[JBoss JIRA] (ELY-1027) CS tool, Parameter --salt requires --iteration and vice versa

Friday, 24 March 2017

    [
https://issues.jboss.org/browse/ELY-1027?page=com.atlassian.jira.plugin.s...
] 

David Lloyd commented on ELY-1027:
----------------------------------

Some password types use only salt, and some use only iteration count.  The algorithm
should be probed for support of the corresponding algorithm parameters to determine which
flags are required for the given password type.

...
 CS tool, Parameter --salt requires --iteration and vice versa
 -------------------------------------------------------------

                 Key: ELY-1027
                 URL: https://issues.jboss.org/browse/ELY-1027
             Project: WildFly Elytron
          Issue Type: Bug
          Components: Command-Line Tool
            Reporter: Hynek Švábek
            Assignee: Ilia Vassilev

 If I use only one parameter from --salt or --iteration then this one is ignored and
result password is in clear text.
 {code}
 java -jar wildfly-elytron-tool.jar credential-store --add myalias --secret
supersecretpassword --location="test.store" --uri
"cr-store://test?modifiable=true;create=true;keyStoreType=JCEKS" --password
mycspassword --summary --salt="abcdefgh" 
 {code}
 Result of this command is:
 {code}
 Alias "myalias" has been successfully stored
 Credential store command summary:
 --------------------------------------

/subsystem=elytron/credential-store=test:add(uri="cr-store://test?modifiable=true;create=true;keyStoreType=JCEKS",relative-to=jboss.server.data.dir,credential-reference={clear-text="mycspassword"})
 {code}
 *There is expected error.*
 Please add there this constraint: parameter --salt requires --iteration and vice versa

--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006