Comment on page
Remediate OWASP A02:2021 Cryptographic failures

org.openrewrite.java.security.OwaspA02
OWASP A02:2021 describes failures related to cryptography (or lack thereof), which often lead to exposure of sensitive data. This recipe seeks to remediate these vulnerabilities.
Recipe source
​GitHub, Issue Tracker, Maven Central​
groupId: org.openrewrite.recipe
artifactId: rewrite-java-security
version: 2.1.0
Usage
This recipe has no required configuration options. It can be activated by adding a dependency on org.openrewrite.recipe:rewrite-java-security:2.1.0 in your build file or by running a shell command (in which case no build changes are needed):
Gradle
Gradle init script
Maven POM
Maven Command Line
Moderne CLI
1.Add the following to your build.gradle file:
build.gradle
plugins {
    id("org.openrewrite.rewrite") version("6.5.6")
}
​
rewrite {
    activeRecipe("org.openrewrite.java.security.OwaspA02")
}
​
repositories {
    mavenCentral()
}
​
dependencies {
    rewrite("org.openrewrite.recipe:rewrite-java-security:2.1.0")
}
2.Run gradle rewriteRun to run the recipe.
1.Create a file named init.gradle in the root of your project.
init.gradle
initscript {
    repositories {
        maven { url "https://plugins.gradle.org/m2" }
    }
    dependencies { classpath("org.openrewrite:plugin:6.5.6") }
}
rootProject {
    plugins.apply(org.openrewrite.gradle.RewritePlugin)
    dependencies {
        rewrite("org.openrewrite.recipe:rewrite-java-security:2.1.0")
    }
    rewrite {
        activeRecipe("org.openrewrite.java.security.OwaspA02")
    }
    afterEvaluate {
        if (repositories.isEmpty()) {
            repositories {
                mavenCentral()
            }
        }
    }
}
2.Run gradle --init-script init.gradle rewriteRun to run the recipe.
1.Add the following to your pom.xml file:
pom.xml
<project>
  <build>
    <plugins>
      <plugin>
        <groupId>org.openrewrite.maven</groupId>
        <artifactId>rewrite-maven-plugin</artifactId>
        <version>5.13.0</version>
        <configuration>
          <activeRecipes>
            <recipe>org.openrewrite.java.security.OwaspA02</recipe>
          </activeRecipes>
        </configuration>
        <dependencies>
          <dependency>
            <groupId>org.openrewrite.recipe</groupId>
            <artifactId>rewrite-java-security</artifactId>
            <version>2.1.0</version>
          </dependency>
        </dependencies>
      </plugin>
    </plugins>
  </build>
</project>
2.Run mvn rewrite:run to run the recipe.
shell
mvn -U org.openrewrite.maven:rewrite-maven-plugin:run \
  -Drewrite.recipeArtifactCoordinates=org.openrewrite.recipe:rewrite-java-security:RELEASE \
  -Drewrite.activeRecipes=org.openrewrite.java.security.OwaspA02
You will need to have configured the Moderne CLI on your machine before you can run the following command.
shell
mod run . --recipe OwaspA02
Definition
Recipe List
Yaml Recipe List
​Finds uses of Encryptors.queryableText()​
---
type: specs.openrewrite.org/v1beta/recipe
name: org.openrewrite.java.security.OwaspA02
displayName: Remediate OWASP A02:2021 Cryptographic failures
description: OWASP [A02:2021](https://owasp.org/Top10/A02_2021-Cryptographic_Failures/) describes failures related to cryptography  (or lack thereof), which often lead to exposure of sensitive data. This recipe seeks to remediate these vulnerabilities.
​
recipeList:
  - org.openrewrite.java.spring.security5.search.FindEncryptorsQueryableTextUses
​
See how this recipe works across multiple open-source repositories
​​
​​
The community edition of the Moderne platform enables you to easily run recipes across thousands of open-source repositories.
Please contact Moderne for more information about safely running the recipes on your own codebase in a private SaaS.
Remediate OWASP A01:2021 Broken access control
Remediate OWASP A03:2021 Injection
Last modified 12d ago