found in 2 locations. Consider refactoring.
        Open

                    while j < KC and t < ROUND_KEY_COUNT:
                Ke[t // BC][t % BC] = tk[j]
                Kd[ROUNDS - (t // BC)][t % BC] = tk[j]
                j += 1
                t += 1
        Severity: Major
        Found in tlslite/utils/rijndael.py and 1 other location - About 6 hrs to fix
        tlslite/utils/rijndael.py on lines 948..952

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 111.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Function _handle_srv_pha has a Cognitive Complexity of 43 (exceeds 5 allowed). Consider refactoring.
        Open

            def _handle_srv_pha(self, cert):
        """Process the post-handshake authentication from client."""
        prf_name = 'sha256'
        prf_size = 32
        if self.session.cipherSuite in CipherSuite.sha384PrfSuites:
        Severity: Minor
        Found in tlslite/tlsrecordlayer.py - About 6 hrs to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Function _getFinished has a Cognitive Complexity of 43 (exceeds 5 allowed). Consider refactoring.
        Open

            def _getFinished(self, masterSecret, cipherSuite=None,
                     expect_next_protocol=False, nextProto=None):

        expect_ccs_message = True
        # If we use SessionTicket resumption on client side, there are multiple
        Severity: Minor
        Found in tlslite/tlsconnection.py - About 6 hrs to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Identical blocks of code found in 2 locations. Consider refactoring.
        Open

                    if settings.ticketCipher in ("aes128gcm", "aes256gcm"):
                cipher = createAESGCM(key,
                                      settings.cipherImplementations)
            elif settings.ticketCipher in ("aes128ccm", "aes256ccm"):
                cipher = createAESCCM(key, settings.cipherImplementations)
        Severity: Major
        Found in tlslite/tlsconnection.py and 1 other location - About 6 hrs to fix
        tlslite/tlsconnection.py on lines 2685..2693

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 107.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Identical blocks of code found in 2 locations. Consider refactoring.
        Open

                    if settings.ticketCipher in ("aes128gcm", "aes256gcm"):
                cipher = createAESGCM(key, settings.cipherImplementations)
            elif settings.ticketCipher in ("aes128ccm", "aes256ccm"):
                cipher = createAESCCM(key, settings.cipherImplementations)
            elif settings.ticketCipher in ("aes128ccm_8", "aes256ccm_8"):
        Severity: Major
        Found in tlslite/tlsconnection.py and 1 other location - About 6 hrs to fix
        tlslite/tlsconnection.py on lines 2635..2645

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 107.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 2 locations. Consider refactoring.
        Open

                    try:
                return self.rsa.encrypt(compatLong(ciphertext), None)[0]
            except ValueError as e:
                print("rsa: {0!r}".format(self.rsa), file=sys.stderr)
                values = []
        Severity: Major
        Found in tlslite/utils/pycrypto_rsakey.py and 1 other location - About 6 hrs to fix
        tlslite/utils/pycrypto_rsakey.py on lines 38..48

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 106.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Similar blocks of code found in 2 locations. Consider refactoring.
        Open

                    try:
                return self.rsa.decrypt((compatLong(message),))
            except ValueError as e:
                print("rsa: {0!r}".format(self.rsa), file=sys.stderr)
                values = []
        Severity: Major
        Found in tlslite/utils/pycrypto_rsakey.py and 1 other location - About 6 hrs to fix
        tlslite/utils/pycrypto_rsakey.py on lines 52..62

        Duplicated Code

        Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

        Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

        When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

        Tuning

        This issue has a mass of 106.

        We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

        The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

        If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

        See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

        Refactorings

        Further Reading

        Cyclomatic complexity is too high in method _sigHashesToList. (38)
        Open

            @staticmethod
    def _sigHashesToList(settings, privateKey=None, certList=None,
                         version=(3, 3)):
        """Convert list of valid signature hashes to array of tuples"""
        certType = None
        Severity: Minor
        Found in tlslite/tlsconnection.py by radon

        Cyclomatic Complexity

        Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

        Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

        Construct Effect on CC Reasoning
        if +1 An if statement is a single decision.
        elif +1 The elif statement adds another decision.
        else +0 The else statement does not cause a new decision. The decision is at the if.
        for +1 There is a decision at the start of the loop.
        while +1 There is a decision at the while statement.
        except +1 Each except branch adds a new conditional path of execution.
        finally +0 The finally block is unconditionally executed.
        with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
        assert +1 The assert statement internally roughly equals a conditional statement.
        Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
        Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

        Source: http://radon.readthedocs.org/en/latest/intro.html

        RecordLayer has 45 functions (exceeds 20 allowed). Consider refactoring.
        Open

        class RecordLayer(object):

    """
    Implementation of TLS record layer protocol
        Severity: Minor
        Found in tlslite/recordlayer.py - About 6 hrs to fix
          Severity
          Category
          Status
          Source
          Language