nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Troy Melhase (Jira)" <j...@apache.org>
Subject [jira] [Commented] (NIFI-7322) Add SignContentPGP and VerifyContentPGP Processors
Date Mon, 06 Apr 2020 16:32:00 GMT

    [ https://issues.apache.org/jira/browse/NIFI-7322?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17076457#comment-17076457
] 

Troy Melhase commented on NIFI-7322:
------------------------------------

[~david.margolis] thank you for your time reviewing the PGP processors and services code
in #4077.  I'm not sure if the Sign PGP processor needs to grow this behavior or if another
processor (or two) should have it, but I think we can address this soon.

> Add SignContentPGP and VerifyContentPGP Processors
> --------------------------------------------------
>
>                 Key: NIFI-7322
>                 URL: https://issues.apache.org/jira/browse/NIFI-7322
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Extensions, Security
>    Affects Versions: 1.7.0
>            Reporter: David Margolis
>            Priority: Major
>              Labels: encryption, pgp, signing
>
> Users have requested the capability to [sign|https://www.gnupg.org/gph/en/manual/r606.html]
content directly with pgp in addition to storing the signature in an attribute (SignContentAttributePGP).
There should be options to [clearsign|https://www.gnupg.org/gph/en/manual/r684.html] and [armor|https://www.gnupg.org/gph/en/manual/r1290.html]
the content. There should be an option to produce the [detached|https://www.gnupg.org/gph/en/manual/r622.html]
signature as it's own flowfile.
> Pairing with this processor, users have requested the capability to [verify|https://www.gnupg.org/gph/en/manual/r697.html]
signed content with pgp in addition to verifying the signature in an attribute (VerifyContentAttributePGP).
There should be options to verify clearsigned and armored content also.
> Finally, the DecryptContentPGP processor should be able to [decrypt|https://www.gnupg.org/gph/en/manual/r669.html]
the signed content, so that just the unsigned content remains.
> These processors should use the PGPKeyMaterialService.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message