On Fri, 9 May 2025 21:38:07 GMT, Bradford Wetmore <wetm...@openjdk.org> wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE >> respectively. >> >> CSR is underway. >> >> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK >> API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net >> jck:api/javax_security jck:api/org_ietf jck:api/javax_xml/crypto) > > Bradford Wetmore has updated the pull request with a new target base due to a > merge or a rebase. The pull request now contains 13 commits: > > - Merge branch 'master' into JDK-8341346 > - Adjustments made for JDK-8350830 > - Merge branch 'master' into JDK-8341346 > - Rework to avoid PKCS11 data extraction problems, and enhanced input > verification and unit testing > - More Codereview comments > - Updated to use the upcoming KDF (still in preview) + bits of JDK-8353578 > for compilation) > - Add in the SharedSecrets SecretKeySpec clearing mechanism > - More codereview/CSR comments > - Merge branch 'master' into JDK-8341346 > - Codereview comments. > - ... and 3 more: https://git.openjdk.org/jdk/compare/68a11850...bd227aa8 Register your new algorithm "TlsExporterMasterSecret" at https://github.com/openjdk/jdk/blob/6536430a3bdedcf5e0636e0eb27bde5e0d7b40fd/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java#L272. ------------- PR Comment: https://git.openjdk.org/jdk/pull/24976#issuecomment-2868873399
