David Handermann created NIFI-8298:
--------------------------------------
Summary: Refactor nifi-security-utils to reduce dependence on
Bouncy Castle
Key: NIFI-8298
URL: https://issues.apache.org/jira/browse/NIFI-8298
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework
Affects Versions: 1.13.0
Reporter: David Handermann
Assignee: David Handermann
The {{nifi-security-utils}} module includes a classes that perform a variety of
functions from TLS communication handling to hashing and encryption operations.
Many of these classes do not depend on the Bouncy Castle Security Provider
library, but many NAR bundles include a dependency on {{nifi-security-utils}}
either directly or indirectly through {{nifi-processor-utils}}. The Bouncy
Castle Security Provider library is almost 6 MB, which contributes a notable
amount to the size of the NiFi assembled binary after completion, due to the
number of copies of the library. Refactoring {{nifi-security-utils}} into more
granular modules should remove the transitive inclusion of Bouncy Castle from a
number of modules.
Several capabilities, including Kerberos handling and SSLSocket classes can be
separated into discrete modules without dependence on Bouncy Castle. Other
classes used for secure hashing and cipher processing rely on Bouncy Castle,
but have uses limited to framework components.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
