[jboss-jira] [JBoss JIRA] (WFCORE-2421) CS tool generated different MASKED password then vault.sh

Peter Skopek (JIRA) issues at jboss.org
Tue Mar 28 04:17:00 EDT 2017 

     [ https://issues.jboss.org/browse/WFCORE-2421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Peter Skopek reassigned WFCORE-2421:
------------------------------------

    Fix Version/s: 3.0.0.Beta12
         Assignee: Peter Skopek  (was: Darran Lofthouse)
       Resolution: Done


> CS tool generated different MASKED password then vault.sh
> ---------------------------------------------------------
>
>                 Key: WFCORE-2421
>                 URL: https://issues.jboss.org/browse/WFCORE-2421
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>            Reporter: Hynek Švábek
>            Assignee: Peter Skopek
>             Fix For: 3.0.0.Beta12
>
>
> CS tool generated different MASKED password then vault.sh
> When I run oldf vault.sh
> {code}
> ./vault.sh --keystore key.store --keystore-password secret_password --alias Vault --vault-block vaultBlock --attribute passDB --sec-attr secretvalue --enc-dir ./vault --iteration 230 --salt 12345678 -t
> {code}
> I can see this *MASK-1GhfMaq4jSY0.kFFU3QG4T*
> Whole output:
> {code:collapse=true}
> <vault>
>   <vault-option name="KEYSTORE_URL" value="key.store"/>
>   <vault-option name="KEYSTORE_PASSWORD" value="MASK-1GhfMaq4jSY0.kFFU3QG4T"/>
>   <vault-option name="KEYSTORE_ALIAS" value="Vault"/>
>   <vault-option name="SALT" value="12345678"/>
>   <vault-option name="ITERATION_COUNT" value="230"/>
>   <vault-option name="ENC_FILE_DIR" value="./vault/"/>
> </vault><management>
> {code}
> In the other hand when I run new CS tool with params:
> {code}
> java -jar wildfly-elytron-tool.jar credential-store --add myalias --secret secretpassword --location="test.store1" --uri "cr-store://test.store?modifiable=true;create=true;keyStoreType=JCEKS" --password secret_password --summary --salt 12345678 --iteration 230 --create
> {code}
> I get *MASK-KAwLfD1BN8WFhZptWsa17G*
> Whole output:
> {code:collapse=true}
> Alias "myalias" has been successfully stored
> Credential store command summary:
> --------------------------------------
> /subsystem=elytron/credential-store=test:add(uri="cr-store://test.store?modifiable=true;create=true;keyStoreType=JCEKS",relative-to=jboss.server.data.dir,credential-reference={clear-text="MASK-KAwLfD1BN8WFhZptWsa17G==;12345678;230"})
> {code}
> *I set these values for both:*
> password to mask *secret_password*
> iteration *12345678*
> salt *230*



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list