--- a/eric6/Plugins/CheckerPlugins/CodeStyleChecker/CodeStyleCheckerDialog.py Mon Jun 15 18:23:27 2020 +0200
+++ b/eric6/Plugins/CheckerPlugins/CodeStyleChecker/CodeStyleCheckerDialog.py Mon Jun 15 19:01:02 2020 +0200
@@ -52,6 +52,13 @@
'print_function', 'unicode_literals', 'generator_stop',
'annotations']
+ cryptoBitSelectionsDsaRsa = [
+ "512", "1024", "2048", "4096", "8192", "16384", "32786",
+ ]
+ cryptoBitSelectionsEc = [
+ "160", "224", "256", "384", "512",
+ ]
+
checkCategories = {
"A": QCoreApplication.translate(
"CheckerCategories",
@@ -121,6 +128,19 @@
itm.setFlags(itm.flags() | Qt.ItemIsUserCheckable)
itm.setCheckState(Qt.Unchecked)
+ self.dsaHighRiskCombo.addItems(
+ CodeStyleCheckerDialog.cryptoBitSelectionsDsaRsa)
+ self.dsaMediumRiskCombo.addItems(
+ CodeStyleCheckerDialog.cryptoBitSelectionsDsaRsa)
+ self.rsaHighRiskCombo.addItems(
+ CodeStyleCheckerDialog.cryptoBitSelectionsDsaRsa)
+ self.rsaMediumRiskCombo.addItems(
+ CodeStyleCheckerDialog.cryptoBitSelectionsDsaRsa)
+ self.ecHighRiskCombo.addItems(
+ CodeStyleCheckerDialog.cryptoBitSelectionsEc)
+ self.ecMediumRiskCombo.addItems(
+ CodeStyleCheckerDialog.cryptoBitSelectionsEc)
+
self.statisticsButton = self.buttonBox.addButton(
self.tr("Statistics..."), QDialogButtonBox.ActionRole)
self.statisticsButton.setToolTip(
@@ -457,7 +477,30 @@
"MaximumComplexity": 3,
}
- # TODO: add 'SecurityChecker'
+ if "SecurityChecker" not in self.__data:
+ from .Security.SecurityDefaults import SecurityDefaults
+ self.__data["SecurityChecker"] = {
+ "HardcodedTmpDirectories":
+ SecurityDefaults["hardcoded_tmp_directories"],
+ "InsecureHashes":
+ SecurityDefaults["insecure_hashes"],
+ "InsecureSslProtocolVersions":
+ SecurityDefaults["insecure_ssl_protocol_versions"],
+ "WeakKeySizeDsaHigh":
+ str(SecurityDefaults["weak_key_size_dsa_high"]),
+ "WeakKeySizeDsaMedium":
+ str(SecurityDefaults["weak_key_size_dsa_medium"]),
+ "WeakKeySizeRsaHigh":
+ str(SecurityDefaults["weak_key_size_rsa_high"]),
+ "WeakKeySizeRsaMedium":
+ str(SecurityDefaults["weak_key_size_rsa_medium"]),
+ "WeakKeySizeEcHigh":
+ str(SecurityDefaults["weak_key_size_ec_high"]),
+ "WeakKeySizeEcMedium":
+ str(SecurityDefaults["weak_key_size_ec_medium"]),
+ "CheckTypedException":
+ SecurityDefaults["check_typed_exception"],
+ }
self.__initCategoriesList(self.__data["EnabledCheckerCategories"])
self.excludeFilesEdit.setText(self.__data["ExcludeFiles"])
@@ -492,6 +535,28 @@
self.maxAnnotationsComplexitySpinBox.setValue(
self.__data["AnnotationsChecker"]["MaximumComplexity"])
+ # security
+ self.tmpDirectoriesEdit.setPlainText("\n".join(
+ self.__data["SecurityChecker"]["HardcodedTmpDirectories"]))
+ self.hashesEdit.setText(", ".join(
+ self.__data["SecurityChecker"]["InsecureHashes"]))
+ self.insecureSslProtocolsEdit.setPlainText("\n".join(
+ self.__data["SecurityChecker"]["InsecureSslProtocolVersions"]))
+ self.dsaHighRiskCombo.setCurrentText(
+ self.__data["SecurityChecker"]["WeakKeySizeDsaHigh"])
+ self.dsaMediumRiskCombo.setCurrentText(
+ self.__data["SecurityChecker"]["WeakKeySizeDsaMedium"])
+ self.rsaHighRiskCombo.setCurrentText(
+ self.__data["SecurityChecker"]["WeakKeySizeRsaHigh"])
+ self.rsaMediumRiskCombo.setCurrentText(
+ self.__data["SecurityChecker"]["WeakKeySizeRsaMedium"])
+ self.ecHighRiskCombo.setCurrentText(
+ self.__data["SecurityChecker"]["WeakKeySizeEcHigh"])
+ self.ecMediumRiskCombo.setCurrentText(
+ self.__data["SecurityChecker"]["WeakKeySizeEcMedium"])
+ self.typedExceptionsCheckBox.setChecked(
+ self.__data["SecurityChecker"]["CheckTypedException"])
+
self.__cleanupData()
def start(self, fn, save=False, repeat=None):
@@ -556,6 +621,8 @@
self.__cleanupData()
if len(self.files) > 0:
+ self.securityNoteLabel.setVisible(
+ "S" in self.__getCategories(True, asList=True))
