Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1131

WildFly Elytron Tool, For vault command bulk-convert is missing validation for parsed values from description file.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: Major Major
    • None
    • None
    • None
    • None

      For vault command bulk-convert is missing validation for parsed values from description file.

      There is expected to have some kind of validation for parsed value. There must be defined which values are required and which not.

      There are these problems with required arguments:

      1. omitting "alias" leads to NullPointerException
      2. omitting "location" leads to incorrect tool output where is "null" value as credential store, converted file isn't created but it seems that operation was successful.
        java -jar wildfly-elytron-tool.jar vault --bulk-convert bulk-vault-conversion-desc
        Vault (enc-dir="./test";keystore="server.store") converted to credential store "null"
        
      3. omitting "enc-dir" leads to incorrect tool output where is "null" value for "enc-dir" and there is created empty converted.jceks file in current directory.
        java -jar wildfly-elytron-tool.jar vault --bulk-convert bulk-vault-conversion-desc
        Vault (enc-dir="null";keystore="server.store") converted to credential store "converted.jceks"
        
      • there are more choices how to solve it:
        1. error message, because each VAULT in description file should have different value.
        2. set it to current directory
        3. other solution
      1. omitting "keystore-password" leads to NullPointerException
      • There is expected better error message.
      1. There must be defined at least one "keystore", because it is separator between

      How to reproduce
      Download all attachments to same location as wildfly-elytron-tool.jar update bulk-vault-conversion-desc file and run this command
      java -jar wildfly-elytron-tool.jar vault --bulk-convert bulk-vault-conversion-desc

      Here is example of correctly defined one vault store for convert in description file

      # Bulk conversion descriptor
      keystore:server.store
      keystore-password:MASK-2hKo56F1a3jYGnJwhPmiF5 
      enc-dir:./test
      salt:12345678
      iteration:34
      location:converted.jceks
      alias:jboss
      

              rhn-support-iweiss Ingo Weiss
              hsvabek_jira Hynek Švábek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: