Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

Nifi PGP Encrypt and Sign

Labels:
avatar
author-rank sfishman
Explorer

Created on ‎03-05-2020 12:33 PM - last edited on ‎03-05-2020 02:17 PM by Moderator

I have a requirement to use PGP encryption and encrypt and sign a file. I don't see how to do that with the EncryptContent Processor. Is there a way to do this? 

3,937 Views
0 Kudos
0
4 REPLIES 4

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎03-06-2020 11:08 AM

@sfishman 

 

The EncryptContent processor supports encryption/decryption using the PGP encryption Algorithm.
PGP requires that the relevant PGP properties have been configured.

https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-standard-nar/1.11.3/org.apach...

 

Hope this helps,
Matt

 

 

3,918 Views
0 Kudos

avatar
author-rank sfishman
Explorer

Created ‎03-06-2020 11:18 AM

Hi Matt.

Yes I reviewed this and even tested it but I wasn't able to get it to work for either decryption or encryption.

For encryption, you can sign an encrypted file with your private key and the partners public key, but Nifi doesn't give a place to specify which private key to sign with and a private keyring may have many private keys embedded.

For decryption, a signed encrypted file requires you to have the public key available to confirm the signature when you decrypt with your private key. Once again, Nifi doesn't seem to support it.

In addition, after testing this in the last couple of days, I am having trouble getting consistent and reliable results from the PGP support in Nifi. Therefore, I have decided to use the ExecuteStreamCommand processor instead which works consistently and gives the full range of PGP support.

3,915 Views
0 Kudos

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎03-06-2020 12:26 PM

@sfishman 

 

You are correct that NiFi does not support multiple private keys within a keyring.  I encourage you to create an Apache NiFi Jira with your details and this enhancement request.

https://issues.apache.org/jira/browse/NIFI

 

Matt

3,908 Views
0 Kudos

avatar
author-rank sfishman
Explorer

Created ‎03-06-2020 01:16 PM

Ok. will do
3,906 Views
0 Kudos
Announcements
Community Announcements
April 2025 Cloudera Customer Advisory: Cloudera’s response t...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
View More Announcements