On Thu, 8 May 2025 06:03:03 GMT, Bradford Wetmore <wetm...@openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1694: >> >>> 1692: >>> 1693: // ...now the final expand. >>> 1694: SecretKey key = hkdf.deriveKey(label, >> >> PKCS #11 is picky about key algorithm names and I'm not sure if `label` is >> always accepted. The KDF API has the algorithm in the method arguments so >> it's left to user to specify one. I'm not sure how the export keying >> material will be used. If it is used in encryption, the algorithm may need >> to be something like "AES". > > IIUC, the exported keying material can be used for any purpose or algorithm, > so we really can't make an good educated guess what it might be. They could > be Keys (Ciphers), byte array/value challenges, or even just data that will > be signed. This is just doing a quick read of some of the IANA definitions > which link to some of the known use cases: > > > https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels > > > Thus the type needs to be something generic. The label sounded good > initially, but there is no specific prohibition against non-null/empty label > in the TLS Exporters, but KDF prohibits null/empty labels. > > Maybe a label like "ExportKeyingMaterial"? I have adjusted the API to take an `algName` for the `SecretKey`. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/24976#discussion_r2093695778
