RFR: 8341346: Add support for exporting TLS Keying Material [v27]

[Bradford Wetmore]

On Thu, 29 May 2025 11:17:50 GMT, Hai-May Chao <hchao at openjdk.org> wrote:

>> Bradford Wetmore has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 37 commits:
>> 
>>  - Merge branch 'master' into JDK-8341346
>>  - Remove TlsExporterKeyingMaterial for now.  Can add later if needed.
>>  - Merge branch 'master' into JDK-8341346
>>  - Merge branch 'master' into JDK-8341346
>>  - Added PKCS11 testing
>>  - Minor bug
>>  - Missed one change
>>  - Merge branch 'master' into JDK-8341346
>>  - Private Codereview comment:  Don't allow use of null keyAlgs, plus some minor cleanups
>>  - get*() no longer needed, backout error (oops!)
>>  - ... and 27 more: https://git.openjdk.org/jdk/compare/2ec6ab34...858362c8
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1559:
> 
>> 1557:                     emptyHash = md.digest();
>> 1558:                 } catch (NoSuchAlgorithmException nsae) {
>> 1559:                     throw new ProviderException(
> 
> This exception is not listed in `@throws` of new API in `ExtendedSSLSession.java`?

Weijun and I talked about this.  This is a really extreme case all providers that provide basic functionality have been removed.  We don't mention this anywhere else, and it's done in several places.  It's a RuntimeException, and we don't always document every situation. 

I'm ok to skip this one.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24976#discussion_r2114826097