You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by "Joseph Witt (JIRA)" <ji...@apache.org> on 2015/12/04 14:28:10 UTC
[jira] [Updated] (NIFI-1242) Password-based encryption is not
compatible with OpenSSL
[ https://issues.apache.org/jira/browse/NIFI-1242?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joseph Witt updated NIFI-1242:
------------------------------
Labels: security (was: easyfix security)
> Password-based encryption is not compatible with OpenSSL
> --------------------------------------------------------
>
> Key: NIFI-1242
> URL: https://issues.apache.org/jira/browse/NIFI-1242
> Project: Apache NiFi
> Issue Type: Bug
> Components: Extensions
> Affects Versions: 0.4.0
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Priority: Critical
> Labels: security
> Fix For: 0.4.0
>
> Original Estimate: 24h
> Remaining Estimate: 24h
>
> Despite the algorithm names indicating compatibility with OpenSSL, the current password-based encryption processors cannot decrypt data that was encrypted with OpenSSL external to NiFi.
> I will create a new OpenSSLPBEEncryptor implementation, a new EncryptionMethod, and wire the logic in EncryptContent to select the correct encryptor.
> I have a more in-depth explanation of the issue at https://github.com/alopresto/opensslpbeencryptor/blob/master/blog.md, but the fix is done in a sandbox and will be moved into NiFi by morning 12/03/15.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)