Initializing a Cipher object the first time causes supportsParameter to be called as part of the chooseProvider call. If the Cipher object is re-initialized with a different key, the spi.engineInit method is called, and supportsParameter does not get called. The Javadoc claims that calling Cipher.init is the same as creating a new Instance and calling init, but this is not the current behavior.

- Minimal source code that demonstrates the problem

            System.out.println("Encrypting...");
            cp.init(Cipher.ENCRYPT_MODE, pubKey);
            cp.update(plainText);
            byte[] cipherText = cp.doFinal();

            System.out.println("Decrypting...");
            cp.init(Cipher.DECRYPT_MODE, privKey);
            cp.update(cipherText);
            byte[] newPlainText = cp.doFinal();

See Workaround section.