RFR: 8341346: Add support for exporting TLS Keying Material [v27]

[Bradford Wetmore]

On Thu, 29 May 2025 14:42:00 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> Bradford Wetmore has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 37 commits:
>> 
>>  - Merge branch 'master' into JDK-8341346
>>  - Remove TlsExporterKeyingMaterial for now.  Can add later if needed.
>>  - Merge branch 'master' into JDK-8341346
>>  - Merge branch 'master' into JDK-8341346
>>  - Added PKCS11 testing
>>  - Minor bug
>>  - Missed one change
>>  - Merge branch 'master' into JDK-8341346
>>  - Private Codereview comment:  Don't allow use of null keyAlgs, plus some minor cleanups
>>  - get*() no longer needed, backout error (oops!)
>>  - ... and 27 more: https://git.openjdk.org/jdk/compare/2ec6ab34...858362c8
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1494:
> 
>> 1492:             if (exporterMasterSecret == null) {
>> 1493:                 throw new RuntimeException(
>> 1494:                         "Exporter master secret not captured");
> 
> Do you want to choose another exception type? Like `ProviderException`. Actually, how unlikely this is? If you believe this would never happen (unless there is a programming error), you can even throw an `AssertionError`.
> 
> Same question in `useTLS10PlusSpec()` for the two randoms.

@wangweij asked if `SSLSession` are ever in a partially completed state.  The answer is yes, during handshaking the `SSLSocket/SSLEngine.getHandshakeSession()` methods can return `SSLSession` that is incomplete.  As such, it makes more sense for this to be an `IllegalArgumentException`.  

Drafted the CSR, made the update, and refinalized it.  Hopefully the wording is acceptable.  ;)

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24976#discussion_r2114985934