[Impala-ASF-CR] IMPALA-12993: Encrypt password in JDBC table properties when saving into HMS DB

Thu, 09 Jan 2025 11:54:38 -0800 

Pranav Lodha has posted comments on this change. ( 
http://gerrit.cloudera.org:8080/22285 )

Change subject: IMPALA-12993: Encrypt password in JDBC table properties when 
saving into HMS DB
......................................................................


Patch Set 4:

(3 comments)

> Uploaded patch set 4.

http://gerrit.cloudera.org:8080/#/c/22285/3/fe/src/main/java/org/apache/impala/catalog/DataSourceTable.java
File fe/src/main/java/org/apache/impala/catalog/DataSourceTable.java:

http://gerrit.cloudera.org:8080/#/c/22285/3/fe/src/main/java/org/apache/impala/catalog/DataSourceTable.java@64
PS3, Line 64:     secretKey = new javax.crypto.spec.SecretKeySpec(decodedKey, 
0, decodedKey.length,
> line too long (93 > 90)
Done


http://gerrit.cloudera.org:8080/#/c/22285/3/fe/src/main/java/org/apache/impala/catalog/DataSourceTable.java@69
PS3, Line 69:     keyGen.init(256);
> This is generating a key on startup. If instance is restarted, we'll get a
We’re not generating a key while decrypting, whenever we’re encrypting we’re 
storing key on table property.


http://gerrit.cloudera.org:8080/#/c/22285/3/fe/src/main/java/org/apache/impala/catalog/DataSourceTable.java@319
PS3, Line 319:
             :               // perform decryption of password
             :               aes_encryption.setKey(aes_key);
             :               propertyValue = 
aes_encryption.decrypt(propertyValue
> remove two indent spaces, don't write password to log file.
Done



--
To view, visit http://gerrit.cloudera.org:8080/22285
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings

Gerrit-Project: Impala-ASF
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I4189f4d83377f3c780f6c246f78eb46b46af9305
Gerrit-Change-Number: 22285
Gerrit-PatchSet: 4
Gerrit-Owner: Pranav Lodha <[email protected]>
Gerrit-Reviewer: Impala Public Jenkins <[email protected]>
Gerrit-Reviewer: Michael Smith <[email protected]>
Gerrit-Reviewer: Pranav Lodha <[email protected]>
Gerrit-Reviewer: Wenzhe Zhou <[email protected]>
Gerrit-Comment-Date: Thu, 09 Jan 2025 19:54:13 +0000
Gerrit-HasComments: Yes

Reply via email to