RFR: 8341346: Add support for exporting TLS Keying Material [v13]
Artur Barashev
abarashev at openjdk.org
Thu May 15 00:40:53 UTC 2025
On Thu, 15 May 2025 00:23:56 GMT, Bradford Wetmore <wetmore at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1583:
>>
>>> 1581: // Calculations are primarily based on protocol version.
>>> 1582: switch (protocolVersion) {
>>> 1583: case TLS13: // HKDF-based
>>
>> Should we also handle `TLS13Plus` versions here?
>
> I like the enumeration as it's possible there could be new behavior with TLS14Plus, but this might save a few minutes down the road, so I've changed it.
Yes, the general approach in SSL code is to use `if (protocolVersion.useTLS13PlusSpec()) {} else {}`
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24976#discussion_r2089949997
More information about the net-dev
mailing list