self.checkProgress.setMaximum(len(self.files))
self.checkProgressLabel.setVisible(len(self.files) > 1)
self.checkProgress.setVisible(len(self.files) > 1)
@@ -607,14 +674,41 @@
self.maxAnnotationsComplexitySpinBox.value(),
}
- # TODO: add 'SecurityChecker'
- safetyArgs = {}
+ securityArgs = {
+ "hardcoded_tmp_directories": [
+ t.strip()
+ for t in self.tmpDirectoriesEdit.toPlainText().splitlines()
+ ],
+ "insecure_hashes": [
+ h.strip()
+ for h in self.hashesEdit.text().split(",")
+ ],
+ "insecure_ssl_protocol_versions": [
+ p.strip()
+ for p in self.insecureSslProtocolsEdit.toPlainText()
+ .splitlines()
+ ],
+ "weak_key_size_dsa_high":
+ int(self.dsaHighRiskCombo.currentText()),
+ "weak_key_size_dsa_medium":
+ int(self.dsaMediumRiskCombo.currentText()),
+ "weak_key_size_rsa_high":
+ int(self.rsaHighRiskCombo.currentText()),
+ "weak_key_size_rsa_medium":
+ int(self.rsaMediumRiskCombo.currentText()),
+ "weak_key_size_ec_high":
+ int(self.ecHighRiskCombo.currentText()),
+ "weak_key_size_ec_medium":
+ int(self.ecMediumRiskCombo.currentText()),
+ "check_typed_exception":
+ self.typedExceptionsCheckBox.isChecked(),
+ }
self.__options = [excludeMessages, includeMessages, repeatMessages,
fixCodes, noFixCodes, fixIssues, maxLineLength,
maxDocLineLength, blankLines, hangClosing,
docType, codeComplexityArgs, miscellaneousArgs,
- annotationArgs, safetyArgs]
+ annotationArgs, securityArgs]
# now go through all the files
self.progress = 0
@@ -960,9 +1054,37 @@
self.minAnnotationsCoverageSpinBox.value(),
"MaximumComplexity":
self.maxAnnotationsComplexitySpinBox.value(),
- }
-
- # TODO: add 'SecurityChecker'
+ },
+ "SecurityChecker": {
+ "HardcodedTmpDirectories": [
+ t.strip()
+ for t in self.tmpDirectoriesEdit.toPlainText()
+ .splitlines()
+ ],
+ "InsecureHashes": [
+ h.strip()
+ for h in self.hashesEdit.text().split(",")
+ ],
+ "InsecureSslProtocolVersions": [
+ p.strip()
+ for p in self.insecureSslProtocolsEdit.toPlainText()
+ .splitlines()
+ ],
+ "WeakKeySizeDsaHigh":
+ self.dsaHighRiskCombo.currentText(),
+ "WeakKeySizeDsaMedium":
+ self.dsaMediumRiskCombo.currentText(),
+ "WeakKeySizeRsaHigh":
+ self.rsaHighRiskCombo.currentText(),
+ "WeakKeySizeRsaMedium":
+ self.rsaMediumRiskCombo.currentText(),
+ "WeakKeySizeEcHigh":
+ self.ecHighRiskCombo.currentText(),
+ "WeakKeySizeEcMedium":
+ self.ecMediumRiskCombo.currentText(),
+ "CheckTypedException":
+ self.typedExceptionsCheckBox.isChecked(),
+ },
}
if data != self.__data:
self.__data = data
@@ -1060,7 +1182,6 @@
vm.openSourceFile(fn, lineno=lineno, pos=position + 1)
editor = vm.getOpenEditor(fn)
- # TODO: add other syntax errors or do syntax check once for all
if code in ["E901", "E902"]:
editor.toggleSyntaxError(lineno, 0, True, message, True)
else:
@@ -1197,7 +1318,48 @@
Preferences.Prefs.settings.value(
"PEP8/MaximumAnnotationComplexity", 3)))
- # TODO: add 'SecurityChecker'
+ # security
+ from .Security.SecurityDefaults import SecurityDefaults
+ self.tmpDirectoriesEdit.setPlainText("\n".join(
+ Preferences.toList(Preferences.Prefs.settings.value(
+ "PEP8/HardcodedTmpDirectories",
+ SecurityDefaults["hardcoded_tmp_directories"]))))
+ self.hashesEdit.setText(", ".join(
+ Preferences.toList(Preferences.Prefs.settings.value(
+ "PEP8/InsecureHashes",
+ SecurityDefaults["insecure_hashes"])))),
+ self.insecureSslProtocolsEdit.setPlainText("\n".join(
+ Preferences.toList(Preferences.Prefs.settings.value(
+ "PEP8/InsecureSslProtocolVersions",
+ SecurityDefaults["insecure_ssl_protocol_versions"])))),
+ self.dsaHighRiskCombo.setCurrentText(
+ Preferences.Prefs.settings.value(
+ "PEP8/WeakKeySizeDsaHigh",
+ str(SecurityDefaults["weak_key_size_dsa_high"])))
+ self.dsaMediumRiskCombo.setCurrentText(
+ Preferences.Prefs.settings.value(
