The java.security.Provider class inherits the implementations of the equals() and hashCode() methods from java.util.Hashtable. That means that two Provider objects are considered equal if they implement the same set of algorithms using the same set of classes. It also means that provider.equals(map) would return true if map contained the same entries.
The values of provider.getName() or provider.getVersion() are not examined at all. This is questionable in particular since the framework now explicitly allows multiple instances of a provider implementation to support hardware tokens.
Compatibility considerations limit the available options. Still, it may be acceptable to add a comparision of the provider name and version number to equals().
I am filing this as a P5 since there are very few occasions where it is sensible to compare provider objects.
###@###.### 2003-09-08
Changed synopsis from "Provider.equals() implementation inappropriate" to "Provider.equals() returns true for non-matching objects".
###@###.### 2003-11-10