[
https://issues.apache.org/jira/browse/NIFI-8251?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17329385#comment-17329385
]
ASF subversion and git services commented on NIFI-8251:
-------------------------------------------------------
Commit 92bdc23adbe867c93f6e43c6665e84108d743fb2 in nifi's branch
refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=92bdc23 ]
NIFI-8251 Added EncryptContentPGP and DecryptContentPGP Processors
- Added PGPPrivateKeyService and PGPPublicKeyService interfaces with standard
implementations
- NIFI-7396 EncryptContentPGP writes encryption metadata attributes
- NIFI-6708 Controller Services support ElGamal Public and Private Keys
- NIFI-5346 Controller Services support Keyring Files and ASCII Key properties
- NIFI-5335 Controller Services support multiple public or private keys from
keyrings
- NIFI-2983 DecryptContentPGP finds and decrypts Encrypted Data Packets
regardless of signing
- NIFI-1694 Controller Services support individual key files or keyrings
NIFI-8251 Refactored Public Key ID Property to Public Key Search
NIFI-8251 Corrected handling of multiple Encrypted Data packets in
DecryptContentPGP
- Added unit tests for encryption and decryption with both password-based and
public key
- Added PGP NAR dependencies to nifi-assembly
Signed-off-by: Nathan Gough <[email protected]>
This closes #4842.
> Add Encrypt and Decrypt PGP Processors and Services
> ---------------------------------------------------
>
> Key: NIFI-8251
> URL: https://issues.apache.org/jira/browse/NIFI-8251
> Project: Apache NiFi
> Issue Type: New Feature
> Components: Extensions
> Affects Versions: 1.13.0
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Major
> Labels: encryption, gpg, pgp, security
> Time Spent: 2h 20m
> Remaining Estimate: 0h
>
> The purpose of this issue is to create new Processors and Controller Services
> to perform encrypt and decrypt functions according to the OpenPGP
> specification defined in [RFC 4880|https://tools.ietf.org/html/rfc4880]. This
> functionality is implemented in the `EncryptContent` Processor, but the
> current approach is difficult to configure and troubleshoot in some cases.
> The new Controller Services should encapsulate management of keys and
> keyrings to improve performance and provide better error handling. New
> Controller Services would also support building additional Processors for
> signing and verifying PGP messages as requested in NIFI-7322. Separating
> encrypt and decrypt content functions into distinct Processors will provide a
> clearer distinction between the properties necessary for configuration.
> The implementation of these Processors and Controller Services should address
> the issues described in the following issues:
> - NIFI-7396 Add encryption metadata attributes
> - NIFI-6708 Support DSA and ElGamal keys
> - NIFI-5346 Specify PGP key as property
> - NIFI-5335 Support multiple keys in a PGP keyring
> - NIFI-2983 Support decryption of signed messages
> - NIFI-1694 Support keyring or individual key for encryption or decryption
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
