You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2021/03/08 15:17:00 UTC
[jira] [Created] (NIFI-8298) Refactor nifi-security-utils to reduce
dependence on Bouncy Castle
David Handermann created NIFI-8298:
--------------------------------------
Summary: Refactor nifi-security-utils to reduce dependence on Bouncy Castle
Key: NIFI-8298
URL: https://issues.apache.org/jira/browse/NIFI-8298
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework
Affects Versions: 1.13.0
Reporter: David Handermann
Assignee: David Handermann
The {{nifi-security-utils}} module includes a classes that perform a variety of functions from TLS communication handling to hashing and encryption operations. Many of these classes do not depend on the Bouncy Castle Security Provider library, but many NAR bundles include a dependency on {{nifi-security-utils}} either directly or indirectly through {{nifi-processor-utils}}. The Bouncy Castle Security Provider library is almost 6 MB, which contributes a notable amount to the size of the NiFi assembled binary after completion, due to the number of copies of the library. Refactoring {{nifi-security-utils}} into more granular modules should remove the transitive inclusion of Bouncy Castle from a number of modules.
Several capabilities, including Kerberos handling and SSLSocket classes can be separated into discrete modules without dependence on Bouncy Castle. Other classes used for secure hashing and cipher processing rely on Bouncy Castle, but have uses limited to framework components.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)