nifi/nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/pom.xml

367 lines
19 KiB
XML
Raw Normal View History

2014-12-08 15:22:14 -05:00
<?xml version="1.0"?>
<!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor
license agreements. See the NOTICE file distributed with this work for additional
information regarding copyright ownership. The ASF licenses this file to
You under the Apache License, Version 2.0 (the "License"); you may not use
this file except in compliance with the License. You may obtain a copy of
the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required
by applicable law or agreed to in writing, software distributed under the
License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
OF ANY KIND, either express or implied. See the License for the specific
language governing permissions and limitations under the License. -->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-standard-bundle</artifactId>
2016-04-04 11:36:19 -04:00
<version>1.0.0-SNAPSHOT</version>
</parent>
<artifactId>nifi-standard-processors</artifactId>
<packaging>jar</packaging>
<dependencies>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-processor-utils</artifactId>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-utils</artifactId>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-ssl-context-service-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-flowfile-packager</artifactId>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-distributed-cache-client-service-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-http-context-map-api</artifactId>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
</dependency>
<dependency>
<groupId>com.sun.jersey</groupId>
<artifactId>jersey-client</artifactId>
</dependency>
<dependency>
<groupId>com.sun.jersey</groupId>
<artifactId>jersey-server</artifactId>
</dependency>
<dependency>
<groupId>commons-net</groupId>
<artifactId>commons-net</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
NIFI-1324: Changed Maven dependencies for BouncyCastle bcprov and bcpg from jdk16:1.46 to jdk15on:1.53 (kept nifi-web-security on jdk16:1.46 because jdk15on:1.53 splits OCSP logic into new module bcpkix). Added individual unit tests for PGP public keyring validation. Passes all legacy unit tests. Added TODOs for customizable brick encryption and refactoring shared code. Cleaned up magic numbers to constants. Added unit tests for OpenPGPPasswordBasedEncryptor (internal consistency and legacy file decrypt). Began refactoring shared encrypt code from OpenPGP* implementations. Extracted encrypt utility method from OpenPGPPasswordBasedEncryptor to PGPUtil class. Added test resources (signed and unsigned key-encrypted files). Added unit tests for OpenPGPKeyBasedEncryptor (internal consistency and external file decrypt). Changed BC dependency for nifi-web-security to bcprov-jdk15on:1.53 and bcpkix-jdk15on:1.53. Updated OCSPValidator to use new BC logic for OCSP validation. This code compiles but should be fully audited, as the legacy OCSP validation was not completely implemented. Added skeleton of OCSP validator unit tests with successful keypair and certificate generation and signing code. Added further unit tests for issued certificates. Annotated unimplemented unit tests with note about Groovy integration. Refactored Jersey call in OCSPCertificateValidator to internal method. Added toString() to NiFi local OcspRequest. Implemented positive & negative unit tests with cache injection for valid/revoked OCSP certificate. Resolved contrib-check issues. Removed ignored code in unit test. Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2015-12-22 22:03:09 -05:00
<artifactId>bcprov-jdk15on</artifactId>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
