Andy LoPresto created NIFI-5211:

             Summary: Create JSON reader, writer, signer, and verifier
                 Key: NIFI-5211
             Project: Apache NiFi
          Issue Type: Sub-task
          Components: Extensions
    Affects Versions: 1.6.0
            Reporter: Andy LoPresto
             Fix For: 1.7.0

This piece should accept a TLS configuration object and serialize/deserialize 
it to/from JSON, and should provide a signature generation and verification 
service to ensure it is trusted and has not been manipulated. 

* JSON de/serialization
* Read arbitrary JSON and verify an HMAC/SHA-512 signature before parsing
* Generate a signature over JSON and persist in place
* Derive the signature key from the master key in {{bootstrap.conf}} with a 
one-way transformation (i.e. {{HMAC/SHA-512("JSON TLS key", MK) -> TLSK}})

This message was sent by Atlassian JIRA

Reply via email to