Index (nifi-security-utils 1.11.0 API)

A B C D E F G H I J K L M N O P R S T U V W X

A

AbstractAESEncryptor - Class in org.apache.nifi.security.repository
AbstractAESEncryptor() - Constructor for class org.apache.nifi.security.repository.AbstractAESEncryptor
AbstractKerberosUser - Class in org.apache.nifi.security.krb
AbstractKerberosUser(String) - Constructor for class org.apache.nifi.security.krb.AbstractKerberosUser
action - Variable in class org.apache.nifi.security.krb.KerberosAction
addKey(String, SecretKey) - Method in class org.apache.nifi.security.kms.FileBasedKeyProvider: Adds the key to the provider and associates it with the given ID.
addKey(String, SecretKey) - Method in interface org.apache.nifi.security.kms.KeyProvider: Adds the key to the provider and associates it with the given ID.
addKey(String, SecretKey) - Method in class org.apache.nifi.security.kms.StaticKeyProvider: Adds the key to the provider and associates it with the given ID.
aesKeyedCipherProvider - Variable in class org.apache.nifi.security.repository.AbstractAESEncryptor
AESKeyedCipherProvider - Class in org.apache.nifi.security.util.crypto: This is a standard implementation of KeyedCipherProvider which supports AES cipher families with arbitrary modes of operation (currently only CBC, CTR, and GCM are supported as EncryptionMethods.
AESKeyedCipherProvider() - Constructor for class org.apache.nifi.security.util.crypto.AESKeyedCipherProvider
ALGORITHM - Static variable in class org.apache.nifi.security.repository.AbstractAESEncryptor
ALGORITHM - Static variable in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor
algorithm - Variable in class org.apache.nifi.security.repository.RepositoryObjectEncryptionMetadata
ALGORITHM - Static variable in class org.apache.nifi.security.repository.stream.aes.RepositoryObjectAESCTREncryptor
algorithm - Variable in enum org.apache.nifi.security.util.EncryptionMethod
ALLOW_EXTERNAL_DTD - Static variable in class org.apache.nifi.security.xml.SafeXMLConfiguration
ALLOW_EXTERNAL_GENERAL_ENTITIES - Static variable in class org.apache.nifi.security.xml.SafeXMLConfiguration
ALLOW_EXTERNAL_PARAM_ENTITIES - Static variable in class org.apache.nifi.security.xml.SafeXMLConfiguration
appDataManager - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
available() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
available() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelInputStream

B

backReferencePattern - Static variable in class org.apache.nifi.authorization.util.IdentityMappingUtil
BCRYPT_SALT_FORMAT - Static variable in class org.apache.nifi.security.util.crypto.BcryptCipherProvider
BcryptCipherProvider - Class in org.apache.nifi.security.util.crypto
BcryptCipherProvider() - Constructor for class org.apache.nifi.security.util.crypto.BcryptCipherProvider: Instantiates a Bcrypt cipher provider with the default work factor 12 (2^12 key expansion rounds).
BcryptCipherProvider(int) - Constructor for class org.apache.nifi.security.util.crypto.BcryptCipherProvider: Instantiates a Bcrypt cipher provider with the specified work factor w (2^w key expansion rounds).
blake2Hash(HashAlgorithm, byte[]) - Static method in class org.apache.nifi.security.util.crypto.HashService
blake2HashStreaming(HashAlgorithm, InputStream) - Static method in class org.apache.nifi.security.util.crypto.HashService
BlockEncryptionMetadata - Class in org.apache.nifi.security.repository.block
BlockEncryptionMetadata() - Constructor for class org.apache.nifi.security.repository.block.BlockEncryptionMetadata
BlockEncryptionMetadata(String, String, byte[], String, int) - Constructor for class org.apache.nifi.security.repository.block.BlockEncryptionMetadata
blockmix_salsa8(byte[], int, int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
blockxor(byte[], int, byte[], int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
BOOTSTRAP_KEY_PREFIX - Static variable in class org.apache.nifi.security.kms.CryptoUtils
BROKEN_ALGORITHMS - Static variable in enum org.apache.nifi.security.util.crypto.HashAlgorithm
BUFFER_FULL_EMPTY_WAIT_NANOS - Static variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
BUFFER_SIZE - Static variable in class org.apache.nifi.security.util.crypto.CipherUtility
BUFFER_SIZE - Static variable in class org.apache.nifi.security.util.crypto.HashService
buildAllowableValueDescription() - Method in enum org.apache.nifi.security.util.crypto.HashAlgorithm: Returns a more complete description of the algorithm for AllowableValue construction.
buildCharacterSetAllowableValues() - Static method in class org.apache.nifi.security.util.crypto.HashService: Returns an array of AllowableValue elements for each Charset.
buildHashAlgorithmAllowableValues() - Static method in class org.apache.nifi.security.util.crypto.HashService: Returns an array of AllowableValue elements for each HashAlgorithm.
buildKeyProvider(RepositoryEncryptionConfiguration, SecretKey) - Static method in class org.apache.nifi.security.kms.KeyProviderFactory: Returns a key provider instantiated from the configuration values in a RepositoryEncryptionConfiguration object.
buildKeyProvider(String, String, String, Map<String, String>, SecretKey) - Static method in class org.apache.nifi.security.kms.KeyProviderFactory: Returns a key provider instantiated from the configuration values in a RepositoryEncryptionConfiguration object.
buildKeyProvider(NiFiProperties, RepositoryType) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils: Returns a configured KeyProvider instance that does not require a master key to use (usually a StaticKeyProvider).
buildKeyProvider(NiFiProperties, SecretKey, RepositoryType) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils: Returns a configured KeyProvider instance that requires a master key to use (usually a FileBasedKeyProvider or an encrypted StaticKeyProvider).
buildKeyProviderFromConfig(SecretKey, RepositoryEncryptionConfiguration) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils: Returns a configured KeyProvider instance given the RepositoryEncryptionConfiguration.

C

calculateExpectedMemory(int, int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt: Returns the expected memory cost of the provided parameters in bytes.
calculateSaltLength(EncryptionMethod) - Method in class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.
CertificateUtils - Class in org.apache.nifi.security.util
CertificateUtils() - Constructor for class org.apache.nifi.security.util.CertificateUtils
CertificateUtils.ClientAuth - Enum in org.apache.nifi.security.util
channel - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
channel - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelInputStream
channel - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelOutputStream
check(String, String) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt: Compare the supplied plaintext password to a hashed password.
checkTGTAndRelogin() - Method in class org.apache.nifi.security.krb.AbstractKerberosUser: Re-login a user from keytab if TGT is expired or is close to expiry.
checkTGTAndRelogin() - Method in interface org.apache.nifi.security.krb.KerberosUser: Performs a re-login if the TGT is close to expiration.
cipherByteLength - Variable in class org.apache.nifi.security.repository.RepositoryObjectEncryptionMetadata
CipherProvider - Interface in org.apache.nifi.security.util.crypto: Marker interface for cipher providers.
CipherProviderFactory - Class in org.apache.nifi.security.util.crypto
CipherProviderFactory() - Constructor for class org.apache.nifi.security.util.crypto.CipherProviderFactory
CipherUtility - Class in org.apache.nifi.security.util.crypto
CipherUtility() - Constructor for class org.apache.nifi.security.util.crypto.CipherUtility
ClientAuth(int, String) - Constructor for enum org.apache.nifi.security.util.CertificateUtils.ClientAuth
ClientAuth() - Constructor for enum org.apache.nifi.security.util.SslContextFactory.ClientAuth
close() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
close() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelInputStream: Closes the underlying SSLSocketChannel, which will also close the OutputStream and connection
close() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelOutputStream: Closes the underlying SSLSocketChannel, which also will close the InputStream and the connection
closed - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
closeQuietly(Closeable) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
compareDNs(String, String) - Static method in class org.apache.nifi.security.util.CertificateUtils: Returns true if the two provided DNs are equivalent, regardless of the order of the elements.
compatibleWithStrongKDFs - Variable in enum org.apache.nifi.security.util.EncryptionMethod
concatByteArrays(byte[]...) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Concatenates multiple byte[] into a single byte[].
ConfigurationUtil - Interface in org.apache.nifi.security.krb
connect() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
connected - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
constantTimeEquals(String, String) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns true if the two parameters are equal.
constantTimeEquals(char[], char[]) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns true if the two parameters are equal.
constantTimeEquals(byte[], byte[]) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns true if the two parameters are equal.
consume() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
consume() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelInputStream
CONTENT_HEADER_SIZE - Static variable in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
ContentRepositoryEncryptionConfiguration - Class in org.apache.nifi.security.repository.config
ContentRepositoryEncryptionConfiguration(NiFiProperties) - Constructor for class org.apache.nifi.security.repository.config.ContentRepositoryEncryptionConfiguration: Contructor which accepts a NiFiProperties object and extracts the relevant property values directly.
ContentRepositoryEncryptionConfiguration(String, String, String, Map<String, String>, String) - Constructor for class org.apache.nifi.security.repository.config.ContentRepositoryEncryptionConfiguration: Constructor which accepts explicit values for each configuration value.
convertAbstractX509Certificate(Certificate) - Static method in class org.apache.nifi.security.util.CertificateUtils: Accepts an abstract Certificate and returns an X509Certificate.
convertCharsToBytes(char[]) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns a byte[] containing the value of the provided char[] without using new String(chars).getBytes() which would put sensitive data (the password) in the String pool.
convertLegacyX509Certificate(X509Certificate) - Static method in class org.apache.nifi.security.util.CertificateUtils: Accepts a legacy X509Certificate and returns an X509Certificate.
copyFromAppDataBuffer(byte[], int, int) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
createDnOrderMap() - Static method in class org.apache.nifi.security.util.CertificateUtils
createDocumentBuilder() - Method in class org.apache.nifi.security.xml.SafeXMLConfiguration: This overridden createDocumentBuilder() method sets the appropriate factory attributes to disable XXE parsing.
createLoginContext(Subject) - Method in class org.apache.nifi.security.krb.AbstractKerberosUser
createLoginContext(Subject) - Method in class org.apache.nifi.security.krb.KerberosKeytabUser
createLoginContext(Subject) - Method in class org.apache.nifi.security.krb.KerberosPasswordUser
createSafeReader(InputStream) - Static method in class org.apache.nifi.security.xml.XmlUtils
createSafeReader(StreamSource) - Static method in class org.apache.nifi.security.xml.XmlUtils
createSafeSaxReader(SAXParserFactory, ContentHandler) - Static method in class org.apache.nifi.security.xml.XmlUtils
createSslContext(String, char[], String, String, char[], String, SslContextFactory.ClientAuth, String) - Static method in class org.apache.nifi.security.util.SslContextFactory: Creates a SSLContext instance using the given information.
createSslContext(String, char[], char[], String, String, char[], String, SslContextFactory.ClientAuth, String) - Static method in class org.apache.nifi.security.util.SslContextFactory: Creates a SSLContext instance using the given information.
createSslContext(String, char[], String, String) - Static method in class org.apache.nifi.security.util.SslContextFactory: Creates a SSLContext instance using the given information.
createSslContext(String, char[], char[], String, String) - Static method in class org.apache.nifi.security.util.SslContextFactory: Creates a SSLContext instance using the given information.
createSslContextWithTrustManagers(String, char[], char[], String, String, char[], String, SslContextFactory.ClientAuth, String) - Static method in class org.apache.nifi.security.util.SslContextFactory: Creates a SSLContext instance paired with its TrustManager instances using the given information.
createSslContextWithTrustManagers(String, char[], char[], String, String) - Static method in class org.apache.nifi.security.util.SslContextFactory: Creates a SSLContext instance paired with its TrustManager instances using the given information.
createTrustSslContext(String, char[], String, String) - Static method in class org.apache.nifi.security.util.SslContextFactory: Creates a SSLContext instance using the given information.
createTrustSslContextWithTrustManagers(String, char[], String, String) - Static method in class org.apache.nifi.security.util.SslContextFactory: Creates a SSLContext instance paired with its TrustManager instances using the given information.
CryptoUtils - Class in org.apache.nifi.security.kms
CryptoUtils() - Constructor for class org.apache.nifi.security.kms.CryptoUtils

D

DATE_FORMAT - Static variable in class org.apache.nifi.security.krb.AbstractKerberosUser
decrypt(byte[], String) - Method in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor: Decrypts the provided byte[] (an encrypted record with accompanying metadata).
decrypt(byte[], String) - Method in interface org.apache.nifi.security.repository.block.RepositoryObjectBlockEncryptor: Decrypts the provided byte[] (an encrypted record with accompanying metadata).
decrypt(InputStream, String) - Method in class org.apache.nifi.security.repository.stream.aes.RepositoryObjectAESCTREncryptor: Returns an InputStream which decrypts the content of the provided InputStream.
decrypt(InputStream, String) - Method in interface org.apache.nifi.security.repository.stream.RepositoryObjectStreamEncryptor: Decrypts the provided byte[] (an encrypted record with accompanying metadata).
DEFAULT_ITERATION_COUNT - Static variable in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider: This can be calculated automatically using the code PBKDF2CipherProviderGroovyTest#calculateMinimumIterationCount or manually updated by a maintainer
DEFAULT_MAX_ALLOWED_KEY_LENGTH - Static variable in class org.apache.nifi.security.util.crypto.CipherUtility
DEFAULT_N - Static variable in class org.apache.nifi.security.util.crypto.ScryptCipherProvider: These values can be calculated automatically using the code ScryptCipherProviderGroovyTest#calculateMinimumParameters or manually updated by a maintainer
DEFAULT_P - Static variable in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
DEFAULT_PRF - Static variable in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
DEFAULT_R - Static variable in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
DEFAULT_SALT_LENGTH - Static variable in class org.apache.nifi.security.util.crypto.BcryptCipherProvider
DEFAULT_SALT_LENGTH - Static variable in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
DEFAULT_SALT_LENGTH - Static variable in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
DEFAULT_SALT_LENGTH - Static variable in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
DEFAULT_WORK_FACTOR - Static variable in class org.apache.nifi.security.util.crypto.BcryptCipherProvider: This can be calculated automatically using the code BcryptCipherProviderGroovyTest#calculateMinimumWorkFactor or manually updated by a maintainer
delegateRead(SafeXMLConfiguration.XMLReader) - Method in class org.apache.nifi.security.xml.SafeXMLConfiguration
deriveScryptKey(byte[], byte[], int, int, int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt: Implementation of the scrypt KDF.
description - Variable in enum org.apache.nifi.security.util.CertificateUtils.ClientAuth
description - Variable in enum org.apache.nifi.security.util.crypto.HashAlgorithm
description - Variable in enum org.apache.nifi.security.util.KeyDerivationFunction
determineKeyProviderImplementationClassName(RepositoryType) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils: Utility method which returns the KeyProvider implementation class name for a given repository type.
determineType(String) - Static method in enum org.apache.nifi.security.repository.RepositoryType: Uses loose string matching to determine the repository type from input.
digestBytesLength - Variable in enum org.apache.nifi.security.util.crypto.HashAlgorithm
DISALLOW_DOCTYPES - Static variable in class org.apache.nifi.security.xml.SafeXMLConfiguration
dnOrderMap - Static variable in class org.apache.nifi.security.util.CertificateUtils
doAs(PrivilegedAction<T>) - Method in class org.apache.nifi.security.krb.AbstractKerberosUser: Executes the PrivilegedAction as this user.
doAs(PrivilegedExceptionAction<T>) - Method in class org.apache.nifi.security.krb.AbstractKerberosUser: Executes the PrivilegedAction as this user.
doAs(PrivilegedAction<T>) - Method in interface org.apache.nifi.security.krb.KerberosUser: Executes the given action as the given user.
doAs(PrivilegedExceptionAction<T>) - Method in interface org.apache.nifi.security.krb.KerberosUser: Executes the given action as the given user.

E

EM_END_SENTINEL - Static variable in class org.apache.nifi.security.repository.AbstractAESEncryptor
EM_START_SENTINEL - Static variable in class org.apache.nifi.security.repository.AbstractAESEncryptor
EM_START_SENTINEL - Static variable in class org.apache.nifi.security.repository.stream.aes.RepositoryObjectAESCTREncryptor
EMPTY_IV - Static variable in class org.apache.nifi.security.repository.AbstractAESEncryptor
EMPTY_IV - Static variable in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
EMPTY_SALT - Static variable in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
encodeBase64NoPadding(byte[]) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
encodeParams(int, int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
encrypt(byte[], String, String) - Method in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor: Encrypts the serialized byte[].
encrypt(byte[], String, String) - Method in interface org.apache.nifi.security.repository.block.RepositoryObjectBlockEncryptor: Encrypts the serialized byte[].
encrypt(OutputStream, String, String) - Method in class org.apache.nifi.security.repository.stream.aes.RepositoryObjectAESCTREncryptor: Returns an OutputStream which encrypts the content of the provided OutputStream.
encrypt(OutputStream, String, String) - Method in interface org.apache.nifi.security.repository.stream.RepositoryObjectStreamEncryptor: Encrypts the serialized byte[].
encryptAndWriteFully(BufferStateManager) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
ENCRYPTED_FSR_CLASS_NAME - Static variable in class org.apache.nifi.security.kms.CryptoUtils
EncryptionException - Exception in org.apache.nifi.security.kms: Class used to denote a problem configuring encryption services or encrypting/decrypting data.
EncryptionException(String) - Constructor for exception org.apache.nifi.security.kms.EncryptionException: Constructs a new exception with the specified detail message.
EncryptionException(String, Throwable) - Constructor for exception org.apache.nifi.security.kms.EncryptionException: Constructs a new exception with the specified detail message and cause.
EncryptionException(Throwable) - Constructor for exception org.apache.nifi.security.kms.EncryptionException: Constructs a new exception with the specified cause and a detail message of (cause==null ? null : cause.toString()) (which typically contains the class and detail message of cause).
EncryptionException(String, Throwable, boolean, boolean) - Constructor for exception org.apache.nifi.security.kms.EncryptionException: Constructs a new exception with the specified detail message, cause, suppression enabled or disabled, and writable stack trace enabled or disabled.
encryptionKeyId - Variable in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration
encryptionKeys - Variable in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration
EncryptionMethod - Enum in org.apache.nifi.security.util: Enumeration capturing essential information about the various encryption methods that might be supported.
EncryptionMethod(String, String, boolean, boolean) - Constructor for enum org.apache.nifi.security.util.EncryptionMethod
encryptionProcess - Variable in enum org.apache.nifi.security.repository.RepositoryType
engine - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
escapeLiteralBackReferences(String, int) - Static method in class org.apache.nifi.authorization.util.IdentityMappingUtil
EWAFFR_CLASS_NAME - Static variable in class org.apache.nifi.security.kms.CryptoUtils
EWAPR_CLASS_NAME - Static variable in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
execute() - Method in class org.apache.nifi.security.krb.KerberosAction
extractCipherBytes(byte[], RepositoryObjectEncryptionMetadata) - Method in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor
extractCipherBytes(byte[], RepositoryObjectEncryptionMetadata) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
extractEncryptionMetadata(byte[]) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
extractEncryptionMetadata(InputStream) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
extractKeyFromBootstrapFile() - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns the key (if any) used to encrypt sensitive properties, extracted from $NIFI_HOME/conf/bootstrap.conf.
extractKeyFromBootstrapFile(String) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns the key (if any) used to encrypt sensitive properties, extracted from $NIFI_HOME/conf/bootstrap.conf.
extractPeerDNFromClientSSLSocket(SSLSocket) - Static method in class org.apache.nifi.security.util.CertificateUtils: Returns the DN extracted from the client certificate.
extractPeerDNFromServerSSLSocket(Socket) - Static method in class org.apache.nifi.security.util.CertificateUtils: Returns the DN extracted from the server certificate.
extractPeerDNFromSSLSocket(Socket) - Static method in class org.apache.nifi.security.util.CertificateUtils: Returns the DN extracted from the peer certificate (the server DN if run on the client; the client DN (if available) if run on the server).
extractUsername(String) - Static method in class org.apache.nifi.security.util.CertificateUtils: Extracts the username from the specified DN.

