[
https://issues.apache.org/jira/browse/NIFI-7668?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17291254#comment-17291254
]
ASF subversion and git services commented on NIFI-7668:
-------------------------------------------------------
Commit 5608f4389aa5509f5c19bbcba207dfc37b5674cc in nifi's branch
refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=5608f43 ]
NIFI-7668 Implemented support for additional AEAD property encryption methods
- Added support for PBKDF2 and Scrypt property encryption methods in addition
to Argon2
- Refactored StringEncryptor class to PropertyEncryptor interface with
implementations
- Added PasswordBasedCipherPropertyEncryptor and KeyedCipherPropertyEncryptor
- Replaced direct instantiation of encryptor with PropertyEncryptorFactory
- Refactored applicable unit tests to use mocked PropertyEncryptor
NIFI-7668 Consolidated similar methods to CipherPropertyEncryptor
NIFI-7668 Updated AbstractTimeBasedSchedulingAgent with PropertyEncryptor
NIFI-7668 Added support for bcrypt secure hashing algorithm
NIFI-7668 Updated comments to clarify implementation of bcrypt key derivation
Signed-off-by: Nathan Gough <[email protected]>
This closes #4809.
> Add configurable PBE AEAD algorithms to flow encryption
> -------------------------------------------------------
>
> Key: NIFI-7668
> URL: https://issues.apache.org/jira/browse/NIFI-7668
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Configuration, Core Framework
> Affects Versions: 1.12.0
> Reporter: Andy LoPresto
> Assignee: David Handermann
> Priority: Major
> Labels: aead, configuration, encryption, pbe, security
> Time Spent: 3h 10m
> Remaining Estimate: 0h
>
> NIFI-7638 introduced a single custom PBE algorithm (pair for 128/256-bit
> keys) which provided AEAD semantics using Argon2 for key derivation and
> AES-G/CM for authenticated encryption. This solution was a stop gap to allow
> more robust encryption than AES-CBC without modifying the
> {{EncryptionMethod}}, which is a single definition of encryption algorithms
> and (supposed) KDFs referenced throughout the codebase.
> Introducing changes to {{EncryptionMethod}} would have required massive
> regression testing, further support changes to {{EncryptContent}}, encrypted
> repository implementations, multiple documentation changes, etc. This change
> allows for a single custom algorithm which makes reasonable default decisions
> around cost parameters and algorithm selection, meeting the user requirements
> without demanding far-reaching changes.
> Instead, this ticket proposes an intentional enhancement to the
> {{nifi.properties}} structure to add a new {{nifi.sensitive.props.kdf}}
> property to complement the existing {{nifi.sensitive.props.algorithm}}
> property. This will allow arbitrary secure KDFs (Argon2, bcrypt, scrypt,
> PBKDF2) to be specified with custom cost parameters and combined with any
> keyed encryption algorithm (AES-CBC, AES-G/CM, AES-CTR) to derive a key and
> encrypt the flow sensitive properties.
> For backward compatibility, as this is likely to go in a 1.13.0 release, not
> a major release, an existing {{nifi.properties}} file will work fine. If the
> {{nifi.sensitive.props.kdf}} value is not specified, it will not be used,
> which is acceptable for all existing {{EncryptionMethod}} values which are
> already supported by the {{StringEncryptor}} class. If a _new_ algorithm is
> specified (e.g. one of the raw keyed algorithms), the KDF will need to be
> present and will be checked for appropriateness and cost parameter validity.
> No default value changes will be made. Thus, this will only affect
> security-conscious users who explicitly change those values to reflect more
> robust key derivation and data protection algorithm choices.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
