DecryptContent

Deprecation notice:

This component is deprecated and will be removed in NiFi 2.x.

Please consider using one the following alternatives: No alternative components suggested.

Description:

Decrypt content encrypted with AES and encoded according conventions added in NiFi 0.5.0 for the EncryptContent Processor. The Processor reads the first 256 bytes to determine the presence of a cryptographic salt based on finding the 'NiFiSALT' delimiter. The salt is not present for content encrypted with a raw hexadecimal key. The Processor determines the presence of the initialization vector based on finding the 'NiFiIV' delimiter.The salt format indicates the Key Derivation Function that the Processor uses to generate a secret key based on a configured password. The Processor derives keys with a size of 128 bits according to the conventions implemented in NiFi 0.5.0.

Additional Details...

Tags:

cryptography, decipher, decrypt, AES, Argon2, bcrypt, scrypt, PBKDF2

Properties:

In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values.

Display NameAPI NameDefault ValueAllowable ValuesDescription
Cipher Algorithm Modecipher-algorithm-modeGCM
  • CBC Cipher Blocking Chaining Mode
  • CTR Counter Mode
  • GCM Galois/Counter Mode supporting Authenticated Encryption with Associated Data
Block cipher mode of operation for decryption using the Advanced Encryption Standard
Cipher Algorithm Paddingcipher-algorithm-paddingNoPadding
  • NoPadding NoPadding
  • PKCS5Padding PKCS5Padding
Padding specification used in cipher operation for decryption using the Advanced Encryption Standard
Key Specification Formatkey-specification-formatPASSWORD
  • RAW Raw secret key provided as a hexadecimal string
  • PASSWORD Password string for use with a Key Derivation Function to produce a secret key
Format describing the configured Key Specification
Key Specificationkey-specificationSpecification providing the raw secret key or a password from which to derive a secret key
Sensitive Property: true

Relationships:

NameDescription
successDecryption succeeded
failureDecryption failed

Reads Attributes:

None specified.

Writes Attributes:

None specified.

State management:

This component does not store state.

Restricted:

This component is not restricted.

Input requirement:

This component requires an incoming relationship.

System Resource Considerations:

None specified.