F

FILE_BASED_KEY_PROVIDER_CLASS_NAME - Static variable in class org.apache.nifi.security.kms.CryptoUtils
FileBasedKeyProvider - Class in org.apache.nifi.security.kms
FileBasedKeyProvider(String, SecretKey) - Constructor for class org.apache.nifi.security.kms.FileBasedKeyProvider
filepath - Variable in class org.apache.nifi.security.kms.FileBasedKeyProvider
FlowFileRepositoryEncryptionConfiguration - Class in org.apache.nifi.security.repository.config
FlowFileRepositoryEncryptionConfiguration(NiFiProperties) - Constructor for class org.apache.nifi.security.repository.config.FlowFileRepositoryEncryptionConfiguration: Constructor which accepts a NiFiProperties object and extracts the relevant property values directly.
FlowFileRepositoryEncryptionConfiguration(String, String, String, Map<String, String>, String) - Constructor for class org.apache.nifi.security.repository.config.FlowFileRepositoryEncryptionConfiguration: Constructor which accepts explicit values for each configuration value.
forAlgorithm(String) - Static method in enum org.apache.nifi.security.util.EncryptionMethod
formatHash(byte[], int, int, int, byte[]) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
formatSalt(byte[], int, int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
formatSaltForBcrypt(byte[]) - Method in class org.apache.nifi.security.util.crypto.BcryptCipherProvider
formatSaltForScrypt(byte[]) - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider: Formats the salt into a string which Scrypt can understand containing the N, r, p values along with the salt value.
formKeyFromHex(String) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns a SecretKey formed from the hexadecimal key bytes (validity is checked).
formX509Certificate(byte[]) - Static method in class org.apache.nifi.security.util.CertificateUtils
fromName(String) - Static method in enum org.apache.nifi.security.util.crypto.HashAlgorithm
fromNiFiProperties(NiFiProperties, RepositoryType) - Static method in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration

G

generateIssuedCertificate(String, PublicKey, X509Certificate, KeyPair, String, int) - Static method in class org.apache.nifi.security.util.CertificateUtils: Generates an issued X509Certificate from the given issuer certificate and KeyPair
generateIssuedCertificate(String, PublicKey, Extensions, X509Certificate, KeyPair, String, int) - Static method in class org.apache.nifi.security.util.CertificateUtils: Generates an issued X509Certificate from the given issuer certificate and KeyPair
generateIV() - Method in class org.apache.nifi.security.util.crypto.AESKeyedCipherProvider: Generates a new random IV of 16 bytes using SecureRandom.
generateIV() - Method in class org.apache.nifi.security.util.crypto.KeyedCipherProvider: Generates a new random IV of the correct length.
generateSalt() - Method in class org.apache.nifi.security.util.crypto.BcryptCipherProvider
generateSalt(EncryptionMethod) - Method in class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.
generateSalt() - Method in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
generateSalt() - Method in interface org.apache.nifi.security.util.crypto.PBECipherProvider: Returns a random salt suitable for this cipher provider.
generateSalt() - Method in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
generateSalt() - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
generateSelfSignedX509Certificate(KeyPair, String, String, int) - Static method in class org.apache.nifi.security.util.CertificateUtils: Generates a self-signed X509Certificate suitable for use as a Certificate Authority.
getAlgorithm() - Method in enum org.apache.nifi.security.util.EncryptionMethod
getAppConfigurationEntry(String) - Method in class org.apache.nifi.security.krb.KerberosPasswordUser.PasswordConfig
getAppConfigurationEntry(String) - Method in class org.apache.nifi.security.krb.KeytabConfiguration
getAvailableKeyIds() - Method in interface org.apache.nifi.security.kms.KeyProvider: Returns a list of available key identifiers (useful for encryption, as retired keys may not be listed here even if they are available for decryption for legacy/BC reasons).
getAvailableKeyIds() - Method in class org.apache.nifi.security.kms.StaticKeyProvider: Returns a singleton list of the available key identifier.
getCipher(EncryptionMethod, SecretKey, byte[], boolean) - Method in class org.apache.nifi.security.util.crypto.AESKeyedCipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, SecretKey, boolean) - Method in class org.apache.nifi.security.util.crypto.AESKeyedCipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, String, byte[], byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.BcryptCipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, String, byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.BcryptCipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, SecretKey, byte[], boolean) - Method in class org.apache.nifi.security.util.crypto.KeyedCipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, SecretKey, boolean) - Method in class org.apache.nifi.security.util.crypto.KeyedCipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, String, byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.

Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, String, byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, String, boolean) - Method in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider: Convenience method without key length parameter.
getCipher(EncryptionMethod, String, byte[], boolean) - Method in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider: Convenience method without key length parameter.
getCipher(EncryptionMethod, String, byte[], int, boolean) - Method in interface org.apache.nifi.security.util.crypto.PBECipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, String, byte[], byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, String, byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, String, byte[], byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, String, byte[], byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider: Returns an initialized cipher for the specified algorithm.
getCipher(EncryptionMethod, String, byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider: Returns an initialized cipher for the specified algorithm.
getCipherProvider(KeyDerivationFunction) - Static method in class org.apache.nifi.security.util.crypto.CipherProviderFactory
getClientAuthStatus(SSLSocket) - Static method in class org.apache.nifi.security.util.CertificateUtils
getDefaultFilePath() - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns the default file path to $NIFI_HOME/conf/nifi.properties.
getDefaultKeyLengthForCipher(String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
getDefaultSaltLength() - Method in class org.apache.nifi.security.util.crypto.BcryptCipherProvider
getDefaultSaltLength() - Method in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
getDefaultSaltLength() - Method in interface org.apache.nifi.security.util.crypto.PBECipherProvider: Returns the default salt length for this implementation.
getDefaultSaltLength() - Method in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
getDefaultSaltLength() - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
getDefaultSaltLength() - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
getDescription() - Method in enum org.apache.nifi.security.util.crypto.HashAlgorithm
getDescription() - Method in enum org.apache.nifi.security.util.KeyDerivationFunction
getDigestBytesLength() - Method in enum org.apache.nifi.security.util.crypto.HashAlgorithm
getDn() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
getEncryptionKeyId() - Method in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration: Returns the "active" encryption key id.
getEncryptionKeys() - Method in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration: Returns a map of all available encryption keys indexed by the key id if using StaticKeyProvider.
getEncryptionProcess() - Method in enum org.apache.nifi.security.repository.RepositoryType
getExtensionsFromCSR(JcaPKCS10CertificationRequest) - Static method in class org.apache.nifi.security.util.CertificateUtils: Extract extensions from CSR object
getGroupMappings(NiFiProperties) - Static method in class org.apache.nifi.authorization.util.IdentityMappingUtil: Buils the group mappings from NiFiProperties.
getIdentityMappings(NiFiProperties) - Static method in class org.apache.nifi.authorization.util.IdentityMappingUtil: Builds the identity mappings from NiFiProperties.
getInitializedCipher(EncryptionMethod, SecretKey, byte[], boolean) - Method in class org.apache.nifi.security.util.crypto.AESKeyedCipherProvider
getInitializedCipher(EncryptionMethod, String, byte[], byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.BcryptCipherProvider
getInitializedCipher(EncryptionMethod, String, byte[], boolean) - Method in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
getInitializedCipher(EncryptionMethod, String, byte[], byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
getInitializedCipher(EncryptionMethod, String, byte[], byte[], int, boolean) - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
getIterationCount() - Method in class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.
getIterationCount() - Method in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
getIterationCount() - Method in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
getIterationCountForAlgorithm(String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility: Returns the KDF iteration count for various PBE algorithms.
getKey() - Method in class org.apache.nifi.authorization.util.IdentityMapping
getKey(String) - Method in interface org.apache.nifi.security.kms.KeyProvider: Returns the key identified by this ID or throws an exception if one is not available.
getKey(String) - Method in class org.apache.nifi.security.kms.StaticKeyProvider: Returns the key identified by this ID or throws an exception if one is not available.
getKeyProviderImplementation() - Method in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration: Returns the class name of the KeyProvider implementation used.
getKeyProviderLocation() - Method in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration: Returns the location of the key provider.
getKeyStore(String) - Static method in class org.apache.nifi.security.util.KeyStoreUtils: Returns an empty KeyStore backed by the appropriate provider
getKeyStoreProvider(String) - Static method in class org.apache.nifi.security.util.KeyStoreUtils: Returns the provider that will be used for the given keyStoreType
getKeytabFile() - Method in class org.apache.nifi.security.krb.KerberosKeytabUser
getKeytabFile() - Method in class org.apache.nifi.security.krb.KeytabConfiguration
getLogger() - Method in class org.apache.nifi.security.util.crypto.BcryptCipherProvider
getLogger() - Method in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
getLogger() - Method in class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider
getLogger() - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
getMappings(NiFiProperties, String, String, String, Supplier<String>) - Static method in class org.apache.nifi.authorization.util.IdentityMappingUtil
getMasterKey() - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns the master key from the bootstrap.conf file used to encrypt various sensitive properties and data encryption keys.
getMaximumPasswordLengthForAlgorithmOnLimitedStrengthCrypto(EncryptionMethod) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
getN() - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
getName() - Method in enum org.apache.nifi.security.repository.RepositoryType
getName() - Method in enum org.apache.nifi.security.util.crypto.HashAlgorithm
getName() - Method in enum org.apache.nifi.security.util.KeyDerivationFunction
getNextKeyId() - Method in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor: Returns a valid key identifier for this encryptor (valid for encryption and decryption) or throws an exception if none are available.
getNextKeyId() - Method in interface org.apache.nifi.security.repository.block.RepositoryObjectBlockEncryptor: Returns a valid key identifier for this encryptor (valid for encryption and decryption) or throws an exception if none are available.
getNextKeyId() - Method in class org.apache.nifi.security.repository.stream.aes.RepositoryObjectAESCTREncryptor: Returns a valid key identifier for this encryptor (valid for encryption and decryption) or throws an exception if none are available.
getNextKeyId() - Method in interface org.apache.nifi.security.repository.stream.RepositoryObjectStreamEncryptor: Returns a valid key identifier for this encryptor (valid for encryption and decryption) or throws an exception if none are available.
getP() - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
getPackagePath() - Method in enum org.apache.nifi.security.repository.RepositoryType
getPattern() - Method in class org.apache.nifi.authorization.util.IdentityMapping
getPRFName() - Method in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
getPrincipal() - Method in class org.apache.nifi.security.krb.AbstractKerberosUser
getPrincipal() - Method in interface org.apache.nifi.security.krb.KerberosUser
getPrincipal() - Method in class org.apache.nifi.security.krb.KeytabConfiguration
getProvider() - Method in enum org.apache.nifi.security.util.EncryptionMethod
getR() - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
getRealm(String) - Static method in class org.apache.nifi.security.util.krb.KerberosPrincipalParser: Determines the realm specified in the given kerberos principal.
getRefreshTime(KerberosTicket) - Method in class org.apache.nifi.security.krb.AbstractKerberosUser
getReplacementValue() - Method in class org.apache.nifi.authorization.util.IdentityMapping
getRepositoryImplementation() - Method in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration: Returns the class name for the repository implementation.
getRepositoryType() - Method in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration: Returns the RepositoryType enum identifying this repository.
getSaltLengthForAlgorithm(String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility: Returns the salt length for various PBE algorithms.
getStorePasswordProperty() - Method in enum org.apache.nifi.security.util.SecurityStoreTypes: Returns the keystore (or truststore) password property.
getStoreProperty() - Method in enum org.apache.nifi.security.util.SecurityStoreTypes: Returns the keystore (or truststore) property.
getStoreTypeProperty() - Method in enum org.apache.nifi.security.util.SecurityStoreTypes: Returns the keystore (or truststore) type property.
getSubject() - Method in class org.apache.nifi.security.krb.AbstractKerberosUser
getSubject() - Method in class org.apache.nifi.security.krb.KerberosKeytabUser
getSubjectAlternativeNames(X509Certificate) - Static method in class org.apache.nifi.security.util.CertificateUtils: Returns a list of subject alternative names.
getSupportedCharsets() - Static method in class org.apache.nifi.security.util.crypto.HashService: Returns a List of supported Charsets on this platform.
getTGT() - Method in class org.apache.nifi.security.krb.AbstractKerberosUser: Get the Kerberos TGT.
getTimeout() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
getTransform() - Method in class org.apache.nifi.authorization.util.IdentityMapping
getTrustStore(String) - Static method in class org.apache.nifi.security.util.KeyStoreUtils: Returns an empty KeyStore intended for use as a TrustStore backed by the appropriate provider
getUniqueSerialNumber() - Static method in class org.apache.nifi.security.util.CertificateUtils: Generates a unique serial number by using the current time in milliseconds left shifted 32 bits (to make room for incrementor) with an incrementor added
getValidKeyLengthsForAlgorithm(String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility: Returns a list of valid key lengths in bits for this algorithm.
getWorkFactor() - Method in class org.apache.nifi.security.util.crypto.BcryptCipherProvider

H

handle(Callback[]) - Method in class org.apache.nifi.security.krb.KerberosPasswordUser.UsernamePasswordCallbackHandler
handleLegacyPackages(String) - Static method in class org.apache.nifi.security.kms.CryptoUtils
handshaking - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
HashAlgorithm - Enum in org.apache.nifi.security.util.crypto: Enumeration capturing information about the cryptographic hash algorithms
HashAlgorithm(String, int, String) - Constructor for enum org.apache.nifi.security.util.crypto.HashAlgorithm
HashService - Class in org.apache.nifi.security.util.crypto: This class provides a generic service for cryptographic hashing.
HashService() - Constructor for class org.apache.nifi.security.util.crypto.HashService
hashValue(HashAlgorithm, String, Charset) - Static method in class org.apache.nifi.security.util.crypto.HashService: Returns the hex-encoded hash of the specified value.
hashValue(HashAlgorithm, String) - Static method in class org.apache.nifi.security.util.crypto.HashService: Returns the hex-encoded hash of the specified value.
hashValueRaw(HashAlgorithm, String, Charset) - Static method in class org.apache.nifi.security.util.crypto.HashService: Returns the raw byte[] hash of the specified value.
hashValueRaw(HashAlgorithm, String) - Static method in class org.apache.nifi.security.util.crypto.HashService: Returns the raw byte[] hash of the specified value.
hashValueRaw(HashAlgorithm, byte[]) - Static method in class org.apache.nifi.security.util.crypto.HashService: Returns the raw byte[] hash of the specified value.
hashValueStreaming(HashAlgorithm, InputStream) - Static method in class org.apache.nifi.security.util.crypto.HashService: Returns the hash of the specified value.
HEX_PATTERN - Static variable in class org.apache.nifi.security.kms.CryptoUtils
hostname - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel

