[wildfly-dev] Specify algorithm and key-size for password vault in WildFly?
Lin Gao
lgao at redhat.com
Tue May 17 20:44:01 EDT 2016
Hi,
----- Original Message -----
> From: "Darran Lofthouse" <darran.lofthouse at jboss.com>
> To: wildfly-dev at lists.jboss.org
> Sent: Tuesday, May 17, 2016 5:54:50 PM
> Subject: Re: [wildfly-dev] Specify algorithm and key-size for password vault in WildFly?
>
> If this issue is not critical I think we should leave it as is - this is
> all being superseded by Elytron.
Sure, I will add a comment on the issue. Thanks.
Best Regards
--
Lin Gao
Software Engineer
JBoss by Red Hat
> Regards,
> Darran Lofthouse.
>
>
> On 17/05/16 03:23, Lin Gao wrote:
> > Hi,
> >
> > There is a Jira: WFLY-6569[1] open about password vault, which asks for
> > specifying KEY_SIZE to encrypt the sensitive data in vault data file.
> >
> > The key size is bound up with the algorithm it uses, currently the
> > vault.sh|.bat only allows AES(no place to specify other algorithm) to
> > encrypt sensitive data, and uses key size of 128.
> >
> > Alougth we can specify the key size after doing some fix, it needs extra
> > set-up work for some JDKs(like Oracle JDKs) to be able to use key size of
> > 192 and 256 for AES. This leads to that only specifying the key size is
> > not so worthy.
> >
> > Maybe we should specify both algorithm and key size to encrypt the vault
> > data?
> >
> > [1] https://issues.jboss.org/browse/WFLY-6569
> > --
> > Lin Gao
> > Software Engineer
> > JBoss by Red Hat
> > _______________________________________________
> > wildfly-dev mailing list
> > wildfly-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/wildfly-dev
> >
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>
More information about the wildfly-dev
mailing list