[
https://issues.apache.org/jira/browse/NIFI-7127?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17294252#comment-17294252
]
ASF subversion and git services commented on NIFI-7127:
-------------------------------------------------------
Commit c5abf2ba5443cf952eccb0e00d0858de49511f4f in nifi's branch
refs/heads/main from Nathan Gough
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=c5abf2b ]
NIFI-7127 - Allow choosing a SecureHasher for Flow Fingerprint checking
- Configuration based on Sensitive Properties Algorithm defaults to Argon2
- Added SensitiveValueEncoder interface
- Standard implementation uses existing approach with HmacSHA256
This closes #4867
Signed-off-by: David Handermann <[email protected]>
> Allow injection of SecureHasher into FingerprintFactory
> -------------------------------------------------------
>
> Key: NIFI-7127
> URL: https://issues.apache.org/jira/browse/NIFI-7127
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Security
> Affects Versions: 1.11.1
> Reporter: Andy LoPresto
> Assignee: Nathan Gough
> Priority: Major
> Labels: FIPS, dependency-injection, security
> Time Spent: 2h 20m
> Remaining Estimate: 0h
>
> The {{FingerprintFactory}} should allow injection of a specific
> {{SecureHasher}} implementation to avoid an explicit dependency on
> {{Argon2}}. As long as every node in the cluster uses the same
> implementation, the output will be deterministic and comparable.
> Dependency injection allows for better unit testing, upgradability, and
> configurability based on performance concerns.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
