Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-4881 Provide TLS "auto-secure" feature
  3. NIFI-5211

Create JSON reader, writer, signer, and verifier

    XMLWordPrintableJSON

    Details

    • Type: Sub-task
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 1.6.0
    • Fix Version/s: None
    • Component/s: Extensions
    • Labels:

      Description

      This piece should accept a TLS configuration object and serialize/deserialize it to/from JSON, and should provide a signature generation and verification service to ensure it is trusted and has not been manipulated.

      • JSON de/serialization
      • Read arbitrary JSON and verify an HMAC/SHA-512 signature before parsing
      • Generate a signature over JSON and persist in place
      • Derive the signature key from the master key in bootstrap.conf with a one-way transformation (i.e. HMAC/SHA-512("JSON TLS key", MK) -> TLSK)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                alopresto Andy LoPresto
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: