[jira] [Resolved] (RANGER-3927) Ranger KMS generates master key on every restart before inserting into DB

Thu, 20 Jun 2024 06:07:35 -0700 


     [ 
https://issues.apache.org/jira/browse/RANGER-3927?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Vikas Kumar resolved RANGER-3927.
---------------------------------
    Fix Version/s: 3.0.0
       Resolution: Fixed

Resolving this Jira as it is merged.

> Ranger KMS generates master key on every restart before inserting into DB
> -------------------------------------------------------------------------
>
>                 Key: RANGER-3927
>                 URL: https://issues.apache.org/jira/browse/RANGER-3927
>             Project: Ranger
>          Issue Type: Improvement
>          Components: Ranger
>            Reporter: Dhaval Shah
>            Assignee: Vikas Kumar
>            Priority: Major
>             Fix For: 3.0.0
>
>         Attachments: 
> 0001-RANGER-3927-Avoid-Master-Key-regeneration-on-every-r.patch
>
>
> Hi,
> At preset Ranger KMS generates Master Key on every restart,
> Ref: 
> 1.) 
> https://github.com/apache/ranger/blob/master/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java#L194
> 2.) 
> https://github.com/apache/ranger/blob/master/kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java#L192
> And later check for its existence in DB .
> Ref: 
> 1.) 
> https://github.com/apache/ranger/blob/c3f1c4a6ad2ee0c805ad29f0efb265569e0d2cf0/kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java#L356
> We should check for master key existence in DB at early stage i.e. before 
> generation.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to