feat(sdk)!: remove bouncycastle and ayza libraries (#367)

This pull makes this library provider-agnostic. Users can control how
cryptography is provided by configuring
their `java.security` configuration, as we do in the FIPS-profile tests.
We add two new maven profiles `fips` and
`non-fips`. These profiles are used solely for testing; the library
itself is agnostic to which providers are used
for cryptography.

In the `non-fips` profile we use the normal providers configured on the
JVM. The BouncyCastle provider is included
just for some test verification.

In the `fips` profile we include the BouncyCastle FIPS providers we need
at runtime to verify that our library works with a FIPS-compliant setup.

## Ayza removal
I believe it's necessary to remove ayza since it loads a
BouncyCastleProvider explicitly. Since the FIPS provider
occupies the same namespace loading both providers can't work.

## BouncyCastle moved to test-only
Removing BouncyCastle as a compile dependency isn't strictly necessary
but it results in much less rework and
eliminates a transitive dependency for consumers.

## Remaining FIPS work
We still need to:
* verify that the JWK libraries we use are FIPS compliant with the
correct providers to claim that this
library can be made FIPS compliant
* verify that we generate random numbers in a FIPS-compliant way.
Because BouncyCastle does not provide a
FIPS-compliant source of entropy we need to include the SUN provider to
get at `/dev/rand`. This is OK, since
* we _should_ pick up this provider and use it for all cryptographic
operations (but we may want to provide ways to guarantee that a
particular provider is used)
* the FIPS boundary for random numbers starts at the provider. We don't
have tools to verify this now, though

The breaking API changes are as follows:

| Area | Change | Related to |
|---|---|---|
| `SDKBuilder.sslFactory(SSLFactory)` | **Removed.** Replaced by
`sslFactory(SSLSocketFactory)` and `sslFactory(SSLSocketFactory,
X509TrustManager)` | Ayza removal |
| `SDKBuilder.sslFactoryFromTrustManager(X509TrustManager)` | **New**
method | Ayza removal |
| `ECKeyPair(ECCurve, ECAlgorithm)` constructor | **Removed.** Replaced
by `ECKeyPair(ECCurve)` | BouncyCastle removal |
| `ECKeyPair.publicKeyFromPem` | Removed method from public interface
since it should not have been exposed and since the types were changing
anyway | BouncyCastle removal |
| `ECKeyPair.privateKeyFromPem`, `getPEMPublicKeyFromX509Cert`,
`publicKeyFromECPoint`, static `compressECPublickey(String)` |
**Removed** from public API (moved to test-only `PemTestUtils`) |
BouncyCastle removal |
| Dependencies | Drops `io.github.hakky54:ayza*` and the runtime BC dep;
adds `bc-fips`, `bcpkix-fips`, `bctls-fips` (via new `fips`/`non-fips`
Maven profiles) | Both |

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* FIPS-profile cryptography support and improved TLS trust-material
builder (directory/keystore/trust-manager sources).

* **Improvements**
* Migrated crypto to standard Java security APIs for broader
compatibility.
* Added AES-GCM key-generation helper and more robust TLS/trust-manager
integration across the SDK.

* **Tests**
* Updated and added tests and test utilities for PEM/EC key handling and
TLS/trust behaviors.

* **Chores**
* Updated build/test config and pinned Bouncy Castle FIPS dependencies.

<!-- review_stack_entry_start -->

[![Review Change
Stack](https://storage.googleapis.com/coderabbit_public_assets/review-stack-in-coderabbit-ui.svg)](https://app.coderabbit.ai/change-stack/opentdf/java-sdk/pull/367?utm_source=github_walkthrough&utm_medium=github&utm_campaign=change_stack)

<!-- review_stack_entry_end -->
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

Author: 4 people

.github/workflows/checks.yaml

@@ -85,13 +85,23 @@ jobs:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar
           restore-keys: ${{ runner.os }}-sonar
-      - name: Maven Test Coverage
+      - name: Generate sources
         env:
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           BUF_INPUT_HTTPS_USERNAME: opentdf-bot
           BUF_INPUT_HTTPS_PASSWORD: ${{ secrets.PERSONAL_ACCESS_TOKEN_OPENTDF }}
-        run: mvn --batch-mode clean verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=opentdf_java-sdk -P coverage
+        run: mvn clean --batch-mode clean generate-sources
+      - name: Tests and enforcer (fips)
+        run: mvn --batch-mode test enforcer:enforce -P 'fips,!non-fips' -Dmaven.antrun.skip
+      - name: Tests with coverage and javadoc (non-fips)
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: |
+          mvn --batch-mode verify \
+            org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
+            -Dmaven.antrun.skip -Dsonar.projectKey=opentdf_java-sdk \
+            -P 'coverage,non-fips,!fips'
 
   platform-integration:
     runs-on: ubuntu-22.04

adr/0001/remove-bc-and-ayza.md

@@ -0,0 +1,25 @@
+# Removing compile dependencies on BouncyCastle and Ayza libraries
+
+## Decision
+Remove compile dependencies on BouncyCastle and Ayza libraries.
+
+## Context
+### Ayza
+FIPS compliance is the main force driving the decision to remove Ayza.
+Ayza loads a non-FIPS BouncyCastle provider, which means that the inclusion of
+the BC FIPS provider will result in errors when classes from the wrong JAR are loaded.
+
+### BouncyCastle
+Removing BouncyCastle is driven by the fact that BouncyCastle implements similar
+but often not identical classes in the FIPS and non-FIPS jars; removing any
+explicit dependency on BouncyCastle classes means that we are not exposed to
+changes that may take place as the FIPS and non-FIPS interfaces change.
+
+## Consequences
+### Positive
+* better modularity around our usage of cryptographic libraries
+* makes it easier to implement FIPS compliance
+* consumers of the SDK have fewer dependencies to manage
+* easier testing and maintenance because we are not exposed to changes in the BouncyCastle API
+### Negative
+* possible increased burden to implement operations in terms of the JCA as opposed to using BouncyCastle-specific APIs

cmdline/src/main/java/io/opentdf/platform/Command.java

@@ -10,6 +10,7 @@
 import com.google.gson.GsonBuilder;
 import com.google.gson.reflect.TypeToken;
 
+import java.security.cert.X509Certificate;
 import java.text.ParseException;
 import com.google.gson.JsonSyntaxException;
 import io.opentdf.platform.sdk.AssertionConfig;
@@ -18,11 +19,11 @@
 import io.opentdf.platform.sdk.KeyType;
 import io.opentdf.platform.sdk.SDK;
 import io.opentdf.platform.sdk.SDKBuilder;
-import nl.altindag.ssl.SSLFactory;
 import picocli.CommandLine;
 import picocli.CommandLine.HelpCommand;
 import picocli.CommandLine.Option;
 
+import javax.net.ssl.X509TrustManager;
 import java.io.BufferedInputStream;
 import java.io.BufferedOutputStream;
 import java.io.File;
@@ -262,10 +263,7 @@ void encrypt(
     private SDK buildSDK() {
         SDKBuilder builder = new SDKBuilder();
         if (insecure) {
-            SSLFactory sslFactory = SSLFactory.builder()
-                    .withUnsafeTrustMaterial() // Trust all certificates
-                    .build();
-            builder.sslFactory(sslFactory);
+            builder.insecureSslFactory();
         }
 
         return builder.platformEndpoint(platformEndpoint)

pom.xml

@@ -17,7 +17,9 @@
         <grpc.version>1.75.0</grpc.version>
         <protobuf.version>4.29.2</protobuf.version>
         <bouncycastle.version>1.82</bouncycastle.version>
-        <ayza.version>10.0.0</ayza.version>
+        <bc-fips.version>2.1.2</bc-fips.version>
+        <bcpkix-fips.version>2.1.11</bcpkix-fips.version>
+        <bctls-fips.version>2.1.23</bctls-fips.version>
         <bytebuddy.version>1.18.3</bytebuddy.version>
         <!-- JaCoCo Properties -->
         <jacoco.version>0.8.13</jacoco.version>
@@ -78,39 +80,6 @@
                 <version>3.4</version>
                 <scope>provided</scope>
             </dependency>
-            <dependency>
-                <groupId>io.github.hakky54</groupId>
-                <artifactId>ayza-for-pem</artifactId>
-                <version>${ayza.version}</version>
-                <exclusions>
-                    <exclusion>
-                        <groupId>org.slf4j</groupId>
-                        <artifactId>slf4j-api</artifactId>
-                    </exclusion>
-                </exclusions>
-            </dependency>
-            <dependency>
-                <groupId>io.github.hakky54</groupId>
-                <artifactId>ayza</artifactId>
-                <version>${ayza.version}</version>
-                <exclusions>
-                    <exclusion>
-                        <groupId>org.slf4j</groupId>
-                        <artifactId>slf4j-api</artifactId>
-                    </exclusion>
-                </exclusions>
-            </dependency>
-            <dependency>
-                <groupId>io.github.hakky54</groupId>
-                <artifactId>ayza-for-netty</artifactId>
-                <version>${ayza.version}</version>
-                <exclusions>
-                    <exclusion>
-                        <groupId>org.slf4j</groupId>
-                        <artifactId>slf4j-api</artifactId>
-                    </exclusion>
-                </exclusions>
-            </dependency>
             <dependency>
                 <groupId>io.grpc</groupId>
                 <artifactId>grpc-netty-shaded</artifactId>
@@ -157,6 +126,26 @@
                 <artifactId>bcprov-jdk18on</artifactId>
                 <version>${bouncycastle.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.bouncycastle</groupId>
+                <artifactId>bctls-jdk18on</artifactId>
+                <version>${bouncycastle.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.bouncycastle</groupId>
+                <artifactId>bc-fips</artifactId>
+                <version>${bc-fips.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.bouncycastle</groupId>
+                <artifactId>bcpkix-fips</artifactId>
+                <version>${bcpkix-fips.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.bouncycastle</groupId>
+                <artifactId>bctls-fips</artifactId>
+                <version>${bctls-fips.version}</version>
+            </dependency>
             <!--
                 Pin Byte Buddy for test-time Mockito instrumentation on newer JVMs (e.g. Java 21).
                 This does NOT add a runtime dependency; it only manages the version used by modules.