I

IBM_KRB5_LOGIN_MODULE - Static variable in interface org.apache.nifi.security.krb.ConfigurationUtil
IdentityMapping - Class in org.apache.nifi.authorization.util: Holder to pass around the key, pattern, and replacement from an identity mapping in NiFiProperties.
IdentityMapping(String, Pattern, String) - Constructor for class org.apache.nifi.authorization.util.IdentityMapping
IdentityMapping(String, Pattern, String, IdentityMapping.Transform) - Constructor for class org.apache.nifi.authorization.util.IdentityMapping
IdentityMapping.Transform - Enum in org.apache.nifi.authorization.util
IdentityMappingUtil - Class in org.apache.nifi.authorization.util
IdentityMappingUtil() - Constructor for class org.apache.nifi.authorization.util.IdentityMappingUtil
initCipher(AESKeyedCipherProvider, EncryptionMethod, int, SecretKey, byte[]) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
initFileLocator(FileLocator) - Method in class org.apache.nifi.security.xml.SafeXMLConfiguration
initialize(KeyProvider) - Method in class org.apache.nifi.security.repository.AbstractAESEncryptor: Initializes the encryptor with a KeyProvider.
initialize(KeyProvider) - Method in interface org.apache.nifi.security.repository.block.RepositoryObjectBlockEncryptor: Initializes the encryptor with a KeyProvider.
initialize(KeyProvider) - Method in interface org.apache.nifi.security.repository.RepositoryObjectEncryptor
initialize(KeyProvider) - Method in interface org.apache.nifi.security.repository.stream.RepositoryObjectStreamEncryptor: Initializes the encryptor with a KeyProvider.
initPBECipher(String, String, String, byte[], int, boolean) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility: Initializes a Cipher object with the given PBE parameters.
integerify(byte[], int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
interrupt() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
interrupted - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
IS_IBM - Static variable in interface org.apache.nifi.security.krb.ConfigurationUtil
isBlake2() - Method in enum org.apache.nifi.security.util.crypto.HashAlgorithm: Returns true if this hash algorithm is Blake2, as it requires different initialization through BouncyCastle.
isClosed() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
isCompatibleWithStrongKDFs() - Method in enum org.apache.nifi.security.util.EncryptionMethod
isContentRepositoryEncryptionConfigured(NiFiProperties) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils: Returns true if the content repository is correctly configured for an encrypted implementation.
isDataAvailable() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
isDataAvailable() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelInputStream
isEmpty(String) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Utility method which returns true if the string is null, empty, or entirely whitespace.
isFlowFileRepositoryEncryptionConfigured(NiFiProperties) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils: Returns true if the flowfile repository is correctly configured for an encrypted implementation.
isHexString(String) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns true if the input is valid hexadecimal (does not enforce length and is case-insensitive).
isKeyedCipher(String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
isKeyedCipher() - Method in enum org.apache.nifi.security.util.EncryptionMethod
isKeyPasswordCorrect(URL, KeystoreType, char[], char[]) - Static method in class org.apache.nifi.security.util.KeyStoreUtils: Returns true if the given keystore can be loaded using the given keystore type and password and the default (first) alias can be retrieved with the key-specific password.
isLoggedIn() - Method in class org.apache.nifi.security.krb.AbstractKerberosUser
isLoggedIn() - Method in interface org.apache.nifi.security.krb.KerberosUser
isPBECipher(String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
isPBECipher() - Method in enum org.apache.nifi.security.util.EncryptionMethod
isProvenanceRepositoryEncryptionConfigured(NiFiProperties) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils: Returns true if the provenance repository is correctly configured for an encrypted implementation.
isPValid(int, int) - Static method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider: Returns whether the provided parallelization factor (p value) is within boundaries.
isRepositoryEncryptionConfigured(NiFiProperties, RepositoryType) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils: Returns true if the specified repository is correctly configured for an encrypted implementation.
isRValid(int) - Static method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider: Returns whether the provided block size (r value) is a positive integer or not.
isStoreValid(URL, KeystoreType, char[]) - Static method in class org.apache.nifi.security.util.KeyStoreUtils: Returns true if the given keystore can be loaded using the given keystore type and password.
isStrongAlgorithm() - Method in enum org.apache.nifi.security.util.crypto.HashAlgorithm: Returns true if this algorithm is considered cryptographically secure.
isStrongKDF() - Method in enum org.apache.nifi.security.util.KeyDerivationFunction
isTGSPrincipal(KerberosPrincipal) - Method in class org.apache.nifi.security.krb.AbstractKerberosUser: TGS must have the server principal of the form "krbtgt/FOO@FOO".
isUnlimitedStrength() - Method in enum org.apache.nifi.security.util.EncryptionMethod
isUnlimitedStrengthCryptoAvailable() - Static method in class org.apache.nifi.security.kms.CryptoUtils
isUnlimitedStrengthCryptoSupported() - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
isValidKeyLength(SecretKey) - Method in class org.apache.nifi.security.util.crypto.AESKeyedCipherProvider
isValidKeyLength(int, String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility: Returns true if the provided key length is a valid key length for the provided cipher family.
isValidKeyLengthForAlgorithm(int, String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility: Returns true if the provided key length is a valid key length for the provided algorithm.
isValidKeyProvider(String, String, String, Map<String, String>) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns true if the provided configuration values successfully define the specified KeyProvider.
isValidRepositoryEncryptionConfiguration(RepositoryEncryptionConfiguration) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns true if the provided configuration values are valid (shallow evaluation only; does not validate the keys contained in a FileBasedKeyProvider).
isXXERelatedException(ConfigurationException) - Method in class org.apache.nifi.security.xml.SafeXMLConfiguration: Determine if the ConfigurationException was thrown because the XML configuration file contains an external entity (XXE).
ITERATION_COUNT - Static variable in class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.
ITERATION_COUNT - Static variable in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
iterationCount - Variable in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
IV_DELIMITER - Static variable in class org.apache.nifi.security.util.crypto.KeyedCipherProvider
IV_DELIMITER - Static variable in class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider
IV_LENGTH - Static variable in class org.apache.nifi.security.kms.CryptoUtils
IV_LENGTH - Static variable in class org.apache.nifi.security.repository.AbstractAESEncryptor
IV_LENGTH - Static variable in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
IV_LENGTH - Static variable in class org.apache.nifi.security.util.crypto.AESKeyedCipherProvider
ivBytes - Variable in class org.apache.nifi.security.repository.RepositoryObjectEncryptionMetadata

J

JAXP_SCHEMA_LANGUAGE - Static variable in class org.apache.nifi.security.xml.SafeXMLConfiguration

K

KerberosAction<T> - Class in org.apache.nifi.security.krb: Helper class for processors to perform an action as a KerberosUser.
KerberosAction(KerberosUser, PrivilegedExceptionAction<T>, ComponentLog) - Constructor for class org.apache.nifi.security.krb.KerberosAction
kerberosKeytabConfigEntry - Variable in class org.apache.nifi.security.krb.KeytabConfiguration
KerberosKeytabUser - Class in org.apache.nifi.security.krb: Used to authenticate and execute actions when Kerberos is enabled and a keytab is being used.
KerberosKeytabUser(String, String) - Constructor for class org.apache.nifi.security.krb.KerberosKeytabUser
KerberosPasswordUser - Class in org.apache.nifi.security.krb: KerberosUser that authenticates via username and password instead of keytab.
KerberosPasswordUser(String, String) - Constructor for class org.apache.nifi.security.krb.KerberosPasswordUser
KerberosPasswordUser.PasswordConfig - Class in org.apache.nifi.security.krb: JAAS Configuration to use when logging in with username/password.
KerberosPasswordUser.UsernamePasswordCallbackHandler - Class in org.apache.nifi.security.krb: CallbackHandler that provides the given username and password.
KerberosPrincipalParser - Class in org.apache.nifi.security.util.krb
KerberosPrincipalParser() - Constructor for class org.apache.nifi.security.util.krb.KerberosPrincipalParser
kerberosUser - Variable in class org.apache.nifi.security.krb.KerberosAction
KerberosUser - Interface in org.apache.nifi.security.krb: A keytab-based user that can login/logout and perform actions as the given user.
key - Variable in class org.apache.nifi.authorization.util.IdentityMapping
KEY_LENGTH_PATTERN - Static variable in class org.apache.nifi.security.util.crypto.CipherUtility
KeyDerivationFunction - Enum in org.apache.nifi.security.util: Enumeration capturing essential information about the various key derivation functions that might be supported.
KeyDerivationFunction(String, String) - Constructor for enum org.apache.nifi.security.util.KeyDerivationFunction
KeyedCipherProvider - Class in org.apache.nifi.security.util.crypto
KeyedCipherProvider() - Constructor for class org.apache.nifi.security.util.crypto.KeyedCipherProvider
keyExists(String) - Method in interface org.apache.nifi.security.kms.KeyProvider: Returns true if the key exists and is available.
keyExists(String) - Method in class org.apache.nifi.security.kms.StaticKeyProvider: Returns true if the key exists and is available.
keyId - Variable in class org.apache.nifi.security.repository.RepositoryObjectEncryptionMetadata
keyIsValid(String) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns true if the provided key is valid hex and is the correct length for the current system's JCE policies.
KeyProvider - Interface in org.apache.nifi.security.kms
keyProvider - Variable in class org.apache.nifi.security.repository.AbstractAESEncryptor
KeyProviderFactory - Class in org.apache.nifi.security.kms: Factory class to build KeyProvider instances.
KeyProviderFactory() - Constructor for class org.apache.nifi.security.kms.KeyProviderFactory
keyProviderImplementation - Variable in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration
keyProviderLocation - Variable in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration
keys - Variable in class org.apache.nifi.security.kms.StaticKeyProvider
KeystoreType - Enum in org.apache.nifi.security.util: Keystore types.
KeystoreType() - Constructor for enum org.apache.nifi.security.util.KeystoreType
KeyStoreUtils - Class in org.apache.nifi.security.util
KeyStoreUtils() - Constructor for class org.apache.nifi.security.util.KeyStoreUtils
KeytabConfiguration - Class in org.apache.nifi.security.krb: Custom JAAS Configuration object for a provided principal and keytab.
KeytabConfiguration(String, String) - Constructor for class org.apache.nifi.security.krb.KeytabConfiguration
keytabFile - Variable in class org.apache.nifi.security.krb.KerberosKeytabUser
keytabFile - Variable in class org.apache.nifi.security.krb.KeytabConfiguration

