org.apache.nifinifi-cipher-nar2.0.0-M4org.apache.nifinifi-standard-shared-nar2.0.0-M42.0.0-M4nifi-2.0.0-M4-RC1UNKNOWN19c5be0org.apache.nifi.processors.cipher.DecryptContentPROCESSORDecrypt content encrypted with AES and encoded according conventions added in NiFi 0.5.0 for the EncryptContent Processor. The Processor reads the first 256 bytes to determine the presence of a cryptographic salt based on finding the 'NiFiSALT' delimiter. The salt is not present for content encrypted with a raw hexadecimal key. The Processor determines the presence of the initialization vector based on finding the 'NiFiIV' delimiter.The salt format indicates the Key Derivation Function that the Processor uses to generate a secret key based on a configured password. The Processor derives keys with a size of 128 bits according to the conventions implemented in NiFi 0.5.0.cryptographydecipherdecryptAESArgon2bcryptscryptPBKDF2cipher-algorithm-modeCipher Algorithm ModeBlock cipher mode of operation for decryption using the Advanced Encryption StandardGCMCBCCBCCipher Blocking Chaining ModeCTRCTRCounter ModeGCMGCMGalois/Counter Mode supporting Authenticated Encryption with Associated DatatruefalsefalseNONEfalsefalsecipher-algorithm-paddingCipher Algorithm PaddingPadding specification used in cipher operation for decryption using the Advanced Encryption StandardNoPaddingNoPaddingNoPaddingNoPaddingPKCS5PaddingPKCS5PaddingPKCS5PaddingtruefalsefalseNONEfalsefalsekey-specification-formatKey Specification FormatFormat describing the configured Key SpecificationPASSWORDRAWRAWRaw secret key provided as a hexadecimal stringPASSWORDPASSWORDPassword string for use with a Key Derivation Function to produce a secret keytruefalsefalseNONEfalsefalsekey-specificationKey SpecificationSpecification providing the raw secret key or a password from which to derive a secret keytruetruefalseNONEfalsefalsefailureDecryption failedfalsesuccessDecryption succeededfalsetruetrueINPUT_REQUIREDorg.apache.nifi.processors.cipher.DecryptContentAgePROCESSORDecrypt content using the age-encryption.org/v1 specification. Detects binary or ASCII armored content encoding using the initial file header bytes. The age standard uses ChaCha20-Poly1305 for authenticated encryption of the payload. The age-keygen command supports generating X25519 key pairs for encryption and decryption operations.ageage-encryption.orgencryptionChaCha20-Poly1305X25519Private Key SourcePrivate Key SourceSource of information determines the loading strategy for X25519 Private Key IdentitiesPROPERTIESPROPERTIESPROPERTIESLoad one or more keys from configured propertiesRESOURCESRESOURCESLoad one or more keys from files or URLstruefalsefalseNONEfalsefalsePrivate Key IdentitiesPrivate Key IdentitiesOne or more X25519 Private Key Identities, separated with newlines, encoded according to the age specification, starting with AGE-SECRET-KEY-1truetruefalseNONEfalsefalseSINGLETEXTPrivate Key SourcePrivate Key SourcePROPERTIESPrivate Key Identity ResourcesPrivate Key Identity ResourcesOne or more files or URLs containing X25519 Private Key Identities, separated with newlines, encoded according to the age specification, starting with AGE-SECRET-KEY-1truefalsefalseNONEfalsefalseMULTIPLEURLFILEPrivate Key SourcePrivate Key SourceRESOURCESfailureDecryption FailedfalsesuccessDecryption CompletedfalsetrueINPUT_REQUIREDorg.apache.nifi.processors.cipher.EncryptContentAgeorg.apache.nifi.processors.cipher.DecryptContentCompatibilityPROCESSORDecrypt content using password-based encryption schemes with legacy algorithms supporting historical compatibility modes.cryptographydecipherdecryptJasyptOpenSSLPKCS5PBES1encryption-schemeEncryption SchemePassword-Based Encryption Scheme including PBES1 described in RFC 8018, and others defined according to PKCS12 and Bouncy Castle implementationsPBE_WITH_MD5_AND_AES_CBC_128PBEWITHMD5AND128BITAES-CBC-OPENSSLPKCS12 with MD5 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 128 bit keys.PBE_WITH_MD5_AND_AES_CBC_192PBEWITHMD5AND192BITAES-CBC-OPENSSLPKCS12 with MD5 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 192 bit keys.PBE_WITH_MD5_AND_AES_CBC_256PBEWITHMD5AND256BITAES-CBC-OPENSSLPKCS12 with MD5 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 256 bit keys.PBE_WITH_MD5_AND_DESPBEWITHMD5ANDDESPKCS5 Scheme 1 with MD5 digest and Data Encryption Standard 64 bit keys. OID 1.2.840.113549.1.5.3PBE_WITH_MD5_AND_RC2PBEWITHMD5ANDRC2PKCS Scheme 1 with MD5 digest and Rivest Cipher 2. OID 1.2.840.113549.1.5.6PBE_WITH_SHA1_AND_AES_CBC_128PBEWITHSHAAND128BITAES-CBC-BCPKCS12 with SHA-1 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 128 bit keys.PBE_WITH_SHA1_AND_AES_CBC_192PBEWITHSHAAND192BITAES-CBC-BCPKCS12 with SHA-1 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 192 bit keys.PBE_WITH_SHA1_AND_AES_CBC_256PBEWITHSHAAND256BITAES-CBC-BCPKCS12 with SHA-1 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 256 bit keys.PBE_WITH_SHA1_AND_DESPBEWITHSHA1ANDDESPKCS5 Scheme 1 with SHA-1 digest and Data Encryption Standard. OID 1.2.840.113549.1.5.10PBE_WITH_SHA1_AND_DESEDE_128PBEWITHSHAAND2-KEYTRIPLEDES-CBCPKCS12 with SHA-1 digest and Triple Data Encryption Standard 128 bit keys. OID 1.2.840.113549.1.12.1.4PBE_WITH_SHA1_AND_DESEDE_192PBEWITHSHAAND3-KEYTRIPLEDES-CBCPKCS12 with SHA-1 digest and Triple Data Encryption Standard 192 bit keys. OID 1.2.840.113549.1.12.1.3PBE_WITH_SHA1_AND_RC2PBEWITHSHA1ANDRC2PKCS5 Scheme 1 with SHA-1 digest and Rivest Cipher 2. OID 1.2.840.113549.1.5.11PBE_WITH_SHA1_AND_RC2_128PBEWITHSHAAND128BITRC2-CBCPKCS12 with SHA-1 digest and Rivest Cipher 2 128 bit keys. OID 1.2.840.113549.1.12.1.5PBE_WITH_SHA1_AND_RC2_40PBEWITHSHAAND40BITRC2-CBCPKCS12 with SHA-1 digest and Rivest Cipher 2 40 bit keys. OID 1.2.840.113549.1.12.1.6PBE_WITH_SHA1_AND_RC4_128PBEWITHSHAAND128BITRC4PKCS12 with SHA-1 digest and Rivest Cipher 4 128 bit keys. OID 1.2.840.113549.1.12.1.1PBE_WITH_SHA1_AND_RC4_40PBEWITHSHAAND40BITRC4PKCS12 with SHA-1 digest and Rivest Cipher 4 40 bit keys. OID 1.2.840.113549.1.12.1.2PBE_WITH_SHA1_AND_TWOFISHPBEWITHSHAANDTWOFISH-CBCPKCS12 with SHA-1 digest and Twofish in Cipher Block Chaining mode using 256 bit keys.PBE_WITH_SHA256_AND_AES_CBC_128PBEWITHSHA256AND128BITAES-CBC-BCPKCS12 with SHA-256 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 128 bit keys.PBE_WITH_SHA256_AND_AES_CBC_192PBEWITHSHA256AND192BITAES-CBC-BCPKCS12 with SHA-256 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 192 bit keys.PBE_WITH_SHA256_AND_AES_CBC_256PBEWITHSHA256AND256BITAES-CBC-BCPKCS12 with SHA-256 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 256 bit keys.truefalsefalseNONEfalsefalsekey-derivation-strategyKey Derivation StrategyStrategy for reading salt from encoded contents and deriving the decryption key according to the number of function iterationsOPENSSL_EVP_BYTES_TO_KEYOPENSSL_EVP_BYTES_TO_KEYOpenSSL Envelope BytesToKey