RFR: 8341346: Add support for exporting TLS Keying Material [v12]
Weijun Wang
weijun at openjdk.org
Thu May 15 19:43:54 UTC 2025
On Thu, 15 May 2025 04:26:30 GMT, Bradford Wetmore <wetmore at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1682:
>>
>>> 1680: // ...now the final expand.
>>> 1681: return (deriveKey ?
>>> 1682: hkdf.deriveKey("TlsExporterKeyingMaterial",
>>
>> Using a registered algorithm will make this method work, but I'm not sure if the resulting key can be used further. Do you know any typical use cases for the EKM?
>
> From a previous comment:
>
> IIUC, the exported keying material can be used for any purpose or algorithm, so we really can't make an good educated guess what it might be. They could be Keys (Ciphers), byte array/value challenges, or even just data that will be signed. This is just doing a quick read of some of the IANA definitions which link to some of the known use cases:
>
> https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels
Personally, I would like to give user the chance to specify the algorithm themselves. A "TlsExporterKeyingMaterial" key will not be accepted by an AES cipher. If you are not ready for this, I'd rather only provide the `exportKeyingMaterialData` method now.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24976#discussion_r2091851924
More information about the net-dev
mailing list