On Wed, 14 May 2025 19:17:15 GMT, Daniel Jeliński <[email protected]> wrote:
>> Bradford Wetmore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Merged with changes for JDK-8353578
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 329:
>
>> 327: */
>> 328:
>> 329: SSLSessionImpl(HandshakeContext hc, ByteBuffer buf) throws
>> IOException {
>
> this constructor is used for session resumption using deserialized stateless
> session tickets. AFAICT the resumed session uses a new set of exporter
> secrets (exporterMasterSecret is overwritten during processing of the
> Finished message, not sure about the randoms). Does it make any sense to
> store the original exporter secrets in the stateless ticket?
Good catch, I am 99% convinced neither is not needed. I'll be removing these
changes.
For TLS 1.3, the exporter is recalculated at the end of the handshake for the
new session.
For 1-1.2, the Session is indeed pulled from the serialized form, but the new
session's Hello Random values are used with the existing MasterSecret to load
the `TlsKeyMaterialParameterSpec` and obtain all of the keying material.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24976#discussion_r2089796579
