On Thu, 15 May 2025 19:41:16 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> From a previous comment: >> >> IIUC, the exported keying material can be used for any purpose or algorithm, >> so we really can't make an good educated guess what it might be. They could >> be Keys (Ciphers), byte array/value challenges, or even just data that will >> be signed. This is just doing a quick read of some of the IANA definitions >> which link to some of the known use cases: >> >> >> https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels > > Personally, I would like to give user the chance to specify the algorithm > themselves. A "TlsExporterKeyingMaterial" key will not be accepted by an AES > cipher. If you are not ready for this, I'd rather only provide the > `exportKeyingMaterialData` method now. How about adding a `String alg` parameter to `exportKeyingMaterialKey` like in the `KDF.deriveKey` API? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/24976#discussion_r2093387401
