Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-4881 Provide TLS "auto-secure" feature
  3. NIFI-5211

Create JSON reader, writer, signer, and verifier

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Minor
    • Resolution: Won't Fix
    • 1.6.0
    • None
    • Extensions

    Description

      This piece should accept a TLS configuration object and serialize/deserialize it to/from JSON, and should provide a signature generation and verification service to ensure it is trusted and has not been manipulated.

      • JSON de/serialization
      • Read arbitrary JSON and verify an HMAC/SHA-512 signature before parsing
      • Generate a signature over JSON and persist in place
      • Derive the signature key from the master key in bootstrap.conf with a one-way transformation (i.e. HMAC/SHA-512("JSON TLS key", MK) -> TLSK)

      Attachments

        Issue Links

          Is contained by

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. NIFI-5458 Improve NiFi TLS and certificate management

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              alopresto Andy LoPresto
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: