I am creating an RSA 2048 keypair using CloudHsm JCE provider.
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA", Security.getProvider(CloudHsmProvider.PROVIDER_NAME));
final KeyAttributesMap publicKeyAttrsMap = new KeyAttributesMap();
publicKeyAttrsMap.put(KeyAttribute.LABEL, "test:public");
publicKeyAttrsMap.put(KeyAttribute.MODULUS_BITS, 2048);
publicKeyAttrsMap.put(KeyAttribute.PUBLIC_EXPONENT, new BigInteger("65537").toByteArray());
publicKeyAttrsMap.put(KeyAttribute.TOKEN, Boolean.TRUE);
publicKeyAttrsMap.put(KeyAttribute.VERIFY, Boolean.TRUE);
final KeyAttributesMap privateKeyAttrsMap = new KeyAttributesMap();
privateKeyAttrsMap.put(KeyAttribute.LABEL, "test:private");
privateKeyAttrsMap.put(KeyAttribute.TOKEN, Boolean.TRUE);
privateKeyAttrsMap.put(KeyAttribute.SIGN, Boolean.TRUE);
privateKeyAttrsMap.putAll(getSignaturePrivateKeyTemplate());
KeyPairAttributesMap keyPairSpec = new KeyPairAttributesMapBuilder().withPublic(publicKeyAttrsMap).withPrivate(privateKeyAttrsMap).build();
keyPairGen.initialize(keyPairSpec);
KeyPair keypair = keyPairGen.generateKeyPair();
I'm able to create key in sample program but when use the same code in my web application getting the following exception
java.security.InvalidAlgorithmParameterException: Expected KeySpec to be instance of KeyPairAttributesMap or KeyAttributesMap. Please provide a valid KeySpec for this operation.
at com.amazonaws.cloudhsm.jce.provider.CloudHsmKeyPairGeneratorBase.initialize(CloudHsmKeyPairGeneratorBase.java:84) ~[cloudhsm-5.8.0.jar:?]
at com.amazonaws.cloudhsm.jce.provider.RsaKeyPairGenerator.initialize(RsaKeyPairGenerator.java:24) ~[cloudhsm-5.8.0.jar:?]
at java.security.KeyPairGenerator$Delegate.initialize(KeyPairGenerator.java:691) ~[?:?]
at java.security.KeyPairGenerator.initialize(KeyPairGenerator.java:436) ~[?:?]
Strange thing is I am using
com.amazonaws.cloudhsm.jce.provider.attributes.KeyPairAttributesMap
but still its throwing exception. The same code is running as stand alone application.
AWS OFFICIALUpdated 3 years ago
In start couple of keys generated but failing to get publicKey bytes from generated keypair object. The return Keypair object have null public and private bytes. After running multiple time suddenly start throwing this exception. Even after deleting and creating new HSM cluster not effecting the result.