JDK-8133151 : Preferred provider configuration for JCE
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Priority: P4
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2015-08-06
  • Updated: 2023-12-12
  • Resolved: 2015-10-20
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 9
9 b89Fixed
Related Reports
Duplicate :  
JDK-8130936 - Preferred provider configuration for JCE
Relates :  
JDK-8069538 - Preferred Provider Configuration
Relates :  
JDK-8152205 - jdk.security.provider.preferred is ambiguously documented
Relates :  
JDK-8141690 - JDK-8133151 change to MakeJavaSecurity.java is not complete
Relates :  
JDK-8155847 - SHA groups needed for jdk.security.provider.preferred
Relates :  
JDK-8150512 - Update test for jdk.security.provider.preferred security property.
Relates :  
JDK-8140470 - javax/xml/crypto/dsig/SecurityManager/XMLDSigWithSecMgr.java test failed with AccessControlException
Relates :  
JDK-8145344 - Add SHA1 and SHA-224 to preferred provider list for solaris-sparc
Description
This is the bug for Provider Config changes related to JEP 246, subtask 8046943

Text describing the jdk.security.provider.preferred property added to the java.security file:
 
#
# A list of preferred providers for specific algorithms. These providers will
# be searched for matching algorithms before the list of registered providers.
# Entries containing errors (parsing, etc) will be ignored. Use the
# -Djava.security.debug=jca property to debug these errors.
#
# The property is a comma-separated list of serviceType.algorithm:provider
# entries. The serviceType (example: "MessageDigest") is optional, and if
# not specified, the algorithm applies to all service types that support it.
# The algorithm is the standard algorithm name or transformation.
# Transformations can be specified in their full standard name
# (ex: AES/CBC/PKCS5Padding), or as partial matches (ex: AES, AES/CBC).
# The provider is the name of the provider. Any provider that does not
# also appear in the registered list will be ignored.
#
# Example:
#   jdk.security.provider.preferred=AES/GCM/NoPadding:SunJCE, MessageDigest.SHA-256:SUN
Comments
URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/5f032cc89bfd User: lana Date: 2015-10-28 19:24:44 +0000
28-10-2015
URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/5f032cc89bfd User: ascarpino Date: 2015-10-20 00:35:43 +0000
20-10-2015