[jira] [Commented] (NIFI-2961) Create EncryptAttribute processor

Fri, 13 Jan 2017 15:32:07 -0800 

    [ 
https://issues.apache.org/jira/browse/NIFI-2961?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15822519#comment-15822519
 ] 

ASF GitHub Bot commented on NIFI-2961:
--------------------------------------

Github user alopresto commented on the issue:

    https://github.com/apache/nifi/pull/1294
  
    This is not ready to be merged. 
    
    * Needs to be rebased against master
    * Many user-facing messages have typos or are unclear (e.g. property 
descriptors, etc.)
    * `filename` attribute not being encrypted when using PGP mode is still 
unexplained
    
    I am still exercising the processor in a running system and will continue 
to review the changes since December 10. 


> Create EncryptAttribute processor
> ---------------------------------
>
>                 Key: NIFI-2961
>                 URL: https://issues.apache.org/jira/browse/NIFI-2961
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Extensions
>    Affects Versions: 1.0.0
>            Reporter: Andy LoPresto
>              Labels: attributes, encryption, security
>
> Similar to {{EncryptContent}}, the {{EncryptAttribute}} processor would allow 
> individual (and multiple) flowfile attributes to be encrypted (either 
> in-place or to a new attribute key) with various encryption algorithms (AES, 
> RSA, PBE, and PGP). 
> Specific compatibility with the {{OpenSSL EVP_BytesToKey}}, {{PBKDF2}}, 
> {{scrypt}}, and {{bcrypt}} key derivation functions should be included. 
> The processor should provide the boolean option to encrypt or decrypt (only 
> one operation per instance of the processor). The processor should also allow 
> Base64 encoding (aka ASCII armor) for the encrypted attributes to prevent 
> byte escaping/data loss. 
> If [dangerous processor 
> annotations|https://cwiki.apache.org/confluence/display/NIFI/Security+Feature+Roadmap]
>  are introduced, this processor should be marked as such and the 
> corresponding attribute protection (i.e. provenance before/after, etc.) 
> should be applied. 
> Originally requested in this [Stack Overflow 
> question|https://stackoverflow.com/questions/40294945/nifi-encrypt-json].  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to