Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.1.0.ER2
Affects Version/s: 7.1.0.ER1
Component/s: Security, User Experience
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Git Pull Request:
https://github.com/wildfly-security/wildfly-elytron-tool/commit/3628bf05f6b0eecf2fc093567a014f9b71c2996e

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

credential-store command with --summary option doesn't show MASKed password when we set --salt and --iteration options too.
When we want --add alias to created credential store and set --password="MASK-9zknmrNsQqf;12345678;34" then we get error.

There is expected masked password in summary but you get clear text password:

[hsvabek@dhcp-10-40-4-111 bin]$ ./elytron-tool.sh credential-store --create --location test005.jceks --password pass123 --salt 12345678 --iteration 34 --summary
Credential Store has been successfully created
Credential store command summary:
--------------------------------------
/subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,create=true,modifiable=true,location="test005.jceks",implementation-properties={"keyStoreType"=>"JCEKS"},credential-reference={clear-text="pass123"})

Masked password for "pass123", iteration 34 and salt 12345678 is MASK-9zknmrNsQqf;12345678;34
We set masked password for adding alias to credential store and expect success but get error about password.

[hsvabek@dhcp-10-40-4-111 bin]$ ./elytron-tool.sh credential-store --add 001 -x secretsecret --location test005.jceks --password="MASK-9zknmrNsQqf;12345678;34" --summary --debug
Exception encountered executing the command:
org.wildfly.security.credential.store.CredentialStoreException: ELY09514: Unable to initialize credential store
        at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.load(KeyStoreCredentialStore.java:859)
        at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.initialize(KeyStoreCredentialStore.java:213)
        at org.wildfly.security.credential.store.CredentialStore.initialize(CredentialStore.java:159)
        at org.wildfly.security.tool.CredentialStoreCommand.execute(CredentialStoreCommand.java:208)
        at org.wildfly.security.tool.ElytronTool.main(ElytronTool.java:75)
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
        at com.sun.crypto.provider.JceKeyStore.engineLoad(JceKeyStore.java:865)
        at java.security.KeyStore.load(KeyStore.java:1445)
        at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.load(KeyStoreCredentialStore.java:847)
        ... 4 more

is cloned by

ELY-1264 Wildfly Elytron Tool, credential-store command + --summary option doesn't show MASKed password when we set --salt and --iteration options too.

Resolved

is incorporated by

JBEAP-11783 Upgrade to Elytron tool 1.0.0.CR1

Closed

Assignee:: Tomas Hofman

Reporter:: Hynek Švábek (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2017/06/26 8:16 AM

Updated:: 2024/09/02 3:59 PM

Resolved:: 2017/06/27 6:26 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates