[jboss-jira] [JBoss JIRA] (WFLY-1130) vault shared key should be salted
Peter Skopek (JIRA)
issues at jboss.org
Mon Jan 27 08:19:31 EST 2014
[ https://issues.jboss.org/browse/WFLY-1130?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Peter Skopek resolved WFLY-1130.
--------------------------------
Resolution: Out of Date
This issue is outdated by new implementation of PicketBox Security Vault.
The vault is using symmetric encryption with key stored in keystore and not using shared key any more.
---
commit 6176d4cf9d4b8cb73a92b01cfb9214292ed18b52
Author: Peter Skopek <pskopek at redhat.com> 2013-08-05 21:24:13
Committer: Brian Stansberry <brian.stansberry at redhat.com> 2013-10-07 22:29:27
> vault shared key should be salted
> ---------------------------------
>
> Key: WFLY-1130
> URL: https://issues.jboss.org/browse/WFLY-1130
> Project: WildFly
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Security
> Reporter: Gernot P
> Assignee: Peter Skopek
>
> Actual behaviour:
> (1) create a vault entry with
> vault attribute value: xxx
> vault block: y1
> vault attribute name: z1
> (2) create another vault entry with
> vault attribute value: xxx
> vault block: y2
> vault attribute name: z2
> and you see that vault shared key is the same for entry 1 and entry 2
> feature request:
> two vault entries with same attribute value but different block names and attribute names should have different shared keys
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list