Wiktor Kubicki created NIFI-7872:
------------------------------------
Summary: EncryptContent should be able to decrypt signed files
Key: NIFI-7872
URL: https://issues.apache.org/jira/browse/NIFI-7872
Project: Apache NiFi
Issue Type: Wish
Reporter: Wiktor Kubicki
Hello,
processor EcryptContent is excelent solution to add extra layer of security
when there is a need, for example, to exchange files outside own
infrastructure. But files enrypted by it, cannot be signed.
And this is not such a big issue. More problematic is, when we are trying
process files from others, which is signed. Then NiFi throws exception
"encrypted message contains a signed message - not literal data.". (here:
[gitlab|https://github.com/apache/nifi/blob/f32405ed16b7e07a0d445f1ed19032acaf33246d/nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/security/util/crypto/OpenPGPKeyBasedEncryptor.java#L301])
Allright, i know that maybe adding support for public keyrings, checking
signatures etc needs extra development, but maybe there should be extra
checkbox in proessor configuration "ignore signatures" which can give us
posibillity to read encrypted files, even if they are signed?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
