RFR: 8349849: PKCS11 SunTlsKeyMaterial crashes when used with TLS1.2 TlsKeyMaterialParameterSpec
Daniel Jeliński
djelinski at openjdk.org
Thu Feb 13 18:45:17 UTC 2025
On Thu, 13 Feb 2025 18:41:01 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> TLS 1.2 is version 3.3.
>> The versions are:
>> SSL 3.0 - 3.0
>> TLS 1.0 - 3.1
>> TLS 1.1 - 3.2
>> TLS 1.2 - 3.3
>
> Ah ok. So I assume TLS 1.3 is using a different code path or KDF.
TLS 1.3 uses HKDF, and doesn't work with SunPKCS11 yet, see [JDK-8278640](https://bugs.openjdk.org/browse/JDK-8278640)
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23583#discussion_r1955045362
More information about the security-dev
mailing list