Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not able to retrieve TLS mastersecret from BCJSSE 1.78.1 #1894

Open
sanjerai opened this issue Nov 5, 2024 · 1 comment
Open

Not able to retrieve TLS mastersecret from BCJSSE 1.78.1 #1894

sanjerai opened this issue Nov 5, 2024 · 1 comment
Labels
enhancement New feature or request

Comments

@sanjerai
Copy link

sanjerai commented Nov 5, 2024

I can see BCTLS provides getMasterSecret method under SessionParameters.java .

I am using Spring webclient with Jetty Client and BCJSSE as security provider for TLS1.3 over http2.
After handshake is completed i am not able to retrieve mastersecret using BCJSSE.
The BCExtendedSSLSession which i get after handshakeSucceeded event does not expose any method to fetch master secret.

Is it possible to have similar implementation as BCTLS in BCJSSE to fetch master secret.
@peterdettman
Copy link
Collaborator

At the moment it's not available in BCJSSE because JSSE API provides no access to the master secret. It is a similar issue to getting channel bindings at handshake completion; my comment here mentions some possible ways we could provide the functionality in BCJSSE extensions.

@winfriedgerlach winfriedgerlach added the enhancement New feature or request label Jan 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@peterdettman @sanjerai @winfriedgerlach