Error using NanoTDF Encrypt

ttschampel commented 4 months ago

Running the SDK against a deployment OpenTDF Platform to perform NanoTDF Encryption:

opentdf-nifi-1 |Caused by: java.lang.ClassCastException: class org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey cannot be cast to class org.bouncycastle.jce.interfaces.ECPublicKey (org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey is in unnamed module of loader org.apache.nifi.nar.NarClassLoader @2b2a4332; org.bouncycastle.jce.interfaces.ECPublicKey is in unnamed module of loader org.apache.nifi.nar.NarClassLoader @b01cb8d)
opentdf-nifi-1 |    at io.opentdf.platform.sdk.nanotdf.ECKeyPair.publicKeyFromPem(ECKeyPair.java:236)
opentdf-nifi-1 |    at io.opentdf.platform.sdk.NanoTDF.createNanoTDF(NanoTDF.java:77)
opentdf-nifi-1 |    at io.opentdf.nifi.ConvertToNanoTDF.lambda$processFlowFiles$0(ConvertToNanoTDF.java:69)

sujankota commented 3 months ago

The issue looks like we are not getting the KAS public key.

ECPublicKey kasPublicKey = ECKeyPair.publicKeyFromPem(kasPublicKeyAsPem);

Probably check for an empty string or check if it's not a PEM key and throw a correct exception.

ttschampel commented 3 months ago

Fixed by #74

mkleene commented 3 months ago

We've decided to go with a documentation-only approach (as opposed to loading the bouncy castle crypto provider ourselves) for now and see how that works for consumers.

opentdf / java-sdk

Error using NanoTDF Encrypt #71