RFR 8242260: Remove customizable ContentSigner from jarsigner
Weijun Wang
weijun.wang at oracle.com
Sun Apr 12 02:11:55 UTC 2020
> On Apr 11, 2020, at 11:53 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> On 4/11/20 11:04 AM, Weijun Wang wrote:
>> 2. Keep the options and update the deprecated classes to work with new signature algorithms. The update will likely to be 2 new methods and deprecating one existing.
>
> Not sure if I understand this option, but I assume this is about adding RSASSA-PSS support to jarsigner. Perhaps we just delay that until JDK 16 when you can remove the ContentSigner APIs, as it would be strange to add new methods to a deprecated class that will be marked forRemoval.
This is for both RSASSA-PSS and EdDSA, where you cannot derive the digest algorithm and signature algorithm parameters from the signature algorithm name.
>
> Also, why do we have to use the ContentSigner APIs for RSASSA-PSS? Couldn't you just use internal APIs as in your webrev?
That's option 1: "Remove the options. The deprecated classes become useless."
--Max
>
> --Sean
More information about the security-dev
mailing list