This is an automated email from the ASF dual-hosted git repository.
exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new 10eda1ac69 NIFI-13966 Removed unsupported security protocols from SNMP
processors (#9487)
10eda1ac69 is described below
commit 10eda1ac69fb4a6ab0b8b67c8c23152e70581f8e
Author: Peter Turcsanyi <[email protected]>
AuthorDate: Tue Nov 5 04:37:56 2024 +0100
NIFI-13966 Removed unsupported security protocols from SNMP processors
(#9487)
Signed-off-by: David Handermann <[email protected]>
---
.../snmp/processors/properties/V3SecurityProperties.java | 13 +++----------
1 file changed, 3 insertions(+), 10 deletions(-)
diff --git
a/nifi-extension-bundles/nifi-snmp-bundle/nifi-snmp-processors/src/main/java/org/apache/nifi/snmp/processors/properties/V3SecurityProperties.java
b/nifi-extension-bundles/nifi-snmp-bundle/nifi-snmp-processors/src/main/java/org/apache/nifi/snmp/processors/properties/V3SecurityProperties.java
index 412f75892a..6566ac6dcf 100644
---
a/nifi-extension-bundles/nifi-snmp-bundle/nifi-snmp-processors/src/main/java/org/apache/nifi/snmp/processors/properties/V3SecurityProperties.java
+++
b/nifi-extension-bundles/nifi-snmp-bundle/nifi-snmp-processors/src/main/java/org/apache/nifi/snmp/processors/properties/V3SecurityProperties.java
@@ -43,10 +43,6 @@ public class V3SecurityProperties {
"Communication with authentication and privacy.");
// SNMPv3 authentication protocols
- public static final AllowableValue MD5 = new AllowableValue("MD5", "MD5",
- "Provides authentication based on the HMAC-MD5 algorithm.");
- public static final AllowableValue SHA = new AllowableValue("SHA", "SHA",
- "Provides authentication based on the HMAC-SHA algorithm.");
public static final AllowableValue HMAC128SHA224 = new
AllowableValue("HMAC128SHA224", "SHA224",
SHA_2_ALGORITHM);
public static final AllowableValue HMAC192SHA256 = new
AllowableValue("HMAC192SHA256", "SHA256",
@@ -59,10 +55,7 @@ public class V3SecurityProperties {
// SNMPv3 encryption
public static final AllowableValue DES = new AllowableValue("DES", "DES",
"Symmetric-key algorithm for the encryption of digital data. DES
has been considered insecure" +
- "because of the feasilibity of brute-force attacks. We
recommend using the AES encryption protocol.");
- public static final AllowableValue DES3 = new AllowableValue("3DES",
"3DES",
- "Symmetric-key block cipher, which applies the DES cipher
algorithm three times to each data block." +
- " 3DES has been considered insecure has been deprecated by
NIST in 2017. We recommend using the AES encryption protocol.");
+ " because of the feasibility of brute-force attacks. We
recommend using the AES encryption protocol.");
public static final AllowableValue AES128 = new AllowableValue("AES128",
"AES128", AES_DESCRIPTION);
public static final AllowableValue AES192 = new AllowableValue("AES192",
"AES192", AES_DESCRIPTION);
@@ -95,7 +88,7 @@ public class V3SecurityProperties {
.displayName("SNMP Authentication Protocol")
.description("Hash based authentication protocol for secure
authentication.")
.required(true)
- .allowableValues(MD5, SHA, HMAC128SHA224, HMAC192SHA256,
HMAC256SHA384, HMAC384SHA512)
+ .allowableValues(HMAC128SHA224, HMAC192SHA256, HMAC256SHA384,
HMAC384SHA512)
.dependsOn(SNMP_SECURITY_LEVEL, AUTH_NO_PRIV, AUTH_PRIV)
.build();
@@ -114,7 +107,7 @@ public class V3SecurityProperties {
.displayName("SNMP Privacy Protocol")
.description("Privacy allows for encryption of SNMP v3 messages to
ensure confidentiality of data.")
.required(true)
- .allowableValues(DES, DES3, AES128, AES192, AES256)
+ .allowableValues(DES, AES128, AES192, AES256)
.dependsOn(SNMP_SECURITY_LEVEL, AUTH_PRIV)
.build();
