> TLS 1.3 changed the way it generates the FFDHE shared secret. In TLS 1.2, the > leading zeroes in the shared secret were stripped, and in TLS 1.3 the leading > zeroes are preserved. > > Thanks to the recent work in > [JDK-8189441](https://bugs.openjdk.org/browse/JDK-8189441), we now have a new > algorithm name `Generic` that can be used to generate a shared secret with > the leading zeroes preserved. > > This PR changes the TLS 1.3 handshake to use the new algorithm name. > > I didn't add any tests to verify the correctness of the handshake. This can > be verified using tlsfuzzer, see JBS for details. > > Tier1-3 tests continue to pass.
Daniel Jeliński has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains five commits: - Merge branch 'master' into tls13-ffdhe - Revert PKCS11 changes - Update copyright, add bug IDs - Fix PKCS11 DH key derivation - Keep leading zeroes in tls13 ------------- Changes: https://git.openjdk.org/jdk/pull/27343/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=27343&range=02 Stats: 2 lines in 1 file changed: 0 ins; 1 del; 1 mod Patch: https://git.openjdk.org/jdk/pull/27343.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/27343/head:pull/27343 PR: https://git.openjdk.org/jdk/pull/27343
