You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2019/09/03 18:01:00 UTC

[jira] [Commented] (NIFI-6536) Expose PGP symmetric encryption algorithm in EncryptContent

    [ https://issues.apache.org/jira/browse/NIFI-6536?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16921617#comment-16921617 ] 

ASF subversion and git services commented on NIFI-6536:
-------------------------------------------------------

Commit 4c6c1cbb14aaedda649981f76d71ced2e8a36eac in nifi's branch refs/heads/master from Alessandro D'Armiento
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=4c6c1cb ]

NIFI-6536 EncryptContent accepts configurable PGP symmetric cipher
Additional test case in TestEncryptContent
Apply suggestions from code review
nit picking
Apply suggestions from code review
nitpicking from mgaido91
Small fixes
Additional test case to check the provided cipher is actually used by inferring it from the ciphertext
Updated `EncryptContent` to use a pre-defined list of allowable PGP ciphers
Updated `EncryptContent` to check the validity of `PGP_SYMMETRIC_ENCRYPTION_CIPHER`
Updated test cases
Minor fixes
NIFI-6536 Fixed typo and strengthened validity checking for PGP symmetric cipher.

This closes #3664.

Co-Authored-By: Marco Gaido <ma...@gmail.com>

Signed-off-by: Andy LoPresto <al...@apache.org>


> Expose PGP symmetric encryption algorithm in EncryptContent
> -----------------------------------------------------------
>
>                 Key: NIFI-6536
>                 URL: https://issues.apache.org/jira/browse/NIFI-6536
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Extensions
>    Affects Versions: 1.9.2
>            Reporter: Brandon DeVries
>            Priority: Minor
>              Labels: algorithm, pgp, security, symmetric_cipher
>          Time Spent: 5h 50m
>  Remaining Estimate: 0h
>
> EncryptContent, when using PGP, is currently hard coded to use AES_128 as its symmetric key algorithm.  There is a TODO adjacent to this in the code [1]:
>      // TODO: Refactor internal symmetric encryption algorithm to be customizable 
> [1] [https://github.com/apache/nifi/blob/master/nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/security/util/crypto/OpenPGPKeyBasedEncryptor.java#L348]



--
This message was sent by Atlassian Jira
(v8.3.2#803003)