[
https://issues.apache.org/jira/browse/RANGER-5435?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vikas Kumar resolved RANGER-5435.
---------------------------------
Fix Version/s: 3.0.0
Resolution: Fixed
PR has been tested, reviewed and merged.
{code:java}
commit 70138c40cd663da6ed11ec93e8b5876e90996fb2 {code}
Hence, marking the Jira Resolved. Thanks.
> Change the default KMS ZoneKey length from 128 to 256
> -----------------------------------------------------
>
> Key: RANGER-5435
> URL: https://issues.apache.org/jira/browse/RANGER-5435
> Project: Ranger
> Issue Type: Task
> Components: kms
> Reporter: Vikas Kumar
> Assignee: Vikas Kumar
> Priority: Major
> Fix For: 3.0.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> *Current Behaviour:*
> By default (even on KeyAdmin UI), ZoneKey length comes as 128. Although it
> can be changed to 256 by editing the textfield.
> Similarly, if nothing is passed as bitLength, underlying SecurityProvider
> default length is used. For AES, it comes as 128.
> *New requirement:*
> * Update the default value on KeyAdmin UI to 256
> * On KMS service side, if bitLength comes as empty, set the bitLength value
> to 256.
> * If any other value is passed explicitly (like zero or any other value),
> KMS service should not alter that and it should pass that value as it-is to
> the underlying SecurityProvider.
> *Why this change is required ?*
> Now AES-256 has become the norm. AES-128 is weak.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
