[
https://issues.apache.org/jira/browse/IMPALA-10206?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Wenzhe Zhou updated IMPALA-10206:
---------------------------------
Description:
Class Webserver (be/src/util/webserver.h) is defined as a wrapper class for the
Squeasel web server library. Squeasel supports the original Digest Access
Authorization with MD5 hash algorithm (RFC 2069).
To support FIPS, we have to use FIPS-approved algorithms. Squeasel use MD5 and
SHA-1 hash algorithms. But MD5 is one of forbidden algorithms for FIPS, and
SHA-1 is soon to be deprecated. We have to replace MD5 and SHA-1 with
FIPS-approved algorithms, like SHA-512.
was:To support FIPS, we have to use FIPS-approved algorithms. Squeasel use
MD5 and SHA-1 hash algorithms. But MD5 is one of forbidden algorithms for FIPS,
and SHA-1 is soon to be deprecated. We have to replace MD5 and SHA-1 with
FIPS-approved algorithms, like SHA-512.
> Replace MD5 and SHA1 hash with SHA-512 for Squeasel
> ---------------------------------------------------
>
> Key: IMPALA-10206
> URL: https://issues.apache.org/jira/browse/IMPALA-10206
> Project: IMPALA
> Issue Type: Improvement
> Components: Backend
> Affects Versions: Impala 4.0
> Reporter: Wenzhe Zhou
> Assignee: Wenzhe Zhou
> Priority: Major
> Labels: FIPS
>
> Class Webserver (be/src/util/webserver.h) is defined as a wrapper class for
> the Squeasel web server library. Squeasel supports the original Digest
> Access Authorization with MD5 hash algorithm (RFC 2069).
> To support FIPS, we have to use FIPS-approved algorithms. Squeasel use MD5
> and SHA-1 hash algorithms. But MD5 is one of forbidden algorithms for FIPS,
> and SHA-1 is soon to be deprecated. We have to replace MD5 and SHA-1 with
> FIPS-approved algorithms, like SHA-512.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
