RFR: 8341346: Add support for exporting TLS Keying Material [v9]
Bradford Wetmore
wetmore at openjdk.org
Fri May 9 05:12:30 UTC 2025
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE respectively.
>
> CSR is underway.
>
> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net jck:api/javax_security jck:api/org_ietf jck:api/javax_xml/crypto)
Bradford Wetmore has updated the pull request incrementally with one additional commit since the last revision:
Rework to avoid PKCS11 data extraction problems, and enhanced input verification and unit testing
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/24976/files
- new: https://git.openjdk.org/jdk/pull/24976/files/2e5f5342..598fc579
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=24976&range=08
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=24976&range=07-08
Stats: 275 lines in 3 files changed: 188 ins; 19 del; 68 mod
Patch: https://git.openjdk.org/jdk/pull/24976.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/24976/head:pull/24976
PR: https://git.openjdk.org/jdk/pull/24976
More information about the security-dev
mailing list