[BCJSSE] Check TLS-Session for equality between two connections (session resume) with TLSv1.3

[kimmerin]

Hi,

I'm using BCJSSE for TLS to be able to (easier) set the TLS session to be used in order to force a session resumption:

    BCSSLSocket oldS = (BCSSLSocket) oldSocket;
    BCSSLSocket newS = (BCSSLSocket) newSocket;
    BCExtendedSSLSession session = oldS.getBCSession();
    newSocket.setEnabledProtocols(new String[] {session.getProtocol()});
    newS.setBCSessionToResume(session);

On the server side I'm checking that by comparing the Session-ID:

    String oldSession = TextTools.join(session1.getId());
    String newSession = TextTools.join(session2.getId());
    if (!oldSession.equals(newSession)) {
        throw new Exception("I don't like you");
    }

This works unless TLSv1.3 is used. In that case setBCSessionToResume doesn't seem to work or I'll receive a different ID from getId() even if the session is resumed. If it's not the former, i.e. session-resume is still supported when using TLSv1.3 is my way of doing it wrong? If it's the latter, how can I check if session2 is a resumed session of session1?