RFR: 8341346: Add support for exporting TLS Keying Material [v12]
Bradford Wetmore
wetmore at openjdk.org
Fri May 16 17:19:54 UTC 2025
On Fri, 16 May 2025 16:50:22 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Personally, I would like to give user the chance to specify the algorithm themselves. A "TlsExporterKeyingMaterial" key will not be accepted by an AES cipher. If you are not ready for this, I'd rather only provide the `exportKeyingMaterialData` method now.
>
> How about adding a `String alg` parameter to `exportKeyingMaterialKey` like in the `KDF.deriveKey` API?
As discussed with @seanjmullan / @wangweij , that is the direction I'll try. It's not perfect, but a definite step in the right direction. Thanks for the idea.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24976#discussion_r2093423153
More information about the net-dev
mailing list