Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-20943

(7.3.z) ELY-2053 - key-store-masked-password needs the elytron provider to be manually registered

XMLWordPrintable

    • False
    • False
    • +
    • Undefined
    • Workaround Exists
    • Hide

      Add the elytron provider manually as it's done in the test:

      Security.addProvider(new WildFlyElytronProvider());
      
      Show
      Add the elytron provider manually as it's done in the test: Security.addProvider( new WildFlyElytronProvider());
    • Hide

      Modify the ElytronXmlParserTest.java removing this line and execute the test. The exception will be thrown.

      Show
      Modify the ElytronXmlParserTest.java removing this line and execute the test. The exception will be thrown.

      When you use a wildfly-config.xml that uses the key-store-masked-password the wildfly provider needs to be manually registered. This PasswordFactory.getInstance call does not pass the providers as in the rest of the calls and tehrefore default providers in the JVM are used.

      The other problem is that the corresponding test ElytronXmlParserTest adds the provider so the error is hidden inside the tests. Just removing that line from the test you see the exception:

      org.wildfly.client.config.ConfigXMLParseException: 
      ELY01133: Failed to create credential
      	at file:/home/rmartinc/wildfly-elytron/auth/client/target/test-classes/org/wildfly/security/auth/client/test-wildfly-config-v1_4.xml:38:245
      	at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseKeyStoreType$54(ElytronXmlParser.java:1977)
      	at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:3640)
      	at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:3624)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:385)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:261)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:225)
      	at org.wildfly.security.auth.client.ElytronXmlParserTest.testKeyStoreClearPassword(ElytronXmlParserTest.java:117)
      Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "masked-HMAC-SHA1-AES-128"
      	at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122)
      	at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76)
      	at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseKeyStoreType$54(ElytronXmlParser.java:1973)
      	... 6 more
      

              rhn-support-ivassile Ilia Vassilev
              rhn-support-ivassile Ilia Vassilev
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: