Support Questions

Find answers, ask questions, and share your expertise

Nifi PGP Encrypt and Sign

avatar
Explorer

I have a requirement to use PGP encryption and encrypt and sign a file. I don't see how to do that with the EncryptContent Processor. Is there a way to do this? 

4 REPLIES 4

avatar
Master Mentor

@sfishman 

 

The EncryptContent processor supports encryption/decryption using the PGP encryption Algorithm.
PGP requires that the relevant PGP properties have been configured.

https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-standard-nar/1.11.3/org.apach...

 

Hope this helps,
Matt

 

 

avatar
Explorer

Hi Matt.

Yes I reviewed this and even tested it but I wasn't able to get it to work for either decryption or encryption.

For encryption, you can sign an encrypted file with your private key and the partners public key, but Nifi doesn't give a place to specify which private key to sign with and a private keyring may have many private keys embedded.

For decryption, a signed encrypted file requires you to have the public key available to confirm the signature when you decrypt with your private key. Once again, Nifi doesn't seem to support it.

In addition, after testing this in the last couple of days, I am having trouble getting consistent and reliable results from the PGP support in Nifi. Therefore, I have decided to use the ExecuteStreamCommand processor instead which works consistently and gives the full range of PGP support.

avatar
Master Mentor

@sfishman 

 

You are correct that NiFi does not support multiple private keys within a keyring.  I encourage you to create an Apache NiFi Jira with your details and this enhancement request.

https://issues.apache.org/jira/browse/NIFI

 

Matt

avatar
Explorer
Ok. will do