[nifi] branch main updated: NIFI-8246 Set NIFI_PBKDF2_AES_GCM_256 as default properties encryption algorithm

Wed, 12 May 2021 03:59:11 -0700 

This is an automated email from the ASF dual-hosted git repository.

pvillard pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/main by this push:
     new 09e54c1  NIFI-8246 Set NIFI_PBKDF2_AES_GCM_256 as default properties 
encryption algorithm
09e54c1 is described below

commit 09e54c1dad09a6b91d5e9a08ee53de42afa56c53
Author: exceptionfactory <[email protected]>
AuthorDate: Tue May 4 09:58:25 2021 -0500

    NIFI-8246 Set NIFI_PBKDF2_AES_GCM_256 as default properties encryption 
algorithm
    
    Signed-off-by: Pierre Villard <[email protected]>
    
    This closes #5055.
---
 nifi-docs/src/main/asciidoc/administration-guide.adoc                 | 2 +-
 nifi-docs/src/main/asciidoc/toolkit-guide.adoc                        | 4 ++--
 .../nifi-framework-bundle/nifi-framework/nifi-resources/pom.xml       | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/nifi-docs/src/main/asciidoc/administration-guide.adoc 
b/nifi-docs/src/main/asciidoc/administration-guide.adoc
index 54d33a2..e973125 100644
--- a/nifi-docs/src/main/asciidoc/administration-guide.adoc
+++ b/nifi-docs/src/main/asciidoc/administration-guide.adoc
@@ -3571,7 +3571,7 @@ These properties pertain to various security features in 
NiFi. Many of these pro
 |====
 |*Property*|*Description*
 |`nifi.sensitive.props.key`|This is the password used to encrypt any sensitive 
property values that are configured in processors. By default, it is blank, but 
the system administrator should provide a value for it. It can be a string of 
any length, although the recommended minimum length is 10 characters. Be aware 
that once this password is set and one or more sensitive processor properties 
have been configured, this password should not be changed.
-|`nifi.sensitive.props.algorithm`|The algorithm used to encrypt sensitive 
properties. The default value is `PBEWITHMD5AND256BITAES-CBC-OPENSSL`.
+|`nifi.sensitive.props.algorithm`|The algorithm used to encrypt sensitive 
properties. The default value is `NIFI_PBKDF2_AES_GCM_256`.
 |`nifi.sensitive.props.provider`|The sensitive property provider. The default 
value is `BC`.
 |`nifi.sensitive.props.additional.keys`|The comma separated list of properties 
in _nifi.properties_ to encrypt in addition to the default sensitive properties 
(see <<encrypt-config_tool>>).
 |`nifi.security.autoreload.enabled`|Specifies whether the SSL context factory 
should be automatically reloaded if updates to the keystore and truststore are 
detected. By default, it is set to `false`.
diff --git a/nifi-docs/src/main/asciidoc/toolkit-guide.adoc 
b/nifi-docs/src/main/asciidoc/toolkit-guide.adoc
index 2406648..9627bda 100644
--- a/nifi-docs/src/main/asciidoc/toolkit-guide.adoc
+++ b/nifi-docs/src/main/asciidoc/toolkit-guide.adoc
@@ -475,7 +475,7 @@ As an example of how the tool works, assume that you have 
installed the tool on
 ----
 # security properties #
 nifi.sensitive.props.key=thisIsABadSensitiveKeyPassword
-nifi.sensitive.props.algorithm=PBEWITHMD5AND256BITAES-CBC-OPENSSL
+nifi.sensitive.props.algorithm=NIFI_PBKDF2_AES_GCM_256
 nifi.sensitive.props.provider=BC
 nifi.sensitive.props.additional.keys=
 
@@ -504,7 +504,7 @@ As a result, the _nifi.properties_ file is overwritten with 
protected properties
 # security properties #
 
nifi.sensitive.props.key=n2z+tTTbHuZ4V4V2||uWhdasyDXD4ZG2lMAes/vqh6u4vaz4xgL4aEbF4Y/dXevqk3ulRcOwf1vc4RDQ==
 nifi.sensitive.props.key.protected=aes/gcm/256
-nifi.sensitive.props.algorithm=PBEWITHMD5AND256BITAES-CBC-OPENSSL
+nifi.sensitive.props.algorithm=NIFI_PBKDF2_AES_GCM_256
 nifi.sensitive.props.provider=BC
 nifi.sensitive.props.additional.keys=
 
diff --git 
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-resources/pom.xml 
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-resources/pom.xml
index 29831d5..0ed7074 100644
--- 
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-resources/pom.xml
+++ 
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-resources/pom.xml
@@ -88,7 +88,7 @@
         
<nifi.documentation.working.directory>./work/docs/components</nifi.documentation.working.directory>
 
         <nifi.sensitive.props.key.protected />
-        
<nifi.sensitive.props.algorithm>PBEWITHMD5AND256BITAES-CBC-OPENSSL</nifi.sensitive.props.algorithm>
+        
<nifi.sensitive.props.algorithm>NIFI_PBKDF2_AES_GCM_256</nifi.sensitive.props.algorithm>
         <nifi.sensitive.props.provider>BC</nifi.sensitive.props.provider>
         <nifi.sensitive.props.additional.keys />

Reply via email to