Details
-
Task
-
Resolution: Done
-
Major
-
None
-
None
Description
The following needs to be done:
- Move the PB masked password format to a proper password type
- Introduce protection parameters for credential stores and entries
- Drop the admin_key concept in favor of credential store protection parameters
- Introduce a proper vault-compatible credential store
- Introduce a mechanism to pull protection parameters for stores from the client configuration
- Use a credential store which can store (nearly) any credential type
- Update XML accordingly
- Remove dangerous command execution patterns from credential store, make them safe and make them CredentialSources instead
- Clean up exception hierarchy of credential stores
- Introduce simple map-backed credential store
Additionally, the above implies: - Introduce AlgorithmParameterSpi for password parameter types
- Introduce hashing ability for parameters
- Add missing parameter types for PBE
- Introduce serialization trickery to support picketbox class names for vault files
- Atomic file output stream
- Update tests as needed
Attachments
Issue Links
- incorporates
-
ELY-836 CredentialStore resource name and CS alias in memory are case sensitive but CredentialStore aliases are persisted in lowercase.
-
- Resolved
-
