1 Reply Latest reply on Aug 19, 2011 9:18 AM by shootingpar

What is the default algorithm and encryption level when encrypting datasource passwords?

shootingpar Aug 17, 2011 5:43 PM

Hello All,

I am running JBoss 5.0.1 and encrypting the datasource password instead of using it in clear text.

I am trying to find out what is the default algorithm and encryption level of the encrypted password? Is it 64bit? 128bit?

I cannot find any documentation listing this information.

I am not using the Password Based Encyption (PBE) Utility to create the encrypted password.

I used the following url to help create the encrypted password.

http://community.jboss.org/wiki/encryptingdatasourcepasswords

D:\JBoss\jboss-5.0.1.GA>java -cp client/jboss-logging-spi.jar;common/lib/jbosssx.jar org.jboss.resource.security.SecureIdentityLoginModule password

Encoded password: 5dfc52b51bd35553df8592078de921bc

The data source password is encrypted using the SecureIdentityLoginModule main method by passing in the clear text password. The SecureIdentityLoginModule is provided by jbosssx.jar.

Any assistance would be greatly appreciated!

Cheers,

1. Re: What is the default algorithm and encryption level when encrypting datasource passwords?

shootingpar Aug 19, 2011 9:18 AM (in response to shootingpar)

Hello All,

Here is what I have found out.

The default algorithm is DES and 64 bit encyption level.

Classes contained in jbosssx.jar:
http://www.java2s.com/Code/Jar/JKL/Downloadjbosssxjar.htm

Chapter 26. The javax.crypto Package
http://docstore.mik.ua/orelly/java-ent/jnut/ch26_01.htm
Package javax.crypto
http://download.oracle.com/javase/1.5.0/docs/api/javax/crypto/package-summary.html

17.1.1. Encrypt the data source password
http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/5/html-single/Security_Guide/index.html

Cheers,
SP
Actions