· 9 years ago · Oct 28, 2016, 08:56 PM
1<?xml version="1.0" ?>
2<template encoding-version="1.0">
3 <description>This template generates an empty flowfile, populates the content with plaintext, adds two attributes, uses an ExecuteScript processor to perform AES/GCM encryption with a default key, and updates and adds attributes with the cipher text results, then logs the attributes and content of the flowfile. </description>
4 <groupId>08499ab1-0158-1000-eb96-b892bf593753</groupId>
5 <name>EncryptAttribute (via ExecuteScript)</name>
6 <snippet>
7 <connections>
8 <id>084be0c5-0158-1000-0000-000000000000</id>
9 <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId>
10 <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold>
11 <backPressureObjectThreshold>10000</backPressureObjectThreshold>
12 <destination>
13 <groupId>08499ab1-0158-1000-0000-000000000000</groupId>
14 <id>0849d7d0-0158-1000-0000-000000000000</id>
15 <type>PROCESSOR</type>
16 </destination>
17 <flowFileExpiration>0 sec</flowFileExpiration>
18 <labelIndex>1</labelIndex>
19 <name></name>
20 <selectedRelationships>success</selectedRelationships>
21 <source>
22 <groupId>08499ab1-0158-1000-0000-000000000000</groupId>
23 <id>0849bf65-0158-1000-0000-000000000000</id>
24 <type>PROCESSOR</type>
25 </source>
26 <zIndex>0</zIndex>
27 </connections>
28 <connections>
29 <id>084c0d53-0158-1000-0000-000000000000</id>
30 <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId>
31 <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold>
32 <backPressureObjectThreshold>10000</backPressureObjectThreshold>
33 <destination>
34 <groupId>08499ab1-0158-1000-0000-000000000000</groupId>
35 <id>0849eff2-0158-1000-0000-000000000000</id>
36 <type>PROCESSOR</type>
37 </destination>
38 <flowFileExpiration>0 sec</flowFileExpiration>
39 <labelIndex>1</labelIndex>
40 <name></name>
41 <selectedRelationships>success</selectedRelationships>
42 <source>
43 <groupId>08499ab1-0158-1000-0000-000000000000</groupId>
44 <id>0849d7d0-0158-1000-0000-000000000000</id>
45 <type>PROCESSOR</type>
46 </source>
47 <zIndex>0</zIndex>
48 </connections>
49 <connections>
50 <id>084c3573-0158-1000-0000-000000000000</id>
51 <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId>
52 <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold>
53 <backPressureObjectThreshold>10000</backPressureObjectThreshold>
54 <destination>
55 <groupId>08499ab1-0158-1000-0000-000000000000</groupId>
56 <id>084b36c9-0158-1000-0000-000000000000</id>
57 <type>PROCESSOR</type>
58 </destination>
59 <flowFileExpiration>0 sec</flowFileExpiration>
60 <labelIndex>1</labelIndex>
61 <name></name>
62 <selectedRelationships>success</selectedRelationships>
63 <source>
64 <groupId>08499ab1-0158-1000-0000-000000000000</groupId>
65 <id>0849eff2-0158-1000-0000-000000000000</id>
66 <type>PROCESSOR</type>
67 </source>
68 <zIndex>0</zIndex>
69 </connections>
70 <connections>
71 <id>084c4bf9-0158-1000-0000-000000000000</id>
72 <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId>
73 <backPressureDataSizeThreshold>1 GB</backPressureDataSizeThreshold>
74 <backPressureObjectThreshold>10000</backPressureObjectThreshold>
75 <destination>
76 <groupId>08499ab1-0158-1000-0000-000000000000</groupId>
77 <id>084bc188-0158-1000-0000-000000000000</id>
78 <type>PROCESSOR</type>
79 </destination>
80 <flowFileExpiration>0 sec</flowFileExpiration>
81 <labelIndex>1</labelIndex>
82 <name></name>
83 <selectedRelationships>success</selectedRelationships>
84 <source>
85 <groupId>08499ab1-0158-1000-0000-000000000000</groupId>
86 <id>084b36c9-0158-1000-0000-000000000000</id>
87 <type>PROCESSOR</type>
88 </source>
89 <zIndex>0</zIndex>
90 </connections>
91 <processors>
92 <id>0849bf65-0158-1000-0000-000000000000</id>
93 <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId>
94 <position>
95 <x>3.0</x>
96 <y>0.0</y>
97 </position>
98 <config>
99 <bulletinLevel>WARN</bulletinLevel>
100 <comments></comments>
101 <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount>
102 <descriptors>
103 <entry>
104 <key>File Size</key>
105 <value>
106 <name>File Size</name>
107 </value>
108 </entry>
109 <entry>
110 <key>Batch Size</key>
111 <value>
112 <name>Batch Size</name>
113 </value>
114 </entry>
115 <entry>
116 <key>Data Format</key>
117 <value>
118 <name>Data Format</name>
119 </value>
120 </entry>
121 <entry>
122 <key>Unique FlowFiles</key>
123 <value>
124 <name>Unique FlowFiles</name>
125 </value>
126 </entry>
127 </descriptors>
128 <lossTolerant>false</lossTolerant>
129 <penaltyDuration>30 sec</penaltyDuration>
130 <properties>
131 <entry>
132 <key>File Size</key>
133 <value>0B</value>
134 </entry>
135 <entry>
136 <key>Batch Size</key>
137 <value>1</value>
138 </entry>
139 <entry>
140 <key>Data Format</key>
141 <value>Text</value>
142 </entry>
143 <entry>
144 <key>Unique FlowFiles</key>
145 <value>false</value>
146 </entry>
147 </properties>
148 <runDurationMillis>0</runDurationMillis>
149 <schedulingPeriod>3 sec</schedulingPeriod>
150 <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy>
151 <yieldDuration>1 sec</yieldDuration>
152 </config>
153 <name>GenerateFlowFile</name>
154 <relationships>
155 <autoTerminate>false</autoTerminate>
156 <name>success</name>
157 </relationships>
158 <style></style>
159 <type>org.apache.nifi.processors.standard.GenerateFlowFile</type>
160 </processors>
161 <processors>
162 <id>0849d7d0-0158-1000-0000-000000000000</id>
163 <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId>
164 <position>
165 <x>0.0</x>
166 <y>192.0</y>
167 </position>
168 <config>
169 <bulletinLevel>WARN</bulletinLevel>
170 <comments></comments>
171 <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount>
172 <descriptors>
173 <entry>
174 <key>Regular Expression</key>
175 <value>
176 <name>Regular Expression</name>
177 </value>
178 </entry>
179 <entry>
180 <key>Replacement Value</key>
181 <value>
182 <name>Replacement Value</name>
183 </value>
184 </entry>
185 <entry>
186 <key>Character Set</key>
187 <value>
188 <name>Character Set</name>
189 </value>
190 </entry>
191 <entry>
192 <key>Maximum Buffer Size</key>
193 <value>
194 <name>Maximum Buffer Size</name>
195 </value>
196 </entry>
197 <entry>
198 <key>Replacement Strategy</key>
199 <value>
200 <name>Replacement Strategy</name>
201 </value>
202 </entry>
203 <entry>
204 <key>Evaluation Mode</key>
205 <value>
206 <name>Evaluation Mode</name>
207 </value>
208 </entry>
209 </descriptors>
210 <lossTolerant>false</lossTolerant>
211 <penaltyDuration>30 sec</penaltyDuration>
212 <properties>
213 <entry>
214 <key>Regular Expression</key>
215 <value>(?s)(^.*$)</value>
216 </entry>
217 <entry>
218 <key>Replacement Value</key>
219 <value>This is plaintext content. </value>
220 </entry>
221 <entry>
222 <key>Character Set</key>
223 <value>UTF-8</value>
224 </entry>
225 <entry>
226 <key>Maximum Buffer Size</key>
227 <value>1 MB</value>
228 </entry>
229 <entry>
230 <key>Replacement Strategy</key>
231 <value>Regex Replace</value>
232 </entry>
233 <entry>
234 <key>Evaluation Mode</key>
235 <value>Entire text</value>
236 </entry>
237 </properties>
238 <runDurationMillis>0</runDurationMillis>
239 <schedulingPeriod>0 sec</schedulingPeriod>
240 <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy>
241 <yieldDuration>1 sec</yieldDuration>
242 </config>
243 <name>ReplaceText</name>
244 <relationships>
