[jboss-jira] [JBoss JIRA] (ELY-1189) Create better way of masking passwords using modern PBE algorithm
Peter Skopek (JIRA)
issues at jboss.org
Tue May 23 13:23:00 EDT 2017
[ https://issues.jboss.org/browse/ELY-1189?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13410849#comment-13410849 ]
Peter Skopek commented on ELY-1189:
-----------------------------------
pskopek commented on 12 Jan
I don't think that we should start with simple obfuscation at current stage. We can consider it later.
[1] For now I suggest to implement PB compatible version of MASK-xxx in KeyStoreCredentialStore.
[2] We can also consider to introduce type to credential-reference which can point to credential store with InitialKey and all other parameters (IV, salt, iteration count) will be encoded in alias part of the reference.
We don't have to change Elytron API as we already have PBE utility class in place.
We can also later reimplement it with proper password types.
Part [2] will also be usable in KeyStoreCredentialStore protection parameter, so users can decide which way they want to use it.
> Create better way of masking passwords using modern PBE algorithm
> -----------------------------------------------------------------
>
> Key: ELY-1189
> URL: https://issues.jboss.org/browse/ELY-1189
> Project: WildFly Elytron
> Issue Type: Task
> Components: Credential Store
> Reporter: Peter Skopek
> Assignee: Peter Skopek
>
> Create better way of masking passwords using modern PBE algorithm.
> This bug contains discussion from PR: https://github.com/wildfly-security/wildfly-elytron/pull/619
> To have this documented and PR closed.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list