RFR 8130302: jarsigner and keytool -providerClass needs be re-examined for modules
Weijun Wang
weijun.wang at oracle.com
Thu Feb 18 09:08:57 UTC 2016
OK, but with -providerClass I'd like to support a class name even if it
is already defined in a module as a service and has its own name. This
makes sure old commands still work.
> The existing -providerClass takes a class name and works as before. The
> -provider takes the name of a security provider and locates the provider
> with that name. For -provider then an example in the usage message
> would make it very clear.
Will file a sub-task.
>
> You are right that it would be simple code to fallback and handle both
> but this will just lead to mis-use and will make it harder to change in
> the future. For the java.security file then the fallback was important
> because it seemed common for 3rd party providers to add security
> providers there. It's not obvious that it is important here.
>
> BTW: Docs and help output use the term "provider master class". Is the
> word "master" needed? It hints of master key or the like but it's really
> the name of the security provider implementation class.
I think by "master" it means the class implementing Provider but not the
one implementing KeyStore or KeyPairGenerator. It's not needed.
Thanks
Max
>
> -Alan
More information about the security-dev
mailing list