nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Margolis (Jira)" <j...@apache.org>
Subject [jira] [Commented] (NIFI-7322) Add SignContentPGP and VerifyContentPGP Processors
Date Mon, 06 Apr 2020 16:48:00 GMT

    [ https://issues.apache.org/jira/browse/NIFI-7322?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17076464#comment-17076464
] 

David Margolis commented on NIFI-7322:
--------------------------------------

[~tmelhase] thank you for the feedback. I would think it would make the most sense to change
the SignContentAttributePGP to be simply SignContentPGP and likewise with the VerifyContentAttributePGP
to be VerifyContentPGP. In these processors, there should probably be an option for "Output
Destination Attribute" similar to [ExecuteStreamCommand|https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-standard-nar/1.6.0/org.apache.nifi.processors.standard.ExecuteStreamCommand/].

> Add SignContentPGP and VerifyContentPGP Processors
> --------------------------------------------------
>
>                 Key: NIFI-7322
>                 URL: https://issues.apache.org/jira/browse/NIFI-7322
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Extensions, Security
>    Affects Versions: 1.7.0
>            Reporter: David Margolis
>            Priority: Major
>              Labels: encryption, pgp, signing
>
> Users have requested the capability to [sign|https://www.gnupg.org/gph/en/manual/r606.html]
content directly with pgp in addition to storing the signature in an attribute (SignContentAttributePGP).
There should be options to [clearsign|https://www.gnupg.org/gph/en/manual/r684.html] and [armor|https://www.gnupg.org/gph/en/manual/r1290.html]
the content. There should be an option to produce the [detached|https://www.gnupg.org/gph/en/manual/r622.html]
signature as it's own flowfile.
> Pairing with this processor, users have requested the capability to [verify|https://www.gnupg.org/gph/en/manual/r697.html]
signed content with pgp in addition to verifying the signature in an attribute (VerifyContentAttributePGP).
There should be options to verify clearsigned and armored content also.
> Finally, the DecryptContentPGP processor should be able to [decrypt|https://www.gnupg.org/gph/en/manual/r669.html]
the signed content, so that just the unsigned content remains.
> These processors should use the PGPKeyMaterialService.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message