bc-java icon indicating copy to clipboard operation
bc-java copied to clipboard
verified publisher icon bcgit

Not able to retrieve TLS mastersecret from BCJSSE 1.78.1

Open sanjerai opened this issue 1 year ago • 1 comments

I can see BCTLS provides getMasterSecret method under SessionParameters.java .

I am using Spring webclient with Jetty Client and BCJSSE as security provider for TLS1.3 over http2. After handshake is completed i am not able to retrieve mastersecret using BCJSSE. The BCExtendedSSLSession which i get after handshakeSucceeded event does not expose any method to fetch master secret.

Is it possible to have similar implementation as BCTLS in BCJSSE to fetch master secret.

sanjerai avatar Nov 05 '24 10:11 sanjerai

At the moment it's not available in BCJSSE because JSSE API provides no access to the master secret. It is a similar issue to getting channel bindings at handshake completion; my comment here mentions some possible ways we could provide the functionality in BCJSSE extensions.

peterdettman avatar Nov 08 '24 04:11 peterdettman