RFR: 8341346: Add support for exporting TLS Keying Material [v15]
Artur Barashev
abarashev at openjdk.org
Wed May 14 20:15:54 UTC 2025
On Wed, 14 May 2025 04:03:44 GMT, Bradford Wetmore <wetmore at openjdk.org> wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net jck:api/javax_security jck:api/org_ietf jck:api/javax_xml/crypto)
>
> Bradford Wetmore has updated the pull request incrementally with one additional commit since the last revision:
>
> Merged with changes for JDK-8353578
src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1727:
> 1725:
> 1726: // context length must fit in 2 unsigned bytes.
> 1727: if ((context != null) && context.length >= 65536) {
Nit: `context.length > 0xFFFF` would be more readable IMO
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24976#discussion_r2089670919
More information about the net-dev
mailing list