HIVE-29392: Add Support for CTR and GCM cipher transformations in AES…#6257
HIVE-29392: Add Support for CTR and GCM cipher transformations in AES…#6257tanishq-chugh wants to merge 2 commits into
Conversation
asf-ci-hive
added
tests pending
tests unstable
and removed
tests pending
tests unstable
labels
There was a problem hiding this comment.
A fundamental question: If I create a table using this UDF with say X as the session config in HIVE_UDF_AES_CIPHER_TRANSFORMATION and some Y in another session while reading. The data gets corrupted?
- How do I figure it out once write what was the value of the config while writing?
- If I wrote a column with say X as the value of the UDF and another existing column with Y as the value, how do I read both the columns in one query
|
Thanks for checking this @ayushtkn , and the concern is absolutely valid. As of now, there's no way to figure out the value once write is done and also, using different values at time of write/read will lead to data corruption. I am considering two options moving ahead.
Let me know your thoughts on this. |
|
|
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. |
|
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. |
3 participants
… UDFs
What changes were proposed in this pull request?
Extend support for cipher transformations in AES UDFs with Counter (CTR) & Galois/Counter Mode (GCM) modes that provide stronger security as they use Initialization Vector.
Why are the changes needed?
Currently, The AES UDFs only support one cipher transformation - AES/ECB/PKCS5Padding, which is inherently weak, as it produces the same ciphertext for identical blocks of plain text.
Does this PR introduce any user-facing change?
No
How was this patch tested?
Manually Tested