Any updates on this? Thanks, Martin.-
On Thu, Feb 15, 2018 at 9:53 PM, Valerie Peng <valerie.p...@oracle.com> wrote: > > I am ok with the idea of putting the public API refactoring under a > separate RFE. > Let me apply your updated patch below and run existing regressions again. > Thanks, > Valerie > > > On 2/5/2018 5:51 AM, Martin Balao wrote: > > Hi Valerie, > > Thanks for your review. > > Here it's the new webrev updated to the new repository structure. I've > also updated the testcase to use the new @module jtreg feature: > > * http://cr.openjdk.java.net/~akasko/mbalao/jdk_8029661_tls_ > 12_sunpkcs11/2018_02_02/8029661.webrev.02 (online) > * http://cr.openjdk.java.net/~akasko/mbalao/jdk_8029661_tls_ > 12_sunpkcs11/2018_02_02/8029661.webrev.02.zip (download) > > A few comments in regards to creating public APIs from > sun.security.internal.spec classes. > > Classes in jdk/src/java.base/share/classes/sun/security/internal/spec: > * TlsKeyMaterialParameterSpec.java > * TlsMasterSecretParameterSpec.java > * TlsRsaPremasterSecretParameterSpec.java > * TlsKeyMaterialSpec.java > * TlsPrfParameterSpec.java > > Classes in jdk/src/java.base/share/classes/java/security/spec (which I > assume would be the destination): > * AlgorithmParameterSpec.java > * ECGenParameterSpec.java > * InvalidParameterSpecException.java > * RSAOtherPrimeInfo.java > * DSAGenParameterSpec.java > * ECParameterSpec.java > * KeySpec.java > * ... > > TlsRsaPremasterSecretParameterSpec class contains information about min > and max SSL/TLS version and, optionally, the pre-master encoded key. This > information may be useful to any 3rd party class that implements a > KeyGenerator to generate RSA pre-master secrets. > > TlsMasterSecretParameterSpec class contains information (client/server > random, pre-master secret, hash algorithm, etc.) to generate a master > secret from a pre-master secret. > > TlsKeyMaterialParameterSpec class contains information (client/server > random, master secret, hash algorithm, etc.) to generate keys for a session > from a master secret. > > TlsPrfParameterSpec class contains information (secret key, label, hash > algorithm, etc.) to generate handshake authentication codes. > > TlsKeyMaterialSpec class contains information about session keys. This > class inherits from SecretKey class. > > So, I agree with you: these parameters/specs may be used by a 3rd party > and would be better to have them as public interfaces. > > However, I suggest to address that in a new ticket because: > * it is not strictly inherent to SunPKCS11 + TLS 1.2 support we are > providing in the context of this ticket; > * it would be more clear both in tickets documentation and repository > changeset; > * this refactoring is going to go through CSR, which SunPKCS11 + TLS 1.2 > support does not need; and, > * we should also evaluate how TLS 1.3 changes going to impact into this. > > Would splitting this into a new ticket work for you? > > Kind regards, > Martin.- > > >
