RFR 8242260: Remove customizable ContentSigner from jarsigner

Weijun Wang weijun.wang at oracle.com
Sun Apr 12 02:11:55 UTC 2020



> On Apr 11, 2020, at 11:53 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
> 
> On 4/11/20 11:04 AM, Weijun Wang wrote:
>> 2. Keep the options and update the deprecated classes to work with new signature algorithms. The update will likely to be 2 new methods and deprecating one existing.
> 
> Not sure if I understand this option, but I assume this is about adding RSASSA-PSS support to jarsigner. Perhaps we just delay that until JDK 16 when you can remove the ContentSigner APIs, as it would be strange to add new methods to a deprecated class that will be marked forRemoval.

This is for both RSASSA-PSS and EdDSA, where you cannot derive the digest algorithm and signature algorithm parameters from the signature algorithm name.

> 
> Also, why do we have to use the ContentSigner APIs for RSASSA-PSS? Couldn't you just use internal APIs as in your webrev?

That's option 1: "Remove the options. The deprecated classes become useless."

--Max

> 
> --Sean



More information about the security-dev mailing list