[NIFI-3889] EncryptContent processor should add encryption metadata as attributes - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Major
Resolution: Won't Fix
Affects Version/s: 1.2.0
Fix Version/s: None
Component/s: Extensions
Labels:

Description

The EncryptContent processor does not record in/alongside the flowfile content the necessary encryption metadata to decrypt the data later. This information must be manually recorded and synchronized throughout the system, which is dangerous. Similar to the EncryptedWriteAheadProvenanceRepository implementation, the necessary encryption metadata (algorithm, key ID/other reference, encryption operation, KDF, version, etc.) should be recorded as attributes on the child flowfile.

The processor should also be updated to allow for dynamic recognition of incoming flowfiles with encryption metadata and not to require hardcoded values for certain configuration fields in that case.

Attachments

Issue Links

depends upon

NIFI-3890 Create Key Management Controller Service

Resolved

is depended upon by

NIFI-7397 Detect encryption metadata attributes on incoming flowfile and use for decryption

Resolved

relates to

NIFI-7836 Add Encrypt and Decrypt CMS Processors and Services

Resolved

Activity

People

Assignee:: Andy LoPresto

Reporter:: Andy LoPresto

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/May/17 20:21

Updated:: 21/Jul/23 15:53

Resolved:: 21/Jul/23 15:53