Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-11786

Wildfly Elytron Tool, credential-store command + --summary option doesn't show MASKed password when we set --salt and --iteration options too.

    Details

      Description

      credential-store command with --summary option doesn't show MASKed password when we set --salt and --iteration options too.
      When we want --add alias to created credential store and set --password="MASK-9zknmrNsQqf;12345678;34" then we get error.

      There is expected masked password in summary but you get clear text password:

      [hsvabek@dhcp-10-40-4-111 bin]$ ./elytron-tool.sh credential-store --create --location test005.jceks --password pass123 --salt 12345678 --iteration 34 --summary
      Credential Store has been successfully created
      Credential store command summary:
      --------------------------------------
      /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,create=true,modifiable=true,location="test005.jceks",implementation-properties={"keyStoreType"=>"JCEKS"},credential-reference={clear-text="pass123"})
      

      Masked password for "pass123", iteration 34 and salt 12345678 is MASK-9zknmrNsQqf;12345678;34
      We set masked password for adding alias to credential store and expect success but get error about password.

      [hsvabek@dhcp-10-40-4-111 bin]$ ./elytron-tool.sh credential-store --add 001 -x secretsecret --location test005.jceks --password="MASK-9zknmrNsQqf;12345678;34" --summary --debug
      Exception encountered executing the command:
      org.wildfly.security.credential.store.CredentialStoreException: ELY09514: Unable to initialize credential store
              at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.load(KeyStoreCredentialStore.java:859)
              at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.initialize(KeyStoreCredentialStore.java:213)
              at org.wildfly.security.credential.store.CredentialStore.initialize(CredentialStore.java:159)
              at org.wildfly.security.tool.CredentialStoreCommand.execute(CredentialStoreCommand.java:208)
              at org.wildfly.security.tool.ElytronTool.main(ElytronTool.java:75)
      Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
              at com.sun.crypto.provider.JceKeyStore.engineLoad(JceKeyStore.java:865)
              at java.security.KeyStore.load(KeyStore.java:1445)
              at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.load(KeyStoreCredentialStore.java:847)
              ... 4 more
      

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  thofman Tomas Hofman
                  Reporter:
                  hsvabek Hynek Švábek
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: