[JBoss JIRA] (WFCORE-3116) Elytron subsystem does not expose digest-sha-384 for digest password

Thursday, 27 July 2017



     [
https://issues.jboss.org/browse/WFCORE-3116?page=com.atlassian.jira.plugi...
]

Yeray Borges moved JBEAP-12383 to WFCORE-3116:
----------------------------------------------

              Project: WildFly Core  (was: JBoss Enterprise Application Platform)
                  Key: WFCORE-3116  (was: JBEAP-12383)
             Workflow: GIT Pull Request workflow   (was: CDW with loose statuses v1)
          Component/s: Security
                           (was: Security)
    Affects Version/s:     (was: 7.1.0.ER2)


...
 Elytron subsystem does not expose digest-sha-384 for digest password
 --------------------------------------------------------------------

                 Key: WFCORE-3116
                 URL: https://issues.jboss.org/browse/WFCORE-3116
             Project: WildFly Core
          Issue Type: Bug
          Components: Security
            Reporter: Yeray Borges
            Assignee: Yeray Borges

 For the sake of completeness add digest-sha-384 to allowed values of algorithm attribute
of set-password operation

{code:title=/subsystem=elytron/ldap-realm=a:read-operation-description(name=set-password)}
 "digest" => {
                 "type" => OBJECT,
                 "description" => "A digest password.",
                 "expressions-allowed" => false,
                 "required" => false,
                 "nillable" => true,
                 "value-type" => {
                     "algorithm" => {
                         "type" => STRING,
                         "description" => "The algorithm used to encrypt
the password.",
                         "expressions-allowed" => false,
                         "required" => false,
                         "nillable" => true,
                         "default" => "digest-sha-512",
                         "allowed" => [
                             "digest-md5",
                             "digest-sha",
                             "digest-sha-256",
                             "digest-sha-512"
                         ]
                     },
                     "password" => {
                         "type" => STRING,
                         "description" => "The actual password to
set.",
                         "expressions-allowed" => false,
                         "required" => true,
                         "nillable" => false,
                         "min-length" => 1L,
                         "max-length" => 2147483647L
                     },
                     "realm" => {
                         "type" => STRING,
                         "description" => "The realm.",
                         "expressions-allowed" => false,
                         "required" => true,
                         "nillable" => false,
                         "min-length" => 1L,
                         "max-length" => 2147483647L
                     }
                 }
             },
 {code}
 Passwords of types otp, salted-simple-digest, simple-digest already expose sha-384
variant.
 Seems to me underlying Elytron implementation is already prepared for that.
 {code:java|title=DigestPasswordImpl.java}
     private static MessageDigest getMessageDigest(final String algorithm) throws
NoSuchAlgorithmException {
         switch (algorithm) {
             case ALGORITHM_DIGEST_MD5:
                 return MessageDigest.getInstance("MD5");
             case ALGORITHM_DIGEST_SHA:
                 return MessageDigest.getInstance("SHA-1");
             case ALGORITHM_DIGEST_SHA_256:
                 return MessageDigest.getInstance("SHA-256");
             case ALGORITHM_DIGEST_SHA_384:
                 return MessageDigest.getInstance("SHA-384");
             case ALGORITHM_DIGEST_SHA_512:
                 return MessageDigest.getInstance("SHA-512");
             default:
                 throw log.noSuchAlgorithmInvalidAlgorithm(algorithm);
         }
     }
 {code} 


--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006