From issues-return-95258-archive-asf-public=cust-asf.ponee.io@nifi.apache.org Mon Apr 6 16:48:02 2020 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id D7B05180647 for ; Mon, 6 Apr 2020 18:48:01 +0200 (CEST) Received: (qmail 81787 invoked by uid 500); 6 Apr 2020 16:48:01 -0000 Mailing-List: contact issues-help@nifi.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@nifi.apache.org Delivered-To: mailing list issues@nifi.apache.org Received: (qmail 81777 invoked by uid 99); 6 Apr 2020 16:48:01 -0000 Received: from mailrelay1-us-west.apache.org (HELO mailrelay1-us-west.apache.org) (209.188.14.139) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Apr 2020 16:48:01 +0000 Received: from jira-he-de.apache.org (static.172.67.40.188.clients.your-server.de [188.40.67.172]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 8C9E5E069E for ; Mon, 6 Apr 2020 16:48:00 +0000 (UTC) Received: from jira-he-de.apache.org (localhost.localdomain [127.0.0.1]) by jira-he-de.apache.org (ASF Mail Server at jira-he-de.apache.org) with ESMTP id 0B8CC7801FB for ; Mon, 6 Apr 2020 16:48:00 +0000 (UTC) Date: Mon, 6 Apr 2020 16:48:00 +0000 (UTC) From: "David Margolis (Jira)" To: issues@nifi.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (NIFI-7322) Add SignContentPGP and VerifyContentPGP Processors MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/NIFI-7322?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17076464#comment-17076464 ] David Margolis commented on NIFI-7322: -------------------------------------- [~tmelhase] thank you for the feedback. I would think it would make the most sense to change the SignContentAttributePGP to be simply SignContentPGP and likewise with the VerifyContentAttributePGP to be VerifyContentPGP. In these processors, there should probably be an option for "Output Destination Attribute" similar to [ExecuteStreamCommand|https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-standard-nar/1.6.0/org.apache.nifi.processors.standard.ExecuteStreamCommand/]. > Add SignContentPGP and VerifyContentPGP Processors > -------------------------------------------------- > > Key: NIFI-7322 > URL: https://issues.apache.org/jira/browse/NIFI-7322 > Project: Apache NiFi > Issue Type: Improvement > Components: Extensions, Security > Affects Versions: 1.7.0 > Reporter: David Margolis > Priority: Major > Labels: encryption, pgp, signing > > Users have requested the capability to [sign|https://www.gnupg.org/gph/en/manual/r606.html] content directly with pgp in addition to storing the signature in an attribute (SignContentAttributePGP). There should be options to [clearsign|https://www.gnupg.org/gph/en/manual/r684.html] and [armor|https://www.gnupg.org/gph/en/manual/r1290.html] the content. There should be an option to produce the [detached|https://www.gnupg.org/gph/en/manual/r622.html] signature as it's own flowfile. > Pairing with this processor, users have requested the capability to [verify|https://www.gnupg.org/gph/en/manual/r697.html] signed content with pgp in addition to verifying the signature in an attribute (VerifyContentAttributePGP). There should be options to verify clearsigned and armored content also. > Finally, the DecryptContentPGP processor should be able to [decrypt|https://www.gnupg.org/gph/en/manual/r669.html] the signed content, so that just the unsigned content remains. > These processors should use the PGPKeyMaterialService. -- This message was sent by Atlassian Jira (v8.3.4#803005)