Details
-
Improvement
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
1.10.0
-
None
Description
As reported on the mailing list, a user has improperly formatted encrypted configuration value in nifi.properties or another configuration file. The error message in nifi-app.log is:
2019-12-31 05:42:26,515 INFO [main] o.a.n.properties.ProtectedNiFiProperties There are 5 protected properties of 5 sensitive properties (100%) 2019-12-31 05:42:26,517 ERROR [main] org.apache.nifi.NiFi Failure to launch NiFi due to java.lang.IllegalArgumentException: There was an issue decrypting protected properties java.lang.IllegalArgumentException: There was an issue decrypting protected properties at org.apache.nifi.NiFi.initializeProperties(NiFi.java:341) at org.apache.nifi.NiFi.convertArgumentsToValidatedNiFiProperties(NiFi.java:309) at org.apache.nifi.NiFi.main(NiFi.java:300) Caused by: java.lang.IllegalArgumentException: The cipher text does not contain the delimiter || -- it should be of the form Base64(IV) || Base64(cipherText) at org.apache.nifi.properties.AESSensitivePropertyProvider.unprotect(AESSensitivePropertyProvider.java:217) at org.apache.nifi.properties.ProtectedNiFiProperties.unprotectValue(ProtectedNiFiProperties.java:524) at org.apache.nifi.properties.ProtectedNiFiProperties.getUnprotectedProperties(ProtectedNiFiProperties.java:343) at org.apache.nifi.properties.NiFiPropertiesLoader.load(NiFiPropertiesLoader.java:209) at org.apache.nifi.properties.NiFiPropertiesLoader.load(NiFiPropertiesLoader.java:223) at org.apache.nifi.properties.NiFiPropertiesLoader.loadDefault(NiFiPropertiesLoader.java:130) at org.apache.nifi.properties.NiFiPropertiesLoader.get(NiFiPropertiesLoader.java:241) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.nifi.NiFi.initializeProperties(NiFi.java:336) ... 2 common frames omitted Received trapped signal, beginning shutdown...
The relevant code in ProtectedNiFiProperties.java is:
try { SensitivePropertyProvider sensitivePropertyProvider = getSensitivePropertyProvider(protectionScheme); return sensitivePropertyProvider.unprotect(retrievedValue); } catch (SensitivePropertyProtectionException e) { throw new SensitivePropertyProtectionException("Error unprotecting value for " + key, e.getCause()); }
Currently, the IllegalArgumentException is not caught here, so the specific improperly-formatted value is not identified in the log. Manual inspection of the file is required.
The IAE should be caught in the same block and treated identically.
Attachments
Issue Links
- links to