RFR: 8298381: Improve handling of session tickets for multiple SSLContexts [v4]
Volker Simonis
simonis at openjdk.org
Fri Dec 23 11:07:56 UTC 2022
On Thu, 22 Dec 2022 17:15:36 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> Volker Simonis has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Moved stateless key logic from SSLContextImpl to SSLSessionContextImpl and addressed comments by @XueleiFan and @ascarpino
>
> src/java.base/share/classes/sun/security/ssl/SessionTicketExtension.java line 122:
>
>> 120: try {
>> 121: KeyGenerator kg = KeyGenerator.getInstance("AES");
>> 122: kg.init(KEYLEN, hc.sslContext.getSecureRandom());
>
> I think it's important to use random from hc. Configurations with specific providers would not want to use a different provider for key generations.
Understood and fixed.
-------------
PR: https://git.openjdk.org/jdk/pull/11590
More information about the security-dev
mailing list