[GitHub] nifi pull request: Nifi 1324

[alopresto]

GitHub user alopresto opened a pull request:

    https://github.com/apache/nifi/pull/162

    Nifi 1324

    Upgraded BouncyCastle dependency from `jdk16` to `jdk15on` (the current 
version) and from version 1.46 to 1.53. 
    
    Rewrote PGP logic with new BC APIs. 
    Rewrote OCSP logic with new BC APIs. 
    
    Added unit tests. 

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/alopresto/nifi NIFI-1324

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi/pull/162.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #162
    
----
commit d9eb2f0f63ea7dcaa6d3e747a706091c2536419d
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2015-12-23T03:03:09Z

    NIFI-1324:
    
    Changed Maven dependencies for BouncyCastle bcprov and bcpg from jdk16:1.46 
to jdk15on:1.53 (kept nifi-web-security on jdk16:1.46 because jdk15on:1.53 
splits OCSP logic into new module bcpkix).
    Added individual unit tests for PGP public keyring validation.
    Passes all legacy unit tests.

commit 6f638ce1a962543bb19bb6107ad09f6aba6d743a
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2015-12-23T03:11:20Z

    NIFI-1324:
    
    Added TODOs for customizable brick encryption and refactoring shared code.
    Cleaned up magic numbers to constants.

commit cb480d3dc238feab564d05145bfd7eca64e75ad1
Author: Andy LoPresto <alopre...@users.noreply.github.com>
Date:   2015-12-23T03:24:25Z

    Merge pull request #2 from apache/master
    
    Pulling from upstream/master

commit 368fabcd29b41e85e181d6ba7924fa0360775403
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2015-12-23T03:25:28Z

    Merge branch 'master' of https://github.com/alopresto/nifi into NIFI-1324

commit 9633121425ceed5b3f6decd98f90c6e468c7d580
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2015-12-23T16:57:54Z

    NIFI-1324:
    
    Added unit tests for OpenPGPPasswordBasedEncryptor (internal consistency 
and legacy file decrypt).
    Began refactoring shared encrypt code from OpenPGP* implementations.

commit 1ca503959c3f82c92410c79ef1907e6796438b46
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2015-12-23T17:19:24Z

    NIFI-1324:
    
    Extracted encrypt utility method from OpenPGPPasswordBasedEncryptor to 
PGPUtil class.

commit 66a87e1fffa4e67baaa769976cb88934032cf2bc
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2015-12-23T17:57:55Z

    NIFI-1324:
    
    Added test resources (signed and unsigned key-encrypted files).
    Added unit tests for OpenPGPKeyBasedEncryptor (internal consistency and 
external file decrypt).

commit da648b9747e069bbc021f0a9996d9ee79ca2bdf9
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2015-12-28T17:07:35Z

    NIFI-1324:
    
    Changed BC dependency for nifi-web-security to bcprov-jdk15on:1.53 and 
bcpkix-jdk15on:1.53.
    Updated OCSPValidator to use new BC logic for OCSP validation. This code 
compiles but should be fully audited, as the legacy OCSP validation was not 
completely implemented.

commit d42302e5a36b929590866ab4e4bf595f0b1fe0b2
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2016-01-04T22:04:51Z

    NIFI-1324:
    
    Added skeleton of OCSP validator unit tests with successful keypair and 
certificate generation and signing code.

commit 4b855d9c6d24926d88d5262cdd6e5c26ee29c142
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2016-01-04T22:10:13Z

    NIFI-1324:
    
    Added further unit tests for issued certificates.

commit c47fa8f76e46f8a338574cb9c40b75f2d80ff58b
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2016-01-06T01:03:41Z

    NIFI-1324:
    
    Annotated unimplemented unit tests with note about Groovy integration.

commit 913c095e2c13dc7fa156e6e3b67f80bb140d4ee0
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2016-01-06T01:49:34Z

    NIFI-1324:
    
    Added Groovy support for unit tests to pom with skeleton test.

commit a48c1e47919343a71bff342bfcfcdbbc79fd930e
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2016-01-07T22:38:39Z

    NIFI-1324:
    
    Refactored Jersey call in OCSPCertificateValidator to internal method.
    Added Groovy unit tests for OCSPCertificateValidator.

commit 34ba220c273f6bbf8673b46022212ca269098e16
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2016-01-07T23:05:06Z

    NIFI-1324:
    
    Added toString() to NiFi local OcspRequest.
    Implemented positive & negative unit tests with cache injection for 
valid/revoked OCSP certificate.

commit 0931c3d518dfffd1a83f4c6faff8f1b4e9e7e70d
Author: Andy LoPresto <alopresto.apa...@gmail.com>
Date:   2016-01-07T23:21:44Z

    Revert "NIFI-1324:"
    
    This reverts commit 913c095e2c13dc7fa156e6e3b67f80bb140d4ee0.
    
    # Conflicts:
    #   
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/groovy/org/apache/nifi/web/security/x509/ocsp/OcspCertificateValidatorGroovyTest.groovy

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---