Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1097

FIPS CS, specific error message if keyAlias does not exist.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 1.1.0.Beta39
    • None
    • None
    • None
    • Hide 
      /subsystem=elytron/credential-store=test:add(uri="cr-store://test?modifiable=true;keyStoreType=PKCS11;external=true;location=secretdatafile;create=true;keyAlias=doesNotExist",relative-to=jboss.server.data.dir,credential-reference={clear-text="pass123+"})
      Show
      /subsystem=elytron/credential-store=test:add(uri= "cr-store: //test?modifiable= true ;keyStoreType=PKCS11;external= true ;location=secretdatafile;create= true ;keyAlias=doesNotExist" ,relative-to=jboss.server.data.dir,credential-reference={clear-text= "pass123+" })

      There is same error message if keyAlias does not exists and if exists but is of different type than SecretKey

      CredentialStoreException: ELY09512: External storage key under alias "key-alias" has to be a SecretKey

      When alias does not exist error message should be more specific, e.g:

      CredentialStoreException: ELY0XXXX: External storage key under alias "key-alias" does not exists

      09:48:44,127 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-6) MSC000001: Failed to start service org.wildfly.security.credential-store.fips-credential-store: org.jboss.msc.service.StartException in service org.wildfly.security.credential-store.fips-credential-store: WFLYELY00004: Unable to start the service.
	at org.wildfly.extension.elytron.CredentialStoreService.start(CredentialStoreService.java:119)
	at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:2032)
	at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1955)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)
Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09512: External storage key under alias "key-alias" has to be a SecretKey
	at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore$ExternalStorage.fetchStorageSecretKey(KeyStoreCredentialStore.java:1129)
	at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore$ExternalStorage.init(KeyStoreCredentialStore.java:1105)
	at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.setupExternalStorage(KeyStoreCredentialStore.java:885)
	at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.load(KeyStoreCredentialStore.java:785)
	at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.initialize(KeyStoreCredentialStore.java:183)
	at org.wildfly.security.credential.store.CredentialStore.initialize(CredentialStore.java:119)
	at org.wildfly.extension.elytron.CredentialStoreService.start(CredentialStoreService.java:117)
	... 5 more

09:48:44,130 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 4) WFLYCTL0013: Operation ("add") failed - address: ([
    ("subsystem" => "elytron"),
    ("credential-store" => "fips-credential-store")
]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.credential-store.fips-credential-store" => "WFLYELY00004: Unable to start the service.
    Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09512: External storage key under alias \"key-alias\" has to be a SecretKey"}}

              chaowan@redhat.com Chao Wang
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: