GitHub user alopresto opened a pull request:
https://github.com/apache/nifi/pull/2108
NIFI-3116 Remove Jasypt
I removed the Jasypt library (still present w/ `test` scope for
backwards-compatibility testing). I re-implemented the relevant logic using
Java cryptographic primitives. This will make unit testing much easier, reduce
our attack surface because we no longer depend on an un-maintained library, and
allows for more reasonable security decisions that are not obfuscated by the
library.
I added unit tests (some ignored as I will build out additional
functionality, but this is sufficient for removal of the library), but manual
verification is important. To do this:
1. Create a flow with processors that store sensitive values (a sample flow
[here](https://gist.github.com/alopresto/28e748358455e93bfc774556ba820b6e)
encrypts and then decrypts text -- both components store a key value).
1. Stop NiFi
1. Use the `encrypt-config` tool to migrate the `flow.xml.gz` to use a new
`nifi.sensitive.props.key` (and be sure to update the value in
`nifi.properties` as well).
1. Note that the flow provided above already uses the `...key`
*newpassword*, so enter something different if using that flow
1. This command is operating on a copied flow definition, be sure to
point at your actual `flow.xml.gz`
```
./bin/encrypt-config.sh -n
../../../../../nifi-assembly/target/nifi-1.4.0-SNAPSHOT-bin/nifi-1.4.0-SNAPSHOT/conf/nifi.properties
-f ~/Workspace/scratch/encrypt.xml.gz -g
~/Workspace/scratch/encrypt_changed.xml.gz -v -x -s newpassword
```
1. Verify that the `nifi.properties` file has a new
`nifi.sensitive.props.key` value. `more conf/nifi.properties | grep
'\''sensitive\|assw\|key\|trust'\''`
1. Start NiFi.
1. Verify that the flow still works.
---------
Thank you for submitting a contribution to Apache NiFi.
In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:
### For all changes:
- [ ] Is there a JIRA ticket associated with this PR? Is it referenced
in the commit message?
- [ ] Does your PR title start with NIFI-XXXX where XXXX is the JIRA number
you are trying to resolve? Pay particular attention to the hyphen "-" character.
- [ ] Has your PR been rebased against the latest commit within the target
branch (typically master)?
- [ ] Is your initial contribution a single, squashed commit?
### For code changes:
- [ ] Have you ensured that the full suite of tests is executed via mvn
-Pcontrib-check clean install at the root nifi folder?
- [ ] Have you written or updated unit tests to verify your changes?
- [ ] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the LICENSE file, including the main
LICENSE file under nifi-assembly?
- [ ] If applicable, have you updated the NOTICE file, including the main
NOTICE file found under nifi-assembly?
- [ ] If adding new Properties, have you added .displayName in addition to
.name (programmatic access) for each of the new properties?
### For documentation related changes:
- [ ] Have you ensured that format looks appropriate for the output in
which it is rendered?
### Note:
Please ensure that once the PR is submitted, you check travis-ci for build
issues and submit an update to your PR as soon as possible.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/alopresto/nifi NIFI-3116
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/nifi/pull/2108.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #2108
----
commit 84c631c005269ad0b9297714f21e813169e7bfb1
Author: Andy LoPresto <[email protected]>
Date: 2017-08-15T19:33:19Z
NIFI-3116 Added initial regression test for StringEncryptor to ensure
continued functionality during removal of Jasypt.
commit ae0c54178fd5d857947d0c06902e3e24a1f2efc0
Author: Andy LoPresto <[email protected]>
Date: 2017-08-16T17:10:15Z
NIFI-3116 Added external compatibility regression test for StringEncryptor
to ensure continued functionality during removal of Jasypt.
Documents custom salt lengths and iteration counts for each encryption
method.
commit 875d3d434b95bdd71503b9fc1fadee3a06decd64
Author: Andy LoPresto <[email protected]>
Date: 2017-08-16T17:56:04Z
NIFI-3116 Cleaned up test.
commit 86f0921eee5ed6a5d31a714488278374ae22ac39
Author: Andy LoPresto <[email protected]>
Date: 2017-08-16T18:04:10Z
NIFI-3116 Added (ignored) failing tests for keyed encryption (Jasypt does
not support keyed encryption).
commit 98163625b69a48482203c3ddaeb5291151f444b0
Author: Andy LoPresto <[email protected]>
Date: 2017-08-16T18:51:03Z
NIFI-3116 Added failing test for non-final class.
Changed StringEncryptor to non-final class and added protected default
constructor.
commit 5c967d4f0bc6a1fb482dc66427722bd8f92432ff
Author: Andy LoPresto <[email protected]>
Date: 2017-08-22T04:39:57Z
NIFI-3116 Added failing test for initialization status.
Added utility methods in CipherUtility.
commit 4bbdb0c3f03afebed50c6456ff7b5a38ec1d64b1
Author: Andy LoPresto <[email protected]>
Date: 2017-08-22T06:30:44Z
NIFI-3116 Moved PBE cipher providers (and tests) from
nifi-standard-processors to nifi-security-utils module.
commit 926d152f2f2127035bd0f91e27267547df83dd5f
Author: Andy LoPresto <[email protected]>
Date: 2017-08-23T23:37:41Z
NIFI-3116 Implemented PBE and keyed encryption/decryption logic.
Added unit tests.
commit 5efcd3b6ae03438f04fa20441b9699d5912f74cc
Author: Andy LoPresto <[email protected]>
Date: 2017-08-25T19:12:25Z
NIFI-3116 Removed Jasypt dependency from production scope (kept in test
scope for backward compatibility tests).
Fixed checkstyle issues.
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
