Skip to Content
1
Jun 25, 2020 at 09:36 AM

Changing password during Attribute Encryption

223 Views Last edit Jun 26, 2020 at 05:18 AM 3 rev

Hybris has encrypted="true" on few important attributes that needs encryption in items xml

 <attribute autocreate="true" qualifier="encodedPassword" type="java.lang.String">
     <persistence type="property" qualifier="Passwd">
           <columntype>
               <value>HYBRIS.LONG_STRING</value>
            </columntype></persistence>
      <modifiers read="true" write="true" search="true" optional="true" encrypted="true"/>
 </attribute>

In order to achieve encryption, Hybris OOTB is providing below properties,

symmetric.key.file.1=default-128-bit-aes-key.hybris
symmetric.key.file.default=1
symmetric.key.master.password=w427tg3uy73uioomc1fohx1w6pew00n124mlt8ksplpm6ynz55z6305w2nwtj23

default-128-bit-aes-key.hybris is a file that has the OOTB key and used for the encryption,

Issue:

There is an ask change both the key and the password.

So accordingly generated a new key from migration keys of HAC, wrote a new custom password on fly and embedded them into the below properties,

symmetric.key.file.1=default-128-bit-aes-key.hybris
symmetric.key.file.2=Generated-KEYSIZE-Bit-AES-Key.hybris
symmetric.key.file.default=2 
symmetric.key.master.password=xyz123abc456def789ghi321jkl654mno987

So, the problem here is, we are able to change the key to file.2 but we aren't able to change the password, which is., symmetric.key.master.password

Per the comments on wiki & other sites, the password will be used during the initialization and cannot be changed.

Please provide any suggestion.