Closed Avik1993 closed 5 years ago
We are taking a look at this. We'll have an update before Aug 28th.
This issue can occur if you have multiple versions of BouncyCastle in your classpath (e.g., if one version is shaded), and the one that is installed as the JVM-wide "BC" provider isn't the same one that is being used for the encryption SDK.
Can you please try this branch and see if it fixes your issue? https://github.com/bdonlan/aws-encryption-sdk-java/tree/bc_prov
Note that this can also happen if you have BC loaded via multiple classloaders as well, this might be closer to what you're seeing.
I have the SAME issue ask reported. Exception thrown:
com.amazonaws.encryptionsdk.exception.AwsCryptoException: java.security.InvalidAlgorithmParameterException: parameter object not a ECParameterSpec
at com.amazonaws.encryptionsdk.internal.EncryptionHandler.<init>(EncryptionHandler.java:114)
at com.amazonaws.encryptionsdk.AwsCrypto.encryptData(AwsCrypto.java:185)
at com.amazonaws.encryptionsdk.AwsCrypto.encryptString(AwsCrypto.java:211)
at com.amazonaws.encryptionsdk.AwsCrypto.encryptString(AwsCrypto.java:223)
...
Caused by: java.security.InvalidAlgorithmParameterException: parameter object not a ECParameterSpec
at org.bouncycastle.jcajce.provider.asymmetric.ec.KeyPairGeneratorSpi$EC.initialize(Unknown Source)
at com.amazonaws.encryptionsdk.internal.EncryptionHandler.generateTrailingSigKeyPair(EncryptionHandler.java:367)
at com.amazonaws.encryptionsdk.internal.EncryptionHandler.<init>(EncryptionHandler.java:105)
... 87 common frames omitted
Two Java apps has with same Bouncy Castle libraries deployed on Tomcat 9.0.13 on JDK 1.8.0_171.
$TOMCAT_HOME/webapps/app1/WEB-INF/lib/bcprov-ext-jdk15on-1.55.jar
$TOMCAT_HOME/webapps/app1/WEB-INF/lib/bcpkix-jdk15on-1.55.jar
$TOMCAT_HOME/webapps/app1/WEB-INF/lib/bcprov-jdk15on-1.55.jar
$TOMCAT_HOME/webapps/app2/WEB-INF/lib/bcprov-ext-jdk15on-1.55.jar
$TOMCAT_HOME/webapps/app2/WEB-INF/lib/bcpkix-jdk15on-1.55.jar
$TOMCAT_HOME/webapps/app2/WEB-INF/lib/bcprov-jdk15on-1.55.jar
With the fix bdonlan provided https://github.com/bdonlan/aws-encryption-sdk-java/commit/d57a75f74e7127eb854fc6fdd231958085d5204d, rebuild aws-encryption-sdk-java from master branch, and rerun the test, test passed, issue fixed.
When are you going to make this fix in aws-encryption-sdk-java next release?
Thanks
I am trying to integrate Encryption SDK with Apache NiFi. NiFi already includes following versions of bouncy castle dependencies:-
But it throws below exception:-
Any leads where things could be wrong?