[ https://issues.apache.org/jira/browse/NIFI-6783?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andy LoPresto updated NIFI-6783: -------------------------------- Description: If the content repository changes from encrypted -> unencrypted or vice-versa on startup, the application should handle the change. * Unencrypted -> encrypted: Attempt to create an {{InputStream}} instance to read the existing content into memory and write them back using {{EncryptedContentRepositoryOutputStream}} * Encrypted -> unencrypted: Attempt to create a {{CipherInputStream}} instance to read the existing events into memory and write them back using {{OutputStream}}. This depends on the key(s) for the key IDs used still being available via {{nifi.properties}}. This process may be very slow given large existing repositories, so a standalone tool should also be made available to perform this process outside of the running app. was: If the provenance repository changes from encrypted -> unencrypted or vice-versa on startup, the application should handle the change. * Unencrypted -> encrypted: Attempt to create a {{EventIdFirstSchemaRecordReader}} instance to read the existing events into memory and write them back using {{EncryptedSchemaRecordWriter}} * Encrypted -> unencrypted: Attempt to create a {{EncryptedSchemaRecordReader}} instance to read the existing events into memory and write them back using {{EventIdFirstSchemaRecordWriter}} or {{ByteArraySchemaRecordWriter}} depending on the repository implementation class. This depends on the key(s) for the key IDs used still being available via {{nifi.properties}}. This process may be very slow given large existing repositories, so a standalone tool should also be made available to perform this process outside of the running app. > Handle content repository encryption status change on startup > ------------------------------------------------------------- > > Key: NIFI-6783 > URL: https://issues.apache.org/jira/browse/NIFI-6783 > Project: Apache NiFi > Issue Type: Sub-task > Components: Core Framework > Affects Versions: 1.2.0 > Reporter: Andy LoPresto > Assignee: Andy LoPresto > Priority: Major > Labels: encryption, provenance, security > > If the content repository changes from encrypted -> unencrypted or vice-versa > on startup, the application should handle the change. > * Unencrypted -> encrypted: Attempt to create an {{InputStream}} instance to > read the existing content into memory and write them back using > {{EncryptedContentRepositoryOutputStream}} > * Encrypted -> unencrypted: Attempt to create a {{CipherInputStream}} > instance to read the existing events into memory and write them back using > {{OutputStream}}. This depends on the key(s) for the key IDs used still being > available via {{nifi.properties}}. > This process may be very slow given large existing repositories, so a > standalone tool should also be made available to perform this process outside > of the running app. -- This message was sent by Atlassian Jira (v8.3.4#803005)