RFR: 8368073: PKCS11 HKDF can't use byte array IKM in FIPS mode

[Valerie Peng]

On Fri, 19 Sep 2025 08:32:41 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:

> Enable HDKF to work with providers that do not allow secret keys to be created from arbitrary data.
> 
> This permits the TLS 1.3 handshake to complete with SunPKCS11 provider backed by NSS in FIPS mode.
> 
> I added a TLS 1.3 test case to an existing test. The new test passes with the HKDF changes, fails without them. Other tier1-3 tests continue to pass.

src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11HKDF.java line 178:

> 176:             if (!isExtract || !"RAW".equalsIgnoreCase(baseKey.getFormat())) {
> 177:                 throw pe;
> 178:             }

How about merging line 202-207 with this code block, so that the key/data conversion is together.

+        long baseKeyID = 0L;
+        P11Key p11BaseKey = null;
+        try {
+            p11BaseKey = convertKey(baseKey, (isExtract ? "IKM" : "PRK") +
+                    " could not be converted to a token key for HKDF derivation.");
+            baseKeyID = p11BaseKey.getKeyID();
+        } catch (ProviderException pe) {
+            // special handling for FIPS mode when key cannot be imported
+            if (isExtract && "RAW".equalsIgnoreCase(baseKey.getFormat())) {
+                baseKeyID = convertKeyToData(baseKey);
+            } else {
+                throw pe;
+            }
+        }

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/27384#discussion_r2370660885