@@ -48,11 +48,13 @@ public class RangerHSM implements RangerKMSMKI {
4848 private static final String PARTITION_NAME = "ranger.ks.hsm.partition.name" ;
4949 private static final String HSM_TYPE = "ranger.ks.hsm.type" ;
5050 private static final String MK_KEY_SIZE = "ranger.kms.hsm.masterkey.size" ;
51- private static final String ALIAS = "RangerKMSKey" ;
51+ private static final String MK_ALIAS = "ranger.ks.hsm.masterkey.alias" ;
52+ private static final String DEFAULT_MK_ALIAS = "RangerKMSKey" ;
5253
5354 private KeyStore myStore ;
5455 private String hsmKeystore ;
55- private int mkKeySize ;
56+ private String mkAlias ;
57+ private int mkKeySize ;
5658
5759 public RangerHSM () {
5860 }
@@ -65,6 +67,7 @@ public RangerHSM(Configuration conf) {
6567 */
6668 String passwd = conf .get (PARTITION_PASSWORD );
6769 String partitionName = conf .get (PARTITION_NAME );
70+ this .mkAlias = conf .get (MK_ALIAS , DEFAULT_MK_ALIAS );
6871 this .mkKeySize = conf .getInt (MK_KEY_SIZE , DEFAULT_MK_KEY_SIZE );
6972 String errorMsg = StringUtils .EMPTY ;
7073
@@ -103,7 +106,7 @@ public boolean generateMasterKey(String password) throws Throwable {
103106
104107 boolean isMKGenerated = false ;
105108
106- if (!this .myStore .containsAlias (ALIAS )) {
109+ if (!this .myStore .containsAlias (mkAlias )) {
107110 try {
108111 logger .info ("Generating AES Master Key for '{}' HSM Provider and keySize is {}" , hsmKeystore , this .mkKeySize );
109112
@@ -113,14 +116,14 @@ public boolean generateMasterKey(String password) throws Throwable {
113116
114117 SecretKey aesKey = keyGen .generateKey ();
115118
116- myStore .setKeyEntry (ALIAS , aesKey , password .toCharArray (), (java .security .cert .Certificate []) null );
119+ myStore .setKeyEntry (mkAlias , aesKey , password .toCharArray (), (java .security .cert .Certificate []) null );
117120
118121 isMKGenerated = true ;
119122 } catch (Exception e ) {
120123 logger .error ("generateMasterKey : Exception during Ranger Master Key Generation - {}" , e .getMessage ());
121124 }
122125 } else {
123- logger .info ("Master key with alias - '{}' already exists!" , ALIAS );
126+ logger .info ("Master key with alias - '{}' already exists!" , mkAlias );
124127 }
125128
126129 logger .debug ("<== RangerHSM.generateMasterKey()" );
@@ -136,12 +139,12 @@ public String getMasterKey(String password) throws Throwable {
136139 try {
137140 logger .debug ("Searching for Ranger Master Key in Luna Keystore" );
138141
139- boolean result = myStore .containsAlias (ALIAS );
142+ boolean result = myStore .containsAlias (mkAlias );
140143
141144 if (result ) {
142145 logger .debug ("Ranger Master Key is present in Keystore" );
143146
144- SecretKey key = (SecretKey ) myStore .getKey (ALIAS , password .toCharArray ());
147+ SecretKey key = (SecretKey ) myStore .getKey (mkAlias , password .toCharArray ());
145148
146149 return Base64 .encode (key .getEncoded ());
147150 }
@@ -161,7 +164,7 @@ public boolean setExternalKeyAsMK(String password, byte[] key) {
161164 try {
162165 Key aesKey = new SecretKeySpec (key , MK_CIPHER );
163166
164- myStore .setKeyEntry (ALIAS , aesKey , password .toCharArray (), (java .security .cert .Certificate []) null );
167+ myStore .setKeyEntry (mkAlias , aesKey , password .toCharArray (), (java .security .cert .Certificate []) null );
165168
166169 return true ;
167170 } catch (KeyStoreException e ) {
0 commit comments