Re: RFR: 8277307: Pre shared key sent under both session_ticket and pre_shared_key extensions

Sean Coffey Tue, 31 May 2022 06:51:07 -0700

On Fri, 27 May 2022 13:20:24 GMT, Daniel Jeliński <djelin...@openjdk.org> wrote:


> Session ticket extension should only contain pre-TLS1.3 stateless session 
> tickets; it should not be used for sending TLS1.3 pre-shared keys.

src/java.base/share/classes/sun/security/ssl/SessionTicketExtension.java line 
410:

> 408:                     || chc.resumingSession.getPskIdentity() == null
> 409:                     || !Arrays.asList(ProtocolVersion.PROTOCOLS_10_12)
> 410:                         
> .contains(chc.resumingSession.getProtocolVersion())) {

would  `chc.resumingSession.getProtocolVersion().useTLS13PlusSpec()` read 
better for your last condition ? Might save on Array allocations also ?

-------------

PR: https://git.openjdk.java.net/jdk/pull/8922

Re: RFR: 8277307: Pre shared key sent under both session_ticket and pre_shared_key extensions

Reply via email to