[jira] [Comment Edited] (RANGER-3569) Support Ranger KMS integration with Google cloud HSM

Tue, 18 Jan 2022 18:02:20 -0800 


    [ 
https://issues.apache.org/jira/browse/RANGER-3569?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17477192#comment-17477192
 ] 

kirby zhou edited comment on RANGER-3569 at 1/19/22, 2:01 AM:
--------------------------------------------------------------

here is a bug at here

[RangerKeyStoreProvider.java|https://github.com/apache/ranger/blob/master/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java]

RangerKeyStoreProvider(Configuration conf) : 123..132

if this.isHSMEnabled, dbStore will not be initialized.
{code:java}
                if(this.isHSMEnabled) {
                        logger.info("Ranger KMS HSM is enabled for storing 
master key.");
                        masterKeyProvider = new RangerHSM(conf);
                        String partitionPasswd = 
conf.get(HSM_PARTITION_PASSWORD);
                        if (partitionPasswd == null || 
partitionPasswd.trim().equals("")
                                        || partitionPasswd.trim().equals("_")
                                        || 
partitionPasswd.trim().equals("crypted")) {
                                throw new IOException("Partition Password 
doesn't exists");
                        }
                } else if (this.isKeySecureEnabled) {
{code}


was (Author: kirbyzhou):
here is a bug at RangerKeyStoreProvider(Configuration conf) : 122

if this.isHSMEnabled, dbStore will not be initialized.

{code:java}
                if(this.isHSMEnabled) {
                        logger.info("Ranger KMS HSM is enabled for storing 
master key.");
                        masterKeyProvider = new RangerHSM(conf);
                        String partitionPasswd = 
conf.get(HSM_PARTITION_PASSWORD);
                        if (partitionPasswd == null || 
partitionPasswd.trim().equals("")
                                        || partitionPasswd.trim().equals("_")
                                        || 
partitionPasswd.trim().equals("crypted")) {
                                throw new IOException("Partition Password 
doesn't exists");
                        }
                } else if (this.isKeySecureEnabled) {
{code}


> Support Ranger KMS integration with Google cloud HSM
> ----------------------------------------------------
>
>                 Key: RANGER-3569
>                 URL: https://issues.apache.org/jira/browse/RANGER-3569
>             Project: Ranger
>          Issue Type: New Feature
>          Components: kms
>            Reporter: Mateen N Mansoori
>            Priority: Major
>             Fix For: 3.0.0, 2.3.0
>
>
> Task for tracking Ranger KMS integration with google cloud HSM



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to