Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-12239

Wildfly Elytron Tool, Credential-store command, --salt option is validated only when --summary is used too.

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 7.2.0.CD13
    • 7.1.0.ER2
    • Security
    • None

    Description

      Credential-store command --salt option is validated only when is --summary is used too.
      It is caused by generation MASKed password for summary output[1].
      It is at least strange and confusing to user: without --summary is passed, with --summary is failed (entry is stored in storage successfully).

      How to reproduce

      [hsvabek@dhcp-10-40-5-17 bin]$ ./elytron-tool.sh credential-store   --add secret_alias --password pass123 --create -x secret_password -l store005.jceks -s 1234567890 -i 230 --summary  --debug
Alias "secret_alias" has been successfully stored
Exception encountered executing the command:
java.security.InvalidAlgorithmParameterException: Salt must be 8 bytes long
        at com.sun.crypto.provider.PBES1Core.init(PBES1Core.java:234)
        at com.sun.crypto.provider.PBES1Core.init(PBES1Core.java:331)
        at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineInit(PBEWithMD5AndDESCipher.java:228)
        at javax.crypto.Cipher.implInit(Cipher.java:810)
        at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
        at javax.crypto.Cipher.init(Cipher.java:1539)
        at javax.crypto.Cipher.init(Cipher.java:1470)
        at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.createAndInitCipher(PasswordBasedEncryptionUtil.java:506)
        at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.build(PasswordBasedEncryptionUtil.java:589)
        at org.wildfly.security.tool.MaskCommand.computeMasked(MaskCommand.java:117)
        at org.wildfly.security.tool.CredentialStoreCommand.execute(CredentialStoreCommand.java:287)
        at org.wildfly.security.tool.ElytronTool.main(ElytronTool.java:81)

      [1] https://github.com/wildfly-security/wildfly-elytron-tool/blob/1.0.0.CR2/src/main/java/org/wildfly/security/tool/CredentialStoreCommand.java#L286

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. ELY-1294 Wildfly Elytron Tool, Credential-store command, --salt option is validated only when --summary is used too.

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-12266 Upgrade Wildfly-Elytron-Tool to 1.0.0.CR4

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. WFCORE-3890 Upgrade WildFly Elytron Tool to 1.2.2.Final

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              chaowan@redhat.com Chao Wang
              hsvabek_jira Hynek Švábek (Inactive)
              Hynek Švábek Hynek Švábek (Inactive)
              Hynek Švábek Hynek Švábek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: