Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-2053

key-store-masked-password needs the elytron provider to be manually registered

    XMLWordPrintable

Details

    • Hide

      Modify the ElytronXmlParserTest.java removing this line and execute the test. The exception will be thrown.

      Show
      Modify the ElytronXmlParserTest.java removing this line and execute the test. The exception will be thrown.
    • Workaround Exists
    • Hide

      Add the elytron provider manually as it's done in the test:

      Security.addProvider(new WildFlyElytronProvider());
      Show
      Add the elytron provider manually as it's done in the test: Security.addProvider( new WildFlyElytronProvider());
    • Undefined

    Description

      When you use a wildfly-config.xml that uses the key-store-masked-password the wildfly provider needs to be manually registered. This PasswordFactory.getInstance call does not pass the providers as in the rest of the calls and tehrefore default providers in the JVM are used.

      The other problem is that the corresponding test ElytronXmlParserTest adds the provider so the error is hidden inside the tests. Just removing that line from the test you see the exception:

      org.wildfly.client.config.ConfigXMLParseException: 
ELY01133: Failed to create credential
	at file:/home/rmartinc/wildfly-elytron/auth/client/target/test-classes/org/wildfly/security/auth/client/test-wildfly-config-v1_4.xml:38:245
	at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseKeyStoreType$54(ElytronXmlParser.java:1977)
	at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:3640)
	at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:3624)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:385)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:261)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:225)
	at org.wildfly.security.auth.client.ElytronXmlParserTest.testKeyStoreClearPassword(ElytronXmlParserTest.java:117)
Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "masked-HMAC-SHA1-AES-128"
	at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122)
	at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76)
	at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseKeyStoreType$54(ElytronXmlParser.java:1973)
	... 6 more

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-20943 (7.3.z) ELY-2053 - key-store-masked-password needs the elytron provider to be manually registered

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Activity

            People

              rhn-support-rmartinc Ricardo Martin Camarero
              rhn-support-rmartinc Ricardo Martin Camarero
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: