Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-2421

CS tool generated different MASKED password then vault.sh

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 3.0.0.Beta12
    • None
    • Security
    • None

    Description

      CS tool generated different MASKED password then vault.sh

      When I run oldf vault.sh

      ./vault.sh --keystore key.store --keystore-password secret_password --alias Vault --vault-block vaultBlock --attribute passDB --sec-attr secretvalue --enc-dir ./vault --iteration 230 --salt 12345678 -t

      I can see this MASK-1GhfMaq4jSY0.kFFU3QG4T

      Whole output:

      <vault>
  <vault-option name="KEYSTORE_URL" value="key.store"/>
  <vault-option name="KEYSTORE_PASSWORD" value="MASK-1GhfMaq4jSY0.kFFU3QG4T"/>
  <vault-option name="KEYSTORE_ALIAS" value="Vault"/>
  <vault-option name="SALT" value="12345678"/>
  <vault-option name="ITERATION_COUNT" value="230"/>
  <vault-option name="ENC_FILE_DIR" value="./vault/"/>
</vault><management>

      In the other hand when I run new CS tool with params:

      java -jar wildfly-elytron-tool.jar credential-store --add myalias --secret secretpassword --location="test.store1" --uri "cr-store://test.store?modifiable=true;create=true;keyStoreType=JCEKS" --password secret_password --summary --salt 12345678 --iteration 230 --create

      I get MASK-KAwLfD1BN8WFhZptWsa17G

      Whole output:

      Alias "myalias" has been successfully stored
Credential store command summary:
--------------------------------------
/subsystem=elytron/credential-store=test:add(uri="cr-store://test.store?modifiable=true;create=true;keyStoreType=JCEKS",relative-to=jboss.server.data.dir,credential-reference={clear-text="MASK-KAwLfD1BN8WFhZptWsa17G==;12345678;230"})

      I set these values for both:
      password to mask secret_password
      iteration 12345678
      salt 230

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-9254 CS tool generated different MASKED password then vault.sh

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified
          is blocked by

          Enhancement - An enhancement to or refactoring of existing functionality that is not configurable by an end user (typically a change made by an internal team that affects users) ELY-1013 PicketBox compatibility mode for PBE utility

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-9571 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta13

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Activity

            People

              pskopek@redhat.com Peter Skopek
              hsvabek_jira Hynek Švábek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: