-
Bug
-
Resolution: Done
-
Critical
-
7.1.0.DR17
Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT.
MASKed password must contain SALT and ITERATION as is expected:
credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5;12345678;34"}
FYI: plain text password is "secretsecret".
How to reproduce
Download all attachments to same location as wildfly-elytron-tool.jar and run this command:
[hsvabek@dhcp-10-40-5-100 003]$ java -jar wildfly-elytron-tool.jar vault --enc-dir . --keystore server.store --keystore-password MASK-2hKo56F1a3jYGnJwhPmiF5 --salt 12345678 --iteration 34 --location converted001.store --alias jboss --summary Vault (enc-dir=".";keystore="server.store") converted to credential store "converted001.store" Vault Conversion summary: -------------------------------------- Vault Conversion Successful CLI command to add new credential store: /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location="converted001.store",implementation-properties={},credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5"})
Credential reference contains MASKed password without salt and iteration (credential-reference=
{clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5"})
- is cloned by
-
ELY-1126 WildFly Elytron Tool, Vault command summary contains MASKed password without iteration and salt when is used MASKed password for access to VAULT.
- Resolved
- is incorporated by
-
JBEAP-11342 Upgrade Wildfly-Elytron-Tool to 1.0.0.Beta7
- Closed