[jira] [Resolved] (NIFI-2961) Create EncryptAttribute processor

Mon, 03 Mar 2025 18:10:11 -0800 


     [ 
https://issues.apache.org/jira/browse/NIFI-2961?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

David Handermann resolved NIFI-2961.
------------------------------------
      Assignee:     (was: Andy LoPresto)
    Resolution: Abandoned

With consolidation of encryption capabilities around EncryptContentPGP and 
EncryptContentAge, the usefulness of an Encrypt Attributes Processor seems 
limited. As FlowFile attributes are a concept internal to NiFi and encryption 
or decryption generally relates to integration with external systems, selective 
encryption of attributes does not seem like a good candidate for generalized 
implementation. Metadata encryption is more specifically-defined circumstances 
could be considered under new issues.

> Create EncryptAttribute processor
> ---------------------------------
>
>                 Key: NIFI-2961
>                 URL: https://issues.apache.org/jira/browse/NIFI-2961
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Extensions
>    Affects Versions: 1.0.0
>            Reporter: Andy LoPresto
>            Priority: Major
>              Labels: attributes, encryption, security
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> Similar to {{EncryptContent}}, the {{EncryptAttribute}} processor would allow 
> individual (and multiple) flowfile attributes to be encrypted (either 
> in-place or to a new attribute key) with various encryption algorithms (AES, 
> RSA, PBE, and PGP). 
> Specific compatibility with the {{OpenSSL EVP_BytesToKey}}, {{PBKDF2}}, 
> {{scrypt}}, and {{bcrypt}} key derivation functions should be included. 
> The processor should provide the boolean option to encrypt or decrypt (only 
> one operation per instance of the processor). The processor should also allow 
> Base64 encoding (aka ASCII armor) for the encrypted attributes to prevent 
> byte escaping/data loss. 
> If [dangerous processor 
> annotations|https://cwiki.apache.org/confluence/display/NIFI/Security+Feature+Roadmap]
>  are introduced, this processor should be marked as such and the 
> corresponding attribute protection (i.e. provenance before/after, etc.) 
> should be applied. 
> Originally requested in this [Stack Overflow 
> question|https://stackoverflow.com/questions/40294945/nifi-encrypt-json].  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to