From dev-return-17560-archive-asf-public=cust-asf.ponee.io@ranger.apache.org Tue Apr 3 09:37:35 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 2AC4218064D for ; Tue, 3 Apr 2018 09:37:35 +0200 (CEST) Received: (qmail 93688 invoked by uid 500); 3 Apr 2018 07:37:34 -0000 Mailing-List: contact dev-help@ranger.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ranger.apache.org Delivered-To: mailing list dev@ranger.apache.org Received: (qmail 93673 invoked by uid 99); 3 Apr 2018 07:37:33 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 Apr 2018 07:37:33 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 1D8081806B3; Tue, 3 Apr 2018 07:37:33 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 2.59 X-Spam-Level: ** X-Spam-Status: No, score=2.59 tagged_above=-999 required=6.31 tests=[DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_REPLYTO_END_DIGIT=0.25, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=2, KAM_LAZY_DOMAIN_SECURITY=1, KAM_MANYTO=0.2, NML_ADSP_CUSTOM_MED=1.2, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id JiIVuM6eHbLg; Tue, 3 Apr 2018 07:37:31 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 03D8F5F4AA; Tue, 3 Apr 2018 07:37:31 +0000 (UTC) Received: from reviews.apache.org (unknown [10.41.0.12]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 16D91E00D6; Tue, 3 Apr 2018 07:37:29 +0000 (UTC) Received: from reviews-vm2.apache.org (localhost [IPv6:::1]) by reviews.apache.org (ASF Mail Server at reviews-vm2.apache.org) with ESMTP id 60E66C40494; Tue, 3 Apr 2018 07:37:29 +0000 (UTC) Content-Type: multipart/alternative; boundary="===============8273983623562509167==" MIME-Version: 1.0 Subject: Re: Review Request 66357: RANGER-2017 : Ranger KMS encryption good practices From: bhavik patel To: Mehul Parikh , Gautam Borad , Abhay Kulkarni , Ramesh Mani , Velmurugan Periasamy , Sailaja Polavarapu , Selvamohan Neethiraj , Ankita Sinha , Madhan Neethiraj , Don Bosco Durai Cc: bhavik patel , Qiang Zhang , ranger Date: Tue, 03 Apr 2018 07:37:28 -0000 Message-ID: <20180403073728.21438.93073@reviews-vm2.apache.org> X-ReviewBoard-URL: https://reviews.apache.org/ Auto-Submitted: auto-generated Sender: bhavik patel X-ReviewGroup: ranger X-Auto-Response-Suppress: DR, RN, OOF, AutoReply X-ReviewRequest-URL: https://reviews.apache.org/r/66357/ X-Sender: bhavik patel References: <20180402215800.45621.89675@reviews-vm2.apache.org> In-Reply-To: <20180402215800.45621.89675@reviews-vm2.apache.org> Reply-To: bhavik patel X-ReviewRequest-Repository: ranger --===============8273983623562509167== MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit > On April 2, 2018, 9:58 p.m., Velmurugan Periasamy wrote: > > kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java > > Line 200 (original), 322 (patched) > > > > > > Why is salt generated from password? Change to random values. We can not use random values because at the time of encryption & decryption of key will require same value of saltGen. If we want, we can also make it configurable properties like other. - bhavik ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66357/#review200319 ----------------------------------------------------------- On March 29, 2018, 12:10 p.m., bhavik patel wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66357/ > ----------------------------------------------------------- > > (Updated March 29, 2018, 12:10 p.m.) > > > Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-2017 > https://issues.apache.org/jira/browse/RANGER-2017 > > > Repository: ranger > > > Description > ------- > > Code Improvement To Follow Best Practices. > > > Diffs > ----- > > kms/config/kms-webapp/dbks-site.xml 2fc5177 > kms/scripts/DBMK2HSM.sh 89c8c2d > kms/scripts/HSMMK2DB.sh 2637cf6 > kms/scripts/importJCEKSKeys.sh d72c93e > kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java 5614c16 > > > Diff: https://reviews.apache.org/r/66357/diff/1/ > > > Testing > ------- > > 1. Verified Ranger Kms is working as expected. > 2. Import/Export of key's working as expected. > > > Thanks, > > bhavik patel > > --===============8273983623562509167==--