Enable HDKF to work with providers that do not allow secret keys to be created from arbitrary data.
This permits the TLS 1.3 handshake to complete with SunPKCS11 provider backed by NSS in FIPS mode. I added a TLS 1.3 test case to an existing test. The new test passes with the HKDF changes, fails without them. Other tier1-3 tests continue to pass. ------------- Commit messages: - Add bug ID - Try to use a CKO_DATA object if secret creation fails Changes: https://git.openjdk.org/jdk/pull/27384/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=27384&range=00 Issue: https://bugs.openjdk.org/browse/JDK-8368073 Stats: 99 lines in 3 files changed: 68 ins; 15 del; 16 mod Patch: https://git.openjdk.org/jdk/pull/27384.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/27384/head:pull/27384 PR: https://git.openjdk.org/jdk/pull/27384
