[
https://issues.apache.org/jira/browse/HBASE-13002?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14314629#comment-14314629
]
Andrew Purtell commented on HBASE-13002:
----------------------------------------
This isn't quite right.
Keys are always wrapped with AES by design. This is mentioned in the javadoc
the patch removes, but fair enough the explanation was lacking: We don't want
key wrapping to use a potentially insecure algorithm. Remove this part or
introduce a configuration for separately defining what algorithm is used for
key wrapping.
The test is "TestAES", so substituting another cipher doesn't make sense:
{code}
diff --git
a/hbase-common/src/test/java/org/apache/hadoop/hbase/io/crypto/aes/TestAES.java
b/hbase-common/src/test/java/org/apache/hadoop/hbase/io/crypto/aes/TestAES.java
[...]
{code}
Other changes seem ok.
> Make encryption cipher configurable
> -----------------------------------
>
> Key: HBASE-13002
> URL: https://issues.apache.org/jira/browse/HBASE-13002
> Project: HBase
> Issue Type: Improvement
> Reporter: Ashish Singhi
> Assignee: Ashish Singhi
> Fix For: 2.0.0, 1.0.1, 1.1.0, 0.98.11
>
> Attachments: HBASE-13002.patch
>
>
> Make encryption cipher configurable currently it is hard coded to AES, so
> that user can configure his/her own algorithm.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
