Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12040

OpenAMSettingsImpl#getServerKeyPair uses the same password for key password and store password

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 13.5.1
    • Fix Version/s: 13.5.2
    • Component/s: oauth2
    • Labels:
    • Sprint:
      AM Sustaining Sprint 44, AM Sustaining Sprint 45
    • Story Points:
      2
    • Needs backport:
      No
    • Support Ticket IDs:
    • Needs QA verification:
      No
    • Functional tests:
      Yes
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Bug description

      The keystore password is used for both passwords in the org.forgerock.openam.utils.OpenAmSettingsImpl#getServerKeyPair

      Work around

      None

      Code analysis

      Fix is to make use of the correct password file when reading in the password.

      org.forgerock.openam.utils.OpenAMSettingsImpl#getServerKeyPair
      final String keypassfile = SystemPropertiesManager.get(DEFAULT_PRIVATE_KEY_PASS_FILE_PROP);
      String keypass = null;
      if (keypassfile != null) {
          try {
              BufferedReader br = null;
              FileInputStream fileInputStream = null;
              try {
                  fileInputStream = new FileInputStream(kspfile); <-------
      
      final String keypassfile = SystemPropertiesManager.get(DEFAULT_PRIVATE_KEY_PASS_FILE_PROP);
      String keypass = null;
      if (keypassfile != null) {
          try {
              BufferedReader br = null;
              FileInputStream fileInputStream = null;
              try {
                  fileInputStream = new FileInputStream(keypassfile); <------ 
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                markdr Mark de Reeper
                Reporter:
                markdr Mark de Reeper
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: