[jboss-jira] [JBoss JIRA] (WFLY-8279) CS tool generated different MASKED password then vault.sh

Hynek Švábek (JIRA) issues at jboss.org
Thu Mar 2 10:23:00 EST 2017 

Hynek Švábek created WFLY-8279:
----------------------------------

             Summary: CS tool generated different MASKED password then vault.sh
                 Key: WFLY-8279
                 URL: https://issues.jboss.org/browse/WFLY-8279
             Project: WildFly
          Issue Type: Bug
          Components: Security
            Reporter: Hynek Švábek
            Assignee: Darran Lofthouse


CS tool generated different MASKED password then vault.sh

When I run oldf vault.sh
{code}
./vault.sh --keystore key.store --keystore-password secret_password --alias Vault --vault-block vaultBlock --attribute passDB --sec-attr secretvalue --enc-dir ./vault --iteration 230 --salt 12345678 -t
{code}
I can see this *MASK-1GhfMaq4jSY0.kFFU3QG4T*

Whole output:
{code:collapse=true}
<vault>
  <vault-option name="KEYSTORE_URL" value="key.store"/>
  <vault-option name="KEYSTORE_PASSWORD" value="MASK-1GhfMaq4jSY0.kFFU3QG4T"/>
  <vault-option name="KEYSTORE_ALIAS" value="Vault"/>
  <vault-option name="SALT" value="12345678"/>
  <vault-option name="ITERATION_COUNT" value="230"/>
  <vault-option name="ENC_FILE_DIR" value="./vault/"/>
</vault><management>
{code}

In the other hand when I run new CS tool with params:
{code}
java -jar wildfly-elytron-tool.jar credential-store --add myalias --secret secretpassword --location="test.store1" --uri "cr-store://test.store?modifiable=true;create=true;keyStoreType=JCEKS" --password secret_password --summary --salt 12345678 --iteration 230 --create
{code}
I get *MASK-KAwLfD1BN8WFhZptWsa17G*

Whole output:
{code:collapse=true}
Alias "myalias" has been successfully stored
Credential store command summary:
--------------------------------------
/subsystem=elytron/credential-store=test:add(uri="cr-store://test.store?modifiable=true;create=true;keyStoreType=JCEKS",relative-to=jboss.server.data.dir,credential-reference={clear-text="MASK-KAwLfD1BN8WFhZptWsa17G==;12345678;230"})
{code}

*I set these values for both:*
password to mask *secret_password*
iteration *12345678*
salt *230*



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list