NIFI-1324: Changed Maven dependencies for BouncyCastle bcprov and bcpg from jdk16:1.46 to jdk15on:1.53 (kept nifi-web-security on jdk16:1.46 because jdk15on:1.53 splits OCSP logic into new module bcpkix). Added individual unit tests for PGP public keyring validation. Passes all legacy unit tests. Added TODOs for customizable brick encryption and refactoring shared code. Cleaned up magic numbers to constants. Added unit tests for OpenPGPPasswordBasedEncryptor (internal consistency and legacy file decrypt). Began refactoring shared encrypt code from OpenPGP* implementations. Extracted encrypt utility method from OpenPGPPasswordBasedEncryptor to PGPUtil class. Added test resources (signed and unsigned key-encrypted files). Added unit tests for OpenPGPKeyBasedEncryptor (internal consistency and external file decrypt). Changed BC dependency for nifi-web-security to bcprov-jdk15on:1.53 and bcpkix-jdk15on:1.53. Updated OCSPValidator to use new BC logic for OCSP validation. This code compiles but should be fully audited, as the legacy OCSP validation was not completely implemented. Added skeleton of OCSP validator unit tests with successful keypair and certificate generation and signing code. Added further unit tests for issued certificates. Annotated unimplemented unit tests with note about Groovy integration. Refactored Jersey call in OCSPCertificateValidator to internal method. Added toString() to NiFi local OcspRequest. Implemented positive & negative unit tests with cache injection for valid/revoked OCSP certificate. Resolved contrib-check issues. Removed ignored code in unit test. Signed-off-by: Matt Gilman <matt.c.gilman@gmail.com>
2015-12-22 22:03:09 -05:00
<artifactId>bcpg-jdk15on</artifactId>
</dependency>
NIFI-1753 Replaced usage of javax.security.cert.X509Certificate with java.security.cert.X509Certificate and resolved user-reported ClassCastException when handling client certificates during TLS mutual authentication. Fixed nifi-utils pom.xml comment about additional dependencies. (+5 squashed commits) Squashed commits: [965b766] NIFI-1753 Removed temporary work-around of duplicate certificate conversion util method and added nifi-security-utils as dependency of nifi-utils. [cd35f9b] NIFI-1753 Replaced legacy X.509 certificate declarations with new declarations in SSLSocketChannel and EndpointConnectionPool. Temporary work-around of duplicate certificate conversion util method because nifi-utils cannot depend on nifi-security-utils. [6420897] NIFI-1753 Replaced legacy X.509 certificate declarations with new declarations in PostHTTP. [b9868ef] NIFI-1753 Added convenience method for extracting DN from peer certificate chain in SSL socket (canonical implementation to reduce code duplication and references to legacy certificate implementations). Refactored logic retrieving legacy X.509 certificates with reference to convenience method in NodeProtocolSenderImpl. Replaced logic retrieving legacy X.509 certificates with reference to convenience method in SocketProtocolListener. Cleaned up exception handling in SocketProtocolListener. Replaced legacy X.509 certificate declarations with new declarations in HandleHttpRequest (needs manual test). [e2d1c35] NIFI-1753 Added convenience methods for converting legacy X.509 certificates and abstract certificates to correct X.509 format. Added unit tests for certificate manipulation. Replaced logic retrieving legacy X.509 certificates with new logic in NodeProtocolSenderImpl. Added bcpkix (Bouncy Castle PKI implementation) dependency to nifi-standard-processors pom. This closes #346. Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-04-11 23:11:45 -04:00
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-security-utils</artifactId>
</dependency>
<dependency>
<groupId>com.jcraft</groupId>
<artifactId>jsch</artifactId>
</dependency>
<dependency>
<groupId>com.jcraft</groupId>
<artifactId>jzlib</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
</dependency>
<dependency>
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
</dependency>
<dependency>
<groupId>com.github.jponge</groupId>
<artifactId>lzma-java</artifactId>
</dependency>
<dependency>
<groupId>org.tukaani</groupId>
<artifactId>xz</artifactId>
</dependency>
<dependency>
<groupId>net.sf.saxon</groupId>
<artifactId>Saxon-HE</artifactId>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-socket-utils</artifactId>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-load-distribution-service-api</artifactId>
</dependency>
<dependency>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
</dependency>
<dependency>
<groupId>javax.jms</groupId>
<artifactId>javax.jms-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.activemq</groupId>
<artifactId>activemq-client</artifactId>
</dependency>
<dependency>
<groupId>com.jayway.jsonpath</groupId>
<artifactId>json-path</artifactId>
</dependency>
<dependency>
<groupId>org.apache.tika</groupId>
<artifactId>tika-core</artifactId>
<version>1.7</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
<dependency>
<groupId>org.apache.avro</groupId>
<artifactId>avro</artifactId>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-dbcp-service-api</artifactId>
</dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-mapper-asl</artifactId>
</dependency>
<dependency>
<groupId>com.squareup.okhttp</groupId>
<artifactId>okhttp</artifactId>
<version>2.7.1</version>
</dependency>
<dependency>
<groupId>com.burgstaller</groupId>
<artifactId>okhttp-digest</artifactId>
<version>0.6</version>
<type>jar</type>
</dependency>
NIFI-1257 NIFI-1259 Added utility method to return the maximum acceptable password length for PBE ciphers on JVM with limited strength crypto because BC implementation is undocumented (based on empirical evidence). Updated EncryptionMethod definitions to accurately reflect need for unlimited strength crypto according to algorithm key length. Added processor logic to invoke keyed cipher. Added EncryptContent processor property for raw hex key (always visible until NIFI-1121). Added validations for KDF (keyed and PBE) and hex key. Added utility method to return list of valid key lengths for algorithm. Added description to allowable values for KDF and encryption method in EncryptContent processor. Added IV read/write to KeyedCipherProvider and changed from interface to abstract class. Added salt read/write logic to NifiLegacy and OpenSSL cipher providers. Changed RandomIVPBECipherProvider from interface to abstract class. Updated strong KDF implementations. Renamed CipherFactory to CipherProviderFactory. Added unit test for registered KDF resolution from factory. Updated default iteration count for PBKDF2 cipher provider. Implemented Scrypt cipher provider. Added salt translator from mcrypt format to Java format. Added unit tests for salt formatting and validation. Added surefire block to groovy unit test profile to enforce 3072 MB heap for Scrypt test. Added local Java implementation of Scrypt KDF (and underlying PBKDF2 KDF) from Will Glozer. Defined interface for KeyedCipherProvider. Implemented AES implementation for KeyedCipherProvider. Added Ruby script to test/resources for external compatibility check. Added key length check to PBKDF2 cipher provider. Changed default PRF to SHA-512. Added salt and key length check to PBKDF2 cipher provider. Added utility method to check key length validity for cipher families. Added Bcrypt implementation. Implemented PBKDF2 cipher provider. Added default constructor with strong choices for PBKDF2 cipher provider. Implemented NiFiLegacyCipherProvider and added unit tests. Added key length parameter to PBKDF2 cipher provider. Added PRF resolution to PBKDF2 cipher provider. Added RandomIVPBECipherProvider to allow for non-deterministic IVs. Added new keyed encryption methods and added boolean field for compatibility with new KDFs. Added CipherFactory. Improved Javadoc in NiFi legacy cipher provider and OpenSSL cipher provider. Added KeyedCipherProvider interface. Added OpenSSL PKCS#5 v1.5 EVP_BytesToKey cipher provider and unit test. This closes #201. Signed-off-by: Aldrin Piri <aldrin@apache.org>
2015-12-22 13:12:02 -05:00
<dependency>
<groupId>de.svenkubiak</groupId>
<artifactId>jBcrypt</artifactId>
<version>0.4.1</version>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-mock</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-distributed-cache-client-service</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.activemq</groupId>
<artifactId>activemq-broker</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.nifi</groupId>
<artifactId>nifi-ssl-context-service</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.derby</groupId>
<artifactId>derby</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.xerial.snappy</groupId>
<artifactId>snappy-java</artifactId>
<version>1.1.2</version>
</dependency>
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<version>1.4.187</version>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.rat</groupId>
<artifactId>apache-rat-plugin</artifactId>
<configuration>
<excludes combine.children="append">
<exclude>src/test/resources/localhost.cer</exclude>
<exclude>src/test/resources/hello.txt</exclude>
<exclude>src/test/resources/CharacterSetConversionSamples/Converted.txt</exclude>
<exclude>src/test/resources/CharacterSetConversionSamples/Original.txt</exclude>
<exclude>src/test/resources/CompressedData/SampleFile.txt</exclude>
<exclude>src/test/resources/CompressedData/SampleFileConcat.txt</exclude>
<exclude>src/test/resources/ExecuteCommand/1000bytes.txt</exclude>
<exclude>src/test/resources/ExecuteCommand/test.txt</exclude>
<exclude>src/test/resources/ScanAttribute/dictionary-with-empty-new-lines</exclude>
<exclude>src/test/resources/ScanAttribute/dictionary-with-extra-info</exclude>
<exclude>src/test/resources/ScanAttribute/dictionary1</exclude>
<exclude>src/test/resources/TestEncryptContent/text.txt</exclude>
<exclude>src/test/resources/TestEncryptContent/text.txt.asc</exclude>
<exclude>src/test/resources/TestIdentifyMimeType/1.txt</exclude>
<exclude>src/test/resources/TestIdentifyMimeType/1.csv</exclude>
<exclude>src/test/resources/TestJson/json-sample.json</exclude>
<exclude>src/test/resources/TestJson/control-characters.json</exclude>
<exclude>src/test/resources/TestMergeContent/demarcate</exclude>
<exclude>src/test/resources/TestMergeContent/foot</exclude>
<exclude>src/test/resources/TestMergeContent/head</exclude>
<exclude>src/test/resources/TestMergeContent/user.avsc</exclude>
<exclude>src/test/resources/TestMergeContent/place.avsc</exclude>
2015-08-13 11:40:33 -04:00
<exclude>src/test/resources/TestConvertJSONToSQL/person-1.json</exclude>
<exclude>src/test/resources/TestConvertJSONToSQL/persons.json</exclude>
<exclude>src/test/resources/TestConvertJSONToSQL/malformed-person-extra-comma.json</exclude>
<exclude>src/test/resources/TestConvertJSONToSQL/person-with-extra-field.json</exclude>
<exclude>src/test/resources/TestConvertJSONToSQL/person-without-code.json</exclude>
<exclude>src/test/resources/TestConvertJSONToSQL/person-with-null-code.json</exclude>
<exclude>src/test/resources/TestConvertJSONToSQL/person-without-id.json</exclude>
<exclude>src/test/resources/TestModifyBytes/noFooter.txt</exclude>
<exclude>src/test/resources/TestModifyBytes/noFooter_noHeader.txt</exclude>
<exclude>src/test/resources/TestModifyBytes/noHeader.txt</exclude>
<exclude>src/test/resources/TestModifyBytes/testFile.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/$1$1.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/BRue_cRue_RiRey.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/Blu$2e_clu$2e.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/D$d_h$d.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/Good.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/Spider.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/[DODO].txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/cu[$1]_Po[$1].txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/cu_Po.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/food.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/testFile.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/AppendLineByLineTest.txt</exclude>
<exclude>src/test/resources/TestReplaceTextLineByLine/PrependLineByLineTest.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/color-fruit-backreference-mapping.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/color-fruit-blank-mapping.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/color-fruit-escaped-dollar-mapping.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/color-fruit-excessive-backreference-mapping-simple.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/color-fruit-excessive-backreference-mapping.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/color-fruit-invalid-backreference-mapping.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/color-fruit-mapping.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/color-fruit-no-match-mapping.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/color-fruit-space-mapping.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/colors-without-dashes.txt</exclude>
<exclude>src/test/resources/TestReplaceTextWithMapping/colors.txt</exclude>
<exclude>src/test/resources/TestScanContent/helloWorld</exclude>
<exclude>src/test/resources/TestScanContent/wellthengood-bye</exclude>
<exclude>src/test/resources/TestSplitText/1.txt</exclude>
<exclude>src/test/resources/TestSplitText/2.txt</exclude>
<exclude>src/test/resources/TestSplitText/3.txt</exclude>
<exclude>src/test/resources/TestSplitText/4.txt</exclude>
<exclude>src/test/resources/TestSplitText/5.txt</exclude>
<exclude>src/test/resources/TestSplitText/6.txt</exclude>
<exclude>src/test/resources/TestSplitText/original.txt</exclude>
<exclude>src/test/resources/TestTransformXml/math.html</exclude>
<exclude>src/test/resources/TestTransformXml/tokens.csv</exclude>
<exclude>src/test/resources/TestTransformXml/tokens.xml</exclude>
<exclude>src/test/resources/TestUnpackContent/folder/cal.txt</exclude>
<exclude>src/test/resources/TestUnpackContent/folder/date.txt</exclude>
<exclude>src/test/resources/TestUnpackContent/data.flowfilev2</exclude>
<exclude>src/test/resources/TestUnpackContent/data.flowfilev3</exclude>
<exclude>src/test/resources/TestXml/xml-bundle-1</exclude>
<exclude>src/test/resources/TestXml/namespaceSplit1.xml</exclude>
<exclude>src/test/resources/TestXml/namespaceSplit2.xml</exclude>
<exclude>src/test/resources/CompressedData/SampleFile.txt.bz2</exclude>
<exclude>src/test/resources/CompressedData/SampleFile.txt.gz</exclude>
<exclude>src/test/resources/CompressedData/SampleFile1.txt.bz2</exclude>
<exclude>src/test/resources/CompressedData/SampleFile1.txt.gz</exclude>
<exclude>src/test/resources/CompressedData/SampleFileConcat.txt.bz2</exclude>
<exclude>src/test/resources/ExecuteCommand/TestIngestAndUpdate.jar</exclude>
<exclude>src/test/resources/ExecuteCommand/TestSuccess.jar</exclude>
<exclude>src/test/resources/ExecuteCommand/TestDynamicEnvironment.jar</exclude>
<exclude>src/test/resources/TestIdentifyMimeType/1.jar</exclude>
<exclude>src/test/resources/TestIdentifyMimeType/1.tar</exclude>
<exclude>src/test/resources/TestIdentifyMimeType/1.tar.gz</exclude>
<exclude>src/test/resources/TestIdentifyMimeType/1.txt.bz2</exclude>
<exclude>src/test/resources/TestIdentifyMimeType/1.txt.gz</exclude>
<exclude>src/test/resources/TestIdentifyMimeType/1.zip</exclude>
<exclude>src/test/resources/TestIdentifyMimeType/flowfilev1.tar</exclude>
<exclude>src/test/resources/TestUnpackContent/data.tar</exclude>
<exclude>src/test/resources/TestUnpackContent/data.zip</exclude>
<exclude>src/test/resources/TestEncryptContent/plain.txt</exclude>
<exclude>src/test/resources/TestEncryptContent/salted_raw.enc</exclude>
<exclude>src/test/resources/TestEncryptContent/salted_128_raw.enc</exclude>
<exclude>src/test/resources/TestEncryptContent/unsalted_raw.enc</exclude>
<exclude>src/test/resources/TestEncryptContent/unsalted_128_raw.enc</exclude>
NIFI-1257 NIFI-1259 Added utility method to return the maximum acceptable password length for PBE ciphers on JVM with limited strength crypto because BC implementation is undocumented (based on empirical evidence). Updated EncryptionMethod definitions to accurately reflect need for unlimited strength crypto according to algorithm key length. Added processor logic to invoke keyed cipher. Added EncryptContent processor property for raw hex key (always visible until NIFI-1121). Added validations for KDF (keyed and PBE) and hex key. Added utility method to return list of valid key lengths for algorithm. Added description to allowable values for KDF and encryption method in EncryptContent processor. Added IV read/write to KeyedCipherProvider and changed from interface to abstract class. Added salt read/write logic to NifiLegacy and OpenSSL cipher providers. Changed RandomIVPBECipherProvider from interface to abstract class. Updated strong KDF implementations. Renamed CipherFactory to CipherProviderFactory. Added unit test for registered KDF resolution from factory. Updated default iteration count for PBKDF2 cipher provider. Implemented Scrypt cipher provider. Added salt translator from mcrypt format to Java format. Added unit tests for salt formatting and validation. Added surefire block to groovy unit test profile to enforce 3072 MB heap for Scrypt test. Added local Java implementation of Scrypt KDF (and underlying PBKDF2 KDF) from Will Glozer. Defined interface for KeyedCipherProvider. Implemented AES implementation for KeyedCipherProvider. Added Ruby script to test/resources for external compatibility check. Added key length check to PBKDF2 cipher provider. Changed default PRF to SHA-512. Added salt and key length check to PBKDF2 cipher provider. Added utility method to check key length validity for cipher families. Added Bcrypt implementation. Implemented PBKDF2 cipher provider. Added default constructor with strong choices for PBKDF2 cipher provider. Implemented NiFiLegacyCipherProvider and added unit tests. Added key length parameter to PBKDF2 cipher provider. Added PRF resolution to PBKDF2 cipher provider. Added RandomIVPBECipherProvider to allow for non-deterministic IVs. Added new keyed encryption methods and added boolean field for compatibility with new KDFs. Added CipherFactory. Improved Javadoc in NiFi legacy cipher provider and OpenSSL cipher provider. Added KeyedCipherProvider interface. Added OpenSSL PKCS#5 v1.5 EVP_BytesToKey cipher provider and unit test. This closes #201. Signed-off-by: Aldrin Piri <aldrin@apache.org>
2015-12-22 13:12:02 -05:00
<!-- This file is copied from https://github.com/jeremyh/jBCrypt because the binary is compiled for Java 8 and we must support Java 7 -->
<exclude>src/main/java/org/apache/nifi/processors/standard/util/crypto/bcrypt/BCrypt.java</exclude>
</excludes>
</configuration>
</plugin>
</plugins>
</build>
NIFI-1257 NIFI-1259 Added utility method to return the maximum acceptable password length for PBE ciphers on JVM with limited strength crypto because BC implementation is undocumented (based on empirical evidence). Updated EncryptionMethod definitions to accurately reflect need for unlimited strength crypto according to algorithm key length. Added processor logic to invoke keyed cipher. Added EncryptContent processor property for raw hex key (always visible until NIFI-1121). Added validations for KDF (keyed and PBE) and hex key. Added utility method to return list of valid key lengths for algorithm. Added description to allowable values for KDF and encryption method in EncryptContent processor. Added IV read/write to KeyedCipherProvider and changed from interface to abstract class. Added salt read/write logic to NifiLegacy and OpenSSL cipher providers. Changed RandomIVPBECipherProvider from interface to abstract class. Updated strong KDF implementations. Renamed CipherFactory to CipherProviderFactory. Added unit test for registered KDF resolution from factory. Updated default iteration count for PBKDF2 cipher provider. Implemented Scrypt cipher provider. Added salt translator from mcrypt format to Java format. Added unit tests for salt formatting and validation. Added surefire block to groovy unit test profile to enforce 3072 MB heap for Scrypt test. Added local Java implementation of Scrypt KDF (and underlying PBKDF2 KDF) from Will Glozer. Defined interface for KeyedCipherProvider. Implemented AES implementation for KeyedCipherProvider. Added Ruby script to test/resources for external compatibility check. Added key length check to PBKDF2 cipher provider. Changed default PRF to SHA-512. Added salt and key length check to PBKDF2 cipher provider. Added utility method to check key length validity for cipher families. Added Bcrypt implementation. Implemented PBKDF2 cipher provider. Added default constructor with strong choices for PBKDF2 cipher provider. Implemented NiFiLegacyCipherProvider and added unit tests. Added key length parameter to PBKDF2 cipher provider. Added PRF resolution to PBKDF2 cipher provider. Added RandomIVPBECipherProvider to allow for non-deterministic IVs. Added new keyed encryption methods and added boolean field for compatibility with new KDFs. Added CipherFactory. Improved Javadoc in NiFi legacy cipher provider and OpenSSL cipher provider. Added KeyedCipherProvider interface. Added OpenSSL PKCS#5 v1.5 EVP_BytesToKey cipher provider and unit test. This closes #201. Signed-off-by: Aldrin Piri <aldrin@apache.org>
2015-12-22 13:12:02 -05:00
<profiles>
<profile>
<!-- Custom profile for tests requiring large heap operations -->
<id>expensive-heap-tests</id>
<activation>
<property>
<name>heap</name>
<value>expensive</value>
</property>
</activation>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.18</version>
<configuration>
<argLine>-Xmx3072M</argLine>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
2014-12-08 15:22:14 -05:00
</project>