[jira] [Updated] (NIFI-7872) EncryptContent should be able to decrypt signed files
[ https://issues.apache.org/jira/browse/NIFI-7872?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Handermann updated NIFI-7872: --- Labels: encryption security (was: ) > EncryptContent should be able to decrypt signed files > - > > Key: NIFI-7872 > URL: https://issues.apache.org/jira/browse/NIFI-7872 > Project: Apache NiFi > Issue Type: Wish >Reporter: Wiktor Kubicki >Priority: Minor > Labels: encryption, security > > Hello, > processor EcryptContent is excelent solution to add extra layer of security > when there is a need, for example, to exchange files outside own > infrastructure. But files enrypted by it, cannot be signed. > And this is not such a big issue. More problematic is, when we are trying > process files from others, which is signed. Then NiFi throws exception > "encrypted message contains a signed message - not literal data.". (here: > [gitlab|https://github.com/apache/nifi/blob/f32405ed16b7e07a0d445f1ed19032acaf33246d/nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/security/util/crypto/OpenPGPKeyBasedEncryptor.java#L301]) > Allright, i know that maybe adding support for public keyrings, checking > signatures etc needs extra development, but maybe there should be extra > checkbox in proessor configuration "ignore signatures" which can give us > posibillity to read encrypted files, even if they are signed? > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (NIFI-7872) EncryptContent should be able to decrypt signed files
[ https://issues.apache.org/jira/browse/NIFI-7872?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Wiktor Kubicki updated NIFI-7872: - Priority: Minor (was: Major) > EncryptContent should be able to decrypt signed files > - > > Key: NIFI-7872 > URL: https://issues.apache.org/jira/browse/NIFI-7872 > Project: Apache NiFi > Issue Type: Wish >Reporter: Wiktor Kubicki >Priority: Minor > > Hello, > processor EcryptContent is excelent solution to add extra layer of security > when there is a need, for example, to exchange files outside own > infrastructure. But files enrypted by it, cannot be signed. > And this is not such a big issue. More problematic is, when we are trying > process files from others, which is signed. Then NiFi throws exception > "encrypted message contains a signed message - not literal data.". (here: > [gitlab|https://github.com/apache/nifi/blob/f32405ed16b7e07a0d445f1ed19032acaf33246d/nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/security/util/crypto/OpenPGPKeyBasedEncryptor.java#L301]) > Allright, i know that maybe adding support for public keyrings, checking > signatures etc needs extra development, but maybe there should be extra > checkbox in proessor configuration "ignore signatures" which can give us > posibillity to read encrypted files, even if they are signed? > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (NIFI-7872) EncryptContent should be able to decrypt signed files
[ https://issues.apache.org/jira/browse/NIFI-7872?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Wiktor Kubicki updated NIFI-7872: - Priority: Major (was: Minor) > EncryptContent should be able to decrypt signed files > - > > Key: NIFI-7872 > URL: https://issues.apache.org/jira/browse/NIFI-7872 > Project: Apache NiFi > Issue Type: Wish >Reporter: Wiktor Kubicki >Priority: Major > > Hello, > processor EcryptContent is excelent solution to add extra layer of security > when there is a need, for example, to exchange files outside own > infrastructure. But files enrypted by it, cannot be signed. > And this is not such a big issue. More problematic is, when we are trying > process files from others, which is signed. Then NiFi throws exception > "encrypted message contains a signed message - not literal data.". (here: > [gitlab|https://github.com/apache/nifi/blob/f32405ed16b7e07a0d445f1ed19032acaf33246d/nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/security/util/crypto/OpenPGPKeyBasedEncryptor.java#L301]) > Allright, i know that maybe adding support for public keyrings, checking > signatures etc needs extra development, but maybe there should be extra > checkbox in proessor configuration "ignore signatures" which can give us > posibillity to read encrypted files, even if they are signed? > -- This message was sent by Atlassian Jira (v8.3.4#803005)
