Producing content that a reasonable developer might want to read

Latest Posts

Modernizing Streaming Encryption with age in Apache NiFi

age Encryption NiFi Security

2023-12-04 • 12 minute read • David Handermann

Apache NiFi 2.0.0-M1 and 1.24.0 introduced new Processors supporting the age-encryption.org/v1 specification. Built on the Jagged framework implementation, the EncryptContentAge and DecryptContentAge Processors perform streaming cipher operations using the ChaCha20-Poly1305 algorithm. The age specification supports key agreement using the elliptic curve X25519 function, providing a modern solution for automated encryption and decryption with standard key pairs.

Read more

Firsthand Analysis of Apache NiFi Vulnerability CVE-2023-34468

NiFi Security Vulnerabilities

2023-10-07 • 10 minute read • David Handermann

Recent reporting on Apache NiFi vulnerability CVE-2023-34468 has highlighted significant concerns related to potential remote code execution. Although upgrading to the latest version of Apache NiFi remains the recommended solution, a closer evaluation of the vulnerability shows important details glossed over in published analysis. Exploiting H2 database connection strings requires both authentication and sufficient authorization, the importance of which is missing from recent reporting.

Read more

Introducing Jagged for age Encryption in Java

age Cryptography Encryption Security

2023-08-29 • 16 minute read • David Handermann

Jagged is a set of Java libraries supporting the age encryption specification. Designed as a simple and modern file encryption standard, age builds on trusted cryptographic algorithms and provides a concise structure for formatting header and payload information. Jagged provides a modular implementation to enable application integration for automated or interactive use cases.

Read more