[jboss-jira] [JBoss JIRA] (ELY-1304) Elytron subsystem does not expose digest-sha-384 for digest password

Yeray Borges (JIRA) issues at jboss.org
Thu Nov 16 08:13:00 EST 2017 

     [ https://issues.jboss.org/browse/ELY-1304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Yeray Borges updated ELY-1304:
------------------------------
    Fix Version/s: 1.2.0.Beta10
                       (was: 1.2.0.Beta11)


> Elytron subsystem does not expose digest-sha-384 for digest password
> --------------------------------------------------------------------
>
>                 Key: ELY-1304
>                 URL: https://issues.jboss.org/browse/ELY-1304
>             Project: WildFly Elytron
>          Issue Type: Bug
>            Reporter: Martin Choma
>            Assignee: Yeray Borges
>             Fix For: 1.2.0.Beta10
>
>
> For the sake of completeness add digest-sha-384 to allowed values of algorithm attribute of set-password operation
> {code:title=/subsystem=elytron/ldap-realm=a:read-operation-description(name=set-password)}
> "digest" => {
>                 "type" => OBJECT,
>                 "description" => "A digest password.",
>                 "expressions-allowed" => false,
>                 "required" => false,
>                 "nillable" => true,
>                 "value-type" => {
>                     "algorithm" => {
>                         "type" => STRING,
>                         "description" => "The algorithm used to encrypt the password.",
>                         "expressions-allowed" => false,
>                         "required" => false,
>                         "nillable" => true,
>                         "default" => "digest-sha-512",
>                         "allowed" => [
>                             "digest-md5",
>                             "digest-sha",
>                             "digest-sha-256",
>                             "digest-sha-512"
>                         ]
>                     },
>                     "password" => {
>                         "type" => STRING,
>                         "description" => "The actual password to set.",
>                         "expressions-allowed" => false,
>                         "required" => true,
>                         "nillable" => false,
>                         "min-length" => 1L,
>                         "max-length" => 2147483647L
>                     },
>                     "realm" => {
>                         "type" => STRING,
>                         "description" => "The realm.",
>                         "expressions-allowed" => false,
>                         "required" => true,
>                         "nillable" => false,
>                         "min-length" => 1L,
>                         "max-length" => 2147483647L
>                     }
>                 }
>             },
> {code}
> Passwords of types otp, salted-simple-digest, simple-digest already expose sha-384 variant.
> Seems to me underlying Elytron implementation is already prepared for that.
> {code:java|title=DigestPasswordImpl.java}
>     private static MessageDigest getMessageDigest(final String algorithm) throws NoSuchAlgorithmException {
>         switch (algorithm) {
>             case ALGORITHM_DIGEST_MD5:
>                 return MessageDigest.getInstance("MD5");
>             case ALGORITHM_DIGEST_SHA:
>                 return MessageDigest.getInstance("SHA-1");
>             case ALGORITHM_DIGEST_SHA_256:
>                 return MessageDigest.getInstance("SHA-256");
>             case ALGORITHM_DIGEST_SHA_384:
>                 return MessageDigest.getInstance("SHA-384");
>             case ALGORITHM_DIGEST_SHA_512:
>                 return MessageDigest.getInstance("SHA-512");
>             default:
>                 throw log.noSuchAlgorithmInvalidAlgorithm(algorithm);
>         }
>     }
> {code}



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list