Use .delux() for a 'stronger' password-based encryption :: Recipe Details

Recipe Name:

Use .delux() for a 'stronger' password-based encryption

Description:

Encryptors.delux() uses a 'stronger' password-based encryption

Level:

warning

Language:

java

Tags:

Spring
security
framework specific
Spring Security

Documentation

Encryptors.text() is a text encryptor that makes use of 'standard' password-based encryption. This mode is not authenticated, so confidentiality and authenticity of the data are never guaranteed. For more security, use Encryptors.delux() which implements the 'stronger' password-based encryption.

Before

Encryptors.text(password, salt);

After

Encryptors.delux(password, salt);

References

Recipe

id: scw:spring:encryptors:delux
version: 10
metadata:
  name: Use .delux() for a 'stronger' password-based encryption
  shortDescription: Encryptors.delux() uses a 'stronger' password-based encryption
  level: warning
  language: java
  scwCategory: broken_cryptography:use_of_insecuredeprecated_alogirthms
  enabled: true
  descriptionFile: descriptions/Useastrongerpasswordbasedencryption.html
  tags: Spring;security;framework specific;Spring Security
search:
  methodcall:
    name: text
    type: org.springframework.security.crypto.encrypt.Encryptors
availableFixes:
- name: Use .delux()
  actions:
  - rewrite:
      to: '{{{ qualifier }}}.delux{{{ argumentList }}}'