[GitHub] [nifi] mgaido91 commented on a change in pull request #3664: NIFI-6536 EncryptContent accepts configurable PGP symmetric cipher

Wed, 21 Aug 2019 09:21:46 -0700 

mgaido91 commented on a change in pull request #3664: NIFI-6536 EncryptContent 
accepts configurable PGP symmetric cipher
URL: https://github.com/apache/nifi/pull/3664#discussion_r316275826
 
 

 ##########
 File path: 
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/EncryptContent.java
 ##########
 @@ -202,12 +216,38 @@ private static AllowableValue 
buildDefaultWeakCryptoAllowableValue() {
                 "if unsafe combinations of encryption algorithms and passwords 
are provided on a JVM with limited strength crypto. To fix this, see the Admin 
Guide.");
     }
 
+    private static AllowableValue[] buildPgpSymmetricCipherAllowableValues() {
+        // Note: the provided PGPUtil.getSymmetricCipherName() is unfeasible 
since it hides the key length in the cipher name
+        List<AllowableValue> allowableValues = new ArrayList<>();
+
+        Field[] fields = SymmetricKeyAlgorithmTags.class.getDeclaredFields();
+        for (Field classField : fields) {
+            classField.setAccessible(true);
+            String fieldName = classField.getName();
+            Integer fieldValue = null;
+            try {
+                if (classField.isAccessible() && classField.getType() == 
int.class) {
+                    fieldValue = classField.getInt(null);
+                }
+            } catch (IllegalAccessException e) {
+                // This exception should never happen and in case it happens 
the throwing value is ignored in the following check
+            }
+
+            // NULL and SAFER cipher are not supported and throw 
ClassNotFoundException in BouncyCastle when used.
+            if(fieldValue != null && fieldValue != 
SymmetricKeyAlgorithmTags.NULL && fieldValue != 
SymmetricKeyAlgorithmTags.SAFER) {
 
 Review comment:
   ```suggestion
               if (fieldValue != null && fieldValue != 
SymmetricKeyAlgorithmTags.NULL && fieldValue != 
SymmetricKeyAlgorithmTags.SAFER) {
   ```

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


With regards,
Apache Git Services

Reply via email to