-
CSR
-
Resolution: Approved
-
P3
-
None
-
behavioral
-
minimal
-
Remove the option/property and make the original default behavior permanent.
-
Java API, add/remove/modify command line option
-
JDK
Summary
Remove the newly added directsign JarSigner property and jarsigner option introduced in JDK-8245274.
Problem
The new property/option is not easy to understand. It involves the internals of PKCS #7 and should not be exposed to a JarSigner user.
It's not always precise. When the altsign option is specified it is useless.
Finally and most important, the newly published RFC 8933 recommends that the originator (here, the signer) include the CMSAlgorithmProtection attribute [RFC6211] in signed attributes for security reasons. This means we'd better not sign directly anymore.
Solution
Remove the property and the option.
When the altsign property/option is specified to use an alternative signing mechanism (Note: this feature was already deprecated for removal), no signedAttrs is generated which means a direct sign. Otherwise, a signedAttrs is generated that contains the CMSAlgorithmProtection recommended in RFC 8933 which means an indirect sign. The behavior is no longer customizable.
Specification
Remove the description for the "directsign" property in method spec of
jdk.security.jarsigner.JarSigner$Builder::setProperty.Remove the paragraph for the
directsignoption in the man page source file jarsigner.md.Remove the
directsignoption line in thejarsigner --helpoutput.
- csr of
-
JDK-8255536 Remove the directsign property and option
-
- Resolved
-
- relates to
-
-
- Closed
-