alopresto commented on a change in pull request #4427:
URL: https://github.com/apache/nifi/pull/4427#discussion_r460260816
##########
File path:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/encrypt/StringEncryptor.java
##########
@@ -408,27 +468,34 @@ public String decrypt(String cipherText) throws
EncryptionException {
private byte[] decryptPBE(byte[] cipherBytes) {
PBECipherProvider pbecp = (PBECipherProvider) cipherProvider;
- final EncryptionMethod encryptionMethod =
EncryptionMethod.forAlgorithm(algorithm);
+ final EncryptionMethod encryptionMethod =
getEncryptionMethodForAlgorithm(algorithm);
// Extract salt
- int saltLength = CipherUtility.getSaltLengthForAlgorithm(algorithm);
+ int saltLength = determineSaltLength(algorithm);
byte[] salt = new byte[saltLength];
System.arraycopy(cipherBytes, 0, salt, 0, saltLength);
- byte[] actualCipherBytes = Arrays.copyOfRange(cipherBytes, saltLength,
cipherBytes.length);
+ // Read IV if necessary (allows for future use of Argon2, PBKDF2,
Bcrypt, or Scrypt)
+ byte[] ivBytes = new byte[0];
Review comment:
The instantiation of the `byte[0]` is just to simplify the code which
concatenates all the byte arrays below -- rather than having duplicate logic
for IV present/not, it just appends the array whether it is populated or empty.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
