Feature/rag‐template‐processor

.classpath

@@ -9,6 +9,7 @@
 	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="optional" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="src" output="target/test-classes" path="src/test/java">
@@ -18,7 +19,7 @@
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-11">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
@@ -28,5 +29,26 @@
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
 	</classpathentry>
+	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
+		<attributes>
+			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="test" value="true"/>
+			<attribute name="optional" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" output="target/test-classes" path="target/generated-test-sources/test-annotations">
+		<attributes>
+			<attribute name="optional" value="true"/>
+			<attribute name="test" value="true"/>
+			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="ignore_optional_problems" value="true"/>
+			<attribute name="m2e-apt" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path="target/generated-sources/annotations">
+		<attributes>
+			<attribute name="optional" value="true"/>
+		</attributes>
+	</classpathentry>
 	<classpathentry kind="output" path="target/classes"/>
 </classpath>

.gitignore

@@ -10,4 +10,8 @@ Output/
 shippable/
 *.class
 *.temp
-dotFSMs/
+dotFSMs/
+*.env
+.venv/
+sanitized_rules/
+temp_rules/

.project

@@ -20,4 +20,15 @@
 		<nature>org.eclipse.jdt.core.javanature</nature>
 		<nature>org.eclipse.m2e.core.maven2Nature</nature>
 	</natures>
+	<filteredResources>
+		<filter>
+			<id>1745962974473</id>
+			<name></name>
+			<type>30</type>
+			<matcher>
+				<id>org.eclipse.core.resources.regexFilterMatcher</id>
+				<arguments>node_modules|\.git|__CREATED_BY_JAVA_LANGUAGE_SERVER__</arguments>
+			</matcher>
+		</filter>
+	</filteredResources>
 </projectDescription>

.run/CryptoDoc Generation.run.xml

@@ -0,0 +1,21 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="CryptoDoc Generation" type="Application" factoryName="Application">
+    <option name="MAIN_CLASS_NAME" value="de.upb.docgen.DocumentGeneratorMain" />
+    <module name="DocGen" />
+    <option name="PROGRAM_PARAMETERS" value="--rulesDir src/main/resources/CrySLRules --FTLtemplatesPath src/main/resources/FTLTemplates --LANGtemplatesPath src/main/resources/Templates --reportPath Output --llm=on --llm-backend=openai" />
+    <option name="VM_PARAMETERS" value="-Dfile.encoding=UTF-8" />
+    <extension name="net.ashald.envfile">
+      <option name="IS_ENABLED" value="false" />
+      <option name="IS_SUBST" value="false" />
+      <option name="IS_PATH_MACRO_SUPPORTED" value="false" />
+      <option name="IS_IGNORE_MISSING_FILES" value="false" />
+      <option name="IS_ENABLE_EXPERIMENTAL_INTEGRATIONS" value="false" />
+      <ENTRIES>
+        <ENTRY IS_ENABLED="true" PARSER="runconfig" IS_EXECUTABLE="false" />
+      </ENTRIES>
+    </extension>
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.settings/org.eclipse.jdt.core.prefs

@@ -1,8 +1,20 @@
 eclipse.preferences.version=1
-org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
-org.eclipse.jdt.core.compiler.compliance=1.8
+org.eclipse.jdt.core.compiler.annotation.missingNonNullByDefaultAnnotation=ignore
+org.eclipse.jdt.core.compiler.annotation.nonnull=javax.annotation.Nonnull
+org.eclipse.jdt.core.compiler.annotation.nonnullbydefault=javax.annotation.ParametersAreNonnullByDefault
+org.eclipse.jdt.core.compiler.annotation.nullable=javax.annotation.Nullable
+org.eclipse.jdt.core.compiler.annotation.nullanalysis=enabled
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=11
+org.eclipse.jdt.core.compiler.compliance=11
 org.eclipse.jdt.core.compiler.problem.enablePreviewFeatures=disabled
 org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
+org.eclipse.jdt.core.compiler.problem.nullAnnotationInferenceConflict=warning
+org.eclipse.jdt.core.compiler.problem.nullReference=warning
+org.eclipse.jdt.core.compiler.problem.nullSpecViolation=warning
+org.eclipse.jdt.core.compiler.problem.nullUncheckedConversion=ignore
+org.eclipse.jdt.core.compiler.problem.potentialNullReference=warning
 org.eclipse.jdt.core.compiler.problem.reportPreviewFeatures=ignore
-org.eclipse.jdt.core.compiler.release=disabled
-org.eclipse.jdt.core.compiler.source=1.8
+org.eclipse.jdt.core.compiler.problem.syntacticNullAnalysisForFields=enabled
+org.eclipse.jdt.core.compiler.processAnnotations=enabled
+org.eclipse.jdt.core.compiler.release=enabled
+org.eclipse.jdt.core.compiler.source=11

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+    "java.compile.nullAnalysis.mode": "automatic"
+}

llm/llm_code_writer_insecure.py

@@ -0,0 +1,74 @@
+import sys
+import json
+import openai
+import os
+from dotenv import load_dotenv
+from openai import OpenAI
+
+"""
+    @author: Roshan Samantaray
+"""
+
+load_dotenv()
+
+def build_insecure_prompt (rule: dict) -> str:
+    return f'''
+    You are a Java coding assistant.
+
+    Your task is to generate an **insecure** Java code example using the class `{rule['className']}`.
+
+    The CrySL rule below defines correct and secure usage. However, your goal is to create a code snippet that violates this rule while still being syntactically valid:
+
+    Objects: {rule['objects']}
+    Events: {rule['events']}
+    Order: {rule['order']}
+    Constraints: {rule['constraints']}
+    Requires: {rule['requires']}
+    Ensures: {rule['ensures']}
+    Forbidden Methods: {rule['forbidden']}
+
+    Guidelines:
+    - Use parameter values that are *not* listed as valid (e.g., for RSA key size, use 1024 or 2048 instead of 3072 or 4096).
+    - Break the expected method call order (e.g., call `generateKeyPair()` before `initialize()`).
+    - Use any forbidden methods mentioned, if applicable.
+    - Do NOT satisfy the required conditions or methods in the rule.
+
+    Output Style:
+    - The code must be valid Java and look realistic.
+    - Include inline comments using `//` to explain **why each choice is insecure**.
+      - Example: `// 2048-bit RSA is too weak for secure usage, even though valid Java`
+    - Output only the annotated Java code — no extra explanation or text.
+
+    Your goal is to help demonstrate **what insecure code might look like** to compare with a secure version.
+    '''.strip()
+
+def main():
+    # Load rule JSON from Java
+    json_file_path = sys.argv[1]
+    with open(json_file_path, 'r', encoding='utf-8') as f:
+        rule = json.load(f)
+
+    # Decide secure or insecure
+    example_type = rule.get("exampleType", "insecure").lower()
+    label = "insecure" if "insecure" in example_type else "secure"
+
+    # Build appropriate prompt
+    if label == "insecure":
+        prompt = build_insecure_prompt(rule)
+    else:
+        print("Error in Insecure Code Generation")
+
+    # Call LLM
+    client = OpenAI(api_key=os.getenv("OPENAI_API_KEY"))
+
+    response = client.chat.completions.create(
+        model="gpt-4o-mini",
+        messages=[{"role": "user", "content": prompt}],
+        temperature=0.3
+    )
+
+    # Output generated Java code
+    print(response.choices[0].message.content)
+
+if __name__=="__main__":
+    main()