[
https://issues.apache.org/jira/browse/NIFI-4139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16115197#comment-16115197
]
ASF GitHub Bot commented on NIFI-4139:
--------------------------------------
Github user alopresto commented on the issue:
https://github.com/apache/nifi/pull/2044
I also considered passing a supplier rather than the master key to the
`KeyProviderFactory`, but the `EncryptedWriteAheadProvenanceRepository` already
has access to the master key retrieval code, so I didn't yet.
I also considered making a DTO for the `KeyProvider` configuration values
used in the factory, as the parameter list is getting a little long, but the
only place they are currently used is in the EWAPR. When I implement NIFI-3888
subtasks for content and flowfile repository, I may refactor this to be more
concise.
> Refactor KeyProvider interface from provenance module to framework-level
> service
> --------------------------------------------------------------------------------
>
> Key: NIFI-4139
> URL: https://issues.apache.org/jira/browse/NIFI-4139
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Affects Versions: 1.3.0
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Labels: encryption, key-management, security
>
> The {{KeyProvider}} interface introduced in NIFI-3388 to allow the encrypted
> provenance repository should be refactored to a framework-level service which
> is accessible to the encrypted content repository and encrypted flowfile
> repository as well. Exposing this common functionality will reduce code &
> logic duplication and consolidate sensitive behavior in a single location.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
