[
https://issues.apache.org/jira/browse/NIFI-8298?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nathan Gough updated NIFI-8298:
-------------------------------
Fix Version/s: 1.14.0
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Refactor nifi-security-utils to reduce dependence on Bouncy Castle
> ------------------------------------------------------------------
>
> Key: NIFI-8298
> URL: https://issues.apache.org/jira/browse/NIFI-8298
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Affects Versions: 1.13.0
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Major
> Fix For: 1.14.0
>
> Time Spent: 1h 40m
> Remaining Estimate: 0h
>
> The {{nifi-security-utils}} module includes classes that perform a variety of
> functions from TLS communication handling to hashing and encryption
> operations. Many of these classes do not depend on the Bouncy Castle
> Security Provider library, but many NAR bundles include a dependency on
> {{nifi-security-utils}} either directly or indirectly through
> {{nifi-processor-utils}}. The Bouncy Castle Security Provider library is
> almost 6 MB, which contributes a notable amount to the size of the NiFi
> assembled binary after completion, due to the number of copies of the
> library. Refactoring {{nifi-security-utils}} into more granular modules
> should remove the transitive inclusion of Bouncy Castle from a number of
> modules.
> Several capabilities, including Kerberos handling and SSLSocket classes can
> be separated into discrete modules without dependence on Bouncy Castle.
> Other classes used for secure hashing and cipher processing rely on Bouncy
> Castle, but have uses limited to framework components.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
