[jboss-jira] [JBoss JIRA] (ELY-1189) Create better way of masking passwords using modern PBE algorithm

[ https://issues.jboss.org/browse/ELY-1189?page=com.atlassian.jira.plugin.s... ] Peter Skopek commented on ELY-1189: ----------------------------------- pskopek commented on 12 Jan I don't think that we should start with simple obfuscation at current stage. We can consider it later. [1] For now I suggest to implement PB compatible version of MASK-xxx in KeyStoreCredentialStore. [2] We can also consider to introduce type to credential-reference which can point to credential store with InitialKey and all other parameters (IV, salt, iteration count) will be encoded in alias part of the reference. We don't have to change Elytron API as we already have PBE utility class in place. We can also later reimplement it with proper password types. Part [2] will also be usable in KeyStoreCredentialStore protection parameter, so users can decide which way they want to use it. -- This message was sent by Atlassian JIRA (v7.2.3#72005)