using a digest algorithm with one iteration and optional salt of eight bytesJASYPT_STANDARDJASYPT_STANDARDJasypt Java Simplified Encryption using a digest algorithm with 1000 iterations and required salt of eight or sixteen bytestruefalsefalseNONEfalsefalsepasswordPasswordPassword required for Password-Based Encryption SchemestruetruefalseNONEfalsefalsefailureDecryption failedfalsesuccessDecryption succeededfalsepbe.schemePassword-Based Encryption Schemepbe.symmetric.cipherPassword-Based Encryption Block Cipherpbe.digest.algorithmPassword-Based Encryption Digest AlgorithmtruetrueINPUT_REQUIREDorg.apache.nifi.processors.cipher.EncryptContentAgePROCESSOREncrypt content using the age-encryption.org/v1 specification. Supports binary or ASCII armored content encoding using configurable properties. The age standard uses ChaCha20-Poly1305 for authenticated encryption of the payload. The age-keygen command supports generating X25519 key pairs for encryption and decryption operations.ageage-encryption.orgencryptionChaCha20-Poly1305X25519File EncodingFile EncodingOutput encoding for encrypted files. Binary encoding provides optimal processing performance.BINARYBINARYBINARYBinary encodingASCIIASCIIASCII Armor encodingtruefalsefalseNONEfalsefalsePublic Key SourcePublic Key SourceSource of information determines the loading strategy for X25519 Public Key RecipientsPROPERTIESPROPERTIESPROPERTIESLoad one or more keys from configured propertiesRESOURCESRESOURCESLoad one or more keys from files or URLstruefalsefalseNONEfalsefalsePublic Key RecipientsPublic Key RecipientsOne or more X25519 Public Key Recipients, separated with newlines, encoded according to the age specification, starting with age1truetruefalseNONEfalsefalseSINGLETEXTPublic Key SourcePublic Key SourcePROPERTIESPublic Key Recipient ResourcesPublic Key Recipient ResourcesOne or more files or URLs containing X25519 Public Key Recipients, separated with newlines, encoded according to the age specification, starting with age1truefalsefalseNONEfalsefalseMULTIPLEURLFILEPublic Key SourcePublic Key SourceRESOURCESfailureEncryption FailedfalsesuccessEncryption CompletedfalsetrueINPUT_REQUIREDorg.apache.nifi.processors.cipher.DecryptContentAgeorg.apache.nifi.processors.cipher.VerifyContentMACPROCESSORCalculates a Message Authentication Code using the provided Secret Key and compares it with the provided MAC propertyAuthenticationSigningMACHMACmac-algorithmMessage Authentication Code AlgorithmHashed Message Authentication Code FunctionHmacSHA256HmacSHA256HmacSHA512HmacSHA512truefalsefalseNONEfalsefalsemessage-authentication-code-encodingMessage Authentication Code EncodingEncoding of the Message Authentication CodeHEXADECIMALHEXADECIMALHEXADECIMALBASE64BASE64truefalsefalseNONEfalsefalsemessage-authentication-codeMessage Authentication CodeThe MAC to compare with the calculated valuetruefalsetrueFLOWFILE_ATTRIBUTESfalsefalsesecret-key-encodingSecret Key EncodingEncoding of the Secret KeyHEXADECIMALUTF8UTF8HEXADECIMALHEXADECIMALBASE64BASE64truefalsefalseNONEfalsefalsesecret-keySecret KeySecret key to calculate the hashtruetruefalseNONEfalsefalsesuccessSignature Verification SucceededfalsefailureSignature Verification Failedfalsemac.calculatedCalculated Message Authentication Code encoded by the selected encodingmac.encodingThe Encoding of the Hashed Message Authentication Codemac.algorithmHashed Message Authentication Code AlgorithmtrueINPUT_REQUIRED