Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1294

Wildfly Elytron Tool, Credential-store command, --salt option is validated only when --summary is used too.

XMLWordPrintable

    Credential-store command --salt option is validated only when is --summary is used too.
    It is caused by generation MASKed password for summary output[1].
    It is at least strange and confusing to user: without --summary is passed, with --summary is failed (entry is stored in storage successfully).

    How to reproduce

    [hsvabek@dhcp-10-40-5-17 bin]$ ./elytron-tool.sh credential-store   --add secret_alias --password pass123 --create -x secret_password -l store005.jceks -s 1234567890 -i 230 --summary  --debug
    Alias "secret_alias" has been successfully stored
    Exception encountered executing the command:
    java.security.InvalidAlgorithmParameterException: Salt must be 8 bytes long
            at com.sun.crypto.provider.PBES1Core.init(PBES1Core.java:234)
            at com.sun.crypto.provider.PBES1Core.init(PBES1Core.java:331)
            at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineInit(PBEWithMD5AndDESCipher.java:228)
            at javax.crypto.Cipher.implInit(Cipher.java:810)
            at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
            at javax.crypto.Cipher.init(Cipher.java:1539)
            at javax.crypto.Cipher.init(Cipher.java:1470)
            at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.createAndInitCipher(PasswordBasedEncryptionUtil.java:506)
            at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.build(PasswordBasedEncryptionUtil.java:589)
            at org.wildfly.security.tool.MaskCommand.computeMasked(MaskCommand.java:117)
            at org.wildfly.security.tool.CredentialStoreCommand.execute(CredentialStoreCommand.java:287)
            at org.wildfly.security.tool.ElytronTool.main(ElytronTool.java:81)
    

    [1] https://github.com/wildfly-security/wildfly-elytron-tool/blob/1.0.0.CR2/src/main/java/org/wildfly/security/tool/CredentialStoreCommand.java#L286

            chaowan@redhat.com Chao Wang
            hsvabek_jira Hynek Švábek (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: