Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

Nifi PGP Encrypt and Sign

Labels:
avatar
author-rank sfishman
Explorer

Created on ‎03-05-2020 12:33 PM - last edited on ‎03-05-2020 02:17 PM by Moderator

I have a requirement to use PGP encryption and encrypt and sign a file. I don't see how to do that with the EncryptContent Processor. Is there a way to do this? 

3,466 Views
0 Kudos
4 REPLIES 4

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎03-06-2020 11:08 AM

@sfishman 

 

The EncryptContent processor supports encryption/decryption using the PGP encryption Algorithm.
PGP requires that the relevant PGP properties have been configured.

https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-standard-nar/1.11.3/org.apach...

 

Hope this helps,
Matt

 

 

3,447 Views
0 Kudos

avatar
author-rank sfishman
Explorer

Created ‎03-06-2020 11:18 AM

Hi Matt.

Yes I reviewed this and even tested it but I wasn't able to get it to work for either decryption or encryption.

For encryption, you can sign an encrypted file with your private key and the partners public key, but Nifi doesn't give a place to specify which private key to sign with and a private keyring may have many private keys embedded.

For decryption, a signed encrypted file requires you to have the public key available to confirm the signature when you decrypt with your private key. Once again, Nifi doesn't seem to support it.

In addition, after testing this in the last couple of days, I am having trouble getting consistent and reliable results from the PGP support in Nifi. Therefore, I have decided to use the ExecuteStreamCommand processor instead which works consistently and gives the full range of PGP support.

3,444 Views
0 Kudos

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎03-06-2020 12:26 PM

@sfishman 

 

You are correct that NiFi does not support multiple private keys within a keyring.  I encourage you to create an Apache NiFi Jira with your details and this enhancement request.

https://issues.apache.org/jira/browse/NIFI

 

Matt

3,437 Views
0 Kudos

avatar
author-rank sfishman
Explorer

Created ‎03-06-2020 01:16 PM

Ok. will do
3,435 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements