I think the new bug description is backward, as you cannot expect to implement all algorithms in all providers or use a key class fron one provider in antoher (especially not if they use mechanisms in external APIs like PKCS11 or MSCAPI with HSM).
"Crypto keys should be compatible between security providers" https://bugs.openjdk.java.net/browse/JDK-8182386 So the limiting of ciphers should be based on the actual provider used (or key selected) and not based on the subset of all providers present. Maybe something like "JSSE should adjust available ciphers based on effective provider". Its just a question how the current api can support that (this is also somewhat related to the point of key usage flags which also may restrict some ciphers which is only known until the actual Key instance can be examined). 2017-06-16 23:17 GMT+02:00 Artem Smotrakov <artem.smotra...@oracle.com>: > This patch backs out 8182143 because of possible issues on Windows even if > we don't have a test to reproduce it. > > Checking if SunMSCAPI provider is enabled looks like a hack. I filed > https://bugs.openjdk.java.net/browse/JDK-8182386 > > Bug: https://bugs.openjdk.java.net/browse/JDK-8182388 > Webrev: http://cr.openjdk.java.net/~asmotrak/8182388/webrev.00/ > > Artem >
