Vikas Kumar created RANGER-5435:
-----------------------------------
Summary: Change the default KMS ZoneKey length from 128 to 256
Key: RANGER-5435
URL: https://issues.apache.org/jira/browse/RANGER-5435
Project: Ranger
Issue Type: Task
Components: kms
Reporter: Vikas Kumar
Assignee: Vikas Kumar
*Current Behaviour:*
By default (even on KeyAdmin UI), ZoneKey length comes as 128. Although it can
be changed to 256 by editing the textfield.
Similarly, if nothing is passed as bitLength, underlying SecurityProvider
default length is used. For AES, it comes as 128.
*New requirement:*
* Update the default value on KeyAdmin UI to 256
* On KMS service side, if bitLength comes as empty, set the bitLength value to
256.
* If any other value is passed explicitly (like zero or any other value), KMS
service should not alter that and it should pass that value as it-is to the
underlying SecurityProvider.
*Why this change is required ?*
Now AES-256 has become the norm. AES-128 is weak.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