245 <autoTerminate>true</autoTerminate>
246 <name>failure</name>
247 </relationships>
248 <relationships>
249 <autoTerminate>false</autoTerminate>
250 <name>success</name>
251 </relationships>
252 <style></style>
253 <type>org.apache.nifi.processors.standard.ReplaceText</type>
254 </processors>
255 <processors>
256 <id>0849eff2-0158-1000-0000-000000000000</id>
257 <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId>
258 <position>
259 <x>2.0</x>
260 <y>386.0</y>
261 </position>
262 <config>
263 <bulletinLevel>WARN</bulletinLevel>
264 <comments></comments>
265 <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount>
266 <descriptors>
267 <entry>
268 <key>Delete Attributes Expression</key>
269 <value>
270 <name>Delete Attributes Expression</name>
271 </value>
272 </entry>
273 <entry>
274 <key>Normal Attribute</key>
275 <value>
276 <name>Normal Attribute</name>
277 </value>
278 </entry>
279 <entry>
280 <key>Sensitive Attribute</key>
281 <value>
282 <name>Sensitive Attribute</name>
283 </value>
284 </entry>
285 </descriptors>
286 <lossTolerant>false</lossTolerant>
287 <penaltyDuration>30 sec</penaltyDuration>
288 <properties>
289 <entry>
290 <key>Delete Attributes Expression</key>
291 </entry>
292 <entry>
293 <key>Normal Attribute</key>
294 <value>This is a normal attribute. </value>
295 </entry>
296 <entry>
297 <key>Sensitive Attribute</key>
298 <value>This is a sensitive attribute.</value>
299 </entry>
300 </properties>
301 <runDurationMillis>0</runDurationMillis>
302 <schedulingPeriod>0 sec</schedulingPeriod>
303 <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy>
304 <yieldDuration>1 sec</yieldDuration>
305 </config>
306 <name>UpdateAttribute</name>
307 <relationships>
308 <autoTerminate>false</autoTerminate>
309 <name>success</name>
310 </relationships>
311 <style></style>
312 <type>org.apache.nifi.processors.attributes.UpdateAttribute</type>
313 </processors>
314 <processors>
315 <id>084b36c9-0158-1000-0000-000000000000</id>
316 <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId>
317 <position>
318 <x>3.0</x>
319 <y>564.0</y>
320 </position>
321 <config>
322 <bulletinLevel>WARN</bulletinLevel>
323 <comments></comments>
324 <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount>
325 <descriptors>
326 <entry>
327 <key>Script Engine</key>
328 <value>
329 <name>Script Engine</name>
330 </value>
331 </entry>
332 <entry>
333 <key>Script File</key>
334 <value>
335 <name>Script File</name>
336 </value>
337 </entry>
338 <entry>
339 <key>Script Body</key>
340 <value>
341 <name>Script Body</name>
342 </value>
343 </entry>
344 <entry>
345 <key>Module Directory</key>
346 <value>
347 <name>Module Directory</name>
348 </value>
349 </entry>
350 </descriptors>
351 <lossTolerant>false</lossTolerant>
352 <penaltyDuration>30 sec</penaltyDuration>
353 <properties>
354 <entry>
355 <key>Script Engine</key>
356 <value>Groovy</value>
357 </entry>
358 <entry>
359 <key>Script File</key>
360 </entry>
361 <entry>
362 <key>Script Body</key>
363 <value> import javax.crypto.Cipher
364 import javax.crypto.SecretKey
365 import javax.crypto.spec.IvParameterSpec
366 import javax.crypto.spec.SecretKeySpec
367 import java.nio.charset.StandardCharsets
368
369 FlowFile flowFile = session.get()
370
371 if (!flowFile) {
372 return
373 }
374
375 try {
376 // Get the raw values of the attributes
377 String normalAttribute = flowFile.getAttribute('Normal Attribute')
378 String sensitiveAttribute = flowFile.getAttribute('Sensitive Attribute')
379
380 // Instantiate an encryption cipher
381 // Lots of additional code could go here to generate a random key, derive a key from a password, read from a file or keyring, etc.
382 String keyHex = "0123456789ABCDEFFEDCBA9876543210" // * 2 for 256-bit encryption
383 SecretKey key = new SecretKeySpec(keyHex.getBytes(StandardCharsets.UTF_8), "AES")
384 IvParameterSpec iv = new IvParameterSpec(keyHex[0..<16].getBytes(StandardCharsets.UTF_8))
385
386 Cipher aesGcmEncCipher = Cipher.getInstance("AES/GCM/NoPadding", "BC")
387 aesGcmEncCipher.init(Cipher.ENCRYPT_MODE, key, iv)
388
389 String encryptedNormalAttribute = Base64.encoder.encodeToString(aesGcmEncCipher.doFinal(normalAttribute.bytes))
390 String encryptedSensitiveAttribute = Base64.encoder.encodeToString(aesGcmEncCipher.doFinal(sensitiveAttribute.bytes))
391
392 // Add a new attribute with the encrypted normal attribute
393 flowFile = session.putAttribute(flowFile, 'Normal Attribute (encrypted)', encryptedNormalAttribute)
394
395 // Replace the sensitive attribute inline with the cipher text
396 flowFile = session.putAttribute(flowFile, 'Sensitive Attribute', encryptedSensitiveAttribute)
397 session.transfer(flowFile, REL_SUCCESS)
398 } catch (Exception e) {
399 log.error("There was an error encrypting the attributes: ${e.getMessage()}")
400 session.transfer(flowFile, REL_FAILURE)
401 }</value>
402 </entry>
403 <entry>
404 <key>Module Directory</key>
405 </entry>
406 </properties>
407 <runDurationMillis>0</runDurationMillis>
408 <schedulingPeriod>0 sec</schedulingPeriod>
409 <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy>
410 <yieldDuration>1 sec</yieldDuration>
411 </config>
412 <name>ExecuteScript</name>
413 <relationships>
414 <autoTerminate>true</autoTerminate>
415 <name>failure</name>
416 </relationships>
417 <relationships>
418 <autoTerminate>false</autoTerminate>
419 <name>success</name>
420 </relationships>
421 <style></style>
422 <type>org.apache.nifi.processors.script.ExecuteScript</type>
423 </processors>
424 <processors>
425 <id>084bc188-0158-1000-0000-000000000000</id>
426 <parentGroupId>08499ab1-0158-1000-0000-000000000000</parentGroupId>
427 <position>
428 <x>6.0</x>
429 <y>738.0</y>
430 </position>
431 <config>
432 <bulletinLevel>WARN</bulletinLevel>
433 <comments></comments>
434 <concurrentlySchedulableTaskCount>1</concurrentlySchedulableTaskCount>
435 <descriptors>
436 <entry>
437 <key>Log Level</key>
438 <value>
439 <name>Log Level</name>
440 </value>
441 </entry>
442 <entry>
443 <key>Log Payload</key>
444 <value>
445 <name>Log Payload</name>
446 </value>
447 </entry>
448 <entry>
449 <key>Attributes to Log</key>
450 <value>
451 <name>Attributes to Log</name>
452 </value>
453 </entry>
454 <entry>
455 <key>Attributes to Ignore</key>
456 <value>
457 <name>Attributes to Ignore</name>
458 </value>
459 </entry>
460 <entry>
461 <key>Log prefix</key>
462 <value>
463 <name>Log prefix</name>
464 </value>
465 </entry>
466 </descriptors>
467 <lossTolerant>false</lossTolerant>
468 <penaltyDuration>30 sec</penaltyDuration>
469 <properties>
470 <entry>
471 <key>Log Level</key>
472 <value>info</value>
473 </entry>
474 <entry>
475 <key>Log Payload</key>
476 <value>true</value>
477 </entry>
478 <entry>
479 <key>Attributes to Log</key>
480 </entry>
481 <entry>
482 <key>Attributes to Ignore</key>
483 </entry>
484 <entry>
485 <key>Log prefix</key>
486 </entry>
487 </properties>
488 <runDurationMillis>0</runDurationMillis>
489 <schedulingPeriod>0 sec</schedulingPeriod>
490 <schedulingStrategy>TIMER_DRIVEN</schedulingStrategy>
491 <yieldDuration>1 sec</yieldDuration>
492 </config>
493 <name>LogAttribute</name>
494 <relationships>
495 <autoTerminate>true</autoTerminate>
496 <name>success</name>
497 </relationships>
498 <style></style>
499 <type>org.apache.nifi.processors.standard.LogAttribute</type>
500 </processors>
501 </snippet>
502 <timestamp>10/27/2016 16:22:42 PDT</timestamp>
503</template>