[
https://issues.apache.org/jira/browse/RANGER-5313?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18039875#comment-18039875
]
Dhaval Shah commented on RANGER-5313:
-------------------------------------
Hi,
Committed into Apache Master branch:
https://github.com/apache/ranger/commit/d50d8e654320e3817fb842fb918a7a0d78ff3fc7|
Thanks
> Support FIPS compliant crypto algorithm to encrypt/decrypt for service
> password
> ---------------------------------------------------------------------------------
>
> Key: RANGER-5313
> URL: https://issues.apache.org/jira/browse/RANGER-5313
> Project: Ranger
> Issue Type: New Feature
> Components: admin
> Reporter: Vikas Kumar
> Assignee: Vikas Kumar
> Priority: Major
> Time Spent: 1h 10m
> Remaining Estimate: 0h
>
> Current implementation uses following algorithm to encrypt/decrypt password
> before storing into DB:
> {code:java}
> PBEWITHHMACSHA512ANDAES_128 , PBEWithMD5AndDES{code}
> These algorithm are weak.
> Requirement is to start supporting *PBKDF2WithHmacSHA256* for FIPS env.
> As part of this feature, Service should not stop supporting existing
> algorithms but it should support *PBKDF2WithHmacSHA256* as well if configured.
> Also, it should not break any existing behaviour.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
