[
https://issues.apache.org/jira/browse/NIFI-3889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andy LoPresto updated NIFI-3889:
--------------------------------
Status: Patch Available (was: In Progress)
PR 4228 for NIFI-7122 also includes this work.
> EncryptContent processor should add encryption metadata as attributes
> ---------------------------------------------------------------------
>
> Key: NIFI-3889
> URL: https://issues.apache.org/jira/browse/NIFI-3889
> Project: Apache NiFi
> Issue Type: New Feature
> Components: Extensions
> Affects Versions: 1.2.0
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Priority: Major
> Labels: encryption, metadata, security
>
> The {{EncryptContent}} processor does not record in/alongside the flowfile
> content the necessary encryption metadata to decrypt the data later. This
> information must be manually recorded and synchronized throughout the system,
> which is dangerous. Similar to the
> {{EncryptedWriteAheadProvenanceRepository}} implementation, the necessary
> encryption metadata (*algorithm*, *key ID*/other reference, *encryption
> operation*, *KDF*, *version*, etc.) should be recorded as attributes on the
> child flowfile.
> The processor should also be updated to allow for dynamic recognition of
> incoming flowfiles with encryption metadata and not to require hardcoded
> values for certain configuration fields in that case.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
