[jira] [Resolved] (RANGER-5313) Support FIPS compliant crypto algorithm to encrypt/decrypt for service password

Vikas Kumar (Jira) Fri, 21 Nov 2025 09:39:05 -0800


     [ 
https://issues.apache.org/jira/browse/RANGER-5313?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Vikas Kumar resolved RANGER-5313.
---------------------------------
    Fix Version/s: 3.0.0
       Resolution: Fixed

PR has been reviewed and merged. hence Resolving the JIRA. Thanks.

> Support FIPS compliant crypto algorithm to encrypt/decrypt for service 
> password  
> ---------------------------------------------------------------------------------
>
>                 Key: RANGER-5313
>                 URL: https://issues.apache.org/jira/browse/RANGER-5313
>             Project: Ranger
>          Issue Type: New Feature
>          Components: admin
>            Reporter: Vikas Kumar
>            Assignee: Vikas Kumar
>            Priority: Major
>             Fix For: 3.0.0
>
>          Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> Current implementation uses following algorithm to encrypt/decrypt password 
> before storing into DB:
> {code:java}
> PBEWITHHMACSHA512ANDAES_128 , PBEWithMD5AndDES{code}
> These algorithm are weak. 
> Requirement is to start supporting *PBKDF2WithHmacSHA256* for FIPS env.
> As part of this feature, Service should not stop supporting existing 
> algorithms but it should support *PBKDF2WithHmacSHA256* as well if configured.
> Also, it should not break any existing behaviour.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (RANGER-5313) Support FIPS compliant crypto algorithm to encrypt/decrypt for service password

Reply via email to