[jboss-jira] [JBoss JIRA] (ELY-1294) Wildfly Elytron Tool, Credential-store command, --salt option is validated only when --summary is used too.

Hynek Švábek (JIRA) issues at jboss.org
Thu Jul 20 04:43:01 EDT 2017 

Hynek Švábek created ELY-1294:
---------------------------------

             Summary: Wildfly Elytron Tool, Credential-store command, --salt option is validated only when --summary is used too.
                 Key: ELY-1294
                 URL: https://issues.jboss.org/browse/ELY-1294
             Project: WildFly Elytron
          Issue Type: Bug
            Reporter: Hynek Švábek
            Assignee: Darran Lofthouse


Credential-store command \-\-salt option is validated only when is \-\-summary is used too.
It is caused by generation MASKed password for summary output[1].
It is at least strange and confusing to user: without \-\-summary is passed, with \-\-summary is failed.

*How to reproduce*
{code}
[hsvabek at dhcp-10-40-5-17 bin]$ ./elytron-tool.sh credential-store   --add secret_alias --password pass123 --create -x secret_password -l store005.jceks -s 1234567890 -i 230 --summary  --debug
Alias "secret_alias" has been successfully stored
Exception encountered executing the command:
java.security.InvalidAlgorithmParameterException: Salt must be 8 bytes long
        at com.sun.crypto.provider.PBES1Core.init(PBES1Core.java:234)
        at com.sun.crypto.provider.PBES1Core.init(PBES1Core.java:331)
        at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineInit(PBEWithMD5AndDESCipher.java:228)
        at javax.crypto.Cipher.implInit(Cipher.java:810)
        at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
        at javax.crypto.Cipher.init(Cipher.java:1539)
        at javax.crypto.Cipher.init(Cipher.java:1470)
        at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.createAndInitCipher(PasswordBasedEncryptionUtil.java:506)
        at org.wildfly.security.util.PasswordBasedEncryptionUtil$Builder.build(PasswordBasedEncryptionUtil.java:589)
        at org.wildfly.security.tool.MaskCommand.computeMasked(MaskCommand.java:117)
        at org.wildfly.security.tool.CredentialStoreCommand.execute(CredentialStoreCommand.java:287)
        at org.wildfly.security.tool.ElytronTool.main(ElytronTool.java:81)
{code}


[1] https://github.com/wildfly-security/wildfly-elytron-tool/blob/1.0.0.CR2/src/main/java/org/wildfly/security/tool/CredentialStoreCommand.java#L286



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list