nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (NIFI-4139) Refactor KeyProvider interface from provenance module to framework-level service
Date Mon, 07 Aug 2017 19:24:00 GMT

    [ https://issues.apache.org/jira/browse/NIFI-4139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16117098#comment-16117098
] 

ASF subversion and git services commented on NIFI-4139:
-------------------------------------------------------

Commit 675d9890031ebc79a21e136f82046c90dc8ddd89 in nifi's branch refs/heads/master from [~alopresto]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=675d989 ]

NIFI-4139
- Moved key provider interface and implementations from nifi-data-provenance-utils module
to nifi-security-utils module.
- Refactored duplicate byte[] concatenation methods from utility classes and removed deprecation
warnings from CipherUtility.
- Created KeyProviderFactory to encapsulate key provider instantiation logic.
- Added logic to handle legacy package configuration values for key providers.
- Added unit tests.
- Added resource files for un/limited strength cryptography scenarios.
- Added ASL to test resources.
- Moved legacy FQCN handling logic to CryptUtils.
- Added unit tests to ensure application startup logic handles legacy FQCNs.
- Moved master key extraction/provision out of FBKP.
- Removed nifi-security-utils dependency on nifi-properties-loader module.
- Added unit tests.


> Refactor KeyProvider interface from provenance module to framework-level service
> --------------------------------------------------------------------------------
>
>                 Key: NIFI-4139
>                 URL: https://issues.apache.org/jira/browse/NIFI-4139
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework
>    Affects Versions: 1.3.0
>            Reporter: Andy LoPresto
>            Assignee: Andy LoPresto
>              Labels: encryption, key-management, security
>
> The {{KeyProvider}} interface introduced in NIFI-3388 to allow the encrypted provenance
repository should be refactored to a framework-level service which is accessible to the encrypted
content repository and encrypted flowfile repository as well. Exposing this common functionality
will reduce code & logic duplication and consolidate sensitive behavior in a single location.




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message