L

lastSerialNumberMillis - Static variable in class org.apache.nifi.security.util.CertificateUtils: The time in milliseconds that the last unique serial number was generated
LEGACY_FBKP_FQCN - Static variable in class org.apache.nifi.security.kms.CryptoUtils
LEGACY_SKP_FQCN - Static variable in class org.apache.nifi.security.kms.CryptoUtils
length - Variable in class org.apache.nifi.security.repository.RepositoryObjectEncryptionMetadata
length() - Method in class org.apache.nifi.security.repository.RepositoryObjectEncryptionMetadata
log2(int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
loggedIn - Variable in class org.apache.nifi.security.krb.AbstractKerberosUser
LOGGER - Static variable in class org.apache.nifi.authorization.util.IdentityMappingUtil
logger - Static variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
logger - Static variable in class org.apache.nifi.security.kms.CryptoUtils
logger - Static variable in class org.apache.nifi.security.kms.FileBasedKeyProvider
logger - Static variable in class org.apache.nifi.security.kms.KeyProviderFactory
logger - Static variable in class org.apache.nifi.security.kms.StaticKeyProvider
LOGGER - Static variable in class org.apache.nifi.security.krb.AbstractKerberosUser
logger - Variable in class org.apache.nifi.security.krb.KerberosAction
logger - Static variable in class org.apache.nifi.security.repository.AbstractAESEncryptor
logger - Static variable in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor
logger - Static variable in class org.apache.nifi.security.repository.config.ContentRepositoryEncryptionConfiguration
logger - Static variable in class org.apache.nifi.security.repository.config.FlowFileRepositoryEncryptionConfiguration
logger - Static variable in class org.apache.nifi.security.repository.config.ProvenanceRepositoryEncryptionConfiguration
logger - Static variable in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
logger - Static variable in enum org.apache.nifi.security.repository.RepositoryType
logger - Static variable in class org.apache.nifi.security.repository.stream.aes.RepositoryObjectAESCTREncryptor
logger - Static variable in class org.apache.nifi.security.util.CertificateUtils
logger - Static variable in class org.apache.nifi.security.util.crypto.AESKeyedCipherProvider
logger - Static variable in class org.apache.nifi.security.util.crypto.BcryptCipherProvider
logger - Static variable in class org.apache.nifi.security.util.crypto.CipherProviderFactory
logger - Static variable in class org.apache.nifi.security.util.crypto.HashService
logger - Static variable in class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.
logger - Static variable in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
logger - Static variable in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
logger - Static variable in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
logger - Static variable in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
logger - Static variable in class org.apache.nifi.security.util.KeyStoreUtils
logger - Static variable in class org.apache.nifi.security.xml.XXEValidator
login() - Method in class org.apache.nifi.security.krb.AbstractKerberosUser: Performs a login using the specified principal and keytab.
login() - Method in interface org.apache.nifi.security.krb.KerberosUser: Performs a login for the given user.
loginContext - Variable in class org.apache.nifi.security.krb.AbstractKerberosUser
logout() - Method in class org.apache.nifi.security.krb.AbstractKerberosUser: Performs a logout of the current user.
logout() - Method in interface org.apache.nifi.security.krb.KerberosUser: Performs a logout for the given user.
logProperties(Writer, boolean) - Static method in enum org.apache.nifi.security.util.SecurityStoreTypes: Logs the keystore and truststore Java system property values to the given writer.

M

mapIdentity(String, List<IdentityMapping>) - Static method in class org.apache.nifi.authorization.util.IdentityMappingUtil: Checks the given identity against each provided mapping and performs the mapping using the first one that matches.
MAX_IV_LIMIT - Static variable in class org.apache.nifi.security.util.crypto.KeyedCipherProvider
MAX_IV_LIMIT - Static variable in class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider
MAX_PASSWORD_LENGTH_BY_ALGORITHM - Static variable in class org.apache.nifi.security.util.crypto.CipherUtility
MAX_SALT_LIMIT - Static variable in class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider
MAX_WRITE_SIZE - Static variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
MCRYPT_SALT_FORMAT - Static variable in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
METADATA_DEFAULT_LENGTH - Static variable in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor
METADATA_DEFAULT_LENGTH - Static variable in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
millisecondBigInteger - Static variable in class org.apache.nifi.security.util.CertificateUtils: BigInteger value to use for the base of the unique serial number
MIN_METADATA_LENGTH - Static variable in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor
MIN_METADATA_LENGTH - Static variable in class org.apache.nifi.security.repository.RepositoryEncryptorUtils

N

n - Variable in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
name - Variable in enum org.apache.nifi.security.repository.RepositoryType
name - Variable in enum org.apache.nifi.security.util.crypto.HashAlgorithm
name - Variable in enum org.apache.nifi.security.util.KeyDerivationFunction
NiFiLegacyCipherProvider - Class in org.apache.nifi.security.util.crypto: Deprecated.
NiFiLegacyCipherProvider() - Constructor for class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.

O

oneByteBuffer - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
OPENSSL_EVP_HEADER_MARKER - Static variable in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
OPENSSL_EVP_HEADER_SIZE - Static variable in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
OpenSSLPKCS5CipherProvider - Class in org.apache.nifi.security.util.crypto
OpenSSLPKCS5CipherProvider() - Constructor for class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
org.apache.nifi.authorization.util - package org.apache.nifi.authorization.util
org.apache.nifi.remote.io.socket.ssl - package org.apache.nifi.remote.io.socket.ssl
org.apache.nifi.security.kms - package org.apache.nifi.security.kms
org.apache.nifi.security.krb - package org.apache.nifi.security.krb
org.apache.nifi.security.repository - package org.apache.nifi.security.repository
org.apache.nifi.security.repository.block - package org.apache.nifi.security.repository.block
org.apache.nifi.security.repository.block.aes - package org.apache.nifi.security.repository.block.aes
org.apache.nifi.security.repository.config - package org.apache.nifi.security.repository.config
org.apache.nifi.security.repository.stream - package org.apache.nifi.security.repository.stream
org.apache.nifi.security.repository.stream.aes - package org.apache.nifi.security.repository.stream.aes
org.apache.nifi.security.util - package org.apache.nifi.security.util
org.apache.nifi.security.util.crypto - package org.apache.nifi.security.util.crypto
org.apache.nifi.security.util.crypto.scrypt - package org.apache.nifi.security.util.crypto.scrypt
org.apache.nifi.security.util.krb - package org.apache.nifi.security.util.krb
org.apache.nifi.security.xml - package org.apache.nifi.security.xml

P

p - Variable in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
packagePath - Variable in enum org.apache.nifi.security.repository.RepositoryType
parseActualKeyLengthFromAlgorithm(String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
parseCipherFromAlgorithm(String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility: Returns the cipher algorithm from the full algorithm name.
parseKeyLengthFromAlgorithm(String) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility: Returns the cipher key length from the full algorithm name.
parseParameters(String) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt: Parses the individual values from the encoded params value in the modified-mcrypt format for the salt & hash.
parseSalt(String, byte[], List<Integer>) - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
password - Variable in class org.apache.nifi.security.krb.KerberosPasswordUser
password - Variable in class org.apache.nifi.security.krb.KerberosPasswordUser.UsernamePasswordCallbackHandler
PasswordConfig() - Constructor for class org.apache.nifi.security.krb.KerberosPasswordUser.PasswordConfig
passwordLengthIsValidForAlgorithmOnLimitedStrengthCrypto(int, EncryptionMethod) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
pattern - Variable in class org.apache.nifi.authorization.util.IdentityMapping
PBECipherProvider - Interface in org.apache.nifi.security.util.crypto
pbkdf2(String, byte[], byte[], int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt: Implementation of PBKDF2 (RFC2898).
pbkdf2(Mac, byte[], int, byte[], int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt: Implementation of PBKDF2 (RFC2898).
PBKDF2CipherProvider - Class in org.apache.nifi.security.util.crypto
PBKDF2CipherProvider() - Constructor for class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider: Instantiates a PBKDF2 cipher provider with the default number of iterations and the default PRF.
PBKDF2CipherProvider(String, int) - Constructor for class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider: Instantiates a PBKDF2 cipher provider with the specified number of iterations and the specified PRF.
PEER_NOT_AUTHENTICATED_MSG - Static variable in class org.apache.nifi.security.util.CertificateUtils
performHandshake() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
performTasks() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
port - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
prepareObjectForDecryption(Object, String, String, List<String>) - Static method in class org.apache.nifi.security.repository.AbstractAESEncryptor: Utility method which extracts the RepositoryObjectEncryptionMetadata object from the byte[] or InputStream provided and verifies common validation across both streaming and block decryption.
prf - Variable in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
principal - Variable in class org.apache.nifi.security.krb.AbstractKerberosUser
principal - Variable in class org.apache.nifi.security.krb.KeytabConfiguration
processStreams(Cipher, InputStream, OutputStream) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
ProvenanceRepositoryEncryptionConfiguration - Class in org.apache.nifi.security.repository.config
ProvenanceRepositoryEncryptionConfiguration(NiFiProperties) - Constructor for class org.apache.nifi.security.repository.config.ProvenanceRepositoryEncryptionConfiguration: Constructor which accepts a NiFiProperties object and extracts the relevant property values directly.
ProvenanceRepositoryEncryptionConfiguration(String, String, String, Map<String, String>, String) - Constructor for class org.apache.nifi.security.repository.config.ProvenanceRepositoryEncryptionConfiguration: Constructor which accepts explicit values for each configuration value.
provider - Variable in enum org.apache.nifi.security.util.EncryptionMethod

R

r(int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
r - Variable in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
RandomIVPBECipherProvider - Class in org.apache.nifi.security.util.crypto
RandomIVPBECipherProvider() - Constructor for class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider
read() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
read(byte[]) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
read(byte[], int, int) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
read() - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelInputStream
read(byte[]) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelInputStream
read(byte[], int, int) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelInputStream
read(Reader) - Method in class org.apache.nifi.security.xml.SafeXMLConfiguration
read(InputStream) - Method in class org.apache.nifi.security.xml.SafeXMLConfiguration
read() - Method in interface org.apache.nifi.security.xml.SafeXMLConfiguration.XMLReader
readBytesFromInputStream(InputStream, String, int, byte[]) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
readData(ByteBuffer) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
readIV(InputStream) - Method in class org.apache.nifi.security.util.crypto.KeyedCipherProvider
readIV(InputStream) - Method in class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider
readKeys(String, SecretKey) - Static method in class org.apache.nifi.security.kms.CryptoUtils: Returns a map containing the key IDs and the parsed key from a key provider definition file.
readSalt(InputStream) - Method in class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.
readSalt(EncryptionMethod, InputStream) - Method in class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.

Returns the salt provided as part of the cipher stream, or throws an exception if one cannot be detected.
readSalt(InputStream) - Method in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider: Returns the salt provided as part of the cipher stream, or throws an exception if one cannot be detected.
readSalt(InputStream) - Method in interface org.apache.nifi.security.util.crypto.PBECipherProvider: Returns the salt provided as part of the cipher stream, or throws an exception if one cannot be detected.
readSalt(InputStream) - Method in class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider
registeredCipherProviders - Static variable in class org.apache.nifi.security.util.crypto.CipherProviderFactory
RELATIVE_NIFI_PROPS_PATH - Static variable in class org.apache.nifi.security.kms.CryptoUtils
reorderDn(String) - Static method in class org.apache.nifi.security.util.CertificateUtils: Reorders DN to the order the elements appear in the RFC 2253 table
replacementValue - Variable in class org.apache.nifi.authorization.util.IdentityMapping
RepositoryEncryptionConfiguration - Class in org.apache.nifi.security.repository.config: Abstract class which defines the method contracts for various repository encryption configuration values.
RepositoryEncryptionConfiguration() - Constructor for class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration
RepositoryEncryptorUtils - Class in org.apache.nifi.security.repository
RepositoryEncryptorUtils() - Constructor for class org.apache.nifi.security.repository.RepositoryEncryptorUtils
repositoryImplementation - Variable in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration
RepositoryObjectAESCTREncryptor - Class in org.apache.nifi.security.repository.stream.aes: This implementation of the RepositoryObjectStreamEncryptor handles streaming data by accepting OutputStream and InputStream parameters and returning custom implementations which wrap the normal behavior with encryption/decryption logic transparently.
RepositoryObjectAESCTREncryptor() - Constructor for class org.apache.nifi.security.repository.stream.aes.RepositoryObjectAESCTREncryptor
RepositoryObjectAESGCMEncryptor - Class in org.apache.nifi.security.repository.block.aes: This implementation of the RepositoryObjectBlockEncryptor handles block data by accepting byte[] parameters and returning byte[] which contain the encrypted/decrypted content.
RepositoryObjectAESGCMEncryptor() - Constructor for class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor
RepositoryObjectBlockEncryptor - Interface in org.apache.nifi.security.repository.block: Provides an interface for encrypting and decrypting repository objects using a block cipher.
RepositoryObjectEncryptionMetadata - Class in org.apache.nifi.security.repository
RepositoryObjectEncryptionMetadata() - Constructor for class org.apache.nifi.security.repository.RepositoryObjectEncryptionMetadata
RepositoryObjectEncryptor - Interface in org.apache.nifi.security.repository
RepositoryObjectStreamEncryptor - Interface in org.apache.nifi.security.repository.stream: Provides an interface for encrypting and decrypting repository objects using a stream cipher.
repositoryType - Variable in class org.apache.nifi.security.repository.config.RepositoryEncryptionConfiguration
RepositoryType - Enum in org.apache.nifi.security.repository
RepositoryType(String, String, String) - Constructor for enum org.apache.nifi.security.repository.RepositoryType
requiresMasterKey(String) - Static method in class org.apache.nifi.security.kms.KeyProviderFactory: Returns true if this KeyProvider implementation requires the presence of the master key in order to decrypt the available data encryption keys.
resolvePRF(String) - Method in class org.apache.nifi.security.util.crypto.PBKDF2CipherProvider
reverseX500Name(X500Name) - Static method in class org.apache.nifi.security.util.CertificateUtils: Reverses the X500Name in order make the certificate be in the right order [see http://stackoverflow.com/questions/7567837/attributes-reversed-in-certificate-subject-and-issuer/12645265]

S

SafeXMLConfiguration - Class in org.apache.nifi.security.xml: For security reasons, this class overrides the Apache commons 'XMLConfiguration' class to disable processing of XML external entity (XXE) declarations.
SafeXMLConfiguration() - Constructor for class org.apache.nifi.security.xml.SafeXMLConfiguration
SafeXMLConfiguration(HierarchicalConfiguration<ImmutableNode>) - Constructor for class org.apache.nifi.security.xml.SafeXMLConfiguration
SafeXMLConfiguration.XMLReader - Interface in org.apache.nifi.security.xml
salsa20_8(byte[]) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
SALT_DELIMITER - Static variable in class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider
Scrypt - Class in org.apache.nifi.security.util.crypto.scrypt: Copyright (C) 2011 - Will Glozer.
Scrypt() - Constructor for class org.apache.nifi.security.util.crypto.scrypt.Scrypt
scrypt(String, int, int, int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt: Hash the supplied plaintext password and generate output in the format described below:
The hashed output is an extended implementation of the Modular Crypt Format that also includes the scrypt algorithm parameters.
scrypt(String, byte[], int, int, int, int) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt: Hash the supplied plaintext password and generate output in the format described in Scrypt.scrypt(String, int, int, int, int).
SCRYPT_PATTERN - Static variable in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
SCRYPT_SALT_FORMAT - Static variable in class org.apache.nifi.security.util.crypto.ScryptCipherProvider
ScryptCipherProvider - Class in org.apache.nifi.security.util.crypto
ScryptCipherProvider() - Constructor for class org.apache.nifi.security.util.crypto.ScryptCipherProvider: Instantiates a Scrypt cipher provider with the default parameters N=2^14, r=8, p=1.
ScryptCipherProvider(int, int, int) - Constructor for class org.apache.nifi.security.util.crypto.ScryptCipherProvider: Instantiates a Scrypt cipher provider with the specified N, r, p values.
SecurityStoreTypes - Enum in org.apache.nifi.security.util: Types of security stores and their related Java system properties.
SecurityStoreTypes(String, String, String) - Constructor for enum org.apache.nifi.security.util.SecurityStoreTypes: Creates an instance.
SENTINEL - Static variable in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor
serializeEncryptionMetadata(RepositoryObjectEncryptionMetadata) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
serialNumberIncrementor - Static variable in class org.apache.nifi.security.util.CertificateUtils: An incrementor to add uniqueness to serial numbers generated in the same millisecond
setCipherProvider(AESKeyedCipherProvider) - Method in class org.apache.nifi.security.repository.AbstractAESEncryptor: Available for dependency injection to override the default AESKeyedCipherProvider if necessary.
setTimeout(int) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
smix(byte[], int, int, int, byte[], byte[]) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt
socketAddress - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
SslContextFactory - Class in org.apache.nifi.security.util: A factory for creating SSL contexts using the application's security properties.
SslContextFactory() - Constructor for class org.apache.nifi.security.util.SslContextFactory
SslContextFactory.ClientAuth - Enum in org.apache.nifi.security.util
SSLSocketChannel - Class in org.apache.nifi.remote.io.socket.ssl
SSLSocketChannel(SSLContext, String, int, InetAddress, boolean) - Constructor for class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
SSLSocketChannel(SSLContext, SocketChannel, boolean) - Constructor for class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
SSLSocketChannel(SSLEngine, SocketChannel) - Constructor for class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
SSLSocketChannelInputStream - Class in org.apache.nifi.remote.io.socket.ssl
SSLSocketChannelInputStream(SSLSocketChannel) - Constructor for class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelInputStream
SSLSocketChannelOutputStream - Class in org.apache.nifi.remote.io.socket.ssl
SSLSocketChannelOutputStream(SSLSocketChannel) - Constructor for class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelOutputStream
STATIC_KEY_PROVIDER_CLASS_NAME - Static variable in class org.apache.nifi.security.kms.CryptoUtils
StaticKeyProvider - Class in org.apache.nifi.security.kms: Reference implementation for static key provider (used during tests).
StaticKeyProvider(String, String) - Constructor for class org.apache.nifi.security.kms.StaticKeyProvider
StaticKeyProvider(Map<String, SecretKey>) - Constructor for class org.apache.nifi.security.kms.StaticKeyProvider
storePasswordProperty - Variable in enum org.apache.nifi.security.util.SecurityStoreTypes: the Java system property for setting the keystore (or truststore) password
storeProperty - Variable in enum org.apache.nifi.security.util.SecurityStoreTypes: the Java system property for setting the keystore (or truststore) path
storeTypeProperty - Variable in enum org.apache.nifi.security.util.SecurityStoreTypes: the Java system property for setting the keystore (or truststore) type
StreamingEncryptionMetadata - Class in org.apache.nifi.security.repository
StreamingEncryptionMetadata() - Constructor for class org.apache.nifi.security.repository.StreamingEncryptionMetadata
StreamingEncryptionMetadata(String, String, byte[], String) - Constructor for class org.apache.nifi.security.repository.StreamingEncryptionMetadata
streamInManager - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
streamOutManager - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
subject - Variable in class org.apache.nifi.security.krb.AbstractKerberosUser
SUN_KRB5_LOGIN_MODULE - Static variable in interface org.apache.nifi.security.krb.ConfigurationUtil
SUN_PROVIDER_NAME - Static variable in class org.apache.nifi.security.util.KeyStoreUtils
SUPPORTED_VERSIONS - Static variable in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor
SUPPORTED_VERSIONS - Static variable in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
SUPPORTED_VERSIONS - Static variable in class org.apache.nifi.security.repository.stream.aes.RepositoryObjectAESCTREncryptor

