Code Review Request: JDK-8148421 (Extended Master Secret TLS extension)
Martin Balao
mbalao at redhat.com
Fri Aug 4 13:18:15 UTC 2017
Hi,
This is my proposal for JDK-8148421 (Support Transport Layer Security (TLS)
Session Hash and Extended Master Secret Extension) [1]:
* http://cr.openjdk.java.net/~sgehwolf/webrevs/mbalaoal/JDK-8148421/webrev.01/
(browse online)
*
http://cr.openjdk.java.net/~sgehwolf/webrevs/mbalaoal/JDK-8148421/webrev.01/8148421.webrev.01.zip
(download)
Notes:
* There is no PKCS#11 support for Extended Master Secret key derivation at
this moment. NSS supports it through a vendor-specific type definition
(CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE and
CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH in pkcs11n.h file). Thus,
P11TlsMasterSecretGenerator uses the legacy Master Key Derivation method
only.
Thanks in advanced,
Martin.-
--
[1] - https://bugs.openjdk.java.net/browse/JDK-8148421
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20170804/4dcea092/attachment.htm>
More information about the security-dev
mailing list