bc-java Java 11 - Getting 'Could not generate XDH keypair' error message

Java 11 - Getting 'Could not generate XDH keypair' error message

Open aroc725 opened this issue 2 years ago • 2 comments

I'm using Java 11, and trying to connect to a DynamoDB database. Here's part of the stack trace I'm seeing:

com.amazonaws.SdkClientException: Unable to execute HTTP request: Could not generate XDH keypair
..
Caused by: javax.net.ssl.SSLException: Could not generate XDH keypair
...
Caused by: java.lang.RuntimeException: Could not generate XDH keypair
...
Caused by: java.security.InvalidAlgorithmParameterException: AlgorithmParameterSpec not recognized: java.security.spec.NamedParameterSpec

and here's the only reference to Bouncy Castle within the Gradle build file:

implementation 'org.bouncycastle:bc-fips:1.0.2'

Any ideas as to how to resolve this ?

Oct 12 '22 22:10 aroc725

Based on https://github.com/bcgit/bc-java/issues/589, my guess is that

https://bugs.openjdk.java.net/browse/JDK-8171279 has been backported to Java 11 in the last 2 years;
the workarounds from https://github.com/bcgit/bc-java/issues/589#issuecomment-530780788 should work;
the real solution will be in bc-fips-2.0.0.jar (not yet published).

/cc @peterdettman

Dec 08 '22 16:12 marnix

I have the same problem with org.bouncycastle:bc-fips:1.0.2.3. Is there any solution for this? I dont see bc-fips-2.0.0 still in maven.

I am using Amazon corretto java 11.0.20

Sep 12 '23 08:09 sawanverma

bc-java bc-java copied to clipboard

Java 11 - Getting 'Could not generate XDH keypair' error message

bc-java
bc-java copied to clipboard