Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-8251

Add Encrypt and Decrypt PGP Processors and Services

    XMLWordPrintableJSON

Details

    Description

      The purpose of this issue is to create new Processors and Controller Services to perform encrypt and decrypt functions according to the OpenPGP specification defined in RFC 4880. This functionality is implemented in the `EncryptContent` Processor, but the current approach is difficult to configure and troubleshoot in some cases.

      The new Controller Services should encapsulate management of keys and keyrings to improve performance and provide better error handling. New Controller Services would also support building additional Processors for signing and verifying PGP messages as requested in NIFI-7322. Separating encrypt and decrypt content functions into distinct Processors will provide a clearer distinction between the properties necessary for configuration.

      The implementation of these Processors and Controller Services should address the issues described in the following issues:

      • NIFI-7396 Add encryption metadata attributes
      • NIFI-6708 Support DSA and ElGamal keys
      • NIFI-5346 Specify PGP key as property
      • NIFI-5335 Support multiple keys in a PGP keyring
      • NIFI-2983 Support decryption of signed messages
      • NIFI-1694 Support keyring or individual key for encryption or decryption

      Attachments

        Issue Links

          fixes

          Bug - A problem which impairs or prevents the functions of the product. NIFI-2983 EncryptContent PGP mode can't handle signed encrypted files

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          New Feature - A new feature of the product, which has yet to be developed. NIFI-5346 Allow EncryptContent processor to specify PGP key as processor property

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. NIFI-6708 Improve DSA/El Gamal PGP compatibility issues

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. NIFI-7396 Add encryption metadata attributes for PGP encryption

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. NIFI-1694 EncryptContent processor should accept keyring file or individual key file for PGP encryption/decryption

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Wish - General wishlist item. NIFI-7872 EncryptContent should be able to decrypt signed files

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          is depended upon by

          New Feature - A new feature of the product, which has yet to be developed. NIFI-7322 Add SignContentPGP and VerifyContentPGP Processors

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link GitHub Pull Request #4842

          Activity

            People

              exceptionfactory David Handermann
              exceptionfactory David Handermann
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 2h 20m
                  2h 20m