-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NIFI-3594 Encrypted provenance repository implementation #1686
Commits on Apr 20, 2017
-
NIFI-3594 Added first unit test for PersistentProvenanceRepository op…
…eration. Added BC dependency to nifi-persistent-provenance-repository module.
Configuration menu - View commit details
-
Copy full SHA for d4de39b - Browse repository at this point
Copy the full SHA d4de39bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 8006d12 - Browse repository at this point
Copy the full SHA 8006d12View commit details -
Configuration menu - View commit details
-
Copy full SHA for f620003 - Browse repository at this point
Copy the full SHA f620003View commit details -
NIFI-3594 Added skeleton of encrypted provenance repository (KeyProvi…
…der w/ 2 impls, Encryptor skeleton, and exceptions/utilities). Reorganized tests to proper path.
Configuration menu - View commit details
-
Copy full SHA for c497644 - Browse repository at this point
Copy the full SHA c497644View commit details -
NIFI-3594 Added encryption methods and reflective property accessors.…
… Pausing to re-evaluate because work may need to be done at lower level (EventWriter/EventReader -- byte/Object serialization).
Configuration menu - View commit details
-
Copy full SHA for 2fdbb23 - Browse repository at this point
Copy the full SHA 2fdbb23View commit details -
NIFI-3594 Intermediate changes before discussion with Mark Payne abou…
…t intercepting SchemaRecordReader/Writer serialization (no updates to schema necessary).
Configuration menu - View commit details
-
Copy full SHA for 5951b78 - Browse repository at this point
Copy the full SHA 5951b78View commit details -
NIFI-3594 Moved (Keyed)CipherProvider classes & tests into nifi-secur…
…ity-utils to include in nifi-data-provenance-utils.
Configuration menu - View commit details
-
Copy full SHA for 054cdef - Browse repository at this point
Copy the full SHA 054cdefView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1dfbb5b - Browse repository at this point
Copy the full SHA 1dfbb5bView commit details -
NIFI-3594 Implemented encrypted read, write, and seek operations.
Resolved RAT and checkstyle issues. All tests pass.
Configuration menu - View commit details
-
Copy full SHA for 2637a30 - Browse repository at this point
Copy the full SHA 2637a30View commit details -
Configuration menu - View commit details
-
Copy full SHA for 33db1ee - Browse repository at this point
Copy the full SHA 33db1eeView commit details -
NIFI-3594 Delgated reader and writer to use AESKeyedCipherProvider (e…
…nhanced error checking and guard controls).
Configuration menu - View commit details
-
Copy full SHA for d844c00 - Browse repository at this point
Copy the full SHA d844c00View commit details -
NIFI-3594 Refactored to use concatByteArrays() for performance and he…
…ap optimization.
Configuration menu - View commit details
-
Copy full SHA for 7ae1a1c - Browse repository at this point
Copy the full SHA 7ae1a1cView commit details -
NIFI-3594 Working event encryptor lifecycle unit test with full encry…
…ption metadata serialization.
Configuration menu - View commit details
-
Copy full SHA for b912a14 - Browse repository at this point
Copy the full SHA b912a14View commit details -
NIFI-3594 Refactored AESProvenanceEventEncryptor implementation (remo…
…ved cached ciphers to allow non-repeating IVs). Added unit tests.
Configuration menu - View commit details
-
Copy full SHA for 83523ad - Browse repository at this point
Copy the full SHA 83523adView commit details -
NIFI-3594 Added forAlgorithm static constructor for EncryptionMethod.
Added validity checks for algorithm and version in AESProvenanceEventEncryptor. Added unit tests.
Configuration menu - View commit details
-
Copy full SHA for 60f4f03 - Browse repository at this point
Copy the full SHA 60f4f03View commit details -
Configuration menu - View commit details
-
Copy full SHA for b8314e8 - Browse repository at this point
Copy the full SHA b8314e8View commit details -
NIFI-3594 Refactored key availability interface contract.
Refactored encryptor composition. Added unit tests.