+ "PEP8/WeakKeySizeDsaMedium",
+ str(SecurityDefaults["weak_key_size_dsa_medium"]))),
+ self.rsaHighRiskCombo.setCurrentText(
+ Preferences.Prefs.settings.value(
+ "PEP8/WeakKeySizeRsaHigh",
+ str(SecurityDefaults["weak_key_size_rsa_high"]))),
+ self.rsaMediumRiskCombo.setCurrentText(
+ Preferences.Prefs.settings.value(
+ "PEP8/WeakKeySizeRsaMedium",
+ str(SecurityDefaults["weak_key_size_rsa_medium"]))),
+ self.ecHighRiskCombo.setCurrentText(
+ Preferences.Prefs.settings.value(
+ "PEP8/WeakKeySizeEcHigh",
+ str(SecurityDefaults["weak_key_size_ec_high"]))),
+ self.ecMediumRiskCombo.setCurrentText(
+ Preferences.Prefs.settings.value(
+ "PEP8/WeakKeySizeEcMedium",
+ str(SecurityDefaults["weak_key_size_ec_medium"]))),
+ self.typedExceptionsCheckBox.setChecked(Preferences.toBool(
+ Preferences.Prefs.settings.value(
+ "PEP8/CheckTypedException",
+ SecurityDefaults["check_typed_exception"]))),
self.__cleanupData()
@@ -1266,7 +1428,43 @@
"PEP8/MaximumAnnotationComplexity",
self.maxAnnotationsComplexitySpinBox.value())
- # TODO: add 'SecurityChecker'
+ # security
+ Preferences.Prefs.settings.setValue(
+ "PEP8/HardcodedTmpDirectories",
+ [t.strip()
+ for t in self.tmpDirectoriesEdit.toPlainText().splitlines()
+ ]),
+ Preferences.Prefs.settings.setValue(
+ "PEP8/InsecureHashes",
+ [h.strip()
+ for h in self.hashesEdit.text().split(",")
+ ]),
+ Preferences.Prefs.settings.setValue(
+ "PEP8/InsecureSslProtocolVersions",
+ [p.strip()
+ for p in self.insecureSslProtocolsEdit.toPlainText().splitlines()
+ ]),
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeDsaHigh",
+ self.dsaHighRiskCombo.currentText()),
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeDsaMedium",
+ self.dsaMediumRiskCombo.currentText()),
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeRsaHigh",
+ self.rsaHighRiskCombo.currentText()),
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeRsaMedium",
+ self.rsaMediumRiskCombo.currentText()),
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeEcHigh",
+ self.ecHighRiskCombo.currentText()),
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeEcMedium",
+ self.ecMediumRiskCombo.currentText()),
+ Preferences.Prefs.settings.setValue(
+ "PEP8/CheckTypedException",
+ self.typedExceptionsCheckBox.isChecked()),
@pyqtSlot()
def on_resetDefaultButton_clicked(self):
@@ -1314,7 +1512,38 @@
Preferences.Prefs.settings.setValue(
"PEP8/MaximumAnnotationComplexity", 3)
- # TODO: add 'SecurityChecker'
+ # security
+ from .Security.SecurityDefaults import SecurityDefaults
+ Preferences.Prefs.settings.setValue(
+ "PEP8/HardcodedTmpDirectories",
+ SecurityDefaults["hardcoded_tmp_directories"])
+ Preferences.Prefs.settings.setValue(
+ "PEP8/InsecureHashes",
+ SecurityDefaults["insecure_hashes"])
+ Preferences.Prefs.settings.setValue(
+ "PEP8/InsecureSslProtocolVersions",
+ SecurityDefaults["insecure_ssl_protocol_versions"])
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeDsaHigh",
+ str(SecurityDefaults["weak_key_size_dsa_high"]))
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeDsaMedium",
+ str(SecurityDefaults["weak_key_size_dsa_medium"]))
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeRsaHigh",
+ str(SecurityDefaults["weak_key_size_rsa_high"]))
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeRsaMedium",
+ str(SecurityDefaults["weak_key_size_rsa_medium"]))
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeEcHigh",
+ str(SecurityDefaults["weak_key_size_ec_high"]))
+ Preferences.Prefs.settings.setValue(
+ "PEP8/WeakKeySizeEcMedium",
+ str(SecurityDefaults["weak_key_size_ec_medium"]))
+ Preferences.Prefs.settings.setValue(
+ "PEP8/CheckTypedException",
+ SecurityDefaults["check_typed_exception"])
# Update UI with default values
self.on_loadDefaultButton_clicked()
