[
https://issues.apache.org/jira/browse/NIFI-8094?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Handermann updated NIFI-8094:
-----------------------------------
Labels: FIPS security (was: security)
> Support BCFKS Keystore Type
> ---------------------------
>
> Key: NIFI-8094
> URL: https://issues.apache.org/jira/browse/NIFI-8094
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Extensions, Security
> Affects Versions: 1.12.1
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Labels: FIPS, security
> Time Spent: 1h
> Remaining Estimate: 0h
>
> The [Bouncy Castle FIPS Key
> Store|https://cryptosense.com/blog/bouncycastle-keystore-security/] (BCFKS)
> format supports storage of certificates and private keys using AES-CCM and
> PBKDF2 algorithms, providing greater security than the standard JKS and
> PKCS12 implementations. Support for BCFKS can be implemented using Bouncy
> Castle security provider libraries that are already leveraged throughout the
> system.
> Initial support should include the ability to specify BCFKS as the key store
> and trust store type in standard properties files as well as the ability to
> select BCFKS in implementations of the SSLContextService.
> Extension components that do not use {{SSLContextService.createSSLContext()}}
> may need additional work, which should be addressed in related issues
> following this implementation.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
