[jboss-jira] [JBoss JIRA] (ELY-1304) Elytron subsystem does not expose digest-sha-384 for digest password

Martin Choma (JIRA) issues at jboss.org
Tue Jul 25 02:47:01 EDT 2017 

Martin Choma created ELY-1304:
---------------------------------

             Summary: Elytron subsystem does not expose digest-sha-384 for digest password
                 Key: ELY-1304
                 URL: https://issues.jboss.org/browse/ELY-1304
             Project: WildFly Elytron
          Issue Type: Bug
            Reporter: Martin Choma
            Assignee: Darran Lofthouse


For the sake of completeness add digest-sha-384 to allowed values of algorithm attribute of set-password operation

{code:title=/subsystem=elytron/ldap-realm=a:read-operation-description(name=set-password)}
"digest" => {
                "type" => OBJECT,
                "description" => "A digest password.",
                "expressions-allowed" => false,
                "required" => false,
                "nillable" => true,
                "value-type" => {
                    "algorithm" => {
                        "type" => STRING,
                        "description" => "The algorithm used to encrypt the password.",
                        "expressions-allowed" => false,
                        "required" => false,
                        "nillable" => true,
                        "default" => "digest-sha-512",
                        "allowed" => [
                            "digest-md5",
                            "digest-sha",
                            "digest-sha-256",
                            "digest-sha-512"
                        ]
                    },
                    "password" => {
                        "type" => STRING,
                        "description" => "The actual password to set.",
                        "expressions-allowed" => false,
                        "required" => true,
                        "nillable" => false,
                        "min-length" => 1L,
                        "max-length" => 2147483647L
                    },
                    "realm" => {
                        "type" => STRING,
                        "description" => "The realm.",
                        "expressions-allowed" => false,
                        "required" => true,
                        "nillable" => false,
                        "min-length" => 1L,
                        "max-length" => 2147483647L
                    }
                }
            },
{code}

Passwords of types otp, salted-simple-digest, simple-digest already expose sha-384 variant.

Seems to me underlying Elytron implementation is already prepared for that.

{code:java|title=DigestPasswordImpl.java}
    private static MessageDigest getMessageDigest(final String algorithm) throws NoSuchAlgorithmException {
        switch (algorithm) {
            case ALGORITHM_DIGEST_MD5:
                return MessageDigest.getInstance("MD5");
            case ALGORITHM_DIGEST_SHA:
                return MessageDigest.getInstance("SHA-1");
            case ALGORITHM_DIGEST_SHA_256:
                return MessageDigest.getInstance("SHA-256");
            case ALGORITHM_DIGEST_SHA_384:
                return MessageDigest.getInstance("SHA-384");
            case ALGORITHM_DIGEST_SHA_512:
                return MessageDigest.getInstance("SHA-512");
            default:
                throw log.noSuchAlgorithmInvalidAlgorithm(algorithm);
        }
    }
{code}



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list