You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2021/03/08 15:17:00 UTC

[jira] [Created] (NIFI-8298) Refactor nifi-security-utils to reduce dependence on Bouncy Castle

David Handermann created NIFI-8298:
--------------------------------------

             Summary: Refactor nifi-security-utils to reduce dependence on Bouncy Castle
                 Key: NIFI-8298
                 URL: https://issues.apache.org/jira/browse/NIFI-8298
             Project: Apache NiFi
          Issue Type: Improvement
          Components: Core Framework
    Affects Versions: 1.13.0
            Reporter: David Handermann
            Assignee: David Handermann


The {{nifi-security-utils}} module includes a classes that perform a variety of functions from TLS communication handling to hashing and encryption operations.  Many of these classes do not depend on the Bouncy Castle Security Provider library, but many NAR bundles include a dependency on {{nifi-security-utils}} either directly or indirectly through {{nifi-processor-utils}}.  The Bouncy Castle Security Provider library is almost 6 MB, which contributes a notable amount to the size of the NiFi assembled binary after completion, due to the number of copies of the library.  Refactoring {{nifi-security-utils}} into more granular modules should remove the transitive inclusion of Bouncy Castle from a number of modules.

Several capabilities, including Kerberos handling and SSLSocket classes can be separated into discrete modules without dependence on Bouncy Castle.  Other classes used for secure hashing and cipher processing rely on Bouncy Castle, but have uses limited to framework components.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)