sdk/pom.xml

@@ -17,6 +17,10 @@
         <connect.version>0.7.2</connect.version>
         <okhttp.version>4.12.0</okhttp.version>
         <platform.branch>protocol/go/v0.16.0</platform.branch>
+        <!-- in the non-FIPS case we don't need to pass anything to the jvm -->
+        <java.security.properties.test></java.security.properties.test>
+        <!-- Default empty argLine; overridden by jacoco:prepare-agent when the `coverage` profile is active -->
+        <argLine></argLine>
     </properties>
     <dependencies>
         <!-- Logging Dependencies -->
@@ -31,18 +35,6 @@
             <artifactId>oauth2-oidc-sdk</artifactId>
             <version>11.10.1</version>
         </dependency>
-        <dependency>
-            <groupId>io.github.hakky54</groupId>
-            <artifactId>ayza-for-pem</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>io.github.hakky54</groupId>
-            <artifactId>ayza</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>io.github.hakky54</groupId>
-            <artifactId>ayza-for-netty</artifactId>
-        </dependency>
         <!-- Serialization and Deserialization Dependencies -->
         <dependency>
             <groupId>com.google.code.gson</groupId>
@@ -160,15 +152,7 @@
             <version>6.0.53</version>
             <scope>provided</scope>
         </dependency>
-        <!-- Crypto Dependencies -->
-        <dependency>
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcpkix-jdk18on</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcprov-jdk18on</artifactId>
-        </dependency>
+        <!-- Crypto Dependencies are pulled in via the `non-fips` (default) or `fips` profile -->
         <!-- Testing Dependencies -->
         <dependency>
             <groupId>org.junit.jupiter</groupId>
@@ -483,11 +467,56 @@
                     </execution>
                 </executions>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <argLine>@{argLine} ${java.security.properties.test}</argLine>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
-    <!--profile
-    to execute fuzz test -->
     <profiles>
+        <profile>
+            <id>non-fips</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <dependencies>
+                <dependency>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bcpkix-jdk18on</artifactId>
+                    <scope>test</scope>
+                </dependency>
+            </dependencies>
+        </profile>
+        <profile>
+            <id>fips</id>
+            <activation>
+                <activeByDefault>false</activeByDefault>
+            </activation>
+            <properties>
+                <java.security.properties.test>-Djava.security.properties=${project.basedir}/src/test/resources/java.security.fips.test</java.security.properties.test>
+            </properties>
+            <dependencies>
+                <dependency>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bc-fips</artifactId>
+                    <scope>runtime</scope>
+                </dependency>
+                <dependency>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bctls-fips</artifactId>
+                    <scope>runtime</scope>
+                </dependency>
+                <dependency>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bcpkix-fips</artifactId>
+                    <scope>test</scope>
+                </dependency>
+            </dependencies>
+        </profile>
+        <!-- profile to execute fuzz test -->
         <profile>
             <id>fuzz</id>
             <activation>

sdk/src/main/java/io/opentdf/platform/sdk/AesGcm.java

@@ -3,6 +3,7 @@
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.KeyGenerator;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.GCMParameterSpec;
@@ -20,10 +21,27 @@
 public class AesGcm {
     public static final int GCM_NONCE_LENGTH = 12; // in bytes
     public static final int GCM_TAG_LENGTH = 16; // in bytes
+    public static final int GCM_KEY_SIZE_BITS = 256;
+    private static final String KEY_ALGORITHM = "AES";
     private static final String CIPHER_TRANSFORM = "AES/GCM/NoPadding";
 
     private final SecretKey key;
 
+    /**
+     * <p>Generate a fresh 256-bit AES key using the JCA {@link KeyGenerator}.</p>
+     *
+     * @return the encoded key bytes
+     */
+    static byte[] generateKey() {
+        try {
+            KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_ALGORITHM);
+            keyGenerator.init(GCM_KEY_SIZE_BITS);
+            return keyGenerator.generateKey().getEncoded();
+        } catch (NoSuchAlgorithmException e) {
+            throw new SDKException("error generating AES key", e);
+        }
+    }
+
 
     /**
      * <p>Return symmetric key</p>