Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-3171

Improve error message when long password is used for config encryption on machine without JCE policies

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 1.1.0
    • Fix Version/s: None
    • Component/s: Tools and Build

      Description

      If the user runs ./bin/encrypt-config.sh with a password longer than 16 bytes on a machine without the JCE unlimited strength cryptographic jurisdiction policies installed, an Illegal Key Size exception will be thrown and the full stack trace will be printed (in verbose mode).

      We should detect the absence/presence of strong crypto availability and perform a length check on the password before attempting to derive the encryption key from this value in order to provide better error messaging.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                alopresto Andy LoPresto
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: