JDK-8152205 : jdk.security.provider.preferred is ambiguously documented
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2016-03-18
  • Updated: 2017-07-06
  • Resolved: 2017-07-04
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 9
9 b115Fixed
Related Reports
Relates :  
JDK-8133151 - Preferred provider configuration for JCE
Description
* The JDK Reference Implementation additionally uses the
* {@code jdk.security.provider.preferred} property to determine
* the preferred provider order for the specified algorithm.

Which property is it?  java.security.Security or java.lang.System?

It's the former, but the spec isn't clear.

This needs to be updated throughout the APIs where this was added.
Comments
I don't understand the problem. This is documented in the java.security file and where ever getInstance() call in JCE that it applies to. I don't understand the question about which package, java.security.Security or java.lang.System. It's not package specific. The javadoc comment you included here is in all the below files: src/java.base/share/classes/java/security/AlgorithmParameterGenerator.java src/java.base/share/classes/java/security/AlgorithmParameters.java src/java.base/share/classes/java/security/KeyFactory.java src/java.base/share/classes/java/security/KeyPairGenerator.java src/java.base/share/classes/java/security/KeyStore.java src/java.base/share/classes/java/security/MessageDigest.java src/java.base/share/classes/java/security/Policy.java src/java.base/share/classes/java/security/SecureRandom.java src/java.base/share/classes/java/security/Signature.java src/java.base/share/classes/java/security/cert/CertPathBuilder.java src/java.base/share/classes/java/security/cert/CertPathValidator.java src/java.base/share/classes/java/security/cert/CertStore.java src/java.base/share/classes/java/security/cert/CertificateFactory.java src/java.base/share/classes/javax/crypto/Cipher.java src/java.base/share/classes/javax/crypto/ExemptionMechanism.java src/java.base/share/classes/javax/crypto/KeyAgreement.java src/java.base/share/classes/javax/crypto/KeyGenerator.java src/java.base/share/classes/javax/crypto/Mac.java src/java.base/share/classes/javax/crypto/SecretKeyFactory.java src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java src/java.base/share/classes/javax/net/ssl/SSLContext.java src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java src/java.base/share/classes/javax/security/auth/login/Configuration.java src/java.base/share/classes/sun/security/jca/ProviderList.java src/java.security.sasl/share/classes/javax/security/sasl/Sasl.java src/java.smartcardio/share/classes/javax/smartcardio/TerminalFactory.java src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/TransformService.java src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/XMLSignatureFactory.java src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/KeyInfoFactory.java
18-03-2016