Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1264

Wildfly Elytron Tool, credential-store command + --summary option doesn't show MASKed password when we set --salt and --iteration options too.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • None
    • None
    • None
    • None

      credential-store command with --summary option doesn't show MASKed password when we set --salt and --iteration options too.
      When we want --add alias to created credential store and set --password="MASK-9zknmrNsQqf;12345678;34" then we get error.

      There is expected masked password in summary but you get clear text password:

      [hsvabek@dhcp-10-40-4-111 bin]$ ./elytron-tool.sh credential-store --create --location test005.jceks --password pass123 --salt 12345678 --iteration 34 --summary
      Credential Store has been successfully created
      Credential store command summary:
      --------------------------------------
      /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,create=true,modifiable=true,location="test005.jceks",implementation-properties={"keyStoreType"=>"JCEKS"},credential-reference={clear-text="pass123"})
      

      Masked password for "pass123", iteration 34 and salt 12345678 is MASK-9zknmrNsQqf;12345678;34
      We set masked password for adding alias to credential store and expect success but get error about password.

      [hsvabek@dhcp-10-40-4-111 bin]$ ./elytron-tool.sh credential-store --add 001 -x secretsecret --location test005.jceks --password="MASK-9zknmrNsQqf;12345678;34" --summary --debug
      Exception encountered executing the command:
      org.wildfly.security.credential.store.CredentialStoreException: ELY09514: Unable to initialize credential store
              at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.load(KeyStoreCredentialStore.java:859)
              at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.initialize(KeyStoreCredentialStore.java:213)
              at org.wildfly.security.credential.store.CredentialStore.initialize(CredentialStore.java:159)
              at org.wildfly.security.tool.CredentialStoreCommand.execute(CredentialStoreCommand.java:208)
              at org.wildfly.security.tool.ElytronTool.main(ElytronTool.java:75)
      Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
              at com.sun.crypto.provider.JceKeyStore.engineLoad(JceKeyStore.java:865)
              at java.security.KeyStore.load(KeyStore.java:1445)
              at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.load(KeyStoreCredentialStore.java:847)
              ... 4 more
      

              darran.lofthouse@redhat.com Darran Lofthouse
              hsvabek_jira Hynek Švábek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: