Re: RFR: 8341346: Add support for exporting TLS Keying Material [v30]

2025-05-30 Thread Hai-May Chao
On Fri, 30 May 2025 21:58:38 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is complete/approved. >> >> Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK >> API (jck:api/java_secu

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v30]

2025-05-30 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is complete/approved. > > Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_securi

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v30]

2025-05-30 Thread Jamil Nimeh
On Fri, 30 May 2025 21:54:55 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is complete/approved. >> >> Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK >> API (jck:api/java_secu

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v29]

2025-05-30 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is complete/approved. > > Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_securi

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-30 Thread Hai-May Chao
On Fri, 30 May 2025 01:25:37 GMT, Bradford Wetmore wrote: >> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1494: >> >>> 1492: if (exporterMasterSecret == null) { >>> 1493: throw new RuntimeException( >>> 1494: "Exporter

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v28]

2025-05-30 Thread Hai-May Chao
On Fri, 30 May 2025 01:13:48 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is complete/approved. >> >> Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK >> API (jck:api/java_secu

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v28]

2025-05-30 Thread Jamil Nimeh
On Fri, 30 May 2025 01:13:48 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is complete/approved. >> >> Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK >> API (jck:api/java_secu

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v28]

2025-05-29 Thread Weijun Wang
On Fri, 30 May 2025 01:13:48 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is complete/approved. >> >> Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK >> API (jck:api/java_secu

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-29 Thread Bradford Wetmore
On Thu, 29 May 2025 14:42:00 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 37 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Remove TlsExporterKeyingMaterial for now.

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v28]

2025-05-29 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is complete/approved. > > Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_securi

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-29 Thread Hai-May Chao
On Thu, 29 May 2025 00:54:37 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is complete/approved. >> >> Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK >> API (jck:api/java_secu

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-29 Thread Bradford Wetmore
On Thu, 29 May 2025 14:22:16 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 37 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Remove TlsExporterKeyingMaterial for now.

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-29 Thread Bradford Wetmore
On Thu, 29 May 2025 11:17:50 GMT, Hai-May Chao wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 37 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Remove TlsExporterKeyingMaterial for now.

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-29 Thread Bradford Wetmore
On Thu, 29 May 2025 14:12:47 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 37 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Remove TlsExporterKeyingMaterial for now.

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-29 Thread Bradford Wetmore
On Thu, 29 May 2025 14:09:38 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 37 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Remove TlsExporterKeyingMaterial for now.

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-29 Thread Bradford Wetmore
On Thu, 29 May 2025 14:08:10 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 37 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Remove TlsExporterKeyingMaterial for now.

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v26]

2025-05-29 Thread Bradford Wetmore
On Tue, 27 May 2025 23:37:45 GMT, Artur Barashev wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 36 commits: >> >> - Remove TlsExporterKeyingMaterial for now. Can add later if needed. >> - Merge branc

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-29 Thread Weijun Wang
On Thu, 29 May 2025 00:54:37 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is complete/approved. >> >> Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK >> API (jck:api/java_secu

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-29 Thread Hai-May Chao
On Thu, 29 May 2025 00:54:37 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is complete/approved. >> >> Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK >> API (jck:api/java_secu

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v27]

2025-05-28 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is complete/approved. > > Tests include new unit tests for TLSv1-1.3. Have run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_securi

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v26]

2025-05-27 Thread Artur Barashev
On Fri, 23 May 2025 21:23:04 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v26]

2025-05-23 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v25]

2025-05-22 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v24]

2025-05-20 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v23]

2025-05-20 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v22]

2025-05-20 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v21]

2025-05-20 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v20]

2025-05-20 Thread Bradford Wetmore
On Mon, 19 May 2025 22:24:52 GMT, Jamil Nimeh wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> get*() no longer needed, backout error (oops!) > > src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v20]

2025-05-19 Thread Jamil Nimeh
On Mon, 19 May 2025 20:28:46 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v18]

2025-05-19 Thread Bradford Wetmore
On Mon, 19 May 2025 15:13:26 GMT, Hai-May Chao wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Updated copyright dates. > > src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1623: > >> 1621

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v20]

2025-05-19 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v18]

2025-05-19 Thread Bradford Wetmore
On Mon, 19 May 2025 15:06:26 GMT, Hai-May Chao wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Updated copyright dates. > > src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 746: > >> 744:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v19]

2025-05-19 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v18]

2025-05-19 Thread Hai-May Chao
On Sat, 17 May 2025 00:03:10 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v18]

2025-05-19 Thread Hai-May Chao
On Sat, 17 May 2025 00:03:10 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v18]

2025-05-16 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v17]

2025-05-16 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v7]

2025-05-16 Thread Bradford Wetmore
On Wed, 7 May 2025 16:21:23 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Updated to use the upcoming KDF (still in preview) + bits of JDK-8353578 >> for compilation) > > src/java.base/share

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v7]

2025-05-16 Thread Bradford Wetmore
On Thu, 8 May 2025 06:03:03 GMT, Bradford Wetmore wrote: >> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1694: >> >>> 1692: >>> 1693: // ...now the final expand. >>> 1694: SecretKey key = hkdf.deriveKey(label, >> >> PKCS #11 is p

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-16 Thread Bradford Wetmore
On Fri, 16 May 2025 17:17:04 GMT, Bradford Wetmore wrote: >> How about adding a `String alg` parameter to `exportKeyingMaterialKey` like >> in the `KDF.deriveKey` API? > > As discussed with @seanjmullan / @wangweij , that is the direction I'll try. > It's not perfect, but a definite step in th

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-16 Thread Bradford Wetmore
On Tue, 13 May 2025 13:07:18 GMT, Weijun Wang wrote: >> It seems like it should be an exception, whatever you decide to do. The >> caller is asking for the keying material data, and the provider cannot >> fulfill that request, so I think explaining why it could not be done would >> be best rep

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-16 Thread Bradford Wetmore
On Thu, 15 May 2025 04:22:42 GMT, Bradford Wetmore wrote: >> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1650: >> >>> 1648: emptyHash = md.digest(); >>> 1649: } catch (NoSuchAlgorithmException nsae) { >>> 1650: thr

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-16 Thread Bradford Wetmore
On Fri, 16 May 2025 16:50:22 GMT, Sean Mullan wrote: >> Personally, I would like to give user the chance to specify the algorithm >> themselves. A "TlsExporterKeyingMaterial" key will not be accepted by an AES >> cipher. If you are not ready for this, I'd rather only provide the >> `exportKeyi

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-16 Thread Sean Mullan
On Thu, 15 May 2025 19:41:16 GMT, Weijun Wang wrote: >> From a previous comment: >> >> IIUC, the exported keying material can be used for any purpose or algorithm, >> so we really can't make an good educated guess what it might be. They could >> be Keys (Ciphers), byte array/value challenges,

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v16]

2025-05-15 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v15]

2025-05-15 Thread Bradford Wetmore
On Thu, 15 May 2025 20:42:39 GMT, Sean Mullan wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Merged with changes for JDK-8353578 > > src/java.base/share/classes/javax/net/ssl/ExtendedSSLSession.java line 169:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v15]

2025-05-15 Thread Sean Mullan
On Wed, 14 May 2025 04:03:44 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v15]

2025-05-15 Thread Sean Mullan
On Wed, 14 May 2025 04:03:44 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-15 Thread Weijun Wang
On Thu, 15 May 2025 04:26:30 GMT, Bradford Wetmore wrote: >> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1682: >> >>> 1680: // ...now the final expand. >>> 1681: return (deriveKey ? >>> 1682: >>> hkdf.

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-15 Thread Artur Barashev
On Thu, 15 May 2025 01:59:50 GMT, Bradford Wetmore wrote: >> test/jdk/javax/net/ssl/ExtendedSSLSession/ExportKeyingMaterialTests.java >> line 62: >> >>> 60: * produced. >>> 61: */ >>> 62: public class ExportKeyingMaterialTests extends SSLContextTemplate { >> >> What's the reason we don't use

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v15]

2025-05-15 Thread Bradford Wetmore
On Thu, 15 May 2025 12:51:16 GMT, Artur Barashev wrote: >> Sure. > > Also, the parentheses are not needed around `context != null` If there's one things to know about me, it's my liberal use of parens. I want my code to match my intent. I plan to update the "missing" parens. - P

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v15]

2025-05-15 Thread Artur Barashev
On Thu, 15 May 2025 00:27:31 GMT, Bradford Wetmore wrote: >> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1727: >> >>> 1725: >>> 1726: // context length must fit in 2 unsigned bytes. >>> 1727: if ((context != null) && context.length >= 65536) { >

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-14 Thread Bradford Wetmore
On Tue, 13 May 2025 13:37:18 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Missed one review comment > > src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1682: > >> 1680

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-14 Thread Bradford Wetmore
On Tue, 13 May 2025 13:25:21 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Missed one review comment > > src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1650: > >> 1648

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-14 Thread Bradford Wetmore
On Tue, 13 May 2025 17:13:03 GMT, Artur Barashev wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Missed one review comment > > test/jdk/javax/net/ssl/ExtendedSSLSession/ExportKeyingMaterialTests.java line > 62

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v15]

2025-05-14 Thread Bradford Wetmore
On Wed, 14 May 2025 20:13:36 GMT, Artur Barashev wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Merged with changes for JDK-8353578 > > src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 172

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v13]

2025-05-14 Thread Artur Barashev
On Thu, 15 May 2025 00:23:56 GMT, Bradford Wetmore wrote: >> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1583: >> >>> 1581: // Calculations are primarily based on protocol version. >>> 1582: switch (protocolVersion) { >>> 1583: case TLS13: // HK

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-14 Thread Bradford Wetmore
On Tue, 13 May 2025 13:23:16 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Missed one review comment > > src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1598: > >> 1596

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v13]

2025-05-14 Thread Bradford Wetmore
On Tue, 13 May 2025 21:44:21 GMT, Artur Barashev wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 16 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Missed one review comment >> - More cod

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v15]

2025-05-14 Thread Bradford Wetmore
On Wed, 14 May 2025 21:42:06 GMT, Bradford Wetmore wrote: >> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 329: >> >>> 327: */ >>> 328: >>> 329: SSLSessionImpl(HandshakeContext hc, ByteBuffer buf) throws >>> IOException { >> >> this constructor is used for ses

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-14 Thread Bradford Wetmore
On Tue, 13 May 2025 12:16:37 GMT, Sean Mullan wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Missed one review comment > > src/java.base/share/classes/javax/net/ssl/ExtendedSSLSession.java line 189: > >> 187:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v15]

2025-05-14 Thread Bradford Wetmore
On Wed, 14 May 2025 19:17:15 GMT, Daniel Jeliński wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Merged with changes for JDK-8353578 > > src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 32

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v15]

2025-05-14 Thread Daniel Jeliński
On Wed, 14 May 2025 04:03:44 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v15]

2025-05-13 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v14]

2025-05-13 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v13]

2025-05-13 Thread Artur Barashev
On Tue, 13 May 2025 17:41:32 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v13]

2025-05-13 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-13 Thread Artur Barashev
On Tue, 13 May 2025 05:32:34 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-13 Thread Weijun Wang
On Tue, 13 May 2025 05:32:34 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-13 Thread Weijun Wang
On Tue, 13 May 2025 05:32:34 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-13 Thread Weijun Wang
On Tue, 13 May 2025 12:26:54 GMT, Sean Mullan wrote: >> I was following the SecretKey.getEncoded() style. I see now that >> KDF.deriveData() does do UOE. >> >> I could go either way on this. I do need to make this consistent, I have >> TLSv1.3 using KDF style, and TLSv1-TLSv1.2 using the n

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-13 Thread Sean Mullan
On Tue, 13 May 2025 05:32:34 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-13 Thread Sean Mullan
On Tue, 13 May 2025 05:13:42 GMT, Bradford Wetmore wrote: >> src/java.base/share/classes/javax/net/ssl/ExtendedSSLSession.java line 254: >> >>> 252: * >>> 253: * @return a byte array of size {@code length} that contains the >>> EKM >>> 254: * material, or null if the deri

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-12 Thread Bradford Wetmore
On Mon, 12 May 2025 15:07:20 GMT, Sean Mullan wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 13 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Adjustments made for JDK-8350830 >> - Merg

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-12 Thread Bradford Wetmore
On Mon, 12 May 2025 14:58:07 GMT, Sean Mullan wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 13 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Adjustments made for JDK-8350830 >> - Merg

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v12]

2025-05-12 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v11]

2025-05-12 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-12 Thread Bradford Wetmore
On Mon, 12 May 2025 15:02:31 GMT, Sean Mullan wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 13 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Adjustments made for JDK-8350830 >> - Merg

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-12 Thread Bradford Wetmore
On Sat, 10 May 2025 13:48:05 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 13 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Adjustments made for JDK-8350830 >> - Merg

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-12 Thread Bradford Wetmore
On Mon, 12 May 2025 14:45:36 GMT, Sean Mullan wrote: >> Bradford Wetmore has updated the pull request with a new target base due to >> a merge or a rebase. The pull request now contains 13 commits: >> >> - Merge branch 'master' into JDK-8341346 >> - Adjustments made for JDK-8350830 >> - Merg

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-12 Thread Sean Mullan
On Fri, 9 May 2025 21:38:07 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:a

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-10 Thread Weijun Wang
On Fri, 9 May 2025 21:38:07 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:a

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v10]

2025-05-09 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v9]

2025-05-08 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v7]

2025-05-07 Thread Bradford Wetmore
On Wed, 7 May 2025 16:28:27 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Updated to use the upcoming KDF (still in preview) + bits of JDK-8353578 >> for compilation) > > src/java.base/share

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v8]

2025-05-07 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v7]

2025-05-07 Thread Weijun Wang
On Wed, 7 May 2025 05:47:30 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:a

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v7]

2025-05-07 Thread Weijun Wang
On Wed, 7 May 2025 05:47:30 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:a

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v7]

2025-05-06 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v6]

2025-05-06 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v5]

2025-05-06 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v3]

2025-05-01 Thread Weijun Wang
On Thu, 1 May 2025 19:32:03 GMT, Bradford Wetmore wrote: >> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1691: >> >>> 1689: // ...now the final expand. >>> 1690: SecretKey key = hkdf.expand(derivedSecret, hkdfInfo, >>> length, >>> 1691:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v4]

2025-05-01 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v3]

2025-05-01 Thread Bradford Wetmore
On Thu, 1 May 2025 18:26:03 GMT, Artur Barashev wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Moved too fast > > test/jdk/javax/net/ssl/ExtendedSSLSession/TLSKeyExporters.java line 324: > >> 322: ser

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v3]

2025-05-01 Thread Bradford Wetmore
On Thu, 1 May 2025 18:24:19 GMT, Artur Barashev wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Moved too fast > > test/jdk/javax/net/ssl/ExtendedSSLSession/TLSKeyExporters.java line 296: > >> 294: //

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v3]

2025-05-01 Thread Bradford Wetmore
On Thu, 1 May 2025 15:18:43 GMT, Weijun Wang wrote: >> Bradford Wetmore has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Moved too fast > > src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1691: > >> 1689:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v3]

2025-05-01 Thread Artur Barashev
On Wed, 30 Apr 2025 23:38:03 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v3]

2025-05-01 Thread Weijun Wang
On Wed, 30 Apr 2025 23:38:03 GMT, Bradford Wetmore wrote: >> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v2]

2025-04-30 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

Re: RFR: 8341346: Add support for exporting TLS Keying Material [v3]

2025-04-30 Thread Bradford Wetmore
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE > respectively. > > CSR is underway. > > Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK > API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net > jck:api/javax_security jck:ap

  1   2   >