T

TICKET_RENEW_WINDOW - Static variable in class org.apache.nifi.security.krb.AbstractKerberosUser: Percentage of the ticket window to use before we renew the TGT.
timeoutMillis - Variable in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
toString() - Method in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor
toString() - Method in class org.apache.nifi.security.repository.block.BlockEncryptionMetadata
toString() - Method in class org.apache.nifi.security.repository.RepositoryObjectEncryptionMetadata
toString() - Method in enum org.apache.nifi.security.repository.RepositoryType
toString() - Method in class org.apache.nifi.security.repository.StreamingEncryptionMetadata
toString() - Method in enum org.apache.nifi.security.util.CertificateUtils.ClientAuth
toString() - Method in enum org.apache.nifi.security.util.crypto.HashAlgorithm
toString() - Method in enum org.apache.nifi.security.util.EncryptionMethod
toString() - Method in enum org.apache.nifi.security.util.KeyDerivationFunction
traditionalHash(HashAlgorithm, byte[]) - Static method in class org.apache.nifi.security.util.crypto.HashService
traditionalHashStreaming(HashAlgorithm, InputStream) - Static method in class org.apache.nifi.security.util.crypto.HashService
transform - Variable in class org.apache.nifi.authorization.util.IdentityMapping
Transform() - Constructor for enum org.apache.nifi.authorization.util.IdentityMapping.Transform
translateSalt(String) - Method in class org.apache.nifi.security.util.crypto.ScryptCipherProvider: Translates a salt from the mcrypt format $n$r$p$salt_hex to the Java scrypt format $s0$params$saltBase64.

U

UNLIMITED_KEY_LENGTHS - Static variable in class org.apache.nifi.security.kms.CryptoUtils
unlimitedStrength - Variable in enum org.apache.nifi.security.util.EncryptionMethod
username - Variable in class org.apache.nifi.security.krb.KerberosPasswordUser.UsernamePasswordCallbackHandler
UsernamePasswordCallbackHandler(String, String) - Constructor for class org.apache.nifi.security.krb.KerberosPasswordUser.UsernamePasswordCallbackHandler
UTF_16_DESCRIPTION - Static variable in class org.apache.nifi.security.util.crypto.HashService

V

VALID_KEY_LENGTHS - Static variable in class org.apache.nifi.security.util.crypto.AESKeyedCipherProvider
validate(String, String, ValidationContext) - Method in class org.apache.nifi.security.xml.XXEValidator
validateAndBuildRepositoryKeyProvider(NiFiProperties, RepositoryType) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils: Returns a configured KeyProvider instance for the specified repository type given the configuration values in nifi.properties.
validateAndBuildRepositoryKeyProvider(RepositoryEncryptionConfiguration) - Static method in class org.apache.nifi.security.repository.RepositoryEncryptorUtils: Returns a configured KeyProvider instance for the specified repository type given the configuration values.
validateSalt(EncryptionMethod, byte[]) - Method in class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.
validateSalt(EncryptionMethod, byte[]) - Method in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
value - Variable in enum org.apache.nifi.security.util.CertificateUtils.ClientAuth
valueOf(String) - Static method in enum org.apache.nifi.authorization.util.IdentityMapping.Transform: Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.apache.nifi.security.repository.RepositoryType: Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.apache.nifi.security.util.CertificateUtils.ClientAuth: Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.apache.nifi.security.util.crypto.HashAlgorithm: Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.apache.nifi.security.util.EncryptionMethod: Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.apache.nifi.security.util.KeyDerivationFunction: Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.apache.nifi.security.util.KeystoreType: Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.apache.nifi.security.util.SecurityStoreTypes: Returns the enum constant of this type with the specified name.
valueOf(String) - Static method in enum org.apache.nifi.security.util.SslContextFactory.ClientAuth: Returns the enum constant of this type with the specified name.
values() - Static method in enum org.apache.nifi.authorization.util.IdentityMapping.Transform: Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.apache.nifi.security.repository.RepositoryType: Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.apache.nifi.security.util.CertificateUtils.ClientAuth: Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.apache.nifi.security.util.crypto.HashAlgorithm: Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.apache.nifi.security.util.EncryptionMethod: Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.apache.nifi.security.util.KeyDerivationFunction: Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.apache.nifi.security.util.KeystoreType: Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.apache.nifi.security.util.SecurityStoreTypes: Returns an array containing the constants of this enum type, in the order they are declared.
values() - Static method in enum org.apache.nifi.security.util.SslContextFactory.ClientAuth: Returns an array containing the constants of this enum type, in the order they are declared.
verifyHashFormat(String) - Static method in class org.apache.nifi.security.util.crypto.scrypt.Scrypt: Returns true if the provided hash is a valid scrypt hash.
VERSION - Static variable in class org.apache.nifi.security.repository.block.aes.RepositoryObjectAESGCMEncryptor
VERSION - Static variable in class org.apache.nifi.security.repository.RepositoryEncryptorUtils
version - Variable in class org.apache.nifi.security.repository.RepositoryObjectEncryptionMetadata
VERSION - Static variable in class org.apache.nifi.security.repository.stream.aes.RepositoryObjectAESCTREncryptor

W

W3C_XML_SCHEMA - Static variable in class org.apache.nifi.security.xml.SafeXMLConfiguration
workFactor - Variable in class org.apache.nifi.security.util.crypto.BcryptCipherProvider
write(int) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
write(byte[]) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
write(byte[], int, int) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
write(int) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelOutputStream
write(byte[]) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelOutputStream
write(byte[], int, int) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelOutputStream
writeBytesToOutputStream(OutputStream, byte[], String, byte[]) - Static method in class org.apache.nifi.security.util.crypto.CipherUtility
writeFully(ByteBuffer) - Method in class org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel
writeIV(byte[], OutputStream) - Method in class org.apache.nifi.security.util.crypto.KeyedCipherProvider
writeIV(byte[], OutputStream) - Method in class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider
writeSalt(byte[], OutputStream) - Method in class org.apache.nifi.security.util.crypto.NiFiLegacyCipherProvider: Deprecated.
writeSalt(byte[], OutputStream) - Method in class org.apache.nifi.security.util.crypto.OpenSSLPKCS5CipherProvider
writeSalt(byte[], OutputStream) - Method in interface org.apache.nifi.security.util.crypto.PBECipherProvider: Writes the salt provided as part of the cipher stream, or throws an exception if it cannot be written.
writeSalt(byte[], OutputStream) - Method in class org.apache.nifi.security.util.crypto.RandomIVPBECipherProvider

X

XmlUtils - Class in org.apache.nifi.security.xml
XmlUtils() - Constructor for class org.apache.nifi.security.xml.XmlUtils
XXE_ERROR_MESSAGE - Static variable in class org.apache.nifi.security.xml.SafeXMLConfiguration
xxePattern - Variable in class org.apache.nifi.security.xml.XXEValidator
XXEValidator - Class in org.apache.nifi.security.xml
XXEValidator() - Constructor for class org.apache.nifi.security.xml.XXEValidator

A B C D E F G H I J K L M N O P R S T U V W X