Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-867

Masked password support cryptography usage

    XMLWordPrintable

Details

    Description

      I encountered couple of issues with cryptography used for password masking:

      • implementation of masked passwords drops initialization vector (IV) randomly generated by the javax.crypto.Cipher which makes unmasking (decryption) impossible.
      • the implementation is using the same algorithm for key derivation and encryption, which is not possible as there is no encryption support in javax.crypto.Cipher for PKDBF2 family of algorithms, they are supported only in javax.crypto.SecretKeyFactory

      Attachments

        Issue Links

          Activity

            People

              aabdelsa Ashley Abdel-Sayed (Inactive)
              zregvart-redhat Zoran Regvart
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: