Description:

Encrypts or Decrypts a FlowFile using either symmetric encryption with a password and randomly generated salt, or asymmetric encryption using a public and secret key.

Additional Details...

Tags:

encryption, decryption, password, JCE, OpenPGP, PGP, GPG

Properties:

In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values, and whether a property is considered "sensitive", meaning that its value will be encrypted. Before entering a value in a sensitive property, ensure that the nifi.properties file has an entry for the property nifi.sensitive.props.key.

NameDefault ValueAllowable ValuesDescription
ModeEncrypt
  • Encrypt
  • Decrypt
Specifies whether the content should be encrypted or decrypted
Key Derivation FunctionNIFI_LEGACY
  • NIFI_LEGACY
  • OPENSSL_EVP_BYTES_TO_KEY
Specifies the key derivation function to generate the key from the password (and salt)
Encryption AlgorithmMD5_128AES
  • MD5_128AES
  • MD5_192AES
  • MD5_256AES
  • MD5_DES
  • MD5_RC2
  • SHA1_RC2
  • SHA1_DES
  • SHA_128AES
  • SHA_192AES
  • SHA_256AES
  • SHA_40RC2
  • SHA_128RC2
  • SHA_40RC4
  • SHA_128RC4
  • SHA256_128AES
  • SHA256_192AES
  • SHA256_256AES
  • SHA_2KEYTRIPLEDES
  • SHA_3KEYTRIPLEDES
  • SHA_TWOFISH
  • PGP
  • PGP_ASCII_ARMOR
The Encryption Algorithm to use
PasswordThe Password to use for encrypting or decrypting the data
Sensitive Property: true
Public Keyring FileIn a PGP encrypt mode, this keyring contains the public key of the recipient
Public Key User IdIn a PGP encrypt mode, this user id of the recipient
Private Keyring FileIn a PGP decrypt mode, this keyring contains the private key of the recipient
Private Keyring PassphraseIn a PGP decrypt mode, this is the private keyring passphrase
Sensitive Property: true

Relationships:

NameDescription
failureAny FlowFile that cannot be encrypted or decrypted will be routed to failure
successAny FlowFile that is successfully encrypted or decrypted will be routed to success

Reads Attributes:

None specified.

Writes Attributes:

None specified.