[jira] [Commented] (NIFI-4139) Refactor KeyProvider interface from provenance module to framework-level service

Mon, 07 Aug 2017 12:24:24 -0700 

    [ 
https://issues.apache.org/jira/browse/NIFI-4139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16117098#comment-16117098
 ] 

ASF subversion and git services commented on NIFI-4139:
-------------------------------------------------------

Commit 675d9890031ebc79a21e136f82046c90dc8ddd89 in nifi's branch 
refs/heads/master from [~alopresto]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=675d989 ]

NIFI-4139
- Moved key provider interface and implementations from 
nifi-data-provenance-utils module to nifi-security-utils module.
- Refactored duplicate byte[] concatenation methods from utility classes and 
removed deprecation warnings from CipherUtility.
- Created KeyProviderFactory to encapsulate key provider instantiation logic.
- Added logic to handle legacy package configuration values for key providers.
- Added unit tests.
- Added resource files for un/limited strength cryptography scenarios.
- Added ASL to test resources.
- Moved legacy FQCN handling logic to CryptUtils.
- Added unit tests to ensure application startup logic handles legacy FQCNs.
- Moved master key extraction/provision out of FBKP.
- Removed nifi-security-utils dependency on nifi-properties-loader module.
- Added unit tests.


> Refactor KeyProvider interface from provenance module to framework-level 
> service
> --------------------------------------------------------------------------------
>
>                 Key: NIFI-4139
>                 URL: https://issues.apache.org/jira/browse/NIFI-4139
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework
>    Affects Versions: 1.3.0
>            Reporter: Andy LoPresto
>            Assignee: Andy LoPresto
>              Labels: encryption, key-management, security
>
> The {{KeyProvider}} interface introduced in NIFI-3388 to allow the encrypted 
> provenance repository should be refactored to a framework-level service which 
> is accessible to the encrypted content repository and encrypted flowfile 
> repository as well. Exposing this common functionality will reduce code & 
> logic duplication and consolidate sensitive behavior in a single location. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to