[jira] [Updated] (HIVE-17226) Use strong hashing as security improvement
[ https://issues.apache.org/jira/browse/HIVE-17226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Thejas M Nair updated HIVE-17226: - Fix Version/s: (was: 3.0.0) > Use strong hashing as security improvement > -- > > Key: HIVE-17226 > URL: https://issues.apache.org/jira/browse/HIVE-17226 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Tao Li >Assignee: Tao Li > > There have been 2 places identified where weak hashing needs to be replaced > by SHA256. > 1. CookieSigner.java uses MessageDigest.getInstance("SHA"). Mostly SHA is > mapped to SHA-1, which is not secure enough according to today's standards. > We should use SHA-256 instead. > 2. GenericUDFMaskHash.java uses DigestUtils.md5Hex. MD5 is considered weak > and should be replaced by DigestUtils.sha256Hex. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17226) Use strong hashing as security improvement
[ https://issues.apache.org/jira/browse/HIVE-17226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Thejas M Nair updated HIVE-17226: - Resolution: Fixed Fix Version/s: 3.0.0 Status: Resolved (was: Patch Available) > Use strong hashing as security improvement > -- > > Key: HIVE-17226 > URL: https://issues.apache.org/jira/browse/HIVE-17226 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Tao Li >Assignee: Tao Li > Fix For: 3.0.0 > > > There have been 2 places identified where weak hashing needs to be replaced > by SHA256. > 1. CookieSigner.java uses MessageDigest.getInstance("SHA"). Mostly SHA is > mapped to SHA-1, which is not secure enough according to today's standards. > We should use SHA-256 instead. > 2. GenericUDFMaskHash.java uses DigestUtils.md5Hex. MD5 is considered weak > and should be replaced by DigestUtils.sha256Hex. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17226) Use strong hashing as security improvement
[ https://issues.apache.org/jira/browse/HIVE-17226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Thejas M Nair updated HIVE-17226: - Attachment: (was: HIVE-17226.1.patch) > Use strong hashing as security improvement > -- > > Key: HIVE-17226 > URL: https://issues.apache.org/jira/browse/HIVE-17226 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Tao Li >Assignee: Tao Li > Fix For: 3.0.0 > > > There have been 2 places identified where weak hashing needs to be replaced > by SHA256. > 1. CookieSigner.java uses MessageDigest.getInstance("SHA"). Mostly SHA is > mapped to SHA-1, which is not secure enough according to today's standards. > We should use SHA-256 instead. > 2. GenericUDFMaskHash.java uses DigestUtils.md5Hex. MD5 is considered weak > and should be replaced by DigestUtils.sha256Hex. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17226) Use strong hashing as security improvement
[ https://issues.apache.org/jira/browse/HIVE-17226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17226: -- Status: Open (was: Patch Available) > Use strong hashing as security improvement > -- > > Key: HIVE-17226 > URL: https://issues.apache.org/jira/browse/HIVE-17226 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17226.1.patch > > > There have been 2 places identified where weak hashing needs to be replaced > by SHA256. > 1. CookieSigner.java uses MessageDigest.getInstance("SHA"). Mostly SHA is > mapped to SHA-1, which is not secure enough according to today's standards. > We should use SHA-256 instead. > 2. GenericUDFMaskHash.java uses DigestUtils.md5Hex. MD5 is considered weak > and should be replaced by DigestUtils.sha256Hex. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17226) Use strong hashing as security improvement
[ https://issues.apache.org/jira/browse/HIVE-17226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17226: -- Status: Patch Available (was: Open) > Use strong hashing as security improvement > -- > > Key: HIVE-17226 > URL: https://issues.apache.org/jira/browse/HIVE-17226 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17226.1.patch > > > There have been 2 places identified where weak hashing needs to be replaced > by SHA256. > 1. CookieSigner.java uses MessageDigest.getInstance("SHA"). Mostly SHA is > mapped to SHA-1, which is not secure enough according to today's standards. > We should use SHA-256 instead. > 2. GenericUDFMaskHash.java uses DigestUtils.md5Hex. MD5 is considered weak > and should be replaced by DigestUtils.sha256Hex. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17226) Use strong hashing as security improvement
[ https://issues.apache.org/jira/browse/HIVE-17226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17226: -- Status: Patch Available (was: Open) > Use strong hashing as security improvement > -- > > Key: HIVE-17226 > URL: https://issues.apache.org/jira/browse/HIVE-17226 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17226.1.patch > > > There have been 2 places identified where weak hashing needs to be replaced > by SHA256. > 1. CookieSigner.java uses MessageDigest.getInstance("SHA"). Mostly SHA is > mapped to SHA-1, which is not secure enough according to today's standards. > We should use SHA-256 instead. > 2. GenericUDFMaskHash.java uses DigestUtils.md5Hex. MD5 is considered weak > and should be replaced by DigestUtils.sha256Hex. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17226) Use strong hashing as security improvement
[ https://issues.apache.org/jira/browse/HIVE-17226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17226: -- Attachment: HIVE-17226.1.patch > Use strong hashing as security improvement > -- > > Key: HIVE-17226 > URL: https://issues.apache.org/jira/browse/HIVE-17226 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Tao Li >Assignee: Tao Li > Attachments: HIVE-17226.1.patch > > > There have been 2 places identified where weak hashing needs to be replaced > by SHA256. > 1. CookieSigner.java uses MessageDigest.getInstance("SHA"). Mostly SHA is > mapped to SHA-1, which is not secure enough according to today's standards. > We should use SHA-256 instead. > 2. GenericUDFMaskHash.java uses DigestUtils.md5Hex. MD5 is considered weak > and should be replaced by DigestUtils.sha256Hex. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17226) Use strong hashing as security improvement
[ https://issues.apache.org/jira/browse/HIVE-17226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17226: -- Component/s: (was: Hive) Security > Use strong hashing as security improvement > -- > > Key: HIVE-17226 > URL: https://issues.apache.org/jira/browse/HIVE-17226 > Project: Hive > Issue Type: Improvement > Components: Security >Reporter: Tao Li >Assignee: Tao Li > > There have been 2 places identified where weak hashing needs to be replaced > by SHA256. > 1. CookieSigner.java uses MessageDigest.getInstance("SHA"). Mostly SHA is > mapped to SHA-1, which is not secure enough according to today's standards. > We should use SHA-256 instead. > 2. GenericUDFMaskHash.java uses DigestUtils.md5Hex. MD5 is considered weak > and should be replaced by DigestUtils.sha256Hex. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Updated] (HIVE-17226) Use strong hashing as security improvement
[ https://issues.apache.org/jira/browse/HIVE-17226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tao Li updated HIVE-17226: -- Component/s: Hive > Use strong hashing as security improvement > -- > > Key: HIVE-17226 > URL: https://issues.apache.org/jira/browse/HIVE-17226 > Project: Hive > Issue Type: Improvement > Components: Hive >Reporter: Tao Li >Assignee: Tao Li > > There have been 2 places identified where weak hashing needs to be replaced > by SHA256. > 1. CookieSigner.java uses MessageDigest.getInstance("SHA"). Mostly SHA is > mapped to SHA-1, which is not secure enough according to today's standards. > We should use SHA-256 instead. > 2. GenericUDFMaskHash.java uses DigestUtils.md5Hex. MD5 is considered weak > and should be replaced by DigestUtils.sha256Hex. -- This message was sent by Atlassian JIRA (v6.4.14#64029)