RFR 8242260: Remove customizable ContentSigner from jarsigner
Sean Mullan
sean.mullan at oracle.com
Sat Apr 11 15:53:01 UTC 2020
On 4/11/20 11:04 AM, Weijun Wang wrote:
> 2. Keep the options and update the deprecated classes to work with new signature algorithms. The update will likely to be 2 new methods and deprecating one existing.
Not sure if I understand this option, but I assume this is about adding
RSASSA-PSS support to jarsigner. Perhaps we just delay that until JDK 16
when you can remove the ContentSigner APIs, as it would be strange to
add new methods to a deprecated class that will be marked forRemoval.
Also, why do we have to use the ContentSigner APIs for RSASSA-PSS?
Couldn't you just use internal APIs as in your webrev?
--Sean
More information about the security-dev
mailing list