RFR: 8341346: Add support for exporting TLS Keying Material [v17]
Bradford Wetmore
wetmore at openjdk.org
Fri May 16 21:50:12 UTC 2025
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE respectively.
>
> CSR is underway.
>
> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net jck:api/javax_security jck:api/org_ietf jck:api/javax_xml/crypto)
Bradford Wetmore has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 25 commits:
- Merge branch 'master' into JDK-8341346
- Updated API to include SecretKey type, and a couple minor codereview comments
- Merge branch 'master' into JDK-8341346
- Minor Codereview comments.
- Codereview comments: updated test to extend from SSLEngineTemplate, API tweaks, couple small bugs
- Codereview comments: updated test to extend from SSLEngineTemplate, API tweaks, couple small bugs
- Codereview: removed serialization of of exporter Secret/randoms, and adjusted TLSv1-1.2 randoms capture locations since mastersecret could be reused
- Merged with changes for JDK-8353578
- Merge
- Merge branch 'master' into JDK-8341346
- ... and 15 more: https://git.openjdk.org/jdk/compare/10258dc5...0f08ff2c
-------------
Changes: https://git.openjdk.org/jdk/pull/24976/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24976&range=16
Stats: 1038 lines in 9 files changed: 1020 ins; 2 del; 16 mod
Patch: https://git.openjdk.org/jdk/pull/24976.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/24976/head:pull/24976
PR: https://git.openjdk.org/jdk/pull/24976
More information about the net-dev
mailing list