Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-12529

Update 6.5.x docs for OPENIDM-12152

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 6.5.0
    • 6.5.0.2
    • documentation
    • None
    • 1
    • OpenIDM Sprint 7.0-2, 2019.14 - IDM

    Description

      Within https://backstage.forgerock.com/docs/idm/6.5/integrators-guide/#keystore-encrypt-decrypt there is a code section which covers the use of the script?_action=eval endpoint to encrypt a password value. This behaviour only works as described for IDM 7.0.0+ and within IDM 6.5.0, the following error is returned:

      $ curl --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: openidm-admin" --header "Content-Type: application/json" --request POST --data '{
      >   "type": "text/javascript",
      >   "globals": {
      >     "val": {
      >       "myKey": "myPassword"
      >     }
      >   },
      >   "source":"openidm.encrypt(val,null,\"idm.password.encryption\");"
      > }' "http://localhost:8080/openidm/script?_action=eval"
      
      
      {
         "code":500,
         "reason":"Internal Server Error",
         "message":"Unable to find encryption key with alias: idm.password.encryption"
      }
      

      When performing the same request against IDM 7.0.0, this works as expected:

      $ curl --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: openidm-admin" --header "Content-Type: application/json" --request POST --data '{
        "type": "text/javascript",
        "globals": {
          "val": {
            "myKey": "myPassword"
          }
        },
        "source":"openidm.encrypt(val,null,\"idm.password.encryption\");"
      }' "http://localhost:8080/openidm/script?_action=eval"
      
      {
         "$crypto":{
            "type":"x-simple-encryption",
            "value":{
               "cipher":"AES/CBC/PKCS5Padding",
               "stableId":"openidm-sym-default",
               "salt":"/Uv5lsCPNsoLK197dt5pYA==",
               "data":"qT+XENetM8MUwzzj9JJPWu6TDJY4piWP9sXbgpemYRA=",
               "keySize":16,
               "purpose":"idm.password.encryption",
               "iv":"mE0f9mNdcj9dkg9/7MAROA==",
               "mac":"QduHxRHATXf32HXejAv7iA=="
            }
         }
      }
      

      Attachments

        Activity

          People

            Lana Lana Frost
            tom.wood Tom Wood
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: