JDK-8255551 : Remove the directsign property and option
  • Type: CSR
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P3
  • Status: Closed
  • Resolution: Approved
  • Fix Versions: 16
  • Submitted: 2020-10-28
  • Updated: 2020-10-30
  • Resolved: 2020-10-30
Related Reports
CSR :  
Relates :  

Remove the newly added `directsign` JarSigner property and jarsigner option introduced in JDK-8245274.


The new property/option is not easy to understand. It involves the internals of PKCS #7 and should not be exposed to a JarSigner user.

It's not always precise. When the altsign option is specified it is useless.

Finally and most important, the newly published [RFC 8933][1] recommends that the originator (here, the signer) include the CMSAlgorithmProtection attribute [RFC6211] in signed attributes for security reasons. This means we'd better not sign directly anymore.


Remove the property and the option.

When the `altsign` property/option is specified to use an alternative signing mechanism (Note: this feature was already deprecated for removal), no signedAttrs is generated which means a direct sign. Otherwise, a signedAttrs is generated that contains the CMSAlgorithmProtection recommended in RFC 8933 which means an indirect sign. The behavior is no longer customizable.


1. Remove the description for the "directsign" property in method spec of `jdk.security.jarsigner.JarSigner$Builder::setProperty`.

2. Remove the paragraph for the `directsign` option in the man page source file jarsigner.md.

3. Remove the `directsign` option line in the `jarsigner --help` output.

  [1]: https://tools.ietf.org/html/rfc8933
Moving to Approved.