[jboss-jira] [JBoss JIRA] (ELY-1126) WildFly Elytron Tool, Vault command summary contains MASKed password without iteration and salt when is used MASKed password for access to VAULT.

Hynek Švábek (JIRA) issues at jboss.org
Thu May 11 10:05:02 EDT 2017 

     [ https://issues.jboss.org/browse/ELY-1126?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Hynek Švábek updated ELY-1126:
------------------------------
    Summary: WildFly Elytron Tool, Vault command summary contains MASKed password without iteration and salt when is used MASKed password for access to VAULT.  (was: WildFly Elytron Tool, Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT.)


> WildFly Elytron Tool, Vault command summary contains MASKed password without iteration and salt when is used MASKed password for access to VAULT.
> -------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: ELY-1126
>                 URL: https://issues.jboss.org/browse/ELY-1126
>             Project: WildFly Elytron
>          Issue Type: Bug
>          Components: Credential Store
>            Reporter: Hynek Švábek
>            Assignee: Ilia Vassilev
>
> Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT.
> MASKed password must contain SALT and ITERATION as is expected:
> *credential-reference=\{clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5;12345678;34"\}*
> FYI: plain text password is "secretsecret".
> *How to reproduce*
> Download all attachments to same location as *wildfly-elytron-tool.jar* and run this command:
> {code}
> [hsvabek at dhcp-10-40-5-100 003]$ java -jar wildfly-elytron-tool.jar vault --enc-dir . --keystore server.store --keystore-password MASK-2hKo56F1a3jYGnJwhPmiF5 --salt 12345678 --iteration 34 --location converted001.store --alias jboss --summary
> Vault (enc-dir=".";keystore="server.store") converted to credential store "converted001.store"
> Vault Conversion summary:
> --------------------------------------
> Vault Conversion Successful
> CLI command to add new credential store:
> /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location="converted001.store",implementation-properties={},credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5"})
> {code}
> Credential reference contains MASKed password without salt and iteration (credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5"})



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list