Configuration menu - View commit details
-
Copy full SHA for 09115b2 - Browse repository at this point
Copy the full SHA 09115b2View commit details -
NIFI-3594 Began adding configuration properties for encrypted provena…
…nce repository. Added utility methods for validation. Added unit tests.
Configuration menu - View commit details
-
Copy full SHA for 10b203e - Browse repository at this point
Copy the full SHA 10b203eView commit details -
NIFI-3594 Added new NiFi properties keys for provenance repository en…
…cryption. Added nifi.provenance.repository.encryption.key to default sensitive keys and updated unit tests and test resources. Added method to correctly calculate protected percentage of sensitive keys (unpopulated keys are no longer counted against protection %).
Configuration menu - View commit details
-
Copy full SHA for 711bfa4 - Browse repository at this point
Copy the full SHA 711bfa4View commit details -
NIFI-3594 Implemented StaticKeyProvider and FileBasedKeyProvider.
Moved getBestEventIdentifier() from StandardProvenanceEventRecord to ProvenanceEventRecord interface and added delegate in all implementations to avoid ClassCastException from multiple classloaders. Initialized IV before cipher to suppress unnecessary warnings. Added utility method to read encrypted provenance keys from key provider file. Suppressed logging of event record details in LuceneEventIndex. Added logic to create EncryptedSchemaRecordReader (if supported) in RecordReaders. Cleaned up EncryptedSchemaRecordReader and EncryptedSchemaRecordWriter. Added keyProvider, recordReaderFactory, and recordWriterFactory initialization to EncryptedWriteAheadProvenanceRepository to provide complete interceptor implementation. Added logic to RepositoryConfiguration to load encryption-related properties if necessary. Refactored WriteAheadProvenanceRepository to allow subclass implementation. Registered EncryptedWAPR in ProvenanceRepository implementations. Added unit tests for EWAPR. Added new nifi.properties keys for encrypted provenance repository.
Configuration menu - View commit details
-
Copy full SHA for 092cb2d - Browse repository at this point
Copy the full SHA 092cb2dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 578d0d1 - Browse repository at this point
Copy the full SHA 578d0d1View commit details -
Configuration menu - View commit details
-
Copy full SHA for b44b603 - Browse repository at this point
Copy the full SHA b44b603View commit details
Commits on Apr 24, 2017
-
NIFI-3594 Switched concatByteArrays implementation to manual concaten…
…ation of arrays. Added unit test demonstrating performance improvement.
Configuration menu - View commit details
-
Copy full SHA for 206e658 - Browse repository at this point
Copy the full SHA 206e658View commit details -
NIFI-3594 Improved byte[] handling code for performance/memory effici…
…ency with Mark Payne's feedback. Cleaned up commented code.
Configuration menu - View commit details
-
Copy full SHA for fc7ed0c - Browse repository at this point
Copy the full SHA fc7ed0cView commit details
Commits on Apr 25, 2017
-
NIFI-3594 Added multiple key feature to StaticKeyProvider.
Refactored StaticKeyProvider and FileBasedKeyProvider to reduce duplicate code. Added helper methods in NiFiProperties to read multiple key definitions for StaticKeyProvider. Fixed undetected NPE in tests (storing null value into properties). Added unit tests.
Configuration menu - View commit details
-
Copy full SHA for bbbabf8 - Browse repository at this point
Copy the full SHA bbbabf8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1fc2ff2 - Browse repository at this point
Copy the full SHA 1fc2ff2View commit details -
NIFI-3594 Removed unnecessary performance test for BAOS vs. System.ar…
…rayCopy comparison.
Configuration menu - View commit details
-
Copy full SHA for d1d79a1 - Browse repository at this point
Copy the full SHA d1d79a1View commit details -
NIFI-3594 Added Java JUnit test in nifi-data-provenance-utils module …
…to trigger Maven running Groovy unit tests.
Configuration menu - View commit details
-
Copy full SHA for d6ff66c - Browse repository at this point
Copy the full SHA d6ff66cView commit details