NIFI-10667 Add Private Key Service interface and implementation

[exceptionfactory]

Summary

NIFI-10667 Adds a new PrivateKeyService Controller Service interface and StandardPrivateKeyService implementation capable of reading encrypted or unencrypted Private Keys.

The service interface is defined in a new nifi-key-service-api module under nifi-standard-services. The standard implementation uses the Bouncy Castle library and PEMParser class to handle decoding and decrypting Private Keys. The initial implementation supports PEM encoding and PKCS 8, which can be used for several standard key algorithms including RSA and DSA.

Tracking

Please complete the following tracking steps prior to pull request creation.

Issue Tracking

• Apache NiFi Jira issue created

Pull Request Tracking

• Pull Request title starts with Apache NiFi Jira issue number, such as NIFI-00000
• Pull Request commit message starts with Apache NiFi Jira issue number, as such NIFI-00000

Pull Request Formatting

• Pull Request based on current revision of the main branch
• Pull Request refers to a feature branch with one commit containing changes

Verification

Please indicate the verification steps performed prior to pull request creation.

Build

• Build completed using mvn clean install -P contrib-check
  • JDK 8
  • JDK 11
  • JDK 17

Licensing

• New dependencies are compatible with the Apache License 2.0 according to the License Policy
• New dependencies are documented in applicable LICENSE and NOTICE files

Documentation

• Documentation formatting appears as expected in rendered files

[thenatog]

Will review

[turcsanyip]

@exceptionfactory Thanks for adding this controller service!
I tested it with both encrypted and non-encrypted private keys and it works properly.

I found an invalid configuration case which is not handled correctly.
Also added some other comments as possible improvements.

[turcsanyip]

@exceptionfactory Thanks for the changes!

+1 LGTM

[thenatog]

+1 looks good to me