Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-3171

Improve error message when long password is used for config encryption on machine without JCE policies

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Abandoned
    • 1.1.0
    • None
    • Tools and Build

    Description

      If the user runs ./bin/encrypt-config.sh with a password longer than 16 bytes on a machine without the JCE unlimited strength cryptographic jurisdiction policies installed, an Illegal Key Size exception will be thrown and the full stack trace will be printed (in verbose mode).

      We should detect the absence/presence of strong crypto availability and perform a length check on the password before attempting to derive the encryption key from this value in order to provide better error messaging.

      Attachments

        Issue Links

          Is contained by

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. NIFI-5458 Improve NiFi TLS and certificate management

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              alopresto Andy LoPresto
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: