Merge

2009-11-06 21:32:35 -08:00 · 2009-11-06 21:32:35 -08:00 · b7a372efca
commit b7a372efca
parent 44accdb4b7 31d05a3363
74 changed files with 4404 additions and 601 deletions
--- a/jdk/make/sun/awt/mapfile-vers
+++ b/jdk/make/sun/awt/mapfile-vers
@ -53,7 +53,6 @@ SUNWprivate_1.1 {
 		Java_sun_awt_image_GifImageDecoder_initIDs;
 		Java_sun_awt_image_GifImageDecoder_parseImage;
 		Java_sun_awt_image_ImageRepresentation_initIDs;
 		Java_sun_awt_image_ImageRepresentation_setBytePixels;
 		Java_sun_awt_image_ImageRepresentation_setDiffICM;
 		Java_sun_awt_image_ImageRepresentation_setICMpixels;
 		Java_sun_awt_image_ImagingLib_convolveBI;
--- a/jdk/make/sun/awt/mapfile-vers-linux
+++ b/jdk/make/sun/awt/mapfile-vers-linux
@ -55,7 +55,6 @@ SUNWprivate_1.1 {
 		Java_sun_awt_image_GifImageDecoder_parseImage;
 		Java_sun_awt_image_Image_initIDs;
 		Java_sun_awt_image_ImageRepresentation_initIDs;
 		Java_sun_awt_image_ImageRepresentation_setBytePixels;
 		Java_sun_awt_image_ImageRepresentation_setDiffICM;
 		Java_sun_awt_image_ImageRepresentation_setICMpixels;
 		Java_sun_awt_image_ImagingLib_convolveBI;
--- a/jdk/src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java
+++ b/jdk/src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java
@ -62,6 +62,8 @@ import javax.imageio.event.IIOReadWarningListener;
 import java.io.*;
 import java.nio.*;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.StringTokenizer;
@ -502,12 +504,18 @@ public class BMPImageReader extends ImageReader implements BMPConstants {
            iis.reset();
            try {
-                if (metadata.colorSpace == PROFILE_LINKED)
+                if (metadata.colorSpace == PROFILE_LINKED &&
                    isLinkedProfileAllowed() &&
                    !isUncOrDevicePath(profile))
                {
                    String path = new String(profile, "windows-1252");
                    colorSpace =
-                        new ICC_ColorSpace(ICC_Profile.getInstance(new String(profile)));
+                        new ICC_ColorSpace(ICC_Profile.getInstance(path));
-                else
+                } else {
                    colorSpace =
                        new ICC_ColorSpace(ICC_Profile.getInstance(profile));
                }
            } catch (Exception e) {
                colorSpace = ColorSpace.getInstance(ColorSpace.CS_sRGB);
            }
@ -1745,4 +1753,69 @@ public class BMPImageReader extends ImageReader implements BMPConstants {
        public void sequenceStarted(ImageReader src, int minIndex) {}
        public void readAborted(ImageReader src) {}
    }
    private static Boolean isLinkedProfileDisabled = null;
    private static boolean isLinkedProfileAllowed() {
        if (isLinkedProfileDisabled == null) {
            PrivilegedAction<Boolean> a = new PrivilegedAction<Boolean>() {
                public Boolean run() {
                    return Boolean.getBoolean("sun.imageio.plugins.bmp.disableLinkedProfiles");
                }
            };
            isLinkedProfileDisabled = AccessController.doPrivileged(a);
        }
        return !isLinkedProfileDisabled;
    }
    private static Boolean isWindowsPlatform = null;
    /**
     * Verifies whether the byte array contans a unc path.
     * Non-UNC path examples:
     *  c:\path\to\file  - simple notation
     *  \\?\c:\path\to\file - long notation
     *
     * UNC path examples:
     *  \\server\share - a UNC path in simple notation
     *  \\?\UNC\server\share - a UNC path in long notation
     *  \\.\some\device - a path to device.
     */
    private static boolean isUncOrDevicePath(byte[] p) {
        if (isWindowsPlatform == null) {
            PrivilegedAction<Boolean> a = new PrivilegedAction<Boolean>() {
                public Boolean run() {
                    String osname = System.getProperty("os.name");
                    return (osname != null &&
                            osname.toLowerCase().startsWith("win"));
                }
            };
            isWindowsPlatform = AccessController.doPrivileged(a);
        }
        if (!isWindowsPlatform) {
            /* no need for the check on platforms except windows */
            return false;
        }
        /* normalize prefix of the path */
        if (p[0] == '/') p[0] = '\\';
        if (p[1] == '/') p[1] = '\\';
        if (p[3] == '/') p[3] = '\\';
        if ((p[0] == '\\') && (p[1] == '\\')) {
            if ((p[2] == '?') && (p[3] == '\\')) {
                // long path: whether unc or local
                return ((p[4] == 'U' || p[4] == 'u') &&
                        (p[5] == 'N' || p[5] == 'n') &&
                        (p[6] == 'C' || p[6] == 'c'));
            } else {
                // device path or short unc notation
                return true;
            }
        } else {
            return false;
        }
    }
 }
--- a/jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifButtonUI.java
+++ b/jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifButtonUI.java
@ -25,6 +25,8 @@
 package com.sun.java.swing.plaf.motif;
 import sun.awt.AppContext;
 import javax.swing.*;
 import javax.swing.border.*;
 import javax.swing.plaf.basic.*;
@ -46,16 +48,23 @@ import javax.swing.plaf.*;
 */
 public class MotifButtonUI extends BasicButtonUI {
    private final static MotifButtonUI motifButtonUI = new MotifButtonUI();
    protected Color selectColor;
    private boolean defaults_initialized = false;
    private static final Object MOTIF_BUTTON_UI_KEY = new Object();
    // ********************************
    //          Create PLAF
    // ********************************
-    public static ComponentUI createUI(JComponent c){
+    public static ComponentUI createUI(JComponent c) {
        AppContext appContext = AppContext.getAppContext();
        MotifButtonUI motifButtonUI =
                (MotifButtonUI) appContext.get(MOTIF_BUTTON_UI_KEY);
        if (motifButtonUI == null) {
            motifButtonUI = new MotifButtonUI();
            appContext.put(MOTIF_BUTTON_UI_KEY, motifButtonUI);
        }
        return motifButtonUI;
    }
--- a/jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifCheckBoxUI.java
+++ b/jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifCheckBoxUI.java
@ -25,6 +25,8 @@
 package com.sun.java.swing.plaf.motif;
 import sun.awt.AppContext;
 import javax.swing.*;
 import javax.swing.plaf.*;
@ -45,7 +47,7 @@ import java.awt.*;
 */
 public class MotifCheckBoxUI extends MotifRadioButtonUI {
-    private static final MotifCheckBoxUI motifCheckBoxUI = new MotifCheckBoxUI();
+    private static final Object MOTIF_CHECK_BOX_UI_KEY = new Object();
    private final static String propertyPrefix = "CheckBox" + ".";
@ -55,7 +57,14 @@ public class MotifCheckBoxUI extends MotifRadioButtonUI {
    // ********************************
    //         Create PLAF
    // ********************************
-    public static ComponentUI createUI(JComponent c){
+    public static ComponentUI createUI(JComponent c) {
        AppContext appContext = AppContext.getAppContext();
        MotifCheckBoxUI motifCheckBoxUI =
                (MotifCheckBoxUI) appContext.get(MOTIF_CHECK_BOX_UI_KEY);
        if (motifCheckBoxUI == null) {
            motifCheckBoxUI = new MotifCheckBoxUI();
            appContext.put(MOTIF_CHECK_BOX_UI_KEY, motifCheckBoxUI);
        }
        return motifCheckBoxUI;
    }
--- a/jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifLabelUI.java
+++ b/jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifLabelUI.java
@ -25,6 +25,8 @@
 package com.sun.java.swing.plaf.motif;
 import sun.awt.AppContext;
 import javax.swing.*;
 import javax.swing.plaf.basic.BasicLabelUI;
 import javax.swing.plaf.ComponentUI;
@ -44,9 +46,16 @@ import javax.swing.plaf.ComponentUI;
 */
 public class MotifLabelUI extends BasicLabelUI
 {
-    static MotifLabelUI sharedInstance = new MotifLabelUI();
+    private static final Object MOTIF_LABEL_UI_KEY = new Object();
    public static ComponentUI createUI(JComponent c) {
-        return sharedInstance;
+        AppContext appContext = AppContext.getAppContext();
        MotifLabelUI motifLabelUI =
                (MotifLabelUI) appContext.get(MOTIF_LABEL_UI_KEY);
        if (motifLabelUI == null) {
            motifLabelUI = new MotifLabelUI();
            appContext.put(MOTIF_LABEL_UI_KEY, motifLabelUI);
        }
        return motifLabelUI;
    }
 }
--- a/jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifRadioButtonUI.java
+++ b/jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifRadioButtonUI.java
@ -25,6 +25,8 @@
 package com.sun.java.swing.plaf.motif;
 import sun.awt.AppContext;
 import javax.swing.*;
 import javax.swing.border.*;
 import javax.swing.plaf.basic.BasicRadioButtonUI;
@ -47,7 +49,7 @@ import java.awt.*;
 */
 public class MotifRadioButtonUI extends BasicRadioButtonUI {
-    private static final MotifRadioButtonUI motifRadioButtonUI = new MotifRadioButtonUI();
+    private static final Object MOTIF_RADIO_BUTTON_UI_KEY = new Object();
    protected Color focusColor;
@ -57,6 +59,13 @@ public class MotifRadioButtonUI extends BasicRadioButtonUI {
    //         Create PLAF
    // ********************************
    public static ComponentUI createUI(JComponent c) {
        AppContext appContext = AppContext.getAppContext();
        MotifRadioButtonUI motifRadioButtonUI =
                (MotifRadioButtonUI) appContext.get(MOTIF_RADIO_BUTTON_UI_KEY);
        if (motifRadioButtonUI == null) {
            motifRadioButtonUI = new MotifRadioButtonUI();
            appContext.put(MOTIF_RADIO_BUTTON_UI_KEY, motifRadioButtonUI);
        }
        return motifRadioButtonUI;
    }
--- a/jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifToggleButtonUI.java
+++ b/jdk/src/share/classes/com/sun/java/swing/plaf/motif/MotifToggleButtonUI.java
@ -25,6 +25,8 @@
 package com.sun.java.swing.plaf.motif;
 import sun.awt.AppContext;
 import java.awt.*;
 import java.awt.event.*;
@ -48,7 +50,7 @@ import javax.swing.plaf.basic.*;
 */
 public class MotifToggleButtonUI extends BasicToggleButtonUI
 {
-    private final static MotifToggleButtonUI motifToggleButtonUI = new MotifToggleButtonUI();
+    private static final Object MOTIF_TOGGLE_BUTTON_UI_KEY = new Object();
    protected Color selectColor;
@ -58,6 +60,13 @@ public class MotifToggleButtonUI extends BasicToggleButtonUI
    //         Create PLAF
    // ********************************
    public static ComponentUI createUI(JComponent b) {
        AppContext appContext = AppContext.getAppContext();
        MotifToggleButtonUI motifToggleButtonUI =
                (MotifToggleButtonUI) appContext.get(MOTIF_TOGGLE_BUTTON_UI_KEY);
        if (motifToggleButtonUI == null) {
            motifToggleButtonUI = new MotifToggleButtonUI();
            appContext.put(MOTIF_TOGGLE_BUTTON_UI_KEY, motifToggleButtonUI);
        }
        return motifToggleButtonUI;
    }
--- a/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsButtonUI.java
+++ b/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsButtonUI.java
@ -35,6 +35,7 @@ import java.awt.*;
 import static com.sun.java.swing.plaf.windows.TMSchema.*;
 import static com.sun.java.swing.plaf.windows.TMSchema.Part.*;
 import static com.sun.java.swing.plaf.windows.XPStyle.Skin;
 import sun.awt.AppContext;
 /**
@ -52,8 +53,6 @@ import static com.sun.java.swing.plaf.windows.XPStyle.Skin;
 */
 public class WindowsButtonUI extends BasicButtonUI
 {
    private final static WindowsButtonUI windowsButtonUI = new WindowsButtonUI();
    protected int dashedRectGapX;
    protected int dashedRectGapY;
    protected int dashedRectGapWidth;
@ -63,11 +62,19 @@ public class WindowsButtonUI extends BasicButtonUI
    private boolean defaults_initialized = false;
    private static final Object WINDOWS_BUTTON_UI_KEY = new Object();
    // ********************************
    //          Create PLAF
    // ********************************
-    public static ComponentUI createUI(JComponent c){
+    public static ComponentUI createUI(JComponent c) {
        AppContext appContext = AppContext.getAppContext();
        WindowsButtonUI windowsButtonUI =
                (WindowsButtonUI) appContext.get(WINDOWS_BUTTON_UI_KEY);
        if (windowsButtonUI == null) {
            windowsButtonUI = new WindowsButtonUI();
            appContext.put(WINDOWS_BUTTON_UI_KEY, windowsButtonUI);
        }
        return windowsButtonUI;
    }
@ -151,7 +158,7 @@ public class WindowsButtonUI extends BasicButtonUI
     * allocating them in each paint call substantially reduced the time
     * it took paint to run.  Obviously, this method can't be re-entered.
     */
-    private static Rectangle viewRect = new Rectangle();
+    private Rectangle viewRect = new Rectangle();
    public void paint(Graphics g, JComponent c) {
        if (XPStyle.getXP() != null) {
--- a/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsCheckBoxUI.java
+++ b/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsCheckBoxUI.java
@ -25,6 +25,8 @@
 package com.sun.java.swing.plaf.windows;
 import sun.awt.AppContext;
 import javax.swing.plaf.basic.*;
 import javax.swing.*;
 import javax.swing.plaf.*;
@ -49,7 +51,7 @@ public class WindowsCheckBoxUI extends WindowsRadioButtonUI
    // of BasicCheckBoxUI because we want to pick up all the
    // painting changes made in MetalRadioButtonUI.
-    private static final WindowsCheckBoxUI windowsCheckBoxUI = new WindowsCheckBoxUI();
+    private static final Object WINDOWS_CHECK_BOX_UI_KEY = new Object();
    private final static String propertyPrefix = "CheckBox" + ".";
@ -59,6 +61,13 @@ public class WindowsCheckBoxUI extends WindowsRadioButtonUI
    //          Create PLAF
    // ********************************
    public static ComponentUI createUI(JComponent c) {
        AppContext appContext = AppContext.getAppContext();
        WindowsCheckBoxUI windowsCheckBoxUI =
                (WindowsCheckBoxUI) appContext.get(WINDOWS_CHECK_BOX_UI_KEY);
        if (windowsCheckBoxUI == null) {
            windowsCheckBoxUI = new WindowsCheckBoxUI();
            appContext.put(WINDOWS_CHECK_BOX_UI_KEY, windowsCheckBoxUI);
        }
        return windowsCheckBoxUI;
    }
--- a/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsLabelUI.java
+++ b/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsLabelUI.java
@ -26,6 +26,8 @@
 package com.sun.java.swing.plaf.windows;
 import sun.swing.SwingUtilities2;
 import sun.awt.AppContext;
 import java.awt.Color;
 import java.awt.Graphics;
@ -51,12 +53,19 @@ import javax.swing.plaf.basic.BasicLabelUI;
 */
 public class WindowsLabelUI extends BasicLabelUI {
-    private final static WindowsLabelUI windowsLabelUI = new WindowsLabelUI();
+    private static final Object WINDOWS_LABEL_UI_KEY = new Object();
    // ********************************
    //          Create PLAF
    // ********************************
-    public static ComponentUI createUI(JComponent c){
+    public static ComponentUI createUI(JComponent c) {
        AppContext appContext = AppContext.getAppContext();
        WindowsLabelUI windowsLabelUI =
                (WindowsLabelUI) appContext.get(WINDOWS_LABEL_UI_KEY);
        if (windowsLabelUI == null) {
            windowsLabelUI = new WindowsLabelUI();
            appContext.put(WINDOWS_LABEL_UI_KEY, windowsLabelUI);
        }
        return windowsLabelUI;
    }
--- a/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsRadioButtonUI.java
+++ b/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsRadioButtonUI.java
@ -25,6 +25,8 @@
 package com.sun.java.swing.plaf.windows;
 import sun.awt.AppContext;
 import javax.swing.plaf.basic.*;
 import javax.swing.*;
 import javax.swing.plaf.*;
@ -44,7 +46,7 @@ import java.awt.*;
 */
 public class WindowsRadioButtonUI extends BasicRadioButtonUI
 {
-    private static final WindowsRadioButtonUI windowsRadioButtonUI = new WindowsRadioButtonUI();
+    private static final Object WINDOWS_RADIO_BUTTON_UI_KEY = new Object();
    protected int dashedRectGapX;
    protected int dashedRectGapY;
@ -59,6 +61,13 @@ public class WindowsRadioButtonUI extends BasicRadioButtonUI
    //          Create PLAF
    // ********************************
    public static ComponentUI createUI(JComponent c) {
        AppContext appContext = AppContext.getAppContext();
        WindowsRadioButtonUI windowsRadioButtonUI =
                (WindowsRadioButtonUI) appContext.get(WINDOWS_RADIO_BUTTON_UI_KEY);
        if (windowsRadioButtonUI == null) {
            windowsRadioButtonUI = new WindowsRadioButtonUI();
            appContext.put(WINDOWS_RADIO_BUTTON_UI_KEY, windowsRadioButtonUI);
        }
        return windowsRadioButtonUI;
    }
--- a/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsToggleButtonUI.java
+++ b/jdk/src/share/classes/com/sun/java/swing/plaf/windows/WindowsToggleButtonUI.java
@ -25,6 +25,8 @@
 package com.sun.java.swing.plaf.windows;
 import sun.awt.AppContext;
 import javax.swing.plaf.basic.*;
 import javax.swing.border.*;
 import javax.swing.plaf.*;
@ -49,18 +51,25 @@ import java.beans.PropertyChangeEvent;
 */
 public class WindowsToggleButtonUI extends BasicToggleButtonUI
 {
-    protected static int dashedRectGapX;
+    protected int dashedRectGapX;
-    protected static int dashedRectGapY;
+    protected int dashedRectGapY;
-    protected static int dashedRectGapWidth;
+    protected int dashedRectGapWidth;
-    protected static int dashedRectGapHeight;
+    protected int dashedRectGapHeight;
    protected Color focusColor;
-    private final static WindowsToggleButtonUI windowsToggleButtonUI = new WindowsToggleButtonUI();
+    private static final Object WINDOWS_TOGGLE_BUTTON_UI_KEY = new Object();
    private boolean defaults_initialized = false;
    public static ComponentUI createUI(JComponent b) {
        AppContext appContext = AppContext.getAppContext();
        WindowsToggleButtonUI windowsToggleButtonUI =
                (WindowsToggleButtonUI) appContext.get(WINDOWS_TOGGLE_BUTTON_UI_KEY);
        if (windowsToggleButtonUI == null) {
            windowsToggleButtonUI = new WindowsToggleButtonUI();
            appContext.put(WINDOWS_TOGGLE_BUTTON_UI_KEY, windowsToggleButtonUI);
        }
        return windowsToggleButtonUI;
    }
--- a/jdk/src/share/classes/com/sun/jndi/ldap/Connection.java
+++ b/jdk/src/share/classes/com/sun/jndi/ldap/Connection.java
@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2005 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 1999-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -32,12 +32,8 @@ import java.io.IOException;
 import java.io.OutputStream;
 import java.io.InputStream;
 import java.net.Socket;
 import java.util.Vector;
 import java.util.Hashtable;
 import javax.naming.CommunicationException;
 import javax.naming.AuthenticationException;
 import javax.naming.AuthenticationNotSupportedException;
 import javax.naming.ServiceUnavailableException;
 import javax.naming.NamingException;
 import javax.naming.InterruptedNamingException;
@ -47,6 +43,8 @@ import javax.naming.ldap.Control;
 import java.lang.reflect.Method;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
 import java.util.Arrays;
 import sun.misc.IOUtils;
 //import javax.net.SocketFactory;
 /**
@ -799,7 +797,6 @@ public final class Connection implements Runnable {
        byte inbuf[];   // Buffer for reading incoming bytes
        int inMsgId;    // Message id of incoming response
        int bytesread;  // Number of bytes in inbuf
        int bytesleft;  // Number of bytes that need to read for completing resp
        int br;         // Temp; number of bytes read from stream
        int offset;     // Offset of where to store bytes in inbuf
        int seqlen;     // Length of ASN sequence
@ -811,7 +808,7 @@ public final class Connection implements Runnable {
        try {
            while (true) {
                try {
-                    inbuf = new byte[2048];
+                    inbuf = new byte[10];
                    offset = 0;
                    seqlen = 0;
@ -871,19 +868,10 @@ public final class Connection implements Runnable {
                    }
                    // read in seqlen bytes
-                    bytesleft = seqlen;
+                    byte[] left = IOUtils.readFully(in, seqlen, false);
-                    if ((offset + bytesleft) > inbuf.length) {
+                    inbuf = Arrays.copyOf(inbuf, offset + left.length);
-                        byte nbuf[] = new byte[offset + bytesleft];
+                    System.arraycopy(left, 0, inbuf, offset, left.length);
-                        System.arraycopy(inbuf, 0, nbuf, 0, offset);
+                    offset += left.length;
                        inbuf = nbuf;
                    }
                    while (bytesleft > 0) {
                        bytesread = in.read(inbuf, offset, bytesleft);
                        if (bytesread < 0)
                            break; // EOF
                        offset += bytesread;
                        bytesleft -= bytesread;
                    }
 /*
 if (dump > 0) {
 System.err.println("seqlen: " + seqlen);
--- a/jdk/src/share/classes/java/awt/KeyboardFocusManager.java
+++ b/jdk/src/share/classes/java/awt/KeyboardFocusManager.java
@ -53,7 +53,8 @@ import java.util.Set;
 import java.util.StringTokenizer;
 import java.util.WeakHashMap;
-import sun.util.logging.PlatformLogger;
+import java.util.logging.Level;
 import java.util.logging.Logger;
 import sun.awt.AppContext;
 import sun.awt.HeadlessToolkit;
@ -110,7 +111,7 @@ public abstract class KeyboardFocusManager
 {
    // Shared focus engine logger
-    private static final PlatformLogger focusLog = PlatformLogger.getLogger("java.awt.focus.KeyboardFocusManager");
+    private static final Logger focusLog = Logger.getLogger("java.awt.focus.KeyboardFocusManager");
    static {
        /* ensure that the necessary native libraries are loaded */
@ -153,7 +154,7 @@ public abstract class KeyboardFocusManager
     */
    private static native void initIDs();
-    private static final PlatformLogger log = PlatformLogger.getLogger("java.awt.KeyboardFocusManager");
+    private static final Logger log = Logger.getLogger("java.awt.KeyboardFocusManager");
    /**
     * The identifier for the Forward focus traversal keys.
@ -503,8 +504,8 @@ public abstract class KeyboardFocusManager
            if (this == getCurrentKeyboardFocusManager()) {
                return focusOwner;
            } else {
-                if (focusLog.isLoggable(PlatformLogger.FINER)) {
+                if (focusLog.isLoggable(Level.FINER)) {
-                    focusLog.finer("This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+                    focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
                }
                throw new SecurityException(notPrivileged);
            }
@ -608,9 +609,9 @@ public abstract class KeyboardFocusManager
    }
    void setNativeFocusOwner(Component comp) {
-        if (focusLog.isLoggable(PlatformLogger.FINEST)) {
+        if (focusLog.isLoggable(Level.FINEST)) {
-            focusLog.finest("Calling peer {0} setCurrentFocusOwner for {1}",
+            focusLog.log(Level.FINEST, "Calling peer {0} setCurrentFocusOwner for {1}",
-                            peer, comp);
+                         new Object[] {String.valueOf(peer), String.valueOf(comp)});
        }
        peer.setCurrentFocusOwner(comp);
    }
@ -672,8 +673,8 @@ public abstract class KeyboardFocusManager
            if (this == getCurrentKeyboardFocusManager()) {
                return permanentFocusOwner;
            } else {
-                if (focusLog.isLoggable(PlatformLogger.FINER)) {
+                if (focusLog.isLoggable(Level.FINER)) {
-                    focusLog.finer("This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+                    focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
                }
                throw new SecurityException(notPrivileged);
            }
@ -780,8 +781,8 @@ public abstract class KeyboardFocusManager
            if (this == getCurrentKeyboardFocusManager()) {
               return focusedWindow;
            } else {
-                if (focusLog.isLoggable(PlatformLogger.FINER)) {
+                if (focusLog.isLoggable(Level.FINER)) {
-                    focusLog.finer("This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+                    focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
                }
                throw new SecurityException(notPrivileged);
            }
@ -884,8 +885,8 @@ public abstract class KeyboardFocusManager
            if (this == getCurrentKeyboardFocusManager()) {
               return activeWindow;
            } else {
-                if (focusLog.isLoggable(PlatformLogger.FINER)) {
+                if (focusLog.isLoggable(Level.FINER)) {
-                    focusLog.finer("This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+                    focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
                }
                throw new SecurityException(notPrivileged);
            }
@ -918,8 +919,8 @@ public abstract class KeyboardFocusManager
        Window oldActiveWindow;
        synchronized (KeyboardFocusManager.class) {
            oldActiveWindow = getActiveWindow();
-            if (focusLog.isLoggable(PlatformLogger.FINER)) {
+            if (focusLog.isLoggable(Level.FINER)) {
-                focusLog.finer("Setting global active window to " + activeWindow + ", old active " + oldActiveWindow);
+                focusLog.log(Level.FINER, "Setting global active window to " + activeWindow + ", old active " + oldActiveWindow);
            }
            try {
@ -1214,8 +1215,8 @@ public abstract class KeyboardFocusManager
            if (this == getCurrentKeyboardFocusManager()) {
                return currentFocusCycleRoot;
            } else {
-                if (focusLog.isLoggable(PlatformLogger.FINER)) {
+                if (focusLog.isLoggable(Level.FINER)) {
-                    focusLog.finer("This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+                    focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
                }
                throw new SecurityException(notPrivileged);
            }
@ -2148,9 +2149,9 @@ public abstract class KeyboardFocusManager
        HeavyweightFocusRequest(Component heavyweight, Component descendant,
                                boolean temporary, CausedFocusEvent.Cause cause) {
-            if (log.isLoggable(PlatformLogger.FINE)) {
+            if (log.isLoggable(Level.FINE)) {
                if (heavyweight == null) {
-                    log.fine("Assertion (heavyweight != null) failed");
+                    log.log(Level.FINE, "Assertion (heavyweight != null) failed");
                }
            }
@ -2160,12 +2161,12 @@ public abstract class KeyboardFocusManager
        }
        boolean addLightweightRequest(Component descendant,
                                      boolean temporary, CausedFocusEvent.Cause cause) {
-            if (log.isLoggable(PlatformLogger.FINE)) {
+            if (log.isLoggable(Level.FINE)) {
                if (this == HeavyweightFocusRequest.CLEAR_GLOBAL_FOCUS_OWNER) {
-                    log.fine("Assertion (this != HeavyweightFocusRequest.CLEAR_GLOBAL_FOCUS_OWNER) failed");
+                    log.log(Level.FINE, "Assertion (this != HeavyweightFocusRequest.CLEAR_GLOBAL_FOCUS_OWNER) failed");
                }
                if (descendant == null) {
-                    log.fine("Assertion (descendant != null) failed");
+                    log.log(Level.FINE, "Assertion (descendant != null) failed");
                }
            }
@ -2338,12 +2339,12 @@ public abstract class KeyboardFocusManager
        (Component heavyweight, Component descendant, boolean temporary,
         boolean focusedWindowChangeAllowed, long time, CausedFocusEvent.Cause cause)
    {
-        if (log.isLoggable(PlatformLogger.FINE)) {
+        if (log.isLoggable(Level.FINE)) {
            if (heavyweight == null) {
-                log.fine("Assertion (heavyweight != null) failed");
+                log.log(Level.FINE, "Assertion (heavyweight != null) failed");
            }
            if (time == 0) {
-                log.fine("Assertion (time != 0) failed");
+                log.log(Level.FINE, "Assertion (time != 0) failed");
            }
        }
@ -2360,31 +2361,31 @@ public abstract class KeyboardFocusManager
        Component currentFocusOwner = thisManager.getGlobalFocusOwner();
        Component nativeFocusOwner = thisManager.getNativeFocusOwner();
        Window nativeFocusedWindow = thisManager.getNativeFocusedWindow();
-        if (focusLog.isLoggable(PlatformLogger.FINER)) {
+        if (focusLog.isLoggable(Level.FINER)) {
-            focusLog.finer("SNFH for {0} in {1}",
+            focusLog.log(Level.FINER, "SNFH for {0} in {1}",
-                           descendant, heavyweight);
+                         new Object[] {String.valueOf(descendant), String.valueOf(heavyweight)});
        }
-        if (focusLog.isLoggable(PlatformLogger.FINEST)) {
+        if (focusLog.isLoggable(Level.FINEST)) {
-            focusLog.finest("0. Current focus owner {0}",
+            focusLog.log(Level.FINEST, "0. Current focus owner {0}",
-                            currentFocusOwner);
+                         String.valueOf(currentFocusOwner));
-            focusLog.finest("0. Native focus owner {0}",
+            focusLog.log(Level.FINEST, "0. Native focus owner {0}",
-                            nativeFocusOwner);
+                         String.valueOf(nativeFocusOwner));
-            focusLog.finest("0. Native focused window {0}",
+            focusLog.log(Level.FINEST, "0. Native focused window {0}",
-                            nativeFocusedWindow);
+                         String.valueOf(nativeFocusedWindow));
        }
        synchronized (heavyweightRequests) {
            HeavyweightFocusRequest hwFocusRequest = getLastHWRequest();
-            if (focusLog.isLoggable(PlatformLogger.FINEST)) {
+            if (focusLog.isLoggable(Level.FINEST)) {
-                focusLog.finest("Request {0}", hwFocusRequest);
+                focusLog.log(Level.FINEST, "Request {0}", String.valueOf(hwFocusRequest));
            }
            if (hwFocusRequest == null &&
                heavyweight == nativeFocusOwner)
            {
                if (descendant == currentFocusOwner) {
                    // Redundant request.
-                    if (focusLog.isLoggable(PlatformLogger.FINEST))
+                    if (focusLog.isLoggable(Level.FINEST))
-                        focusLog.finest("1. SNFH_FAILURE for {0}",
+                        focusLog.log(Level.FINEST, "1. SNFH_FAILURE for {0}",
-                                        descendant);
+                                     String.valueOf(descendant));
                    return SNFH_FAILURE;
                }
@ -2416,8 +2417,8 @@ public abstract class KeyboardFocusManager
                // SunToolkit.postPriorityEvent(newFocusOwnerEvent);
                SunToolkit.postEvent(descendant.appContext, newFocusOwnerEvent);
-                if (focusLog.isLoggable(PlatformLogger.FINEST))
+                if (focusLog.isLoggable(Level.FINEST))
-                    focusLog.finest("2. SNFH_HANDLED for {0}", descendant);
+                    focusLog.log(Level.FINEST, "2. SNFH_HANDLED for {0}", String.valueOf(descendant));
                return SNFH_SUCCESS_HANDLED;
            } else if (hwFocusRequest != null &&
                       hwFocusRequest.heavyweight == heavyweight) {
@ -2430,7 +2431,7 @@ public abstract class KeyboardFocusManager
                    manager.enqueueKeyEvents(time, descendant);
                }
-                if (focusLog.isLoggable(PlatformLogger.FINEST))
+                if (focusLog.isLoggable(Level.FINEST))
                    focusLog.finest("3. SNFH_HANDLED for lightweight" +
                                    descendant + " in " + heavyweight);
                return SNFH_SUCCESS_HANDLED;
@ -2453,7 +2454,7 @@ public abstract class KeyboardFocusManager
                                             (hwFocusRequest != null)
                                             ? hwFocusRequest.heavyweight
                                             : nativeFocusedWindow)) {
-                        if (focusLog.isLoggable(PlatformLogger.FINEST))
+                        if (focusLog.isLoggable(Level.FINEST))
                            focusLog.finest("4. SNFH_FAILURE for " + descendant);
                        return SNFH_FAILURE;
                    }
@ -2463,7 +2464,7 @@ public abstract class KeyboardFocusManager
                heavyweightRequests.add
                    (new HeavyweightFocusRequest(heavyweight, descendant,
                                                 temporary, cause));
-                if (focusLog.isLoggable(PlatformLogger.FINEST))
+                if (focusLog.isLoggable(Level.FINEST))
                    focusLog.finest("5. SNFH_PROCEED for " + descendant);
                return SNFH_SUCCESS_PROCEED;
            }
@ -2854,13 +2855,14 @@ public abstract class KeyboardFocusManager
        }
        KeyboardFocusManager manager = getCurrentKeyboardFocusManager();
-        if (focusLog.isLoggable(PlatformLogger.FINER)) {
+        if (focusLog.isLoggable(Level.FINER)) {
            if (event instanceof FocusEvent || event instanceof WindowEvent) {
-                focusLog.finer(">>> {0}", event);
+                focusLog.log(Level.FINER, ">>> {0}", new Object[] {String.valueOf(event)});
            }
-            if (focusLog.isLoggable(PlatformLogger.FINER) && event instanceof KeyEvent) {
+            if (focusLog.isLoggable(Level.FINER) && event instanceof KeyEvent) {
-                focusLog.finer("    focus owner is {0}", manager.getGlobalFocusOwner());
+                focusLog.log(Level.FINER, "    focus owner is {0}",
-                focusLog.finer(">>> {0}", event);
+                                          new Object[] {String.valueOf(manager.getGlobalFocusOwner())});
                focusLog.log(Level.FINER, ">>> {0}", new Object[] {String.valueOf(event)});
            }
        }
@ -2944,9 +2946,9 @@ public abstract class KeyboardFocusManager
        }
    }
    static void removeLastFocusRequest(Component heavyweight) {
-        if (log.isLoggable(PlatformLogger.FINE)) {
+        if (log.isLoggable(Level.FINE)) {
            if (heavyweight == null) {
-                log.fine("Assertion (heavyweight != null) failed");
+                log.log(Level.FINE, "Assertion (heavyweight != null) failed");
            }
        }
--- a/jdk/src/share/classes/java/awt/color/ICC_Profile.java
+++ b/jdk/src/share/classes/java/awt/color/ICC_Profile.java
@ -865,7 +865,9 @@ public class ICC_Profile implements Serializable {
        case ColorSpace.CS_PYCC:
            synchronized(ICC_Profile.class) {
                if (PYCCprofile == null) {
-                    if (getProfileFile("PYCC.pf") != null) {
+                    if (!sun.jkernel.DownloadManager.isJREComplete() ||
                        standardProfileExists("PYCC.pf"))
                    {
                        ProfileDeferralInfo pInfo =
                            new ProfileDeferralInfo("PYCC.pf",
                                                    ColorSpace.TYPE_3CLR, 3,
@ -963,15 +965,15 @@ public class ICC_Profile implements Serializable {
     * and it does not permit read access to the given file.
     */
    public static ICC_Profile getInstance(String fileName) throws IOException {
-    ICC_Profile thisProfile;
+        ICC_Profile thisProfile;
-    FileInputStream fis;
+        FileInputStream fis = null;
-        SecurityManager security = System.getSecurityManager();
+
-        if (security != null) {
+        File f = getProfileFile(fileName);
-            security.checkRead(fileName);
+        if (f != null) {
            fis = new FileInputStream(f);
        }
-
+        if (fis == null) {
        if ((fis = openProfile(fileName)) == null) {
            throw new IOException("Cannot open file " + fileName);
        }
@ -1083,11 +1085,22 @@ public class ICC_Profile implements Serializable {
    void activateDeferredProfile() throws ProfileDataException {
        byte profileData[];
        FileInputStream fis;
-        String fileName = deferralInfo.filename;
+        final String fileName = deferralInfo.filename;
        profileActivator = null;
        deferralInfo = null;
-        if ((fis = openProfile(fileName)) == null) {
+        PrivilegedAction<FileInputStream> pa = new PrivilegedAction<FileInputStream>() {
            public FileInputStream run() {
                File f = getStandardProfileFile(fileName);
                if (f != null) {
                    try {
                        return new FileInputStream(f);
                    } catch (FileNotFoundException e) {}
                }
                return null;
            }
        };
        if ((fis = AccessController.doPrivileged(pa)) == null) {
            throw new ProfileDataException("Cannot open file " + fileName);
        }
        try {
@ -1786,59 +1799,36 @@ public class ICC_Profile implements Serializable {
     * available, such as a profile for sRGB.  Built-in profiles use .pf as
     * the file name extension for profiles, e.g. sRGB.pf.
     */
-    private static FileInputStream openProfile(final String fileName) {
+    private static File getProfileFile(String fileName) {
        return (FileInputStream)java.security.AccessController.doPrivileged(
            new java.security.PrivilegedAction() {
            public Object run() {
                File f = privilegedGetProfileFile(fileName);
                if (f != null) {
                    try {
                        return new FileInputStream(f);
                    } catch (FileNotFoundException e) {
                    }
                }
                return null;
            }
        });
    }
    private static File getProfileFile(final String fileName) {
        return (File)java.security.AccessController.doPrivileged(
            new java.security.PrivilegedAction() {
            public Object run() {
                return privilegedGetProfileFile(fileName);
            }
        });
    }
    /*
     * this version is called from doPrivileged in openProfile
     * or getProfileFile, so the whole method is privileged!
     */
    private static File privilegedGetProfileFile(String fileName) {
        String path, dir, fullPath;
        File f = new File(fileName); /* try absolute file name */
-
+        if (f.isAbsolute()) {
            /* Rest of code has little sense for an absolute pathname,
               so return here. */
            return f.isFile() ? f : null;
        }
        if ((!f.isFile()) &&
                ((path = System.getProperty("java.iccprofile.path")) != null)){
                                    /* try relative to java.iccprofile.path */
                StringTokenizer st =
                    new StringTokenizer(path, File.pathSeparator);
-                while (st.hasMoreTokens() && (!f.isFile())) {
+                while (st.hasMoreTokens() && ((f == null) || (!f.isFile()))) {
                    dir = st.nextToken();
                        fullPath = dir + File.separatorChar + fileName;
                    f = new File(fullPath);
                    if (!isChildOf(f, dir)) {
                        f = null;
                    }
                }
            }
-        if ((!f.isFile()) &&
+        if (((f == null) || (!f.isFile())) &&
                ((path = System.getProperty("java.class.path")) != null)) {
                                    /* try relative to java.class.path */
                StringTokenizer st =
                    new StringTokenizer(path, File.pathSeparator);
-                while (st.hasMoreTokens() && (!f.isFile())) {
+                while (st.hasMoreTokens() && ((f == null) || (!f.isFile()))) {
                    dir = st.nextToken();
                        fullPath = dir + File.separatorChar + fileName;
                    f = new File(fullPath);
@ -1858,13 +1848,69 @@ public class ICC_Profile implements Serializable {
                    }
                }
            }
-
+        if ((f == null) || (!f.isFile())) {
-        if (f.isFile()) {
+            /* try the directory of built-in profiles */
            f = getStandardProfileFile(fileName);
        }
        if (f != null && f.isFile()) {
            return f;
        }
        return null;
    }
    /**
     * Returns a file object corresponding to a built-in profile
     * specified by fileName.
     * If there is no built-in profile with such name, then the method
     * returns null.
     */
    private static File getStandardProfileFile(String fileName) {
        String dir = System.getProperty("java.home") +
            File.separatorChar + "lib" + File.separatorChar + "cmm";
        String fullPath = dir + File.separatorChar + fileName;
        File f = new File(fullPath);
        if (!f.isFile()) {
            //make sure file was installed in the kernel mode
            try {
                //kernel uses platform independent paths =>
                //   should not use platform separator char
                sun.jkernel.DownloadManager.downloadFile("lib/cmm/"+fileName);
            } catch (IOException ioe) {}
        }
        return (f.isFile() && isChildOf(f, dir)) ? f : null;
    }
    /**
     * Checks whether given file resides inside give directory.
     */
    private static boolean isChildOf(File f, String dirName) {
        try {
            File dir = new File(dirName);
            String canonicalDirName = dir.getCanonicalPath();
            if (!canonicalDirName.endsWith(File.separator)) {
                canonicalDirName += File.separator;
            }
            String canonicalFileName = f.getCanonicalPath();
            return canonicalFileName.startsWith(canonicalDirName);
        } catch (IOException e) {
            /* we do not expect the IOException here, because invocation
             * of this function is always preceeded by isFile() call.
             */
            return false;
        }
    }
    /**
     * Checks whether built-in profile specified by fileName exists.
     */
    private static boolean standardProfileExists(final String fileName) {
        return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
                public Boolean run() {
                    return getStandardProfileFile(fileName) != null;
                }
            });
    }
    /*
     * Serialization support.
--- a/jdk/src/share/classes/java/lang/ClassLoader.java
+++ b/jdk/src/share/classes/java/lang/ClassLoader.java
@ -186,11 +186,6 @@ public abstract class ClassLoader {
        parallelLoaders.add(ClassLoader.class);
    }
    // If initialization succeed this is set to true and security checks will
    // succeed.  Otherwise the object is not initialized and the object is
    // useless.
    private final boolean initialized;
    // The parent class loader for delegation
    // Note: VM hardcoded the offset of this field, thus all new fields
    // must be added *after* it.
@ -232,6 +227,31 @@ public abstract class ClassLoader {
    private final HashMap<String, Package> packages =
        new HashMap<String, Package>();
    private static Void checkCreateClassLoader() {
        SecurityManager security = System.getSecurityManager();
        if (security != null) {
            security.checkCreateClassLoader();
        }
        return null;
    }
    private ClassLoader(Void unused, ClassLoader parent) {
        this.parent = parent;
        if (parallelLoaders.contains(this.getClass())) {
            parallelLockMap = new ConcurrentHashMap<String, Object>();
            package2certs = new ConcurrentHashMap<String, Certificate[]>();
            domains =
                Collections.synchronizedSet(new HashSet<ProtectionDomain>());
            assertionLock = new Object();
        } else {
            // no finer-grained lock; lock on the classloader instance
            parallelLockMap = null;
            package2certs = new Hashtable<String, Certificate[]>();
            domains = new HashSet<ProtectionDomain>();
            assertionLock = this;
        }
    }
    /**
     * Creates a new class loader using the specified parent class loader for
     * delegation.
@ -252,25 +272,7 @@ public abstract class ClassLoader {
     * @since  1.2
     */
    protected ClassLoader(ClassLoader parent) {
-        SecurityManager security = System.getSecurityManager();
+        this(checkCreateClassLoader(), parent);
        if (security != null) {
            security.checkCreateClassLoader();
        }
        this.parent = parent;
        if (parallelLoaders.contains(this.getClass())) {
            parallelLockMap = new ConcurrentHashMap<String, Object>();
            package2certs = new ConcurrentHashMap<String, Certificate[]>();
            domains =
                Collections.synchronizedSet(new HashSet<ProtectionDomain>());
            assertionLock = new Object();
        } else {
            // no finer-grained lock; lock on the classloader instance
            parallelLockMap = null;
            package2certs = new Hashtable<String, Certificate[]>();
            domains = new HashSet<ProtectionDomain>();
            assertionLock = this;
        }
        initialized = true;
    }
    /**
@ -289,25 +291,7 @@ public abstract class ClassLoader {
     *          of a new class loader.
     */
    protected ClassLoader() {
-        SecurityManager security = System.getSecurityManager();
+        this(checkCreateClassLoader(), getSystemClassLoader());
        if (security != null) {
            security.checkCreateClassLoader();
        }
        this.parent = getSystemClassLoader();
        if (parallelLoaders.contains(this.getClass())) {
            parallelLockMap = new ConcurrentHashMap<String, Object>();
            package2certs = new ConcurrentHashMap<String, Certificate[]>();
            domains =
                Collections.synchronizedSet(new HashSet<ProtectionDomain>());
            assertionLock = new Object();
        } else {
            // no finer-grained lock; lock on the classloader instance
            parallelLockMap = null;
            package2certs = new Hashtable<String, Certificate[]>();
            domains = new HashSet<ProtectionDomain>();
            assertionLock = this;
        }
        initialized = true;
    }
    // -- Class --
@ -754,7 +738,6 @@ public abstract class ClassLoader {
                                         ProtectionDomain protectionDomain)
        throws ClassFormatError
    {
        check();
        protectionDomain = preDefineClass(name, protectionDomain);
        Class c = null;
@ -838,8 +821,6 @@ public abstract class ClassLoader {
                                         ProtectionDomain protectionDomain)
        throws ClassFormatError
    {
        check();
        int len = b.remaining();
        // Use byte[] if not a direct ByteBufer:
@ -984,7 +965,6 @@ public abstract class ClassLoader {
     * @see  #defineClass(String, byte[], int, int)
     */
    protected final void resolveClass(Class<?> c) {
        check();
        resolveClass0(c);
    }
@ -1015,7 +995,6 @@ public abstract class ClassLoader {
    protected final Class<?> findSystemClass(String name)
        throws ClassNotFoundException
    {
        check();
        ClassLoader system = getSystemClassLoader();
        if (system == null) {
            if (!checkName(name))
@ -1035,7 +1014,6 @@ public abstract class ClassLoader {
     */
    private Class findBootstrapClassOrNull(String name)
    {
        check();
        if (!checkName(name)) return null;
        return findBootstrapClass(name);
@ -1044,13 +1022,6 @@ public abstract class ClassLoader {
    // return null if not found
    private native Class findBootstrapClass(String name);
    // Check to make sure the class loader has been initialized.
    private void check() {
        if (!initialized) {
            throw new SecurityException("ClassLoader object not initialized");
        }
    }
    /**
     * Returns the class with the given <a href="#name">binary name</a> if this
     * loader has been recorded by the Java virtual machine as an initiating
@ -1066,7 +1037,6 @@ public abstract class ClassLoader {
     * @since  1.1
     */
    protected final Class<?> findLoadedClass(String name) {
        check();
        if (!checkName(name))
            return null;
        return findLoadedClass0(name);
@ -1087,7 +1057,6 @@ public abstract class ClassLoader {
     * @since  1.1
     */
    protected final void setSigners(Class<?> c, Object[] signers) {
        check();
        c.setSigners(signers);
    }
@ -2205,3 +2174,4 @@ class SystemClassLoaderAction
        return sys;
    }
 }
--- a/jdk/src/share/classes/java/security/MessageDigest.java
+++ b/jdk/src/share/classes/java/security/MessageDigest.java
@ -1,5 +1,5 @@
 /*
- * Copyright 1996-2006 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 1996-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -414,16 +414,17 @@ public abstract class MessageDigest extends MessageDigestSpi {
     *
     * @return true if the digests are equal, false otherwise.
     */
-    public static boolean isEqual(byte digesta[], byte digestb[]) {
+    public static boolean isEqual(byte[] digesta, byte[] digestb) {
-        if (digesta.length != digestb.length)
+        if (digesta.length != digestb.length) {
            return false;
        for (int i = 0; i < digesta.length; i++) {
            if (digesta[i] != digestb[i]) {
                return false;
            }
        }
-        return true;
+
        int result = 0;
        // time-constant comparison
        for (int i = 0; i < digesta.length; i++) {
            result |= digesta[i] ^ digestb[i];
        }
        return result == 0;
    }
    /**
--- a/jdk/src/share/classes/javax/swing/ToolTipManager.java
+++ b/jdk/src/share/classes/javax/swing/ToolTipManager.java
@ -1,5 +1,5 @@
 /*
- * Copyright 1997-2006 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -27,10 +27,7 @@
 package javax.swing;
 import java.awt.event.*;
 import java.applet.*;
 import java.awt.*;
 import java.io.Serializable;
 import sun.swing.UIAction;
 /**
 * Manages all the <code>ToolTips</code> in the system.
@ -60,7 +57,7 @@ public class ToolTipManager extends MouseAdapter implements MouseMotionListener
    JComponent insideComponent;
    MouseEvent mouseEvent;
    boolean showImmediately;
-    final static ToolTipManager sharedInstance = new ToolTipManager();
+    private static final Object TOOL_TIP_MANAGER_KEY = new Object();
    transient Popup tipWindow;
    /** The Window tip is being displayed in. This will be non-null if
     * the Window tip is in differs from that of insideComponent's Window.
@ -345,7 +342,13 @@ public class ToolTipManager extends MouseAdapter implements MouseMotionListener
     * @return a shared <code>ToolTipManager</code> object
     */
    public static ToolTipManager sharedInstance() {
-        return sharedInstance;
+        Object value = SwingUtilities.appContextGet(TOOL_TIP_MANAGER_KEY);
        if (value instanceof ToolTipManager) {
            return (ToolTipManager) value;
        }
        ToolTipManager manager = new ToolTipManager();
        SwingUtilities.appContextPut(TOOL_TIP_MANAGER_KEY, manager);
        return manager;
    }
    // add keylistener here to trigger tip for access
--- a/jdk/src/share/classes/javax/swing/UIManager.java
+++ b/jdk/src/share/classes/javax/swing/UIManager.java
@ -1,5 +1,5 @@
 /*
- * Copyright 1997-2008 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -197,6 +197,8 @@ public class UIManager implements Serializable
        Vector<LookAndFeel> auxLookAndFeels = null;
        SwingPropertyChangeSupport changeSupport;
        LookAndFeelInfo[] installedLAFs;
        UIDefaults getLookAndFeelDefaults() { return tables[0]; }
        void setLookAndFeelDefaults(UIDefaults x) { tables[0] = x; }
@ -227,18 +229,6 @@ public class UIManager implements Serializable
     */
    private static final Object classLock = new Object();
    /* Cache the last referenced LAFState to improve performance
     * when accessing it.  The cache is based on last thread rather
     * than last AppContext because of the cost of looking up the
     * AppContext each time.  Since most Swing UI work is on the
     * EventDispatchThread, this hits often enough to justify the
     * overhead.  (4193032)
     */
    private static Thread currentLAFStateThread = null;
    private static LAFState currentLAFState = null;
    /**
     * Return the <code>LAFState</code> object, lazily create one if necessary.
     * All access to the <code>LAFState</code> fields is done via this method,
@ -248,13 +238,6 @@ public class UIManager implements Serializable
     * </pre>
     */
    private static LAFState getLAFState() {
        // First check whether we're running on the same thread as
        // the last request.
        Thread thisThread = Thread.currentThread();
        if (thisThread == currentLAFStateThread) {
            return currentLAFState;
        }
        LAFState rv = (LAFState)SwingUtilities.appContextGet(
                SwingUtilities2.LAF_STATE_KEY);
        if (rv == null) {
@ -268,10 +251,6 @@ public class UIManager implements Serializable
                }
            }
        }
        currentLAFStateThread = thisThread;
        currentLAFState = rv;
        return rv;
    }
@ -431,7 +410,10 @@ public class UIManager implements Serializable
     */
    public static LookAndFeelInfo[] getInstalledLookAndFeels() {
        maybeInitialize();
-        LookAndFeelInfo[] ilafs = installedLAFs;
+        LookAndFeelInfo[] ilafs = getLAFState().installedLAFs;
        if (ilafs == null) {
            ilafs = installedLAFs;
        }
        LookAndFeelInfo[] rv = new LookAndFeelInfo[ilafs.length];
        System.arraycopy(ilafs, 0, rv, 0, ilafs.length);
        return rv;
@ -453,9 +435,10 @@ public class UIManager implements Serializable
    public static void setInstalledLookAndFeels(LookAndFeelInfo[] infos)
        throws SecurityException
    {
        maybeInitialize();
        LookAndFeelInfo[] newInfos = new LookAndFeelInfo[infos.length];
        System.arraycopy(infos, 0, newInfos, 0, infos.length);
-        installedLAFs = newInfos;
+        getLAFState().installedLAFs = newInfos;
    }
@ -1307,10 +1290,11 @@ public class UIManager implements Serializable
            }
        }
-        installedLAFs = new LookAndFeelInfo[ilafs.size()];
+        LookAndFeelInfo[] installedLAFs = new LookAndFeelInfo[ilafs.size()];
        for(int i = 0; i < ilafs.size(); i++) {
            installedLAFs[i] = ilafs.elementAt(i);
        }
        getLAFState().installedLAFs = installedLAFs;
    }
--- a/jdk/src/share/classes/javax/swing/plaf/basic/BasicButtonUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/basic/BasicButtonUI.java
@ -26,6 +26,8 @@
 package javax.swing.plaf.basic;
 import sun.swing.SwingUtilities2;
 import sun.awt.AppContext;
 import java.awt.*;
 import java.awt.event.*;
 import java.io.Serializable;
@ -44,9 +46,6 @@ import javax.swing.text.View;
 * @author Jeff Dinkins
 */
 public class BasicButtonUI extends ButtonUI{
    // Shared UI object
    private final static BasicButtonUI buttonUI = new BasicButtonUI();
    // Visual constants
    // NOTE: This is not used or set any where. Were we allowed to remove
    // fields, this would be removed.
@ -61,10 +60,19 @@ public class BasicButtonUI extends ButtonUI{
    private final static String propertyPrefix = "Button" + ".";
    private static final Object BASIC_BUTTON_UI_KEY = new Object();
    // ********************************
    //          Create PLAF
    // ********************************
    public static ComponentUI createUI(JComponent c) {
        AppContext appContext = AppContext.getAppContext();
        BasicButtonUI buttonUI =
                (BasicButtonUI) appContext.get(BASIC_BUTTON_UI_KEY);
        if (buttonUI == null) {
            buttonUI = new BasicButtonUI();
            appContext.put(BASIC_BUTTON_UI_KEY, buttonUI);
        }
        return buttonUI;
    }
--- a/jdk/src/share/classes/javax/swing/plaf/basic/BasicCheckBoxUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/basic/BasicCheckBoxUI.java
@ -25,6 +25,8 @@
 package javax.swing.plaf.basic;
 import sun.awt.AppContext;
 import javax.swing.*;
 import java.awt.*;
@ -49,7 +51,7 @@ import java.io.Serializable;
 */
 public class BasicCheckBoxUI extends BasicRadioButtonUI {
-    private final static BasicCheckBoxUI checkboxUI = new BasicCheckBoxUI();
+    private static final Object BASIC_CHECK_BOX_UI_KEY = new Object();
    private final static String propertyPrefix = "CheckBox" + ".";
@ -57,6 +59,13 @@ public class BasicCheckBoxUI extends BasicRadioButtonUI {
    //            Create PLAF
    // ********************************
    public static ComponentUI createUI(JComponent b) {
        AppContext appContext = AppContext.getAppContext();
        BasicCheckBoxUI checkboxUI =
                (BasicCheckBoxUI) appContext.get(BASIC_CHECK_BOX_UI_KEY);
        if (checkboxUI == null) {
            checkboxUI = new BasicCheckBoxUI();
            appContext.put(BASIC_CHECK_BOX_UI_KEY, checkboxUI);
        }
        return checkboxUI;
    }
--- a/jdk/src/share/classes/javax/swing/plaf/basic/BasicLabelUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/basic/BasicLabelUI.java
@ -28,6 +28,8 @@ package javax.swing.plaf.basic;
 import sun.swing.SwingUtilities2;
 import sun.swing.DefaultLookup;
 import sun.swing.UIAction;
 import sun.awt.AppContext;
 import javax.swing.*;
 import javax.swing.plaf.*;
 import javax.swing.text.View;
@ -63,7 +65,7 @@ public class BasicLabelUI extends LabelUI implements  PropertyChangeListener
    * name in defaults table under the key "LabelUI".
    */
    protected static BasicLabelUI labelUI = new BasicLabelUI();
-    private final static BasicLabelUI SAFE_BASIC_LABEL_UI = new BasicLabelUI();
+    private static final Object BASIC_LABEL_UI_KEY = new Object();
    private Rectangle paintIconR = new Rectangle();
    private Rectangle paintTextR = new Rectangle();
@ -394,10 +396,16 @@ public class BasicLabelUI extends LabelUI implements  PropertyChangeListener
    public static ComponentUI createUI(JComponent c) {
        if (System.getSecurityManager() != null) {
-            return SAFE_BASIC_LABEL_UI;
+            AppContext appContext = AppContext.getAppContext();
-        } else {
+            BasicLabelUI safeBasicLabelUI =
-            return labelUI;
+                    (BasicLabelUI) appContext.get(BASIC_LABEL_UI_KEY);
            if (safeBasicLabelUI == null) {
                safeBasicLabelUI = new BasicLabelUI();
                appContext.put(BASIC_LABEL_UI_KEY, safeBasicLabelUI);
            }
            return safeBasicLabelUI;
        }
        return labelUI;
    }
    public void propertyChange(PropertyChangeEvent e) {
--- a/jdk/src/share/classes/javax/swing/plaf/basic/BasicRadioButtonUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/basic/BasicRadioButtonUI.java
@ -32,6 +32,7 @@ import javax.swing.border.*;
 import javax.swing.plaf.*;
 import javax.swing.text.View;
 import sun.swing.SwingUtilities2;
 import sun.awt.AppContext;
 /**
@ -41,7 +42,7 @@ import sun.swing.SwingUtilities2;
 */
 public class BasicRadioButtonUI extends BasicToggleButtonUI
 {
-    private final static BasicRadioButtonUI radioButtonUI = new BasicRadioButtonUI();
+    private static final Object BASIC_RADIO_BUTTON_UI_KEY = new Object();
    protected Icon icon;
@ -53,6 +54,13 @@ public class BasicRadioButtonUI extends BasicToggleButtonUI
    //        Create PLAF
    // ********************************
    public static ComponentUI createUI(JComponent b) {
        AppContext appContext = AppContext.getAppContext();
        BasicRadioButtonUI radioButtonUI =
                (BasicRadioButtonUI) appContext.get(BASIC_RADIO_BUTTON_UI_KEY);
        if (radioButtonUI == null) {
            radioButtonUI = new BasicRadioButtonUI();
            appContext.put(BASIC_RADIO_BUTTON_UI_KEY, radioButtonUI);
        }
        return radioButtonUI;
    }
--- a/jdk/src/share/classes/javax/swing/plaf/basic/BasicSplitPaneUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/basic/BasicSplitPaneUI.java
@ -1,5 +1,5 @@
 /*
- * Copyright 1997-2008 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -31,14 +31,12 @@ import sun.swing.DefaultLookup;
 import sun.swing.UIAction;
 import javax.swing.*;
 import javax.swing.border.Border;
 import javax.swing.event.*;
 import java.awt.*;
 import java.awt.event.*;
 import java.awt.peer.ComponentPeer;
 import java.awt.peer.LightweightPeer;
 import java.beans.*;
 import java.util.*;
 import javax.swing.plaf.ActionMapUIResource;
 import javax.swing.plaf.SplitPaneUI;
 import javax.swing.plaf.ComponentUI;
 import javax.swing.plaf.UIResource;
@ -106,13 +104,13 @@ public class BasicSplitPaneUI extends SplitPaneUI
     * Keys to use for forward focus traversal when the JComponent is
     * managing focus.
     */
-    private static Set<KeyStroke> managingFocusForwardTraversalKeys;
+    private Set<KeyStroke> managingFocusForwardTraversalKeys;
    /**
     * Keys to use for backward focus traversal when the JComponent is
     * managing focus.
     */
-    private static Set<KeyStroke> managingFocusBackwardTraversalKeys;
+    private Set<KeyStroke> managingFocusBackwardTraversalKeys;
    /**
@ -675,7 +673,7 @@ public class BasicSplitPaneUI extends SplitPaneUI
     * @return increment via keyboard methods.
     */
    int getKeyboardMoveIncrement() {
-        return KEYBOARD_DIVIDER_MOVE_OFFSET;
+        return 3;
    }
    /**
--- a/jdk/src/share/classes/javax/swing/plaf/basic/BasicToggleButtonUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/basic/BasicToggleButtonUI.java
@ -25,6 +25,8 @@
 package javax.swing.plaf.basic;
 import sun.awt.AppContext;
 import java.awt.*;
 import java.awt.event.*;
@ -43,7 +45,7 @@ import javax.swing.text.View;
 */
 public class BasicToggleButtonUI extends BasicButtonUI {
-    private final static BasicToggleButtonUI toggleButtonUI = new BasicToggleButtonUI();
+    private static final Object BASIC_TOGGLE_BUTTON_UI_KEY = new Object();
    private final static String propertyPrefix = "ToggleButton" + ".";
@ -51,6 +53,13 @@ public class BasicToggleButtonUI extends BasicButtonUI {
    //          Create PLAF
    // ********************************
    public static ComponentUI createUI(JComponent b) {
        AppContext appContext = AppContext.getAppContext();
        BasicToggleButtonUI toggleButtonUI =
                (BasicToggleButtonUI) appContext.get(BASIC_TOGGLE_BUTTON_UI_KEY);
        if (toggleButtonUI == null) {
            toggleButtonUI = new BasicToggleButtonUI();
            appContext.put(BASIC_TOGGLE_BUTTON_UI_KEY, toggleButtonUI);
        }
        return toggleButtonUI;
    }
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalBumps.java
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalBumps.java
@ -1,5 +1,5 @@
 /*
- * Copyright 1998-2008 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -28,8 +28,9 @@ package javax.swing.plaf.metal;
 import java.awt.*;
 import java.awt.image.*;
 import javax.swing.*;
-import java.io.*;
+import java.util.ArrayList;
-import java.util.*;
+import java.util.List;
 import sun.awt.AppContext;
 /**
 * Implements the bumps used throughout the Metal Look and Feel.
@ -49,19 +50,9 @@ class MetalBumps implements Icon {
    protected Color shadowColor;
    protected Color backColor;
-    protected static Vector<BumpBuffer> buffers = new Vector<BumpBuffer>();
+    private static final Object METAL_BUMPS = new Object();
    protected BumpBuffer buffer;
    public MetalBumps( Dimension bumpArea ) {
        this( bumpArea.width, bumpArea.height );
    }
    public MetalBumps( int width, int height ) {
        this(width, height, MetalLookAndFeel.getPrimaryControlHighlight(),
             MetalLookAndFeel.getPrimaryControlDarkShadow(),
             MetalLookAndFeel.getPrimaryControlShadow());
    }
    /**
     * Creates MetalBumps of the specified size with the specified colors.
     * If <code>newBackColor</code> is null, the background will be
@ -73,26 +64,22 @@ class MetalBumps implements Icon {
        setBumpColors( newTopColor, newShadowColor, newBackColor );
    }
-    private BumpBuffer getBuffer(GraphicsConfiguration gc, Color aTopColor,
+    private static BumpBuffer createBuffer(GraphicsConfiguration gc,
-                                 Color aShadowColor, Color aBackColor) {
+                                           Color topColor, Color shadowColor, Color backColor) {
-        if (buffer != null && buffer.hasSameConfiguration(
+        AppContext context = AppContext.getAppContext();
-                              gc, aTopColor, aShadowColor, aBackColor)) {
+        List<BumpBuffer> buffers = (List<BumpBuffer>) context.get(METAL_BUMPS);
-            return buffer;
+        if (buffers == null) {
            buffers = new ArrayList<BumpBuffer>();
            context.put(METAL_BUMPS, buffers);
        }
-        BumpBuffer result = null;
+        for (BumpBuffer buffer : buffers) {
-
+            if (buffer.hasSameConfiguration(gc, topColor, shadowColor, backColor)) {
-        for (BumpBuffer aBuffer : buffers) {
+                return buffer;
            if ( aBuffer.hasSameConfiguration(gc, aTopColor, aShadowColor,
                                              aBackColor)) {
                result = aBuffer;
                break;
            }
        }
-        if (result == null) {
+        BumpBuffer buffer = new BumpBuffer(gc, topColor, shadowColor, backColor);
-            result = new BumpBuffer(gc, topColor, shadowColor, backColor);
+        buffers.add(buffer);
-            buffers.addElement(result);
+        return buffer;
        }
        return result;
    }
    public void setBumpArea( Dimension bumpArea ) {
@ -119,10 +106,12 @@ class MetalBumps implements Icon {
        GraphicsConfiguration gc = (g instanceof Graphics2D) ?
                ((Graphics2D) g).getDeviceConfiguration() : null;
-        buffer = getBuffer(gc, topColor, shadowColor, backColor);
+        if ((buffer == null) || !buffer.hasSameConfiguration(gc, topColor, shadowColor, backColor)) {
            buffer = createBuffer(gc, topColor, shadowColor, backColor);
        }
-        int bufferWidth = buffer.getImageSize().width;
+        int bufferWidth = BumpBuffer.IMAGE_SIZE;
-        int bufferHeight = buffer.getImageSize().height;
+        int bufferHeight = BumpBuffer.IMAGE_SIZE;
        int iconWidth = getIconWidth();
        int iconHeight = getIconHeight();
        int x2 = x + iconWidth;
@ -155,7 +144,6 @@ class MetalBumps implements Icon {
 class BumpBuffer {
    static final int IMAGE_SIZE = 64;
    static Dimension imageSize = new Dimension( IMAGE_SIZE, IMAGE_SIZE );
    transient Image image;
    Color topColor;
@ -197,10 +185,6 @@ class BumpBuffer {
        return image;
    }
    public Dimension getImageSize() {
        return imageSize;
    }
    /**
     * Paints the bumps into the current image.
     */
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalButtonUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalButtonUI.java
@ -26,6 +26,8 @@
 package javax.swing.plaf.metal;
 import sun.swing.SwingUtilities2;
 import sun.awt.AppContext;
 import javax.swing.*;
 import javax.swing.border.*;
 import javax.swing.plaf.basic.*;
@ -49,19 +51,25 @@ import javax.swing.plaf.*;
 * @author Tom Santos
 */
 public class MetalButtonUI extends BasicButtonUI {
    private final static MetalButtonUI metalButtonUI = new MetalButtonUI();
    // NOTE: These are not really needed, but at this point we can't pull
    // them. Their values are updated purely for historical reasons.
    protected Color focusColor;
    protected Color selectColor;
    protected Color disabledTextColor;
    private static final Object METAL_BUTTON_UI_KEY = new Object();
    // ********************************
    //          Create PLAF
    // ********************************
    public static ComponentUI createUI(JComponent c) {
        AppContext appContext = AppContext.getAppContext();
        MetalButtonUI metalButtonUI =
                (MetalButtonUI) appContext.get(METAL_BUTTON_UI_KEY);
        if (metalButtonUI == null) {
            metalButtonUI = new MetalButtonUI();
            appContext.put(METAL_BUTTON_UI_KEY, metalButtonUI);
        }
        return metalButtonUI;
    }
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalCheckBoxUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalCheckBoxUI.java
@ -25,6 +25,8 @@
 package javax.swing.plaf.metal;
 import sun.awt.AppContext;
 import javax.swing.*;
 import javax.swing.plaf.basic.BasicCheckBoxUI;
@ -55,7 +57,7 @@ public class MetalCheckBoxUI extends MetalRadioButtonUI {
    // of BasicCheckBoxUI because we want to pick up all the
    // painting changes made in MetalRadioButtonUI.
-    private final static MetalCheckBoxUI checkboxUI = new MetalCheckBoxUI();
+    private static final Object METAL_CHECK_BOX_UI_KEY = new Object();
    private final static String propertyPrefix = "CheckBox" + ".";
@ -65,6 +67,13 @@ public class MetalCheckBoxUI extends MetalRadioButtonUI {
    //         Create PlAF
    // ********************************
    public static ComponentUI createUI(JComponent b) {
        AppContext appContext = AppContext.getAppContext();
        MetalCheckBoxUI checkboxUI =
                (MetalCheckBoxUI) appContext.get(METAL_CHECK_BOX_UI_KEY);
        if (checkboxUI == null) {
            checkboxUI = new MetalCheckBoxUI();
            appContext.put(METAL_CHECK_BOX_UI_KEY, checkboxUI);
        }
        return checkboxUI;
    }
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalInternalFrameUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalInternalFrameUI.java
@ -1,5 +1,5 @@
 /*
- * Copyright 1998-2006 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -31,10 +31,8 @@ import javax.swing.*;
 import javax.swing.event.*;
 import javax.swing.border.*;
 import javax.swing.plaf.basic.*;
 import java.util.EventListener;
 import java.beans.PropertyChangeListener;
 import java.beans.PropertyChangeEvent;
 import java.beans.PropertyVetoException;
 import javax.swing.plaf.*;
 /**
@ -51,7 +49,7 @@ public class MetalInternalFrameUI extends BasicInternalFrameUI {
  private static final Border handyEmptyBorder = new EmptyBorder(0,0,0,0);
  protected static String IS_PALETTE   = "JInternalFrame.isPalette";
-
+  private static String IS_PALETTE_KEY = "JInternalFrame.isPalette";
  private static String FRAME_TYPE     = "JInternalFrame.frameType";
  private static String NORMAL_FRAME   = "normal";
  private static String PALETTE_FRAME  = "palette";
@ -68,7 +66,7 @@ public class MetalInternalFrameUI extends BasicInternalFrameUI {
  public void installUI(JComponent c) {
    super.installUI(c);
-    Object paletteProp = c.getClientProperty( IS_PALETTE );
+    Object paletteProp = c.getClientProperty(IS_PALETTE_KEY);
    if ( paletteProp != null ) {
        setPalette( ((Boolean)paletteProp).booleanValue() );
    }
@ -187,7 +185,7 @@ public class MetalInternalFrameUI extends BasicInternalFrameUI {
                  ui.setFrameType( (String) e.getNewValue() );
              }
          }
-          else if ( name.equals( IS_PALETTE ) )
+          else if ( name.equals(IS_PALETTE_KEY) )
          {
              if ( e.getNewValue() != null )
              {
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalLabelUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalLabelUI.java
@ -26,6 +26,8 @@
 package javax.swing.plaf.metal;
 import sun.swing.SwingUtilities2;
 import sun.awt.AppContext;
 import javax.swing.*;
 import javax.swing.plaf.*;
 import javax.swing.plaf.basic.*;
@ -51,15 +53,21 @@ public class MetalLabelUI extends BasicLabelUI
    * name in defaults table under the key "LabelUI".
    */
    protected static MetalLabelUI metalLabelUI = new MetalLabelUI();
    private final static MetalLabelUI SAFE_METAL_LABEL_UI = new MetalLabelUI();
    private static final Object METAL_LABEL_UI_KEY = new Object();
    public static ComponentUI createUI(JComponent c) {
        if (System.getSecurityManager() != null) {
-            return SAFE_METAL_LABEL_UI;
+            AppContext appContext = AppContext.getAppContext();
-        } else {
+            MetalLabelUI safeMetalLabelUI =
-            return metalLabelUI;
+                    (MetalLabelUI) appContext.get(METAL_LABEL_UI_KEY);
            if (safeMetalLabelUI == null) {
                safeMetalLabelUI = new MetalLabelUI();
                appContext.put(METAL_LABEL_UI_KEY, safeMetalLabelUI);
            }
            return safeMetalLabelUI;
        }
        return metalLabelUI;
    }
    /**
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalRadioButtonUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalRadioButtonUI.java
@ -26,6 +26,8 @@
 package javax.swing.plaf.metal;
 import sun.swing.SwingUtilities2;
 import sun.awt.AppContext;
 import java.awt.*;
 import java.awt.event.*;
 import javax.swing.*;
@ -53,7 +55,7 @@ import javax.swing.text.View;
 */
 public class MetalRadioButtonUI extends BasicRadioButtonUI {
-    private static final MetalRadioButtonUI metalRadioButtonUI = new MetalRadioButtonUI();
+    private static final Object METAL_RADIO_BUTTON_UI_KEY = new Object();
    protected Color focusColor;
    protected Color selectColor;
@ -65,6 +67,13 @@ public class MetalRadioButtonUI extends BasicRadioButtonUI {
    //        Create PlAF
    // ********************************
    public static ComponentUI createUI(JComponent c) {
        AppContext appContext = AppContext.getAppContext();
        MetalRadioButtonUI metalRadioButtonUI =
                (MetalRadioButtonUI) appContext.get(METAL_RADIO_BUTTON_UI_KEY);
        if (metalRadioButtonUI == null) {
            metalRadioButtonUI = new MetalRadioButtonUI();
            appContext.put(METAL_RADIO_BUTTON_UI_KEY, metalRadioButtonUI);
        }
        return metalRadioButtonUI;
    }
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalSliderUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalSliderUI.java
@ -1,5 +1,5 @@
 /*
- * Copyright 1998-2008 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -54,12 +54,13 @@ public class MetalSliderUI extends BasicSliderUI {
    protected final int TICK_BUFFER = 4;
    protected boolean filledSlider = false;
-    // NOTE: these next three variables are currently unused.
+    // NOTE: these next five variables are currently unused.
    protected static Color thumbColor;
    protected static Color highlightColor;
    protected static Color darkShadowColor;
    protected static int trackWidth;
    protected static int tickLength;
    private int safeLength;
   /**
    * A default horizontal thumb <code>Icon</code>. This field might not be
@ -107,7 +108,7 @@ public class MetalSliderUI extends BasicSliderUI {
    public void installUI( JComponent c ) {
        trackWidth = ((Integer)UIManager.get( "Slider.trackWidth" )).intValue();
-        tickLength = ((Integer)UIManager.get( "Slider.majorTickLength" )).intValue();
+        tickLength = safeLength = ((Integer)UIManager.get( "Slider.majorTickLength" )).intValue();
        horizThumbIcon = SAFE_HORIZ_THUMB_ICON =
                UIManager.getIcon( "Slider.horizontalThumbIcon" );
        vertThumbIcon = SAFE_VERT_THUMB_ICON =
@ -477,8 +478,8 @@ public class MetalSliderUI extends BasicSliderUI {
     * determine the tick area rectangle.
     */
    public int getTickLength() {
-        return slider.getOrientation() == JSlider.HORIZONTAL ? tickLength + TICK_BUFFER + 1 :
+        return slider.getOrientation() == JSlider.HORIZONTAL ? safeLength + TICK_BUFFER + 1 :
-        tickLength + TICK_BUFFER + 3;
+        safeLength + TICK_BUFFER + 3;
    }
    /**
@ -523,22 +524,22 @@ public class MetalSliderUI extends BasicSliderUI {
    protected void paintMinorTickForHorizSlider( Graphics g, Rectangle tickBounds, int x ) {
        g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
-        g.drawLine( x, TICK_BUFFER, x, TICK_BUFFER + (tickLength / 2) );
+        g.drawLine( x, TICK_BUFFER, x, TICK_BUFFER + (safeLength / 2) );
    }
    protected void paintMajorTickForHorizSlider( Graphics g, Rectangle tickBounds, int x ) {
        g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
-        g.drawLine( x, TICK_BUFFER , x, TICK_BUFFER + (tickLength - 1) );
+        g.drawLine( x, TICK_BUFFER , x, TICK_BUFFER + (safeLength - 1) );
    }
    protected void paintMinorTickForVertSlider( Graphics g, Rectangle tickBounds, int y ) {
        g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
        if (MetalUtils.isLeftToRight(slider)) {
-            g.drawLine( TICK_BUFFER, y, TICK_BUFFER + (tickLength / 2), y );
+            g.drawLine( TICK_BUFFER, y, TICK_BUFFER + (safeLength / 2), y );
        }
        else {
-            g.drawLine( 0, y, tickLength/2, y );
+            g.drawLine( 0, y, safeLength/2, y );
        }
    }
@ -546,10 +547,10 @@ public class MetalSliderUI extends BasicSliderUI {
        g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
        if (MetalUtils.isLeftToRight(slider)) {
-            g.drawLine( TICK_BUFFER, y, TICK_BUFFER + tickLength, y );
+            g.drawLine( TICK_BUFFER, y, TICK_BUFFER + safeLength, y );
        }
        else {
-            g.drawLine( 0, y, tickLength, y );
+            g.drawLine( 0, y, safeLength, y );
        }
    }
 }
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalToggleButtonUI.java
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalToggleButtonUI.java
@ -26,6 +26,8 @@
 package javax.swing.plaf.metal;
 import sun.swing.SwingUtilities2;
 import sun.awt.AppContext;
 import java.awt.*;
 import java.awt.event.*;
 import java.lang.ref.*;
@ -55,7 +57,7 @@ import java.io.Serializable;
 */
 public class MetalToggleButtonUI extends BasicToggleButtonUI {
-    private static final MetalToggleButtonUI metalToggleButtonUI = new MetalToggleButtonUI();
+    private static final Object METAL_TOGGLE_BUTTON_UI_KEY = new Object();
    protected Color focusColor;
    protected Color selectColor;
@ -67,6 +69,13 @@ public class MetalToggleButtonUI extends BasicToggleButtonUI {
    //        Create PLAF
    // ********************************
    public static ComponentUI createUI(JComponent b) {
        AppContext appContext = AppContext.getAppContext();
        MetalToggleButtonUI metalToggleButtonUI =
                (MetalToggleButtonUI) appContext.get(METAL_TOGGLE_BUTTON_UI_KEY);
        if (metalToggleButtonUI == null) {
            metalToggleButtonUI = new MetalToggleButtonUI();
            appContext.put(METAL_TOGGLE_BUTTON_UI_KEY, metalToggleButtonUI);
        }
        return metalToggleButtonUI;
    }
--- a/jdk/src/share/classes/sun/applet/AppletClassLoader.java
+++ b/jdk/src/share/classes/sun/applet/AppletClassLoader.java
@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2005 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 1995-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -51,6 +51,7 @@ import java.security.Permission;
 import java.security.PermissionCollection;
 import sun.awt.AppContext;
 import sun.awt.SunToolkit;
 import sun.misc.IOUtils;
 import sun.net.www.ParseUtil;
 import sun.security.util.SecurityConstants;
@ -331,36 +332,7 @@ public class AppletClassLoader extends URLClassLoader {
        byte[] b;
        try {
-            if (len != -1) {
+            b = IOUtils.readFully(in, len, true);
                // Read exactly len bytes from the input stream
                b = new byte[len];
                while (len > 0) {
                    int n = in.read(b, b.length - len, len);
                    if (n == -1) {
                        throw new IOException("unexpected EOF");
                    }
                    len -= n;
                }
            } else {
                // Read until end of stream is reached - use 8K buffer
                // to speed up performance [stanleyh]
                b = new byte[8192];
                int total = 0;
                while ((len = in.read(b, total, b.length - total)) != -1) {
                    total += len;
                    if (total >= b.length) {
                        byte[] tmp = new byte[total * 2];
                        System.arraycopy(b, 0, tmp, 0, total);
                        b = tmp;
                    }
                }
                // Trim array to correct size, if necessary
                if (total != b.length) {
                    byte[] tmp = new byte[total];
                    System.arraycopy(b, 0, tmp, 0, total);
                    b = tmp;
                }
            }
        } finally {
            in.close();
        }
--- a/jdk/src/share/classes/sun/awt/image/ImageRepresentation.java
+++ b/jdk/src/share/classes/sun/awt/image/ImageRepresentation.java
@ -336,10 +336,6 @@ public class ImageRepresentation extends ImageWatched implements ImageConsumer
    public native void setICMpixels(int x, int y, int w, int h, int[] lut,
                                    byte[] pix, int off, int scansize,
                                    IntegerComponentRaster ict);
    public native void setBytePixels(int x, int y, int w, int h, byte[] pix,
                                     int off, int scansize,
                                     ByteComponentRaster bct, int chanOff);
    public native int setDiffICM(int x, int y, int w, int h, int[] lut,
                                 int transPix, int numLut, IndexColorModel icm,
                                 byte[] pix, int off, int scansize,
@ -450,27 +446,17 @@ public class ImageRepresentation extends ImageWatched implements ImageConsumer
                     (biRaster instanceof ByteComponentRaster) &&
                     (biRaster.getNumDataElements() == 1)){
                ByteComponentRaster bt = (ByteComponentRaster) biRaster;
-                if (w*h > 200) {
+                if (off == 0 && scansize == w) {
-                    if (off == 0 && scansize == w) {
+                    bt.putByteData(x, y, w, h, pix);
                        bt.putByteData(x, y, w, h, pix);
                    }
                    else {
                        byte[] bpix = new byte[w];
                        poff = off;
                        for (int yoff=y; yoff < y+h; yoff++) {
                            System.arraycopy(pix, poff, bpix, 0, w);
                            bt.putByteData(x, yoff, w, 1, bpix);
                            poff += scansize;
                        }
                    }
                }
                else {
-                    // Only is faster if #pixels
+                    byte[] bpix = new byte[w];
-                    // Note that setBytePixels modifies the raster directly
+                    poff = off;
-                    // so we must mark it as changed afterwards
+                    for (int yoff=y; yoff < y+h; yoff++) {
-                    setBytePixels(x, y, w, h, pix, off, scansize, bt,
+                        System.arraycopy(pix, poff, bpix, 0, w);
-                                  bt.getDataOffset(0));
+                        bt.putByteData(x, yoff, w, 1, bpix);
-                    bt.markDirty();
+                        poff += scansize;
                    }
                }
            }
            else {
--- a/jdk/src/share/classes/sun/dyn/anon/AnonymousClassLoader.java
+++ b/jdk/src/share/classes/sun/dyn/anon/AnonymousClassLoader.java
@ -26,9 +26,9 @@
 package sun.dyn.anon;
 import java.io.IOException;
 import java.io.InputStream;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import sun.misc.IOUtils;
 /**
 * Anonymous class loader.  Will load any valid classfile, producing
@ -285,13 +285,6 @@ public class AnonymousClassLoader {
        if (contentLength < 0)
            throw new IOException("invalid content length "+contentLength);
-        byte[] classFile = new byte[contentLength];
+        return IOUtils.readFully(connection.getInputStream(), contentLength, true);
        InputStream tcs = connection.getInputStream();
        for (int fill = 0, nr; fill < classFile.length; fill += nr) {
            nr = tcs.read(classFile, fill, classFile.length - fill);
            if (nr < 0)
                throw new IOException("premature end of file");
        }
        return classFile;
    }
 }
--- a/jdk/src/share/classes/sun/misc/IOUtils.java
+++ b/jdk/src/share/classes/sun/misc/IOUtils.java
@ -0,0 +1,80 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Sun designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Sun in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /**
 * IOUtils: A collection of IO-related public static methods.
 */
 package sun.misc;
 import java.io.EOFException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.Arrays;
 public class IOUtils {
    /**
     * Read up to <code>length</code> of bytes from <code>in</code>
     * until EOF is detected.
     * @param in input stream, must not be null
     * @param length number of bytes to read, -1 or Integer.MAX_VALUE means
     *        read as much as possible
     * @param readAll if true, an EOFException will be thrown if not enough
     *        bytes are read. Ignored when length is -1 or Integer.MAX_VALUE
     * @return bytes read
     * @throws IOException Any IO error or a premature EOF is detected
     */
    public static byte[] readFully(InputStream is, int length, boolean readAll)
            throws IOException {
        byte[] output = {};
        if (length == -1) length = Integer.MAX_VALUE;
        int pos = 0;
        while (pos < length) {
            int bytesToRead;
            if (pos >= output.length) { // Only expand when there's no room
                bytesToRead = Math.min(length - pos, output.length + 1024);
                if (output.length < pos + bytesToRead) {
                    output = Arrays.copyOf(output, pos + bytesToRead);
                }
            } else {
                bytesToRead = output.length - pos;
            }
            int cc = is.read(output, pos, bytesToRead);
            if (cc < 0) {
                if (readAll && length != Integer.MAX_VALUE) {
                    throw new EOFException("Detect premature EOF");
                } else {
                    if (output.length != pos) {
                        output = Arrays.copyOf(output, pos);
                    }
                    break;
                }
            }
            pos += cc;
        }
        return output;
    }
 }
--- a/jdk/src/share/classes/sun/misc/Resource.java
+++ b/jdk/src/share/classes/sun/misc/Resource.java
@ -1,5 +1,5 @@
 /*
- * Copyright 1998-2006 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -25,14 +25,15 @@
 package sun.misc;
 import java.io.EOFException;
 import java.net.URL;
 import java.io.IOException;
 import java.io.InterruptedIOException;
 import java.io.InputStream;
 import java.security.CodeSigner;
 import java.util.jar.Manifest;
 import java.util.jar.Attributes;
 import java.nio.ByteBuffer;
 import java.util.Arrays;
 import sun.nio.ByteBuffered;
 /**
@ -105,49 +106,37 @@ public abstract class Resource {
        }
        try {
-            if (len != -1) {
+            b = new byte[0];
-                // Read exactly len bytes from the input stream
+            if (len == -1) len = Integer.MAX_VALUE;
-                b = new byte[len];
+            int pos = 0;
-                while (len > 0) {
+            while (pos < len) {
-                    int n = 0;
+                int bytesToRead;
-                    try {
+                if (pos >= b.length) { // Only expand when there's no room
-                        n = in.read(b, b.length - len, len);
+                    bytesToRead = Math.min(len - pos, b.length + 1024);
-                    } catch (InterruptedIOException iioe) {
+                    if (b.length < pos + bytesToRead) {
-                        Thread.interrupted();
+                        b = Arrays.copyOf(b, pos + bytesToRead);
                        isInterrupted = true;
                    }
-                    if (n == -1) {
+                } else {
-                        throw new IOException("unexpected EOF");
+                    bytesToRead = b.length - pos;
                    }
                    len -= n;
                }
-            } else {
+                int cc = 0;
-                // Read until end of stream is reached
+                try {
-                b = new byte[1024];
+                    cc = in.read(b, pos, bytesToRead);
-                int total = 0;
+                } catch (InterruptedIOException iioe) {
-                for (;;) {
+                    Thread.interrupted();
-                    len = 0;
+                    isInterrupted = true;
-                    try {
+                }
-                        len = in.read(b, total, b.length - total);
+                if (cc < 0) {
-                        if (len == -1)
+                    if (len != Integer.MAX_VALUE) {
-                            break;
+                        throw new EOFException("Detect premature EOF");
-                    } catch (InterruptedIOException iioe) {
+                    } else {
-                        Thread.interrupted();
+                        if (b.length != pos) {
-                        isInterrupted = true;
+                            b = Arrays.copyOf(b, pos);
-                    }
+                        }
-                    total += len;
+                        break;
                    if (total >= b.length) {
                        byte[] tmp = new byte[total * 2];
                        System.arraycopy(b, 0, tmp, 0, total);
                        b = tmp;
                    }
                }
-                // Trim array to correct size, if necessary
+                pos += cc;
                if (total != b.length) {
                    byte[] tmp = new byte[total];
                    System.arraycopy(b, 0, tmp, 0, total);
                    b = tmp;
                }
            }
        } finally {
            try {
--- a/jdk/src/share/classes/sun/reflect/misc/MethodUtil.java
+++ b/jdk/src/share/classes/sun/reflect/misc/MethodUtil.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2005-2008 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -44,6 +44,7 @@ import java.lang.reflect.Modifier;
 import java.util.Collection;
 import java.util.HashMap;
 import java.util.Map;
 import sun.misc.IOUtils;
 import sun.net.www.ParseUtil;
 import sun.security.util.SecurityConstants;
@ -373,34 +374,7 @@ public final class MethodUtil extends SecureClassLoader {
        byte[] b;
        try {
-            if (len != -1) {
+            b = IOUtils.readFully(in, len, true);
                // Read exactly len bytes from the input stream
                b = new byte[len];
                while (len > 0) {
                    int n = in.read(b, b.length - len, len);
                    if (n == -1) {
                        throw new IOException("unexpected EOF");
                    }
                    len -= n;
                }
            } else {
                b = new byte[8192];
                int total = 0;
                while ((len = in.read(b, total, b.length - total)) != -1) {
                    total += len;
                    if (total >= b.length) {
                        byte[] tmp = new byte[total * 2];
                        System.arraycopy(b, 0, tmp, 0, total);
                        b = tmp;
                    }
                }
                // Trim array to correct size, if necessary
                if (total != b.length) {
                    byte[] tmp = new byte[total];
                    System.arraycopy(b, 0, tmp, 0, total);
                    b = tmp;
                }
            }
        } finally {
            in.close();
        }
--- a/jdk/src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java
+++ b/jdk/src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java
@ -0,0 +1,119 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Sun designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Sun in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 package sun.security.provider.certpath;
 import java.util.Set;
 import java.util.Collection;
 import java.util.Locale;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
 import java.security.cert.X509CRL;
 import java.security.cert.CertPathValidatorException;
 import java.security.cert.PKIXCertPathChecker;
 import sun.security.x509.AlgorithmId;
 /**
 * AlgorithmChecker is a <code>PKIXCertPathChecker</code> that checks that
 * the signature algorithm of the specified certificate is not disabled.
 *
 * @author      Xuelei Fan
 */
 final public class AlgorithmChecker extends PKIXCertPathChecker {
    // the disabled algorithms
    private static final String[] disabledAlgorithms = new String[] {"md2"};
    // singleton instance
    static final AlgorithmChecker INSTANCE = new AlgorithmChecker();
    /**
     * Default Constructor
     */
    private AlgorithmChecker() {
        // do nothing
    }
    /**
     * Return a AlgorithmChecker instance.
     */
    static AlgorithmChecker getInstance() {
        return INSTANCE;
    }
    /**
     * Initializes the internal state of the checker from parameters
     * specified in the constructor.
     */
    public void init(boolean forward) throws CertPathValidatorException {
        // do nothing
    }
    public boolean isForwardCheckingSupported() {
        return false;
    }
    public Set<String> getSupportedExtensions() {
        return null;
    }
    /**
     * Checks the signature algorithm of the specified certificate.
     */
    public void check(Certificate cert, Collection<String> unresolvedCritExts)
            throws CertPathValidatorException {
        check(cert);
    }
    public static void check(Certificate cert)
            throws CertPathValidatorException {
        X509Certificate xcert = (X509Certificate)cert;
        check(xcert.getSigAlgName());
    }
    static void check(AlgorithmId aid) throws CertPathValidatorException {
        check(aid.getName());
    }
    static void check(X509CRL crl) throws CertPathValidatorException {
        check(crl.getSigAlgName());
    }
    private static void check(String algName)
            throws CertPathValidatorException {
        String lowerCaseAlgName = algName.toLowerCase(Locale.ENGLISH);
        for (String disabled : disabledAlgorithms) {
            // checking the signature algorithm name
            if (lowerCaseAlgName.indexOf(disabled) != -1) {
                throw new CertPathValidatorException(
                    "algorithm check failed: " + algName + " is disabled");
            }
        }
    }
 }
--- a/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
+++ b/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
@ -289,6 +289,16 @@ class DistributionPointFetcher {
        X500Name certIssuer = (X500Name) certImpl.getIssuerDN();
        X500Name crlIssuer = (X500Name) crlImpl.getIssuerDN();
        // check the crl signature algorithm
        try {
            AlgorithmChecker.check(crl);
        } catch (CertPathValidatorException cpve) {
            if (debug != null) {
                debug.println("CRL signature algorithm check failed: " + cpve);
            }
            return false;
        }
        // if crlIssuer is set, verify that it matches the issuer of the
        // CRL and the CRL contains an IDP extension with the indirectCRL
        // boolean asserted. Otherwise, verify that the CRL issuer matches the
--- a/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
+++ b/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
@ -718,6 +718,11 @@ class ForwardBuilder extends Builder {
        /* we don't perform any validation of the trusted cert */
        if (!isTrustedCert) {
            /*
             * check that the signature algorithm is not disabled.
             */
            AlgorithmChecker.check(cert);
            /*
             * Check CRITICAL private extensions for user checkers that
             * support forward checking (forwardCheckers) and remove
--- a/jdk/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
+++ b/jdk/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
@ -275,6 +275,7 @@ public class PKIXCertPathValidator extends CertPathValidatorSpi {
        int certPathLen = certList.size();
        basicChecker = new BasicChecker(anchor, testDate, sigProvider, false);
        AlgorithmChecker algorithmChecker= AlgorithmChecker.getInstance();
        KeyChecker keyChecker = new KeyChecker(certPathLen,
            pkixParam.getTargetCertConstraints());
        ConstraintsChecker constraintsChecker =
@ -291,6 +292,7 @@ public class PKIXCertPathValidator extends CertPathValidatorSpi {
        ArrayList<PKIXCertPathChecker> certPathCheckers =
            new ArrayList<PKIXCertPathChecker>();
        // add standard checkers that we will be using
        certPathCheckers.add(algorithmChecker);
        certPathCheckers.add(keyChecker);
        certPathCheckers.add(constraintsChecker);
        certPathCheckers.add(policyChecker);
--- a/jdk/src/share/classes/sun/security/provider/certpath/ReverseBuilder.java
+++ b/jdk/src/share/classes/sun/security/provider/certpath/ReverseBuilder.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2000-2008 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 2000-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -347,6 +347,9 @@ class ReverseBuilder extends Builder {
            return;
        }
        /* check that the signature algorithm is not disabled. */
        AlgorithmChecker.check(cert);
        /*
         * check for looping - abort a loop if
         * ((we encounter the same certificate twice) AND
--- a/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java
+++ b/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java
@ -34,6 +34,7 @@ import java.util.Iterator;
 import java.util.Set;
 import java.util.Arrays;
 import sun.misc.IOUtils;
 import sun.security.pkcs.*;
 /**
@ -142,25 +143,7 @@ public class HttpTimestamper implements Timestamper {
            int total = 0;
            int contentLength = connection.getContentLength();
-            if (contentLength != -1) {
+            replyBuffer = IOUtils.readFully(input, contentLength, false);
                replyBuffer = new byte[contentLength];
            } else {
                replyBuffer = new byte[2048];
                contentLength = Integer.MAX_VALUE;
            }
            while (total < contentLength) {
                int count = input.read(replyBuffer, total,
                                        replyBuffer.length - total);
                if (count < 0)
                    break;
                total += count;
                if (total >= replyBuffer.length && total < contentLength) {
                    replyBuffer = Arrays.copyOf(replyBuffer, total * 2);
                }
            }
            replyBuffer = Arrays.copyOf(replyBuffer, total);
            if (DEBUG) {
                System.out.println("received timestamp response (length=" +
--- a/jdk/src/share/classes/sun/security/util/DerValue.java
+++ b/jdk/src/share/classes/sun/security/util/DerValue.java
@ -28,6 +28,7 @@ package sun.security.util;
 import java.io.*;
 import java.math.BigInteger;
 import java.util.Date;
 import sun.misc.IOUtils;
 /**
 * Represents a single DER-encoded value.  DER encoding rules are a subset
@ -382,12 +383,8 @@ public class DerValue {
        if (fullyBuffered && in.available() != length)
            throw new IOException("extra data given to DerValue constructor");
-        byte[] bytes = new byte[length];
+        byte[] bytes = IOUtils.readFully(in, length, true);
        // n.b. readFully not needed in normal fullyBuffered case
        DataInputStream dis = new DataInputStream(in);
        dis.readFully(bytes);
        buffer = new DerInputBuffer(bytes);
        return new DerInputStream(buffer);
    }
--- a/jdk/src/share/classes/sun/security/validator/SimpleValidator.java
+++ b/jdk/src/share/classes/sun/security/validator/SimpleValidator.java
@ -40,6 +40,8 @@ import sun.security.util.DerInputStream;
 import sun.security.util.DerOutputStream;
 import sun.security.util.ObjectIdentifier;
 import sun.security.provider.certpath.AlgorithmChecker;
 /**
 * A simple validator implementation. It is based on code from the JSSE
 * X509TrustManagerImpl. This implementation is designed for compatibility with
@ -134,6 +136,13 @@ public final class SimpleValidator extends Validator {
            X509Certificate issuerCert = chain[i + 1];
            X509Certificate cert = chain[i];
            // check certificate algorithm
            try {
                AlgorithmChecker.check(cert);
            } catch (CertPathValidatorException cpve) {
                throw new ValidatorException
                        (ValidatorException.T_ALGORITHM_DISABLED, cert, cpve);
            }
            // no validity check for code signing certs
            if ((variant.equals(VAR_CODE_SIGNING) == false)
--- a/jdk/src/share/classes/sun/security/validator/ValidatorException.java
+++ b/jdk/src/share/classes/sun/security/validator/ValidatorException.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2003 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 2002-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -55,6 +55,9 @@ public class ValidatorException extends CertificateException {
    public final static Object T_NAME_CHAINING =
        "Certificate chaining error";
    public final static Object T_ALGORITHM_DISABLED =
        "Certificate signature algorithm disabled";
    private Object type;
    private X509Certificate cert;
--- a/jdk/src/share/classes/sun/util/calendar/ZoneInfoFile.java
+++ b/jdk/src/share/classes/sun/util/calendar/ZoneInfoFile.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2000-2006 Sun Microsystems, Inc.  All Rights Reserved.
+ * Copyright 2000-2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -472,6 +472,18 @@ public class ZoneInfoFile {
    private static Map<String, ZoneInfo> zoneInfoObjects = null;
    private static final String ziDir;
    static {
        String zi = (String) AccessController.doPrivileged(
                         new sun.security.action.GetPropertyAction("java.home"))
                    + File.separator + "lib" + File.separator + "zi";
        try {
            zi = new File(zi).getCanonicalPath();
        } catch (Exception e) {
        }
        ziDir = zi;
    }
    /**
     * Converts the given time zone ID to a platform dependent path
     * name. For example, "America/Los_Angeles" is converted to
@ -576,20 +588,7 @@ public class ZoneInfoFile {
            return null;
        }
-        int index;
+        int index = 0;
        for (index = 0; index < JAVAZI_LABEL.length; index++) {
            if (buf[index] != JAVAZI_LABEL[index]) {
                System.err.println("ZoneInfo: wrong magic number: " + id);
                return null;
            }
        }
        if (buf[index++] > JAVAZI_VERSION) {
            System.err.println("ZoneInfo: incompatible version ("
                               + buf[index - 1] + "): " + id);
            return null;
        }
        int filesize = buf.length;
        int rawOffset = 0;
        int dstSavings = 0;
@ -600,6 +599,18 @@ public class ZoneInfoFile {
        int[] simpleTimeZoneParams = null;
        try {
            for (index = 0; index < JAVAZI_LABEL.length; index++) {
                if (buf[index] != JAVAZI_LABEL[index]) {
                    System.err.println("ZoneInfo: wrong magic number: " + id);
                    return null;
                }
            }
            if (buf[index++] > JAVAZI_VERSION) {
                System.err.println("ZoneInfo: incompatible version ("
                                   + buf[index - 1] + "): " + id);
                return null;
            }
            while (index < filesize) {
                byte tag = buf[index++];
                int  len = ((buf[index++] & 0xFF) << 8) + (buf[index++] & 0xFF);
@ -1017,30 +1028,33 @@ public class ZoneInfoFile {
     * Reads the specified file under &lt;java.home&gt;/lib/zi into a buffer.
     * @return the buffer, or null if any I/O error occurred.
     */
-    private static byte[] readZoneInfoFile(String fileName) {
+    private static byte[] readZoneInfoFile(final String fileName) {
        byte[] buffer = null;
        try {
            String homeDir = AccessController.doPrivileged(
                new sun.security.action.GetPropertyAction("java.home"));
            final String fname = homeDir + File.separator + "lib" + File.separator
                                 + "zi" + File.separator + fileName;
            buffer = (byte[]) AccessController.doPrivileged(new PrivilegedExceptionAction() {
                public Object run() throws IOException {
-                    File file = new File(fname);
+                    File file = new File(ziDir, fileName);
-                    if (!file.canRead()) {
+                    if (!file.exists() || !file.isFile()) {
                        return null;
                    }
-                    int filesize = (int)file.length();
+                    file = file.getCanonicalFile();
-                    byte[] buf = new byte[filesize];
+                    String path = file.getCanonicalPath();
-
+                    byte[] buf = null;
-                    FileInputStream fis = new FileInputStream(file);
+                    if (path != null && path.startsWith(ziDir)) {
-
+                        int filesize = (int)file.length();
-                    if (fis.read(buf) != filesize) {
+                        if (filesize > 0) {
-                        fis.close();
+                            FileInputStream fis = new FileInputStream(file);
-                        throw new IOException("read error on " + fname);
+                            buf = new byte[filesize];
                            try {
                                if (fis.read(buf) != filesize) {
                                    throw new IOException("read error on " + fileName);
                                }
                            } finally {
                                fis.close();
                            }
                        }
                    }
                    fis.close();
                    return buf;
                }
            });
--- a/jdk/src/share/native/sun/awt/image/awt_ImageRep.c
+++ b/jdk/src/share/native/sun/awt/image/awt_ImageRep.c
@ -142,84 +142,6 @@ Java_sun_awt_image_ImageRepresentation_setICMpixels(JNIEnv *env, jclass cls,
 }
 JNIEXPORT void JNICALL
 Java_sun_awt_image_ImageRepresentation_setBytePixels(JNIEnv *env, jclass cls,
                                                     jint x, jint y, jint w,
                                                     jint h, jbyteArray jpix,
                                                     jint off, jint scansize,
                                                     jobject jbct,
                                                     jint chanOffs)
 {
    int sStride;
    int pixelStride;
    jobject jdata;
    unsigned char *srcData;
    unsigned char *dstData;
    unsigned char *dataP;
    unsigned char *pixP;
    int i;
    int j;
    if (JNU_IsNull(env, jpix)) {
        JNU_ThrowNullPointerException(env, "NullPointerException");
        return;
    }
    sStride = (*env)->GetIntField(env, jbct, g_BCRscanstrID);
    pixelStride = (*env)->GetIntField(env, jbct, g_BCRpixstrID);
    jdata = (*env)->GetObjectField(env, jbct, g_BCRdataID);
    srcData = (unsigned char *) (*env)->GetPrimitiveArrayCritical(env, jpix,
                                                                  NULL);
    if (srcData == NULL) {
        /* out of memory error already thrown */
        return;
    }
    dstData = (unsigned char *) (*env)->GetPrimitiveArrayCritical(env, jdata,
                                                                  NULL);
    if (dstData == NULL) {
        /* out of memory error already thrown */
        (*env)->ReleasePrimitiveArrayCritical(env, jpix, srcData, JNI_ABORT);
        return;
    }
    dataP = dstData + chanOffs + y*sStride + x*pixelStride;
    pixP  = srcData + off;
    if (pixelStride == 1) {
        if (sStride == scansize && scansize == w) {
            memcpy(dataP, pixP, w*h);
        }
        else {
            for (i=0; i < h; i++) {
                memcpy(dataP, pixP, w);
                dataP += sStride;
                pixP  += scansize;
            }
        }
    }
    else {
        unsigned char *ydataP = dataP;
        unsigned char *ypixP  = pixP;
        for (i=0; i < h; i++) {
            dataP = ydataP;
            pixP = ypixP;
            for (j=0; j < w; j++) {
                *dataP = *pixP++;
                dataP += pixelStride;
            }
            ydataP += sStride;
            ypixP  += scansize;
        }
    }
    (*env)->ReleasePrimitiveArrayCritical(env, jpix, srcData, JNI_ABORT);
    (*env)->ReleasePrimitiveArrayCritical(env, jdata, dstData, JNI_ABORT);
 }
 JNIEXPORT jint JNICALL
 Java_sun_awt_image_ImageRepresentation_setDiffICM(JNIEnv *env, jclass cls,
                                                  jint x, jint y, jint w,
@ -266,6 +188,13 @@ Java_sun_awt_image_ImageRepresentation_setDiffICM(JNIEnv *env, jclass cls,
    jnewlut = (*env)->GetObjectField(env, jicm, g_ICMrgbID);
    mapSize = (*env)->GetIntField(env, jicm, g_ICMmapSizeID);
    if (numLut < 0 || numLut > 256 || mapSize < 0 || mapSize > 256) {
        /* Ether old or new ICM has a palette that exceeds capacity
           of byte data type, so we have to convert the image data
           to default representation.
        */
        return 0;
    }
    srcLUT = (unsigned int *) (*env)->GetPrimitiveArrayCritical(env, jlut,
                                                                NULL);
    if (srcLUT == NULL) {
--- a/jdk/src/share/native/sun/awt/image/jpeg/imageioJPEG.c
+++ b/jdk/src/share/native/sun/awt/image/jpeg/imageioJPEG.c
@ -676,6 +676,10 @@ static int setQTables(JNIEnv *env,
 #ifdef DEBUG_IIO_JPEG
    printf("in setQTables, qlen = %d, write is %d\n", qlen, write);
 #endif
    if (qlen > NUM_QUANT_TBLS) {
        /* Ignore extra qunterization tables. */
        qlen = NUM_QUANT_TBLS;
    }
    for (i = 0; i < qlen; i++) {
        table = (*env)->GetObjectArrayElement(env, qtables, i);
        qdata = (*env)->GetObjectField(env, table, JPEGQTable_tableID);
@ -727,6 +731,11 @@ static void setHuffTable(JNIEnv *env,
    hlensBody = (*env)->GetShortArrayElements(env,
                                              huffLens,
                                              NULL);
    if (hlensLen > 16) {
        /* Ignore extra elements of bits array. Only 16 elements can be
           stored. 0-th element is not used. (see jpeglib.h, line 107)  */
        hlensLen = 16;
    }
    for (i = 1; i <= hlensLen; i++) {
        huff_ptr->bits[i] = (UINT8)hlensBody[i-1];
    }
@ -743,6 +752,11 @@ static void setHuffTable(JNIEnv *env,
                                              huffValues,
                                              NULL);
    if (hvalsLen > 256) {
        /* Ignore extra elements of hufval array. Only 256 elements
           can be stored. (see jpeglib.h, line 109)                  */
        hlensLen = 256;
    }
    for (i = 0; i < hvalsLen; i++) {
        huff_ptr->huffval[i] = (UINT8)hvalsBody[i];
    }
@ -763,6 +777,11 @@ static int setHTables(JNIEnv *env,
    j_compress_ptr comp;
    j_decompress_ptr decomp;
    jsize hlen = (*env)->GetArrayLength(env, DCHuffmanTables);
    if (hlen > NUM_HUFF_TBLS) {
        /* Ignore extra DC huffman tables. */
        hlen = NUM_HUFF_TBLS;
    }
    for (i = 0; i < hlen; i++) {
        if (cinfo->is_decompressor) {
            decomp = (j_decompress_ptr) cinfo;
@ -784,6 +803,10 @@ static int setHTables(JNIEnv *env,
        huff_ptr->sent_table = !write;
    }
    hlen = (*env)->GetArrayLength(env, ACHuffmanTables);
    if (hlen > NUM_HUFF_TBLS) {
        /* Ignore extra AC huffman tables. */
        hlen = NUM_HUFF_TBLS;
    }
    for (i = 0; i < hlen; i++) {
        if (cinfo->is_decompressor) {
            decomp = (j_decompress_ptr) cinfo;
@ -1833,6 +1856,13 @@ Java_com_sun_imageio_plugins_jpeg_JPEGImageReader_readImage
        return JNI_FALSE;
    }
    if (stepX > cinfo->image_width) {
        stepX = cinfo->image_width;
    }
    if (stepY > cinfo->image_height) {
        stepY = cinfo->image_height;
    }
    /*
     * First get the source bands array and copy it to our local array
     * so we don't have to worry about pinning and unpinning it again.
--- a/jdk/src/solaris/classes/sun/awt/X11GraphicsDevice.java
+++ b/jdk/src/solaris/classes/sun/awt/X11GraphicsDevice.java
@ -134,7 +134,7 @@ public class X11GraphicsDevice
                makeConfigurations();
            }
        }
-        return configs;
+        return configs.clone();
    }
    private void makeConfigurations() {
--- a/jdk/src/windows/classes/sun/awt/Win32GraphicsDevice.java
+++ b/jdk/src/windows/classes/sun/awt/Win32GraphicsDevice.java
@ -165,7 +165,7 @@ public class Win32GraphicsDevice extends GraphicsDevice implements
                if (defaultConfig != null) {
                    configs = new GraphicsConfiguration[1];
                    configs[0] = defaultConfig;
-                    return configs;
+                    return configs.clone();
                }
            }
@ -196,7 +196,7 @@ public class Win32GraphicsDevice extends GraphicsDevice implements
            configs = new GraphicsConfiguration[v.size()];
            v.copyInto(configs);
        }
-        return configs;
+        return configs.clone();
    }
    /**
--- a/jdk/src/windows/classes/sun/java2d/d3d/D3DGraphicsDevice.java
+++ b/jdk/src/windows/classes/sun/java2d/d3d/D3DGraphicsDevice.java
@ -429,7 +429,7 @@ public class D3DGraphicsDevice extends Win32GraphicsDevice {
                if (defaultConfig != null) {
                    configs = new GraphicsConfiguration[1];
                    configs[0] = defaultConfig;
-                    return configs;
+                    return configs.clone();
                }
            }
        }
--- a/jdk/test/java/awt/GraphicsDevice/CloneConfigsTest.java
+++ b/jdk/test/java/awt/GraphicsDevice/CloneConfigsTest.java
@ -0,0 +1,118 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug     6822057
 *
 * @summary Test verifies that list of supported graphics configurations
 *          can not be changed via modification of elements of an array
 *          returned by getConfiguration() method.
 *
 * @run     main CloneConfigsTest
 * @run     main/othervm -Dsun.java2d.opengl=True CloneConfigsTest
 * @run     main/othervm -Dsun.java2d.d3d=true CloneConfigsTest
 * @run     main/othervm -Dsun.java2d.noddraw=true CloneConfigsTest
 */
 import java.awt.GraphicsConfiguration;
 import java.awt.GraphicsDevice;
 import java.awt.GraphicsEnvironment;
 import java.awt.Rectangle;
 import java.awt.geom.AffineTransform;
 import java.awt.image.BufferedImage;
 import java.awt.image.ColorModel;
 public class CloneConfigsTest {
    public static void main(String[] args) {
        GraphicsEnvironment env =
                GraphicsEnvironment.getLocalGraphicsEnvironment();
        GraphicsDevice[] devices = env.getScreenDevices();
        GraphicsConfiguration c = new TestConfig();
        for (GraphicsDevice gd : devices) {
            System.out.println("Device: " + gd);
            GraphicsConfiguration[] configs = gd.getConfigurations();
            for (int i = 0; i < configs.length; i++) {
                GraphicsConfiguration gc  = configs[i];
                System.out.println("\tConfig: " + gc);
                configs[i] = c;
            }
            // verify whether array of configs was modified
            configs = gd.getConfigurations();
            for (GraphicsConfiguration gc : configs) {
                if (gc == c) {
                    throw new RuntimeException("Test failed.");
                }
            }
            System.out.println("Test passed.");
        }
    }
    private static class TestConfig extends GraphicsConfiguration {
        @Override
        public GraphicsDevice getDevice() {
            throw new UnsupportedOperationException("Not supported yet.");
        }
        @Override
        public BufferedImage createCompatibleImage(int width, int height) {
            throw new UnsupportedOperationException("Not supported yet.");
        }
        @Override
        public ColorModel getColorModel() {
            throw new UnsupportedOperationException("Not supported yet.");
        }
        @Override
        public ColorModel getColorModel(int transparency) {
            throw new UnsupportedOperationException("Not supported yet.");
        }
        @Override
        public AffineTransform getDefaultTransform() {
            throw new UnsupportedOperationException("Not supported yet.");
        }
        @Override
        public AffineTransform getNormalizingTransform() {
            throw new UnsupportedOperationException("Not supported yet.");
        }
        @Override
        public Rectangle getBounds() {
            throw new UnsupportedOperationException("Not supported yet.");
        }
    }
 }
--- a/jdk/test/java/lang/ClassLoader/UninitializedParent.java
+++ b/jdk/test/java/lang/ClassLoader/UninitializedParent.java
@ -0,0 +1,68 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6636650
 * @summary Uninitialized class loaders should not be a parent of other
 *          class loaders.
 */
 import java.net.*;
 public class UninitializedParent {
    private static ClassLoader loader;
    public static void main(String[] args) throws Exception {
        System.setSecurityManager(new SecurityManager());
        // Create an uninitialized class loader
        try {
            new ClassLoader(null) {
                @Override
                protected void finalize() {
                    loader = this;
                }
            };
        } catch (SecurityException exc) {
            // Expected
        }
        System.gc();
        System.runFinalization();
        // if 'loader' isn't null, need to ensure that it can't be used as
        // parent
        if (loader != null) {
            try {
                // Create a class loader with 'loader' being the parent
                URLClassLoader child = URLClassLoader.newInstance
                    (new URL[0], loader);
                throw new RuntimeException("Test Failed!");
            } catch (SecurityException se) {
                System.out.println("Test Passed: Exception thrown");
            }
        } else {
            System.out.println("Test Passed: Loader is null");
        }
    }
 }
--- a/jdk/test/javax/swing/Security/6657138/ComponentTest.java
+++ b/jdk/test/javax/swing/Security/6657138/ComponentTest.java
@ -0,0 +1,76 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6657138
 * @summary Verifies that buttons and labels work well after the fix for 6657138
 * @author Alexander Potochkin
 */
 import sun.awt.SunToolkit;
 import javax.swing.*;
 import java.awt.*;
 public class ComponentTest extends JFrame {
    private static JFrame frame;
    public ComponentTest() {
        setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
        setLayout(new FlowLayout());
        add(new JButton("JButton"));
        add(new JToggleButton("JToggleButton"));
        add(new JCheckBox("JCheckBox"));
        add(new JRadioButton("JRadioButton"));
        add(new JLabel("JLabel"));
        pack();
        setLocationRelativeTo(null);
    }
    public static void main(String[] args) throws Exception {
        SunToolkit toolkit = (SunToolkit) Toolkit.getDefaultToolkit();
        SwingUtilities.invokeAndWait(new Runnable() {
            public void run() {
                frame = new ComponentTest();
                frame.setVisible(true);
            }
        });
        toolkit.realSync();
        UIManager.LookAndFeelInfo[] lafs = UIManager.getInstalledLookAndFeels();
        for (final UIManager.LookAndFeelInfo laf : lafs) {
            SwingUtilities.invokeAndWait(new Runnable() {
                public void run() {
                    try {
                        UIManager.setLookAndFeel(laf.getClassName());
                    } catch (Exception e) {
                        new RuntimeException(e);
                    }
                    SwingUtilities.updateComponentTreeUI(frame);
                }
            });
            toolkit.realSync();
        }
    }
 }
--- a/jdk/test/javax/swing/Security/6657138/bug6657138.java
+++ b/jdk/test/javax/swing/Security/6657138/bug6657138.java
@ -0,0 +1,103 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6657138
 * @summary Verifies that buttons and labels don't share their ui's across appContexts
 * @author Alexander Potochkin
 */
 import sun.awt.SunToolkit;
 import javax.swing.*;
 import javax.swing.plaf.ButtonUI;
 import javax.swing.plaf.ComponentUI;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
 public class bug6657138 implements Runnable {
    private static Map<JComponent, Map<String, ComponentUI>> componentMap =
            Collections.synchronizedMap(
            new HashMap<JComponent, Map<String, ComponentUI>>());
    public void run() {
        SunToolkit.createNewAppContext();
        try {
            testUIMap();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
    private static void testUIMap() throws Exception {
        UIManager.LookAndFeelInfo[] lafs = UIManager.getInstalledLookAndFeels();
        Set<JComponent> components = componentMap.keySet();
        for (JComponent c : components) {
            Map<String, ComponentUI> uiMap = componentMap.get(c);
            for (UIManager.LookAndFeelInfo laf : lafs) {
                if ("Nimbus".equals(laf.getName())) {
                    // for some unclear reasons
                    // Nimbus ui delegate for a button is null
                    // when this method is called from the new AppContext
                    continue;
                }
                String className = laf.getClassName();
                UIManager.setLookAndFeel(className);
                ComponentUI ui = UIManager.getUI(c);
                if (ui == null) {
                    throw new RuntimeException("UI is null for " + c);
                }
                if (ui == uiMap.get(laf.getName())) {
                    throw new RuntimeException(
                            "Two AppContexts share the same UI delegate! \n" +
                                    c + "\n" + ui);
                }
                uiMap.put(laf.getName(), ui);
            }
        }
    }
    public static void main(String[] args) throws Exception {
        componentMap.put(new JButton("JButton"),
                new HashMap<String, ComponentUI>());
        componentMap.put(new JToggleButton("JToggleButton"),
                new HashMap<String, ComponentUI>());
        componentMap.put(new JRadioButton("JRadioButton"),
                new HashMap<String, ComponentUI>());
        componentMap.put(new JCheckBox("JCheckBox"),
                new HashMap<String, ComponentUI>());
        componentMap.put(new JCheckBox("JLabel"),
                new HashMap<String, ComponentUI>());
        testUIMap();
        ThreadGroup group = new ThreadGroup("6657138");
        Thread thread = new Thread(group, new bug6657138());
        thread.start();
        thread.join();
    }
 }
--- a/jdk/test/javax/swing/ToolTipManager/Test6657026.java
+++ b/jdk/test/javax/swing/ToolTipManager/Test6657026.java
@ -0,0 +1,74 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6657026
 * @summary Tests shared ToolTipManager in different application contexts
 * @author Sergey Malenkov
 */
 import sun.awt.SunToolkit;
 import javax.swing.ToolTipManager;
 public class Test6657026 implements Runnable {
    private static final int DISMISS = 4000;
    private static final int INITIAL = 750;
    private static final int RESHOW = 500;
    public static void main(String[] args) throws InterruptedException {
        ToolTipManager manager = ToolTipManager.sharedInstance();
        if (DISMISS != manager.getDismissDelay()) {
            throw new Error("unexpected dismiss delay");
        }
        if (INITIAL != manager.getInitialDelay()) {
            throw new Error("unexpected initial delay");
        }
        if (RESHOW != manager.getReshowDelay()) {
            throw new Error("unexpected reshow delay");
        }
        manager.setDismissDelay(DISMISS + 1);
        manager.setInitialDelay(INITIAL + 1);
        manager.setReshowDelay(RESHOW + 1);
        ThreadGroup group = new ThreadGroup("$$$");
        Thread thread = new Thread(group, new Test6657026());
        thread.start();
        thread.join();
    }
    public void run() {
        SunToolkit.createNewAppContext();
        ToolTipManager manager = ToolTipManager.sharedInstance();
        if (DISMISS != manager.getDismissDelay()) {
            throw new Error("shared dismiss delay");
        }
        if (INITIAL != manager.getInitialDelay()) {
            throw new Error("shared initial delay");
        }
        if (RESHOW != manager.getReshowDelay()) {
            throw new Error("shared reshow delay");
        }
    }
 }
--- a/jdk/test/javax/swing/UIManager/Test6657026.java
+++ b/jdk/test/javax/swing/UIManager/Test6657026.java
@ -0,0 +1,59 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6657026
 * @summary Tests shared UIManager in different application contexts
 * @author Sergey Malenkov
 */
 import sun.awt.SunToolkit;
 import javax.swing.UIManager;
 import javax.swing.UIManager.LookAndFeelInfo;
 public class Test6657026 implements Runnable {
    public static void main(String[] args) throws Exception {
        if (UIManager.getInstalledLookAndFeels().length == 0) {
            throw new Error("unexpected amount of look&feels");
        }
        UIManager.setInstalledLookAndFeels(new LookAndFeelInfo[0]);
        if (UIManager.getInstalledLookAndFeels().length != 0) {
            throw new Error("unexpected amount of look&feels");
        }
        ThreadGroup group = new ThreadGroup("$$$");
        Thread thread = new Thread(group, new Test6657026());
        thread.start();
        thread.join();
    }
    public void run() {
        SunToolkit.createNewAppContext();
        if (UIManager.getInstalledLookAndFeels().length == 0) {
            throw new Error("shared look&feels");
        }
    }
 }
--- a/jdk/test/javax/swing/plaf/basic/BasicSplitPaneUI/Test6657026.java
+++ b/jdk/test/javax/swing/plaf/basic/BasicSplitPaneUI/Test6657026.java
@ -0,0 +1,82 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6657026
 * @summary Tests shared BasicSplitPaneUI in different application contexts
 * @author Sergey Malenkov
 */
 import sun.awt.SunToolkit;
 import java.awt.event.ActionEvent;
 import java.util.Set;
 import javax.swing.JSplitPane;
 import javax.swing.plaf.basic.BasicSplitPaneUI;
 public class Test6657026 extends BasicSplitPaneUI implements Runnable {
    public static void main(String[] args) throws InterruptedException {
        if (new JSplitPane().getFocusTraversalKeys(0).isEmpty()){
            throw new Error("unexpected traversal keys");
        }
        new JSplitPane() {
            public void setFocusTraversalKeys(int id, Set keystrokes) {
                keystrokes.clear();
                super.setFocusTraversalKeys(id, keystrokes);
            }
        };
        if (new JSplitPane().getFocusTraversalKeys(0).isEmpty()) {
            throw new Error("shared traversal keys");
        }
        KEYBOARD_DIVIDER_MOVE_OFFSET = -KEYBOARD_DIVIDER_MOVE_OFFSET;
        ThreadGroup group = new ThreadGroup("$$$");
        Thread thread = new Thread(group, new Test6657026());
        thread.start();
        thread.join();
    }
    public void run() {
        SunToolkit.createNewAppContext();
        if (new JSplitPane().getFocusTraversalKeys(0).isEmpty()) {
            throw new Error("shared traversal keys");
        }
        JSplitPane pane = new JSplitPane();
        pane.setUI(this);
        createFocusListener().focusGained(null); // allows actions
        test(pane, "positiveIncrement", 3);
        test(pane, "negativeIncrement", 0);
    }
    private static void test(JSplitPane pane, String action, int expected) {
        ActionEvent event = new ActionEvent(pane, expected, action);
        pane.getActionMap().get(action).actionPerformed(event);
        int actual = pane.getDividerLocation();
        if (actual != expected) {
            throw new Error(actual + ", but expected " + expected);
        }
    }
 }
--- a/jdk/test/javax/swing/plaf/metal/MetalBorders/Test6657026.java
+++ b/jdk/test/javax/swing/plaf/metal/MetalBorders/Test6657026.java
@ -0,0 +1,91 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6657026
 * @summary Tests constancy of borders
 * @author Sergey Malenkov
 */
 import java.awt.Insets;
 import javax.swing.border.Border;
 import javax.swing.plaf.metal.MetalBorders.ButtonBorder;
 import javax.swing.plaf.metal.MetalBorders.MenuBarBorder;
 import javax.swing.plaf.metal.MetalBorders.MenuItemBorder;
 import javax.swing.plaf.metal.MetalBorders.PopupMenuBorder;
 public class Test6657026 {
    private static final Insets NEGATIVE = new Insets(Integer.MIN_VALUE,
                                                      Integer.MIN_VALUE,
                                                      Integer.MIN_VALUE,
                                                      Integer.MIN_VALUE);
    public static void main(String[] args) {
        new ButtonBorder() {{borderInsets = NEGATIVE;}};
        new MenuBarBorder() {{borderInsets = NEGATIVE;}};
        new MenuItemBorder() {{borderInsets = NEGATIVE;}};
        new PopupMenuBorder() {{borderInsets = NEGATIVE;}};
        test(create("ButtonBorder"));
        test(create("MenuBarBorder"));
        test(create("MenuItemBorder"));
        test(create("PopupMenuBorder"));
        test(create("Flush3DBorder"));
        test(create("InternalFrameBorder"));
        // NOT USED: test(create("FrameBorder"));
        // NOT USED: test(create("DialogBorder"));
        test(create("PaletteBorder"));
        test(create("OptionDialogBorder"));
        test(create("ScrollPaneBorder"));
    }
    private static Border create(String name) {
        try {
            name = "javax.swing.plaf.metal.MetalBorders$" + name;
            return (Border) Class.forName(name).newInstance();
        }
        catch (Exception exception) {
            throw new Error("unexpected exception", exception);
        }
    }
    private static void test(Border border) {
        Insets actual = border.getBorderInsets(null);
        if (NEGATIVE.equals(actual)) {
            throw new Error("unexpected insets in " + border.getClass());
        }
        Insets expected = (Insets) actual.clone();
        // modify
        actual.top++;
        actual.left++;
        actual.right++;
        actual.bottom++;
        // validate
        if (!expected.equals(border.getBorderInsets(null))) {
            throw new Error("shared insets in " + border.getClass());
        }
    }
 }
--- a/jdk/test/javax/swing/plaf/metal/MetalBumps/Test6657026.java
+++ b/jdk/test/javax/swing/plaf/metal/MetalBumps/Test6657026.java
@ -0,0 +1,238 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6657026
 * @summary Tests shared MetalBumps in different application contexts
 * @author Sergey Malenkov
 */
 import sun.awt.SunToolkit;
 import java.awt.Color;
 import java.awt.Component;
 import java.awt.Font;
 import java.awt.FontMetrics;
 import java.awt.Graphics;
 import java.awt.Image;
 import java.awt.Rectangle;
 import java.awt.Shape;
 import java.awt.image.BufferedImage;
 import java.awt.image.ImageObserver;
 import java.text.AttributedCharacterIterator;
 import javax.swing.Icon;
 import javax.swing.plaf.metal.MetalBorders.ToolBarBorder;
 public class Test6657026 extends ToolBarBorder implements Runnable {
    public static void main(String[] args) throws Exception {
        new Test6657026().test();
        ThreadGroup group = new ThreadGroup("$$$");
        Thread thread = new Thread(group, new Test6657026());
        thread.start();
        thread.join();
    }
    public void run() {
        SunToolkit.createNewAppContext();
        test();
    }
    private void test() {
        MyGraphics mg = new MyGraphics();
        Icon icon = bumps;
        icon.paintIcon(mg.component, mg, 0, 0);
        if (mg.image != null) {
            boolean failed = true;
            int value = mg.image.getRGB(0, 0);
            for (int x = 0; x < mg.image.getWidth(); x++) {
                for (int y = 0; y < mg.image.getHeight(); y++) {
                    int current = mg.image.getRGB(x, y);
                    if (current != value) {
                        mg.image.setRGB(x, y, value);
                        failed = false;
                    }
                }
            }
            if (failed) {
                throw new Error("shared metal bumps");
            }
        }
    }
    private static class MyGraphics extends Graphics {
        private final Component component = new Component() {};
        private BufferedImage image;
        public Graphics create() {
            return null;  // TODO: check
        }
        public void translate(int x, int y) {
            // TODO: check
        }
        public Color getColor() {
            return null;  // TODO: check
        }
        public void setColor(Color color) {
            // TODO: check
        }
        public void setPaintMode() {
            // TODO: check
        }
        public void setXORMode(Color c1) {
            // TODO: check
        }
        public Font getFont() {
            return null;  // TODO: check
        }
        public void setFont(Font font) {
            // TODO: check
        }
        public FontMetrics getFontMetrics(Font font) {
            return null;  // TODO: check
        }
        public Rectangle getClipBounds() {
            return null;  // TODO: check
        }
        public void clipRect(int x, int y, int width, int height) {
            // TODO: check
        }
        public void setClip(int x, int y, int width, int height) {
            // TODO: check
        }
        public Shape getClip() {
            return null;  // TODO: check
        }
        public void setClip(Shape clip) {
            // TODO: check
        }
        public void copyArea(int x, int y, int width, int height, int dx, int dy) {
            // TODO: check
        }
        public void drawLine(int x1, int y1, int x2, int y2) {
            // TODO: check
        }
        public void fillRect(int x, int y, int width, int height) {
            // TODO: check
        }
        public void clearRect(int x, int y, int width, int height) {
            // TODO: check
        }
        public void drawRoundRect(int x, int y, int width, int height, int arcWidth, int arcHeight) {
            // TODO: check
        }
        public void fillRoundRect(int x, int y, int width, int height, int arcWidth, int arcHeight) {
            // TODO: check
        }
        public void drawOval(int x, int y, int width, int height) {
            // TODO: check
        }
        public void fillOval(int x, int y, int width, int height) {
            // TODO: check
        }
        public void drawArc(int x, int y, int width, int height, int startAngle, int arcAngle) {
            // TODO: check
        }
        public void fillArc(int x, int y, int width, int height, int startAngle, int arcAngle) {
            // TODO: check
        }
        public void drawPolyline(int[] xPoints, int[] yPoints, int nPoints) {
            // TODO: check
        }
        public void drawPolygon(int[] xPoints, int[] yPoints, int nPoints) {
            // TODO: check
        }
        public void fillPolygon(int[] xPoints, int[] yPoints, int nPoints) {
            // TODO: check
        }
        public void drawString(String str, int x, int y) {
            // TODO: check
        }
        public void drawString(AttributedCharacterIterator iterator, int x, int y) {
            // TODO: check
        }
        public boolean drawImage(Image img, int x, int y, ImageObserver observer) {
            return false;  // TODO: check
        }
        public boolean drawImage(Image img, int x, int y, int width, int height, ImageObserver observer) {
            return false;  // TODO: check
        }
        public boolean drawImage(Image img, int x, int y, Color bgcolor, ImageObserver observer) {
            return false;  // TODO: check
        }
        public boolean drawImage(Image img, int x, int y, int width, int height, Color bgcolor, ImageObserver observer) {
            return false;  // TODO: check
        }
        public boolean drawImage(Image img, int dx1, int dy1, int dx2, int dy2, int sx1, int sy1, int sx2, int sy2, ImageObserver observer) {
            if (img instanceof BufferedImage) {
                this.image = (BufferedImage) img;
            }
            return false;  // TODO: check
        }
        public boolean drawImage(Image img, int dx1, int dy1, int dx2, int dy2, int sx1, int sy1, int sx2, int sy2, Color bgcolor, ImageObserver observer) {
            return false;  // TODO: check
        }
        public void dispose() {
            // TODO: check
        }
    }
 }
--- a/jdk/test/javax/swing/plaf/metal/MetalInternalFrameUI/Test6657026.java
+++ b/jdk/test/javax/swing/plaf/metal/MetalInternalFrameUI/Test6657026.java
@ -0,0 +1,60 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6657026
 * @summary Tests shared MetalInternalFrameUI in different application contexts
 * @author Sergey Malenkov
 */
 import sun.awt.SunToolkit;
 import javax.swing.JInternalFrame;
 import javax.swing.JPanel;
 import javax.swing.UIManager;
 import javax.swing.plaf.metal.MetalInternalFrameUI;
 import javax.swing.plaf.metal.MetalLookAndFeel;
 public class Test6657026 extends MetalInternalFrameUI implements Runnable {
    public static void main(String[] args) throws Exception {
        UIManager.setLookAndFeel(new MetalLookAndFeel());
        ThreadGroup group = new ThreadGroup("$$$");
        Thread thread = new Thread(group, new Test6657026());
        thread.start();
        thread.join();
        new JInternalFrame().setContentPane(new JPanel());
    }
    public Test6657026() {
        super(null);
    }
    public void run() {
        SunToolkit.createNewAppContext();
        IS_PALETTE = JInternalFrame.CONTENT_PANE_PROPERTY;
    }
 }
--- a/jdk/test/javax/swing/plaf/metal/MetalSliderUI/Test6657026.java
+++ b/jdk/test/javax/swing/plaf/metal/MetalSliderUI/Test6657026.java
@ -0,0 +1,67 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6657026
 * @summary Tests shared MetalSliderUI in different application contexts
 * @author Sergey Malenkov
 */
 import sun.awt.SunToolkit;
 import javax.swing.JSlider;
 import javax.swing.UIManager;
 import javax.swing.plaf.metal.MetalLookAndFeel;
 import javax.swing.plaf.metal.MetalSliderUI;
 public class Test6657026 extends MetalSliderUI implements Runnable {
    public static void main(String[] args) throws Exception {
        UIManager.setLookAndFeel(new MetalLookAndFeel());
        JSlider slider = new JSlider();
        test(slider);
        ThreadGroup group = new ThreadGroup("$$$");
        Thread thread = new Thread(group, new Test6657026());
        thread.start();
        thread.join();
        test(slider);
    }
    public void run() {
        SunToolkit.createNewAppContext();
        JSlider slider = new JSlider();
        test(slider);
        tickLength = -10000;
    }
    private static void test(JSlider slider) {
        MetalSliderUI ui = (MetalSliderUI) slider.getUI();
        int actual = ui.getTickLength();
        if (actual != 11) {
            throw new Error(actual + ", but expected 11");
        }
    }
 }
--- a/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilder.java
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilder.java
@ -0,0 +1,442 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /**
 * @test
 *
 * @bug 6861062
 * @summary Disable MD2 support
 *
 * @run main/othervm CPBuilder trustAnchor_SHA1withRSA_1024 0 true
 * @run main/othervm CPBuilder trustAnchor_SHA1withRSA_512  0 true
 * @run main/othervm CPBuilder intermediate_SHA1withRSA_1024_1024 1 true
 * @run main/othervm CPBuilder intermediate_SHA1withRSA_1024_512  1 true
 * @run main/othervm CPBuilder intermediate_SHA1withRSA_512_1024  1 true
 * @run main/othervm CPBuilder intermediate_SHA1withRSA_512_512  1 true
 * @run main/othervm CPBuilder intermediate_MD2withRSA_1024_1024  1 false
 * @run main/othervm CPBuilder intermediate_MD2withRSA_1024_512  1 false
 * @run main/othervm CPBuilder endentiry_SHA1withRSA_1024_1024  2 true
 * @run main/othervm CPBuilder endentiry_SHA1withRSA_1024_512  2 true
 * @run main/othervm CPBuilder endentiry_SHA1withRSA_512_1024  2 true
 * @run main/othervm CPBuilder endentiry_SHA1withRSA_512_512  2 true
 * @run main/othervm CPBuilder endentiry_MD2withRSA_1024_1024  2 false
 * @run main/othervm CPBuilder endentiry_MD2withRSA_1024_512  2 false
 *
 * @author Xuelei Fan
 */
 import java.io.*;
 import java.net.SocketException;
 import java.util.*;
 import java.security.Security;
 import java.security.cert.*;
 import sun.security.util.DerInputStream;
 public class CPBuilder {
    // SHA1withRSA 1024
    static String trustAnchor_SHA1withRSA_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
        "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
        "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
        "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
        "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
        "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
        "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
        "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
        "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
        "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
        "tas=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512
    static String trustAnchor_SHA1withRSA_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
        "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
        "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
        "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
        "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
        "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
        "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
        "U5r+8B9nzx+j2Zh3kw==\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 1024 signed with RSA 1024
    static String intermediate_SHA1withRSA_1024_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN\n" +
        "P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb\n" +
        "Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y\n" +
        "e4q7TSwe6QevGOZaL5N/iy2XGEs=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 1024 signed with RSA 512
    static String intermediate_SHA1withRSA_1024_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze\n" +
        "WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm\n" +
        "w6Dd\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512 signed with RSA 1024
    static String intermediate_SHA1withRSA_512_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
        "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
        "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
        "PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
        "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
        "CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY\n" +
        "h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG\n" +
        "LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512 signed with RSA 512
    static String intermediate_SHA1withRSA_512_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
        "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
        "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
        "PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
        "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
        "CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx\n" +
        "O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 1024 signed with RSA 1024
    static String intermediate_MD2withRSA_1024_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc\n" +
        "Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB\n" +
        "E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd\n" +
        "m8omKDKeCgcw5dR4ITQYvyxe1as=\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 1024 signed with RSA 512
    static String intermediate_MD2withRSA_1024_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy\n" +
        "0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx\n" +
        "KQdp\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 1024 signed with RSA 1024
    static String endentiry_SHA1withRSA_1024_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
        "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
        "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
        "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
        "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
        "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
        "9w0BAQUFAAOBgQAOfIeasDg91CR3jGfuAEVKwncM1OPFmniAUcdPm74cCAyJ90Me\n" +
        "dhUElWPGoAuXGfiyZlOlGUYWqEroe/dnkmnotJjLWR+MA4ZyX3O1YI8T4W3deWcC\n" +
        "J4WMCF7mp17SaYYKX9F0AxwNJFpUkbB41IkTxPr0MmzB1871/pbY8dLAvA==\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 1024 signed with RSA 512
    static String endentiry_SHA1withRSA_1024_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
        "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
        "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
        "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
        "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
        "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
        "9w0BAQUFAANBADV6X+ea0ftEKXy7yKNAbdIp35893T6AVwbdclomPkeOs86OtoTG\n" +
        "1BIzWSK9QE7W6Wbf63e2RdcqoLK+DxsuwUg=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512 signed with RSA 1024
    static String endentiry_SHA1withRSA_512_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
        "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
        "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
        "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
        "31g/ZkU6aXFAJVKhrrv0ebfAgeYwDQYJKoZIhvcNAQEFBQADgYEAUyW8PrEdbzLu\n" +
        "B+h6UemBOJ024rYq90hJE/5wUEKPvxZ9vPEUgl+io6cGhL3cLfxfh6z5xtEGp4Tb\n" +
        "NB0Ye3Qi01FBiNDY8s3rQRrmel6VysU8u+0Oi2jmQY6vZXn/zXN5rrTLITCaSicG\n" +
        "dOMv1xLM83Ee432WWlDwKOUxhzDGpWc=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512 signed with RSA 512
    static String endentiry_SHA1withRSA_512_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
        "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
        "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
        "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
        "N0CHiTYPtjyvpP2a6y6mhsZ6U40wDQYJKoZIhvcNAQEFBQADQQBG4grtrVEHick0\n" +
        "z/6Lcl/MGyHT0c8KTXE0AMVXG1NRjAicAmYno/yDaJ9OmfymObKZKV9fF7yCW/N/\n" +
        "TMU6m7N0\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 1024 signed with RSA 1024
    static String endentiry_MD2withRSA_1024_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
        "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
        "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
        "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
        "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
        "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
        "9w0BAQIFAAOBgQBxKsFf8NNQcXjDoKJJSG4Rk6ikcrhiGYuUI32+XHvs6hnav1Zc\n" +
        "aJUpy7J4gMj/MnysMh/4AF9+m6zEEjuisXKUbYZhgtJxz+ukGSo163mJ8QJiAlRb\n" +
        "Iwsy81r08mlSCR6jx2YhDAUxJIPC92R5Vb4CEutB7tWTwwz7vIHq330erA==\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 1024 signed with RSA 512
    static String endentiry_MD2withRSA_1024_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
        "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
        "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
        "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
        "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
        "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
        "9w0BAQIFAANBAIX63Ypi9P71RnC/pcMbhD+wekRFsTzU593X3MC7tyBJtEXwvAZG\n" +
        "iMxXF5A+ohlr7/CrkV7ZTL8PLxnJdY5Y8rQ=\n" +
        "-----END CERTIFICATE-----";
    static HashMap<String, String> certmap = new HashMap<String, String>();
    static {
        certmap.put("trustAnchor_SHA1withRSA_1024",
                                    trustAnchor_SHA1withRSA_1024);
        certmap.put("trustAnchor_SHA1withRSA_512",
                                    trustAnchor_SHA1withRSA_512);
        certmap.put("intermediate_SHA1withRSA_1024_1024",
                                    intermediate_SHA1withRSA_1024_1024);
        certmap.put("intermediate_SHA1withRSA_1024_512",
                                    intermediate_SHA1withRSA_1024_512);
        certmap.put("intermediate_SHA1withRSA_512_1024",
                                    intermediate_SHA1withRSA_512_1024);
        certmap.put("intermediate_SHA1withRSA_512_512",
                                    intermediate_SHA1withRSA_512_512);
        certmap.put("intermediate_MD2withRSA_1024_1024",
                                    intermediate_MD2withRSA_1024_1024);
        certmap.put("intermediate_MD2withRSA_1024_512",
                                    intermediate_MD2withRSA_1024_512);
        certmap.put("endentiry_SHA1withRSA_1024_1024",
                                    endentiry_SHA1withRSA_1024_1024);
        certmap.put("endentiry_SHA1withRSA_1024_512",
                                    endentiry_SHA1withRSA_1024_512);
        certmap.put("endentiry_SHA1withRSA_512_1024",
                                    endentiry_SHA1withRSA_512_1024);
        certmap.put("endentiry_SHA1withRSA_512_512",
                                    endentiry_SHA1withRSA_512_512);
        certmap.put("endentiry_MD2withRSA_1024_1024",
                                    endentiry_MD2withRSA_1024_1024);
        certmap.put("endentiry_MD2withRSA_1024_512",
                                    endentiry_MD2withRSA_1024_512);
    }
    private static Set<TrustAnchor> generateTrustAnchors()
            throws CertificateException {
        // generate certificate from cert string
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        HashSet<TrustAnchor> anchors = new HashSet<TrustAnchor>();
        ByteArrayInputStream is =
            new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes());
        Certificate cert = cf.generateCertificate(is);
        TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null);
        anchors.add(anchor);
        is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes());
        cert = cf.generateCertificate(is);
        anchor = new TrustAnchor((X509Certificate)cert, null);
        anchors.add(anchor);
        return anchors;
    }
    private static CertStore generateCertificateStore() throws Exception {
        Collection entries = new HashSet();
        // generate certificate from certificate string
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        for (String key : certmap.keySet()) {
            String certStr = certmap.get(key);
            ByteArrayInputStream is =
                        new ByteArrayInputStream(certStr.getBytes());;
            Certificate cert = cf.generateCertificate(is);
            entries.add(cert);
        }
        return CertStore.getInstance("Collection",
                            new CollectionCertStoreParameters(entries));
    }
    private static X509CertSelector generateSelector(String name)
                throws Exception {
        X509CertSelector selector = new X509CertSelector();
        String certStr = certmap.get(name);
        if (certStr == null) {
            return null;
        }
        // generate certificate from certificate string
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
        X509Certificate target = (X509Certificate)cf.generateCertificate(is);
        selector.setCertificate(target);
        return selector;
    }
    private static boolean match(String name, Certificate cert)
                throws Exception {
        X509CertSelector selector = new X509CertSelector();
        String certStr = certmap.get(name);
        if (certStr == null) {
            return false;
        }
        // generate certificate from certificate string
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
        X509Certificate target = (X509Certificate)cf.generateCertificate(is);
        return target.equals(cert);
    }
    public static void main(String args[]) throws Exception {
        CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
        X509CertSelector selector = generateSelector(args[0]);
        if (selector == null) {
            // no target certificate, ignore it
            return;
        }
        Set<TrustAnchor> anchors = generateTrustAnchors();
        CertStore certs = generateCertificateStore();
        PKIXBuilderParameters params =
                new PKIXBuilderParameters(anchors, selector);
        params.addCertStore(certs);
        params.setRevocationEnabled(false);
        params.setDate(new Date(109, 9, 1));   // 2009-09-01
        boolean success = Boolean.valueOf(args[2]);
        try {
            PKIXCertPathBuilderResult result =
                        (PKIXCertPathBuilderResult)builder.build(params);
            if (!success) {
                throw new Exception("expected algorithm disabled exception");
            }
            int length = Integer.parseInt(args[1]);
            List<? extends Certificate> path =
                                    result.getCertPath().getCertificates();
            if (length != path.size()) {
                throw new Exception("unexpected certification path length");
            }
            if (!path.isEmpty()) {    // the target is not a trust anchor
                if (!match(args[0], path.get(0))) {
                    throw new Exception("unexpected certificate");
                }
            }
        } catch (CertPathBuilderException cpbe) {
            if (success) {
                throw new Exception("unexpected exception");
            } else {
                System.out.println("Get the expected exception " + cpbe);
            }
        }
    }
 }
--- a/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorEndEntity.java
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorEndEntity.java
@ -0,0 +1,363 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /**
 * @test
 *
 * @bug 6861062
 * @summary Disable MD2 support
 *
 * @author Xuelei Fan
 */
 import java.io.*;
 import java.net.SocketException;
 import java.util.*;
 import java.security.Security;
 import java.security.cert.*;
 public class CPValidatorEndEntity {
    // SHA1withRSA 1024
    static String trustAnchor_SHA1withRSA_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
        "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
        "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
        "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
        "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
        "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
        "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
        "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
        "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
        "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
        "tas=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512
    static String trustAnchor_SHA1withRSA_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
        "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
        "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
        "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
        "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
        "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
        "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
        "U5r+8B9nzx+j2Zh3kw==\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 1024 signed with RSA 1024
    static String intermediate_SHA1withRSA_1024_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN\n" +
        "P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb\n" +
        "Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y\n" +
        "e4q7TSwe6QevGOZaL5N/iy2XGEs=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 1024 signed with RSA 512
    static String intermediate_SHA1withRSA_1024_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze\n" +
        "WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm\n" +
        "w6Dd\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512 signed with RSA 1024
    static String intermediate_SHA1withRSA_512_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
        "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
        "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
        "PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
        "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
        "CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY\n" +
        "h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG\n" +
        "LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512 signed with RSA 512
    static String intermediate_SHA1withRSA_512_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
        "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
        "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
        "PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
        "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
        "CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx\n" +
        "O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 1024 signed with RSA 1024
    static String intermediate_MD2withRSA_1024_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc\n" +
        "Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB\n" +
        "E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd\n" +
        "m8omKDKeCgcw5dR4ITQYvyxe1as=\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 1024 signed with RSA 512
    static String intermediate_MD2withRSA_1024_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy\n" +
        "0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx\n" +
        "KQdp\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 1024 signed with RSA 1024
    static String endentiry_SHA1withRSA_1024_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
        "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
        "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
        "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
        "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
        "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
        "9w0BAQUFAAOBgQAOfIeasDg91CR3jGfuAEVKwncM1OPFmniAUcdPm74cCAyJ90Me\n" +
        "dhUElWPGoAuXGfiyZlOlGUYWqEroe/dnkmnotJjLWR+MA4ZyX3O1YI8T4W3deWcC\n" +
        "J4WMCF7mp17SaYYKX9F0AxwNJFpUkbB41IkTxPr0MmzB1871/pbY8dLAvA==\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 1024 signed with RSA 512
    static String endentiry_SHA1withRSA_1024_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
        "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
        "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
        "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
        "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
        "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
        "9w0BAQUFAANBADV6X+ea0ftEKXy7yKNAbdIp35893T6AVwbdclomPkeOs86OtoTG\n" +
        "1BIzWSK9QE7W6Wbf63e2RdcqoLK+DxsuwUg=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512 signed with RSA 1024
    static String endentiry_SHA1withRSA_512_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
        "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
        "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
        "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
        "31g/ZkU6aXFAJVKhrrv0ebfAgeYwDQYJKoZIhvcNAQEFBQADgYEAUyW8PrEdbzLu\n" +
        "B+h6UemBOJ024rYq90hJE/5wUEKPvxZ9vPEUgl+io6cGhL3cLfxfh6z5xtEGp4Tb\n" +
        "NB0Ye3Qi01FBiNDY8s3rQRrmel6VysU8u+0Oi2jmQY6vZXn/zXN5rrTLITCaSicG\n" +
        "dOMv1xLM83Ee432WWlDwKOUxhzDGpWc=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512 signed with RSA 512
    static String endentiry_SHA1withRSA_512_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
        "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
        "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
        "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
        "N0CHiTYPtjyvpP2a6y6mhsZ6U40wDQYJKoZIhvcNAQEFBQADQQBG4grtrVEHick0\n" +
        "z/6Lcl/MGyHT0c8KTXE0AMVXG1NRjAicAmYno/yDaJ9OmfymObKZKV9fF7yCW/N/\n" +
        "TMU6m7N0\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 1024 signed with RSA 1024
    static String endentiry_MD2withRSA_1024_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
        "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
        "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
        "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
        "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
        "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
        "9w0BAQIFAAOBgQBxKsFf8NNQcXjDoKJJSG4Rk6ikcrhiGYuUI32+XHvs6hnav1Zc\n" +
        "aJUpy7J4gMj/MnysMh/4AF9+m6zEEjuisXKUbYZhgtJxz+ukGSo163mJ8QJiAlRb\n" +
        "Iwsy81r08mlSCR6jx2YhDAUxJIPC92R5Vb4CEutB7tWTwwz7vIHq330erA==\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 1024 signed with RSA 512
    static String endentiry_MD2withRSA_1024_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
        "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
        "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
        "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
        "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
        "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
        "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
        "9w0BAQIFAANBAIX63Ypi9P71RnC/pcMbhD+wekRFsTzU593X3MC7tyBJtEXwvAZG\n" +
        "iMxXF5A+ohlr7/CrkV7ZTL8PLxnJdY5Y8rQ=\n" +
        "-----END CERTIFICATE-----";
    private static CertPath generateCertificatePath(String castr,
            String eestr) throws CertificateException {
        // generate certificate from cert strings
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream is;
        is = new ByteArrayInputStream(castr.getBytes());
        Certificate cacert = cf.generateCertificate(is);
        is = new ByteArrayInputStream(eestr.getBytes());
        Certificate eecert = cf.generateCertificate(is);
        // generate certification path
        List<Certificate> list = Arrays.asList(new Certificate[] {
                        eecert, cacert});
        return cf.generateCertPath(list);
    }
    private static Set<TrustAnchor> generateTrustAnchors()
            throws CertificateException {
        // generate certificate from cert string
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        HashSet<TrustAnchor> anchors = new HashSet<TrustAnchor>();
        ByteArrayInputStream is =
            new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes());
        Certificate cert = cf.generateCertificate(is);
        TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null);
        anchors.add(anchor);
        is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes());
        cert = cf.generateCertificate(is);
        anchor = new TrustAnchor((X509Certificate)cert, null);
        anchors.add(anchor);
        return anchors;
    }
    public static void main(String args[]) throws Exception {
        try {
            validate(endentiry_SHA1withRSA_1024_1024,
                                    intermediate_SHA1withRSA_1024_1024);
            validate(endentiry_SHA1withRSA_1024_512,
                                    intermediate_SHA1withRSA_512_1024);
            validate(endentiry_SHA1withRSA_512_1024,
                                    intermediate_SHA1withRSA_1024_1024);
            validate(endentiry_SHA1withRSA_512_512,
                                    intermediate_SHA1withRSA_512_1024);
        } catch (CertPathValidatorException cpve) {
            throw new Exception(
                "unexpect exception, it is valid cert", cpve);
        }
        try {
            validate(endentiry_MD2withRSA_1024_1024,
                                    intermediate_SHA1withRSA_1024_1024);
            throw new Exception("expected algorithm disabled exception");
        } catch (CertPathValidatorException cpve) {
            System.out.println("Get the expected exception " + cpve);
        }
        try {
            validate(endentiry_MD2withRSA_1024_512,
                                    intermediate_SHA1withRSA_512_1024);
            throw new Exception("expected algorithm disabled exception");
        } catch (CertPathValidatorException cpve) {
            System.out.println("Get the expected exception " + cpve);
        }
    }
    private static void validate(String eecert, String cacert)
            throws CertPathValidatorException, Exception {
        CertPath path = generateCertificatePath(cacert, eecert);
        Set<TrustAnchor> anchors = generateTrustAnchors();
        PKIXParameters params = new PKIXParameters(anchors);
        // disable certificate revocation checking
        params.setRevocationEnabled(false);
        // set the validation time
        params.setDate(new Date(109, 9, 1));   // 2009-09-01
        CertPathValidator validator = CertPathValidator.getInstance("PKIX");
        validator.validate(path, params);
    }
 }
--- a/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorIntermediate.java
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorIntermediate.java
@ -0,0 +1,256 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /**
 * @test
 *
 * @bug 6861062
 * @summary Disable MD2 support
 *
 * @author Xuelei Fan
 */
 import java.io.*;
 import java.net.SocketException;
 import java.util.*;
 import java.security.Security;
 import java.security.cert.*;
 public class CPValidatorIntermediate {
    // SHA1withRSA 1024
    static String trustAnchor_SHA1withRSA_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
        "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
        "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
        "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
        "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
        "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
        "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
        "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
        "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
        "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
        "tas=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512
    static String trustAnchor_SHA1withRSA_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
        "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
        "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
        "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
        "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
        "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
        "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
        "U5r+8B9nzx+j2Zh3kw==\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 1024 signed with RSA 1024
    static String intermediate_SHA1withRSA_1024_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN\n" +
        "P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb\n" +
        "Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y\n" +
        "e4q7TSwe6QevGOZaL5N/iy2XGEs=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 1024 signed with RSA 512
    static String intermediate_SHA1withRSA_1024_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze\n" +
        "WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm\n" +
        "w6Dd\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512 signed with RSA 1024
    static String intermediate_SHA1withRSA_512_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
        "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
        "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
        "PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
        "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
        "CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY\n" +
        "h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG\n" +
        "LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512 signed with RSA 512
    static String intermediate_SHA1withRSA_512_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
        "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
        "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
        "PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
        "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
        "CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx\n" +
        "O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 1024 signed with RSA 1024
    static String intermediate_MD2withRSA_1024_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc\n" +
        "Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB\n" +
        "E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd\n" +
        "m8omKDKeCgcw5dR4ITQYvyxe1as=\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 1024 signed with RSA 512
    static String intermediate_MD2withRSA_1024_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
        "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
        "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
        "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
        "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy\n" +
        "0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx\n" +
        "KQdp\n" +
        "-----END CERTIFICATE-----";
    private static CertPath generateCertificatePath(String certStr)
            throws CertificateException {
        // generate certificate from cert strings
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream is;
        is = new ByteArrayInputStream(certStr.getBytes());
        Certificate cert = cf.generateCertificate(is);
        // generate certification path
        List<Certificate> list = Arrays.asList(new Certificate[] {cert});
        return cf.generateCertPath(list);
    }
    private static Set<TrustAnchor> generateTrustAnchors()
            throws CertificateException {
        // generate certificate from cert string
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        HashSet<TrustAnchor> anchors = new HashSet<TrustAnchor>();
        ByteArrayInputStream is =
            new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes());
        Certificate cert = cf.generateCertificate(is);
        TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null);
        anchors.add(anchor);
        is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes());
        cert = cf.generateCertificate(is);
        anchor = new TrustAnchor((X509Certificate)cert, null);
        anchors.add(anchor);
        return anchors;
    }
    public static void main(String args[]) throws Exception {
        try {
            validate(intermediate_SHA1withRSA_1024_1024);
            validate(intermediate_SHA1withRSA_1024_512);
            validate(intermediate_SHA1withRSA_512_1024);
            validate(intermediate_SHA1withRSA_512_512);
        } catch (CertPathValidatorException cpve) {
            throw new Exception(
                "unexpect exception, it is valid cert", cpve);
        }
        try {
            validate(intermediate_MD2withRSA_1024_1024);
            throw new Exception("expected algorithm disabled exception");
        } catch (CertPathValidatorException cpve) {
            System.out.println("Get the expected exception " + cpve);
        }
        try {
            validate(intermediate_MD2withRSA_1024_512);
            throw new Exception("expected algorithm disabled exception");
        } catch (CertPathValidatorException cpve) {
            System.out.println("Get the expected exception " + cpve);
        }
    }
    private static void validate(String intermediate)
            throws CertPathValidatorException, Exception {
        CertPath path = generateCertificatePath(intermediate);
        Set<TrustAnchor> anchors = generateTrustAnchors();
        PKIXParameters params = new PKIXParameters(anchors);
        // disable certificate revocation checking
        params.setRevocationEnabled(false);
        // set the validation time
        params.setDate(new Date(109, 9, 1));   // 2009-09-01
        CertPathValidator validator = CertPathValidator.getInstance("PKIX");
        validator.validate(path, params);
    }
 }
--- a/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorTrustAnchor.java
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorTrustAnchor.java
@ -0,0 +1,169 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /**
 * @test
 *
 * @bug 6861062
 * @summary Disable MD2 support
 *
 * @author Xuelei Fan
 */
 import java.io.*;
 import java.net.SocketException;
 import java.util.*;
 import java.security.Security;
 import java.security.cert.*;
 public class CPValidatorTrustAnchor {
    static String selfSignedCertStr = null;
    // SHA1withRSA 1024
    static String trustAnchor_SHA1withRSA_1024 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
        "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
        "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
        "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
        "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
        "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
        "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
        "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
        "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
        "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
        "tas=\n" +
        "-----END CERTIFICATE-----";
    // SHA1withRSA 512
    static String trustAnchor_SHA1withRSA_512 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
        "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
        "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
        "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
        "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
        "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
        "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
        "U5r+8B9nzx+j2Zh3kw==\n" +
        "-----END CERTIFICATE-----";
    // MD2withRSA 2048
    static String trustAnchor_MD2withRSA_2048 =
        "-----BEGIN CERTIFICATE-----\n" +
        "MIIDQzCCAiugAwIBAgIBADANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
        "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDdaFw0zMDA3MTcwMTExNDda\n" +
        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIIBIjANBgkqhkiG9w0B\n" +
        "AQEFAAOCAQ8AMIIBCgKCAQEArF5pINc5s+aUlmdYlxtAQ3V4TXFnP/XOYHxjfLuX\n" +
        "eKO/kh78LMvbDisTPQ2yo9YEawwwbUU40xcuzgi0axXgKveHXYdUmTr0hEapq3rv\n" +
        "g/q2EbOjyXvq4qK2RDoVCN8R3wXiytnY2OFALTx6zc2tW4imJ20svdNVtWhv2syj\n" +
        "ZTmmRXAeFUbD4qKWAFij0I6pnSgVssvWzeyJUNemym+oiYyaSd7n5j1RNAqUKioo\n" +
        "K/T0FOOiuPGMqottgx5YRHa6yapCP5QVWRQ+WBIYJY3Wyq7N+Es20LT6761Pk3to\n" +
        "EFCzM7+zqT/c+pC079HOKXz+m2us+HKp5BKWNnbvgaYPOQIDAQABo4GJMIGGMB0G\n" +
        "A1UdDgQWBBSrSukJf+mO5LTRasAGD9RRs7SASTBHBgNVHSMEQDA+gBSrSukJf+mO\n" +
        "5LTRasAGD9RRs7SASaEjpCEwHzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1w\n" +
        "bGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEC\n" +
        "BQADggEBAHvsv+DqMJeIW/D+ltkhw37OdMzkMPp4E6Hbp03O3GZ5LfNGczHCb2uL\n" +
        "sr5T7e/jaBFn6QfmqbOAYAHJSNq2bNNtTbatnHBLuVx13cfxmwk89Cg/tFeoUdcf\n" +
        "m5hzurB6Ub6SsYMOxZHUYp/KxM9x9a7llC1bK3SKXwd4rVDlXh8DOBvdQNr5Q3yq\n" +
        "JjY86bSXO14VzNxL/1rqHiszQdPyR/28SBsQVYSi0Zeyc4Yy1ui/cXu1+PWYw3YZ\n" +
        "QUPHTnkVdPGwRiUqeZIcps+q+ePlQQmDu5qiLD6d8gsyGyY/RvCHWKO5Y9DuX9hs\n" +
        "he/AhCWQx+TQYGLu0liQqLkGZydyRnA=\n" +
        "-----END CERTIFICATE-----";
    private static CertPath generateCertificatePath()
            throws CertificateException {
        // generate certificate from cert strings
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream is;
        is = new ByteArrayInputStream(selfSignedCertStr.getBytes());
        Certificate selfSignedCert = cf.generateCertificate(is);
        // generate certification path
        List<Certificate> list = Arrays.asList(new Certificate[] {
                        selfSignedCert});
        return cf.generateCertPath(list);
    }
    private static Set<TrustAnchor> generateTrustAnchors()
            throws CertificateException {
        // generate certificate from cert string
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream is =
                    new ByteArrayInputStream(selfSignedCertStr.getBytes());
        Certificate selfSignedCert = cf.generateCertificate(is);
        // generate a trust anchor
        TrustAnchor anchor =
            new TrustAnchor((X509Certificate)selfSignedCert, null);
        return Collections.singleton(anchor);
    }
    public static void main(String args[]) throws Exception {
        try {
            validate(trustAnchor_SHA1withRSA_1024);
            validate(trustAnchor_SHA1withRSA_512);
        } catch (CertPathValidatorException cpve) {
            throw new Exception(
                "unexpect exception, it is valid cert", cpve);
        }
        try {
            validate(trustAnchor_MD2withRSA_2048);
            throw new Exception("expected algorithm disabled exception");
        } catch (CertPathValidatorException cpve) {
            System.out.println("Get the expected exception " + cpve);
        }
    }
    private static void validate(String trustAnchor)
            throws CertPathValidatorException, Exception {
        selfSignedCertStr = trustAnchor;
        CertPath path = generateCertificatePath();
        Set<TrustAnchor> anchors = generateTrustAnchors();
        PKIXParameters params = new PKIXParameters(anchors);
        // disable certificate revocation checking
        params.setRevocationEnabled(false);
        // set the validation time
        params.setDate(new Date(109, 9, 1));   // 2009-09-01
        CertPathValidator validator = CertPathValidator.getInstance("PKIX");
        validator.validate(path, params);
    }
 }
--- a/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/README
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/README
@ -0,0 +1,640 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
                  Certificates and CRLs
 Here lists the Certificates, which was generated by generate.sh, used in the
 test cases.
 The generate.sh depends on openssl, and it should be run under ksh. The
 script will create many directories and files, please run it in a
 directory outside of JDK workspace.
 1. root certifiate and key (SHA1withRSA 1024, root_cert_sha1_1024.pem)
 -----BEGIN CERTIFICATE-----
 MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa
 MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB
 AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH
 E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd
 rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID
 AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME
 QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO
 BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw
 DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z
 Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+
 UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc
 tas=
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,DF5249E009A0FD79
 rc316yLipp/vH0i6rhEbEwZpZ+HfKIXnnp/bIIZv2+4lyGUDWrxN0Hk0TcSgWEKm
 dRGI2fsyWjTgaiHwwmusofXPAjB3s0I2rUUAHXk8/sEuiLLTICx2UAL8k6R33CSQ
 NKR8t+TluBW3Us71vibWauuMHa5860KiiLWdhkQVLin7m/JBGLtz0zQ0/lZ8CgEm
 p7eDupPi8FBClCyVewdpmKjgI2KPI4fVIZLMzLeGcWLaOQPN1ERcFWQ1CS/qjfMb
 F4rtpZ+AzCqP75XPhitT2CnZgaVDxHBtAZQVPuKONMdijKphjqiT/Sd86Gx6OEVE
 EwwmQya2Q/5aCuH96S00mj00oeIZ7ZtUcVQcch+saJy4vpuxK8pFcEDKmgsvL9+8
 Hho9RUXVUKRH67uA1NjQSK5+syEIj5sJCDcxOda4QGXeIq9ygaZswxF3nfvffrsa
 S6IVBXrx0G+Ascu29SHoI+zi3feQszQJIzijHoTTq6FacLHUWzfVuaYa47uaj5qa
 VYsMVCzi1eX486o7YKPKWiclNczQN86v5n9+c9uggXY12wSOmnf6BB1Ds+oL8JlU
 IZa67lAyg6G9joAb9rTXN2EE5OTArcFuImK8GHse/3wkIPMglBNnfwpvjC1U+vQm
 F7iXp+OxnZ5d9sBcrTBEZ9BDlTVlpiZI7EeS1oC8x6DDTdbJR/40Y3wJIDMI9q9T
 O5EnyXqbmQziO0Tgal43w6mMTUnhG34kqovwxy03mAOZb3yz/RgWlez9wQmPseiI
 2p2fQIjCPbGFNJt3rdyXOW/BRCii0970HEZeov/TVV/A0vUVajNAjA==
 -----END RSA PRIVATE KEY-----
 2. root certifiate and key (SHA1withRSA 512, root_cert_sha1_512.pem)
 -----BEGIN CERTIFICATE-----
 MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa
 MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB
 BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv
 7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU
 g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ
 5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G
 A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b
 FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia
 U5r+8B9nzx+j2Zh3kw==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,B8BDE38F08C6BB76
 eJzx2oZE0UXxWpzssSWtKBOCbm3ZXR6iBKX8iKoDUB5SzzmKr+XzxI7kyv92y0pe
 rNTuuCWpBsLdlz7h8Ipn4pBDYswGU5F9MQOEgIYx60OvGhZODHGRzJ05FXTeCmmu
 LLp6lGW4SWALcd8g/gJUn1/vp7f1VzQ7RwXWBn4/b34RRYtwr3E6nl4Hc2tEI1in
 OL+lCdAAyxjGK7KYFHJQK+1E8tYNrer3cejQDcNysGx4o0H123vfp3NtJ6U7LXyi
 D21y3zmPueJos8LluJiLRsONcrcI3mIfpPBsO+Yl2EJtzS9V6Aaq/YdPkwPHH6Y5
 lazGMPXq/nffb12fWLL7m5aFb3FNLwWi/qwEynWCEv7Vl/6kLk+aHhjTnYkLvLNH
 9maQFn6j0S3wqogRfW9BDbfC3fRHP6+8YjEEmQ0RTfE=
 -----END RSA PRIVATE KEY-----
 3. root certifiate and key (MD2withRSA 2048, root_cert_md2_2048.pem)
 -----BEGIN CERTIFICATE-----
 MIIDQzCCAiugAwIBAgIBADANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDdaFw0zMDA3MTcwMTExNDda
 MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIIBIjANBgkqhkiG9w0B
 AQEFAAOCAQ8AMIIBCgKCAQEArF5pINc5s+aUlmdYlxtAQ3V4TXFnP/XOYHxjfLuX
 eKO/kh78LMvbDisTPQ2yo9YEawwwbUU40xcuzgi0axXgKveHXYdUmTr0hEapq3rv
 g/q2EbOjyXvq4qK2RDoVCN8R3wXiytnY2OFALTx6zc2tW4imJ20svdNVtWhv2syj
 ZTmmRXAeFUbD4qKWAFij0I6pnSgVssvWzeyJUNemym+oiYyaSd7n5j1RNAqUKioo
 K/T0FOOiuPGMqottgx5YRHa6yapCP5QVWRQ+WBIYJY3Wyq7N+Es20LT6761Pk3to
 EFCzM7+zqT/c+pC079HOKXz+m2us+HKp5BKWNnbvgaYPOQIDAQABo4GJMIGGMB0G
 A1UdDgQWBBSrSukJf+mO5LTRasAGD9RRs7SASTBHBgNVHSMEQDA+gBSrSukJf+mO
 5LTRasAGD9RRs7SASaEjpCEwHzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1w
 bGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEC
 BQADggEBAHvsv+DqMJeIW/D+ltkhw37OdMzkMPp4E6Hbp03O3GZ5LfNGczHCb2uL
 sr5T7e/jaBFn6QfmqbOAYAHJSNq2bNNtTbatnHBLuVx13cfxmwk89Cg/tFeoUdcf
 m5hzurB6Ub6SsYMOxZHUYp/KxM9x9a7llC1bK3SKXwd4rVDlXh8DOBvdQNr5Q3yq
 JjY86bSXO14VzNxL/1rqHiszQdPyR/28SBsQVYSi0Zeyc4Yy1ui/cXu1+PWYw3YZ
 QUPHTnkVdPGwRiUqeZIcps+q+ePlQQmDu5qiLD6d8gsyGyY/RvCHWKO5Y9DuX9hs
 he/AhCWQx+TQYGLu0liQqLkGZydyRnA=
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,3910D329AD49ECFC
 6K0OU3Xrl2H6kz7x7EHXkM0/Wd6jXBBwWsaroUIGnbIMmljJXPfgcuDUu6f5Imk1
 ndoU0GWjxa1QNjteAQQtFoLDP8rienLs0b969OcAxB0EOffQFkEfsfXdyEIgdwkD
 ETczwDIyd8Wj62ClydJES3jKB9Nc9kMIlsoZ+h24TyJeeRsHAtMrz+mlOHsUWDQ5
 FyYZelnx+fQ5maD3bura7xLiNl8CvgWz0wt2Wt4djdMGhQ3OWd0/GWweP+2xnL6n
 5tDJ5On50+Z5T8Jhx62yg+wQiBKAYnYw6OX3skJwWknuAvYz3Z3e12DHFx6w5EAU
 K7lg7fHMqHNirUkJOlYzgJ21ybV4uQmFRNQJwI9h6GVfdZWPEU+Ni42AlNgNYskF
 K19dONNNt0Gwkcm2VOYzwYGDyaQW2YIGDk1fbZdVSu/h/lyOC/RmorGWroAbYsyB
 /GUIilcLtQHPGI8XuojTS2/UWcKactpceN3UOnQkus3/smViEqqB/NQ/lcozgs0o
 7ZG6H6to7w1yb5VR2d7B2bS7MNJt1AsOB5ydAMYIccdHDTI7CfRK6axQ70O/JPnJ
 WLY2e41ig2uAWk/3fRb8L6d3keVcN7y4WnkXPbHhulqtxQo78iSQQAf7tDMBxWKx
 C5LQW3CxLkHKp6g22SDxl2LjJyu5nDbtIh3Pq+BCoA25uqXC4rPoWwV7EWYv8Z+Y
 E6dS98SEa+cDhpllvGzbTKgcP1VqtQbb9VT92UT1mFrklqRuQIxROeCe4wjp5TKo
 D2losUDdzpqBHkBNo2I8qZkgybeCvWEq73my2+JG1AAIFFB1kzfBNaBDGiGSuUuS
 5peV8156aaLg5pxdieoRJ3Y7eaWN1wH5CnRnafoB+lxSUsQO1a7y2LbpedrKjs+2
 AryPHQw7HLd8IQevmvd7BhJLdvlt+kXzWID/pUsSAYvI7aP4daQJuAt/kwmU27Gd
 wqhV8Tjbb84vFGmqGHtb2YbKfUrsPUNOLBF+U4SDAgBhEyhINQZyRDcqqoywO5Dr
 sV46nTEfwAgt88KFt2CEhiyvoJbtCj1iMJeAzuljwF4z4RzB1i3TK0MaJYID2rxB
 E1vK9EZIssk/NeImN2YCbuqOhU58jtOwYh3ruS+mZQm1APvJF9N4tCCVQsjWC6zY
 4eqs7T6VDFH4AaT7b3J3rTsEpWIDUfagetZs5kR9SiWJC7dU7r53gGg4avVyIIHD
 +MYCS+auD9/nmVf4iYstVgJFMUJXC2EUOLi0r8KmDkCILl/K3X/W7QwFTnC07gLh
 /9HjWFJ0R6cyODzvE8NGPMeuJGUT2F+mA1vaAC/PBGz+61AF0BjWTZ7x2sH+tSPP
 /GVEaCgyzrKRX5XX+7DulTcmFj1JNfMmtbDaJa9WnwOI4qszBGrAcYeYTHXR6Yov
 Ux/P6RStfa+UwSjo8i3nfdgLk+RXCpN0srMjSmiQx8d5R/kISqXKDtQfS5M6gsoh
 ROz+6zZP8Gh8yakr1p4C6JUSiLDYP5qXzxr8bp+oxvpY7anEDAqx21HyExEAu+gy
 IrNl75FWqV8BbKxoFfe9LqyDaryXXA8oy6F+4BT/zRrxp+dym9pbd+OZR423BIij
 -----END RSA PRIVATE KEY-----
 4. subca certificate and key (SHA1withRSA 1024, root_cert_sha1_1024.pem signed)
 -----BEGIN CERTIFICATE-----
 MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha
 MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
 cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
 BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
 bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
 AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
 UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw
 HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
 AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN
 P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb
 Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y
 e4q7TSwe6QevGOZaL5N/iy2XGEs=
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,0480E76FD259323B
 npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
 LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
 yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
 5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
 FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
 W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
 4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
 Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
 UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
 mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
 eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
 6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
 GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
 -----END RSA PRIVATE KEY-----
 5. subca certificate and key (SHA1withRSA 1024, root_cert_sha1_512.pem signed)
 -----BEGIN CERTIFICATE-----
 MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
 MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
 cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
 BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
 bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
 AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
 UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw
 HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
 AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze
 WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm
 w6Dd
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,0480E76FD259323B
 npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
 LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
 yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
 5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
 FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
 W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
 4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
 Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
 UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
 mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
 eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
 6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
 GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
 -----END RSA PRIVATE KEY-----
 6. subca certificate and key (SHA1withRSA 512, root_cert_sha1_1024.pem signed)
 -----BEGIN CERTIFICATE-----
 MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
 MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
 cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV
 lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA
 AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw
 PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD
 VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G
 CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY
 h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG
 LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,0A94F7EA4C89CA33
 tfKdAZVSrpeS/hU4+mGYcGGx3nNqrE+CzDAfLadVuXz5ju5p9oFhLTZj99wK+uHn
 prrWmDNOdYKRBJn7h40WV6zi4lR3JgnuYNxH8fxO3PI+HQ9IuvdoTyqUeXTP4Zj1
 BCnr1k1D2WGDXvnh+saq9qRpMKThjK/OF0YmDa07PI5NOBdMA3EmkNYfwib2GfBV
 el4FVkfnPQkLGahTh3SC62TzPlnsAgirCeua7ZLPqN3fkZkYbXZd9op2D31n7cBP
 zztg0ah8WF4gPOd/BBZeR9XDog5qm/wzyBj0F6ClHRPjpGYhAm2Vw66xOBlGFYI9
 lVmFQzrPcDNlFTybzhl5C6Qy4cPQh+QErDWxljVI52oYYmY/KRmUGGL7hEG8ZGOn
 EUgFrEJyAY7w4wpBC5n9SotwyPXhwKQ1uCBq+1zElPw=
 -----END RSA PRIVATE KEY-----
 7. subca certificate and key (SHA1withRSA 512, root_cert_sha1_512.pem signed)
 -----BEGIN CERTIFICATE-----
 MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
 MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
 cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV
 lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA
 AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw
 PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD
 VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G
 CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx
 O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,0A94F7EA4C89CA33
 tfKdAZVSrpeS/hU4+mGYcGGx3nNqrE+CzDAfLadVuXz5ju5p9oFhLTZj99wK+uHn
 prrWmDNOdYKRBJn7h40WV6zi4lR3JgnuYNxH8fxO3PI+HQ9IuvdoTyqUeXTP4Zj1
 BCnr1k1D2WGDXvnh+saq9qRpMKThjK/OF0YmDa07PI5NOBdMA3EmkNYfwib2GfBV
 el4FVkfnPQkLGahTh3SC62TzPlnsAgirCeua7ZLPqN3fkZkYbXZd9op2D31n7cBP
 zztg0ah8WF4gPOd/BBZeR9XDog5qm/wzyBj0F6ClHRPjpGYhAm2Vw66xOBlGFYI9
 lVmFQzrPcDNlFTybzhl5C6Qy4cPQh+QErDWxljVI52oYYmY/KRmUGGL7hEG8ZGOn
 EUgFrEJyAY7w4wpBC5n9SotwyPXhwKQ1uCBq+1zElPw=
 -----END RSA PRIVATE KEY-----
 8. subca certificate and key (MD2withRSA 1024, root_cert_sha1_1024.pem signed)
 -----BEGIN CERTIFICATE-----
 MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
 MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
 cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
 BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
 bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
 AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
 UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw
 HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
 AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc
 Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB
 E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd
 m8omKDKeCgcw5dR4ITQYvyxe1as=
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,0480E76FD259323B
 npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
 LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
 yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
 5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
 FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
 W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
 4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
 Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
 UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
 mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
 eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
 6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
 GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
 -----END RSA PRIVATE KEY-----
 9. subca certificate and key (MD2withRSA 1024, root_cert_sha1_512.pem signed)
 -----BEGIN CERTIFICATE-----
 MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
 MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
 cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
 BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
 bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
 AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
 UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw
 HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
 AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy
 0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx
 KQdp
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,0480E76FD259323B
 npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
 LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
 yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
 5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
 FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
 W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
 4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
 Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
 UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
 mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
 eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
 6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
 GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
 -----END RSA PRIVATE KEY-----
 a. end entity certificate and key
            (SHA1withRSA 1024, subca_cert_sha1_1024_1024.pem signed)
 -----BEGIN CERTIFICATE-----
 MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
 NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
 cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
 9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
 vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
 z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
 c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
 OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG
 9w0BAQUFAAOBgQAOfIeasDg91CR3jGfuAEVKwncM1OPFmniAUcdPm74cCAyJ90Me
 dhUElWPGoAuXGfiyZlOlGUYWqEroe/dnkmnotJjLWR+MA4ZyX3O1YI8T4W3deWcC
 J4WMCF7mp17SaYYKX9F0AxwNJFpUkbB41IkTxPr0MmzB1871/pbY8dLAvA==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
 042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
 Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
 8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
 NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
 pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
 XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
 ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
 HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
 4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
 CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
 DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
 +Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
 eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
 -----END RSA PRIVATE KEY-----
 b. end entity certificate and key
            (SHA1withRSA 1024, subca_cert_sha1_512_1024.pem signed)
 -----BEGIN CERTIFICATE-----
 MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
 NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
 cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
 9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
 vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
 z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
 c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
 OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG
 9w0BAQUFAANBADV6X+ea0ftEKXy7yKNAbdIp35893T6AVwbdclomPkeOs86OtoTG
 1BIzWSK9QE7W6Wbf63e2RdcqoLK+DxsuwUg=
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
 042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
 Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
 8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
 NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
 pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
 XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
 ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
 HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
 4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
 CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
 DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
 +Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
 eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
 -----END RSA PRIVATE KEY-----
 c. end entity certificate and key
            (SHA1withRSA 512, subca_cert_sha1_1024_1024.pem signed)
 -----BEGIN CERTIFICATE-----
 MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
 NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
 cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3
 DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo
 uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE
 AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU
 31g/ZkU6aXFAJVKhrrv0ebfAgeYwDQYJKoZIhvcNAQEFBQADgYEAUyW8PrEdbzLu
 B+h6UemBOJ024rYq90hJE/5wUEKPvxZ9vPEUgl+io6cGhL3cLfxfh6z5xtEGp4Tb
 NB0Ye3Qi01FBiNDY8s3rQRrmel6VysU8u+0Oi2jmQY6vZXn/zXN5rrTLITCaSicG
 dOMv1xLM83Ee432WWlDwKOUxhzDGpWc=
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,153918982D82A26E
 5w5MNd16M1draSfIFAuWNfP3869l9y8vMI1kOcxqsxjeG6YfgKUyu6PEYlj1R7d1
 /+UwVs9RGm3V7AwV4G1Qpnd+jaMLpgPVMP12sHPnslBE4SQe9bAZ+X5i2/5uesHv
 bF7OBMqsYW8+Kgsy1Ac0pBx/8yoFYdD3KYFnIP20kV2Xxy4PtQQ6tHJ33dGslTNU
 qrcJsyUyYj6wORlb7huuP5Ua8f28Xs/KvnNJG0094kC1WHi3Raf4AoD/rvraVtCQ
 5jrK9se8D6su+S3SEW0YndxivbNx3xJu2O72e7lS6yb5ht3U7xNSSWTffIlW1okI
 zjscK0iv9S+x452mLIFUgkmriVJLFfjTMRCbhS1J6q9FXLDdre/2O18FO2TvwRIE
 6Bwt2utfOAGccRHLsdgcXkv+ngCTCkuCnmh2XZWqmvA=
 -----END RSA PRIVATE KEY-----
 d. end entity certificate and key
            (SHA1withRSA 512, subca_cert_sha1_512_1024.pem signed)
 -----BEGIN CERTIFICATE-----
 MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
 NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
 cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3
 DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo
 uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE
 AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU
 N0CHiTYPtjyvpP2a6y6mhsZ6U40wDQYJKoZIhvcNAQEFBQADQQBG4grtrVEHick0
 z/6Lcl/MGyHT0c8KTXE0AMVXG1NRjAicAmYno/yDaJ9OmfymObKZKV9fF7yCW/N/
 TMU6m7N0
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,153918982D82A26E
 5w5MNd16M1draSfIFAuWNfP3869l9y8vMI1kOcxqsxjeG6YfgKUyu6PEYlj1R7d1
 /+UwVs9RGm3V7AwV4G1Qpnd+jaMLpgPVMP12sHPnslBE4SQe9bAZ+X5i2/5uesHv
 bF7OBMqsYW8+Kgsy1Ac0pBx/8yoFYdD3KYFnIP20kV2Xxy4PtQQ6tHJ33dGslTNU
 qrcJsyUyYj6wORlb7huuP5Ua8f28Xs/KvnNJG0094kC1WHi3Raf4AoD/rvraVtCQ
 5jrK9se8D6su+S3SEW0YndxivbNx3xJu2O72e7lS6yb5ht3U7xNSSWTffIlW1okI
 zjscK0iv9S+x452mLIFUgkmriVJLFfjTMRCbhS1J6q9FXLDdre/2O18FO2TvwRIE
 6Bwt2utfOAGccRHLsdgcXkv+ngCTCkuCnmh2XZWqmvA=
 -----END RSA PRIVATE KEY-----
 e. end entity certificate and key
            (MD2withRSA 1024, subca_cert_sha1_1024_1024.pem signed)
 -----BEGIN CERTIFICATE-----
 MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
 NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
 cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
 9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
 vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
 z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
 c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
 OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG
 9w0BAQIFAAOBgQBxKsFf8NNQcXjDoKJJSG4Rk6ikcrhiGYuUI32+XHvs6hnav1Zc
 aJUpy7J4gMj/MnysMh/4AF9+m6zEEjuisXKUbYZhgtJxz+ukGSo163mJ8QJiAlRb
 Iwsy81r08mlSCR6jx2YhDAUxJIPC92R5Vb4CEutB7tWTwwz7vIHq330erA==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
 042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
 Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
 8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
 NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
 pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
 XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
 ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
 HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
 4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
 CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
 DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
 +Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
 eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
 -----END RSA PRIVATE KEY-----
 f. end entity certificate and key
            (MD2withRSA 1024, subca_cert_sha1_512_1024.pem signed)
 -----BEGIN CERTIFICATE-----
 MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
 NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
 cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
 9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
 vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
 z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
 c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
 OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG
 9w0BAQIFAANBAIX63Ypi9P71RnC/pcMbhD+wekRFsTzU593X3MC7tyBJtEXwvAZG
 iMxXF5A+ohlr7/CrkV7ZTL8PLxnJdY5Y8rQ=
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
 042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
 Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
 8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
 NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
 pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
 XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
 ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
 HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
 4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
 CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
 DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
 +Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
 eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
 -----END RSA PRIVATE KEY-----
 h. root CRL issuer
 -----BEGIN CERTIFICATE-----
 MIICKzCCAZSgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDgxNjMwNTdaFw0yOTA0MjUxNjMwNTda
 MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB
 AQUAA4GNADCBiQKBgQCy6RoQ6nMdeGJ6ijfjqDu3tDmeGLgnvfBcUKvcsvz9Ji3m
 oGnTzECo1oLV+A4/TJxOlak+ZiQ5KVyvfMcXLJeT6dRpXQZ+uc6TT3SkBq94VFzX
 qkk08z42JNdk1s5uyW8nRfg7+xntajQVrysoPYNDhu21cPnjDkRiBsIdS7+75QID
 AQABo3cwdTAdBgNVHQ4EFgQUGcJU6xWo66kI1QBvlfTQKxxmx9IwRwYDVR0jBEAw
 PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD
 VQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjANBgkqhkiG9w0BAQQFAAOBgQBx
 uKL59VInPdCi+8JL4B+S5YjlPL4ZOBHTjS0JlNxtjbGZdfs+3E9PUAdqhMJO4vq7
 XD+hGtgZtwSqGaSUYAtpLdoCr7vvPkcrxYTG2Ak+UiTbZhmJeSswKgFaCmjjdMCy
 y64UP2DQfn6Zi0wCfeao0m9s3zRLuJpgaQGiSHTQKA==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,41E4237825CE0148
 9nbfd7dsaS+fkFYrU1+wTcevjdRLF/j9DUVQh/2bsFlVEYgeL8A+XpvpbXHYBd7H
 oBreofDNseibHe4EgISGPK8RymjYutQqPpbHwXd25jlUuUapvvuCj8V6qnhgpqEo
 zXL1Nd2c6KZgdySosyWy8JfIBZJ3kwiSkXVwzs8R4bAGrg1VS80GuszvCv8Fzjoc
 LuesX6fViE9yFzLsyOvn/W12DKhTXwiXTQYLUupM8zI9Kpozbea52ZIPMJ9HEiaY
 JgwNj05w33VxTe/tq3R9vS2Ee6aM4odi6CQEheLsUAnyE0BTsITKzwwTI25WTv25
 W+gwSF3V49a34MojTdlORq5iH0b3rYl7OMdk+99elJSkyQIbVwwOCFrKuSXYXvV7
 s9iMPFUbi+bZ3oP6zM5kVUcH6KyVeYfkuLf2+k1vPlav8/W5v+WfnvUNOBx76Ira
 BzVPYmm2V+YFiFL1hugm5Wv+yyx8QcfgXbvhNHoIEj7hh6Ac48FhtqEcBHjuT/gy
 7atJJUdOH6hhmD34hkHGnhcDE15ZOczxTLRC9450h5HKsZ0FILRlCBZLmiedycs2
 zqhUpR4jzDG9jKrlDU4ErfMgPLjveZc3/VT3bc+TYfuC8szCaQ5XX1JVcabZ+HQw
 pwmA1ONZDVsFzwbJy9+5bgXX+wLD5kaez8EHNDS5PgqgL0UdrWjdRi6e1RwlTDEw
 g/d7TZm/iQeL1iUIfkPA1f0ByYIiyd3XQqiQ/Mf1C16lQkhTHDwofFJdL8otT2Ha
 dk6fa7lBOnrpbRKUdpJpYfyqHg80BYNPu6BacVXlYqtJtkFK04qHbA==
 -----END RSA PRIVATE KEY-----
 i. CRL issued by root CRL issuer
 -----BEGIN X509 CRL-----
 MIH2MGECAQEwDQYJKoZIhvcNAQEFBQAwHzELMAkGA1UEBhMCVVMxEDAOBgNVBAoT
 B0V4YW1wbGUXDTA5MDgwODE2MzU1MFoXDTI4MTAwNzE2MzU1MFqgDjAMMAoGA1Ud
 FAQDAgEAMA0GCSqGSIb3DQEBBQUAA4GBAJCd7e25MruuWJP/KmenGC6CR22pQuG+
 XhRaAtpHkNRls8+TfBxm2PtRrXCAcDb68kNLdwvlAlCUwmL6HOx4VB3r+8QRUlDa
 T48wVp1ojGU2b2XbPtXiYZBXW6hBsFHGDJM/IAGJPE2PbVYGlBc23A9V9WyPyThi
 9XXG1iOTIJ6u
 -----END X509 CRL-----
 j. subca CRL issuer
 -----BEGIN CERTIFICATE-----
 MIICPTCCAaagAwIBAgIBCzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDgxNjMwNThaFw0yOTA0MjUxNjMwNTha
 MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
 cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8KICP0bdOZVlR9gZu7TgD
 znXgSMER1IQtompgr1mWeZjX4LmRck3/ogHoxwC4RbNPKI3KIihcVdFHw2jgvE0M
 mpf2lI50tmhnLitM8P0/q8xUU/KncipADo4hkM5TbpjPeGUBTGLKzGrq7yyT9Uli
 Z74rrp1mS59TxcEI2YQMIQIDAQABo3cwdTAdBgNVHQ4EFgQUDGgpD4L8V3aBJPLx
 C7diZ0M0wWMwRwYDVR0jBEAwPoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8x
 CzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjAN
 BgkqhkiG9w0BAQQFAAOBgQCcXqRge5UuW0duf/XnUWP4hrm4Q9EHJaiHZDYxI+WW
 Ca3OXdsrpgGi+RSgeMtQzlZ7YAwyYVV91U4BnX6s/97Vp5xbR3wr8Qbx67inM8Lp
 Tuo+e0nyTxwlwi9cSyy5MfJ8jfzaD+n8akhV+sx0Mmiv77YlrShP24lod55gJHKC
 vQ==
 -----END CERTIFICATE-----
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: DES-EDE3-CBC,16EC4E2C0855BD5C
 dJHcUsnACMhfESAalWrWrfARnUgGhpp3vupjePUiBJ86YmKaNNr6GAwDukg3EJvs
 tboO1QQziLSf9pP7gw82Vp5YctEkk7vJVvCcq3QkZAsjNUHf3m3ne2qg8HngufzY
 IS/C3EtKuMr3oqa7P8wvMcsBs1G1ga/YqCWoKzowXhybaYPe20fwUNRtgqgdS5Gy
 bAzQB9R+Ua2tCaXb3CBYnrczsYFPhjuULr4qbWgHVBWhnkS3OIz71WqcCoXmvD3s
 bsjoZRCJUM6Zavyzs0kVGZogiPdr+KUyzjNNsnxle5cEET6nqkYR16UT/Fvemz9Q
 szh/y0gCi1nZb6cw5e9BJyF1GlobzxWyMwwY9L4vZNaBNaVRun+6dRWy0svaPuEy
 fV/9Y0/la9scyA5yNHz8xud3Njhj2ghyG5Nqbs3N/pPXRVdh7WNFBnc+L/SIBhhB
 /Ha9+OZdqyuMf3G+I1+WVADQr8xQP8/yLEvybZYtssjnuCmQSLPDDQFnp2Z3spax
 +AT+T4dRimMjf0mZK/NlRJU9PWqMHzsJGBY1A903oAiiHiRFD10z8vyPBigSDF2W
 ct6a8WI1prKho6HbMqeIlSPk+HkdCGZedNNbvRlKl4Y56IsHGAhb3wvQ+94049P9
 wu5thK69jNb7ie3YEefAZTb5kD0h+oB8BILOJ5B29C04JdDe6P6hjGKD7x3nRhHM
 nyCUMB/fhYpoXdDhz8CeJ77hFt2zFZRstlDctQsDqLkC0AdvlOFsEFqGM4AkBGcV
 f6Y+ykNQB3vEWPZsWqVXHB2vQvk00R55tgu+R5JJ45NLG2TqyOp/4A==
 -----END RSA PRIVATE KEY-----
 k. CRL issued by subca CRL issuer
 -----BEGIN X509 CRL-----
 MIIBLTCBlwIBATANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQMA4GA1UE
 ChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMRcNMDkwODA4MTYzNTUxWhcNMjgx
 MDA3MTYzNTUxWjAiMCACAQIXDTA5MDgwODE2MzU1MFowDDAKBgNVHRUEAwoBBKAO
 MAwwCgYDVR0UBAMCAQAwDQYJKoZIhvcNAQECBQADgYEAbIs7ws4/M24NYrIO0XY6
 UVxni0ZoQa+1R7NwU6unr4jFEVD+W/b+JEMfm0RUmpSa7HrUYsw+NycD3m5CD6VJ
 U4iuGGeJvHdrYJiPIYkEiFQnhAGOj8oS/nWtPvDKbuBMZI9atKkypby9At8h9URq
 1g/KSIM3rd1PYADdcPsok4I=
 -----END X509 CRL-----
--- a/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/generate.sh
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/generate.sh
@ -0,0 +1,255 @@
 #
 # Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License version 2 only, as
 # published by the Free Software Foundation.  Sun designates this
 # particular file as subject to the "Classpath" exception as provided
 # by Sun in the LICENSE file that accompanied this code.
 #
 # This code is distributed in the hope that it will be useful, but WITHOUT
 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 # FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 # version 2 for more details (a copy is included in the LICENSE file that
 # accompanied this code).
 #
 # You should have received a copy of the GNU General Public License version
 # 2 along with this work; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 # Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 # CA 95054 USA or visit www.sun.com if you need additional information or
 # have any questions.
 #
 #!/bin/ksh
 #
 # needs ksh to run the script.
 set -e
 OPENSSL=openssl
 # generate a self-signed root certificate
 if [ ! -f root/finished ]; then
    if [ ! -d root ]; then
        mkdir root
    fi
    # SHA1withRSA 1024
    ${OPENSSL} req -x509 -newkey rsa:1024 -keyout root/root_key_1024.pem \
        -out root/root_cert_sha1_1024.pem -subj "/C=US/O=Example" \
        -config openssl.cnf -reqexts cert_issuer -days 7650 -sha1 \
        -passin pass:passphrase -passout pass:passphrase
    # SHA1withRSA 512
    ${OPENSSL} req -x509 -newkey rsa:512 -keyout root/root_key_512.pem \
        -out root/root_cert_sha1_512.pem -subj "/C=US/O=Example" \
        -config openssl.cnf -reqexts cert_issuer -days 7650 -sha1 \
        -passin pass:passphrase -passout pass:passphrase
    # MD2withRSA 2048
    ${OPENSSL} req -x509 -newkey rsa:2048 -keyout root/root_key_2048.pem \
        -out root/root_cert_md2_2048.pem -subj "/C=US/O=Example" \
        -config openssl.cnf -reqexts cert_issuer -days 7650 -md2 \
        -passin pass:passphrase -passout pass:passphrase
    openssl req -newkey rsa:1024 -keyout root/root_crlissuer_key.pem \
        -out root/root_crlissuer_req.pem -subj "/C=US/O=Example" -days 7650 \
        -passin pass:passphrase -passout pass:passphrase
    openssl x509 -req -in root/root_crlissuer_req.pem -extfile openssl.cnf \
        -extensions crl_issuer -CA root/root_cert_sha1_1024.pem \
        -CAkey root/root_key_1024.pem -out root/root_crlissuer_cert.pem \
        -CAcreateserial -CAserial root/root_cert.srl -days 7200 \
        -passin pass:passphrase
    touch root/finished
 fi
 # generate subca cert issuer
 if [ ! -f subca/finished ]; then
    if [ ! -d subca ]; then
        mkdir subca
    fi
    # RSA 1024
    ${OPENSSL} req -newkey rsa:1024 -keyout subca/subca_key_1024.pem \
        -out subca/subca_req_1024.pem -subj "/C=US/O=Example/OU=Class-1" \
        -days 7650 -passin pass:passphrase -passout pass:passphrase
    # RSA 512
    ${OPENSSL} req -newkey rsa:512 -keyout subca/subca_key_512.pem \
        -out subca/subca_req_512.pem -subj "/C=US/O=Example/OU=Class-1" \
        -days 7650 -passin pass:passphrase -passout pass:passphrase
    # SHA1withRSA 1024 signed with RSA 1024
    ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
        -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \
        -CAkey root/root_key_1024.pem -out subca/subca_cert_sha1_1024_1024.pem \
        -CAcreateserial -sha1 \
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
    # SHA1withRSA 1024 signed with RSA 512
    ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
        -extensions cert_issuer -CA root/root_cert_sha1_512.pem \
        -CAkey root/root_key_512.pem -out subca/subca_cert_sha1_1024_512.pem \
        -CAcreateserial -sha1 \
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
    # SHA1withRSA 512 signed with RSA 1024
    ${OPENSSL} x509 -req -in subca/subca_req_512.pem -extfile openssl.cnf \
        -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \
        -CAkey root/root_key_1024.pem -out subca/subca_cert_sha1_512_1024.pem \
        -CAcreateserial -sha1 \
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
    # SHA1withRSA 512 signed with RSA 512
    ${OPENSSL} x509 -req -in subca/subca_req_512.pem -extfile openssl.cnf \
        -extensions cert_issuer -CA root/root_cert_sha1_512.pem \
        -CAkey root/root_key_512.pem -out subca/subca_cert_sha1_512_512.pem \
        -CAcreateserial -sha1 \
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
    # MD2withRSA 1024 signed with RSA 1024
    ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
        -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \
        -CAkey root/root_key_1024.pem -out subca/subca_cert_md2_1024_1024.pem \
        -CAcreateserial -md2 \
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
    # MD2withRSA 1024 signed with RSA 512
    ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
        -extensions cert_issuer -CA root/root_cert_sha1_512.pem \
        -CAkey root/root_key_512.pem -out subca/subca_cert_md2_1024_512.pem \
        -CAcreateserial -md2 \
        -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
    openssl req -newkey rsa:1024 -keyout subca/subca_crlissuer_key.pem \
        -out subca/subca_crlissuer_req.pem -subj "/C=US/O=Example/OU=Class-1" \
        -days 7650 -passin pass:passphrase -passout pass:passphrase
    openssl x509 -req -in subca/subca_crlissuer_req.pem -extfile openssl.cnf \
        -extensions crl_issuer -CA root/root_cert_sha1_1024.pem \
        -CAkey root/root_key_1024.pem -out subca/subca_crlissuer_cert.pem \
        -CAcreateserial -CAserial root/root_cert.srl -days 7200 \
        -passin pass:passphrase
    touch subca/finished
 fi
 # generate certifiacte for Alice
 if [ ! -f subca/alice/finished ]; then
    if [ ! -d subca/alice ]; then
        mkdir -p subca/alice
    fi
    # RSA 1024
    ${OPENSSL} req -newkey rsa:1024 -keyout subca/alice/alice_key_1024.pem \
        -out subca/alice/alice_req_1024.pem \
        -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \
        -passin pass:passphrase -passout pass:passphrase
    # RSA 512
    ${OPENSSL} req -newkey rsa:512 -keyout subca/alice/alice_key_512.pem \
        -out subca/alice/alice_req_512.pem \
        -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \
        -passin pass:passphrase -passout pass:passphrase
    # SHA1withRSA 1024 signed with RSA 1024
    ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
        -extfile openssl.cnf -extensions ee_of_subca \
        -CA subca/subca_cert_sha1_1024_1024.pem \
        -CAkey subca/subca_key_1024.pem \
        -out subca/alice/alice_cert_sha1_1024_1024.pem -CAcreateserial -sha1 \
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
    # SHA1withRSA 1024 signed with RSA 512
    ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
        -extfile openssl.cnf -extensions ee_of_subca \
        -CA subca/subca_cert_sha1_512_1024.pem \
        -CAkey subca/subca_key_512.pem \
        -out subca/alice/alice_cert_sha1_1024_512.pem -CAcreateserial -sha1 \
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
    # SHA1withRSA 512 signed with RSA 1024
    ${OPENSSL} x509 -req -in subca/alice/alice_req_512.pem \
        -extfile openssl.cnf -extensions ee_of_subca \
        -CA subca/subca_cert_sha1_1024_1024.pem \
        -CAkey subca/subca_key_1024.pem \
        -out subca/alice/alice_cert_sha1_512_1024.pem -CAcreateserial -sha1 \
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
    # SHA1withRSA 512 signed with RSA 512
    ${OPENSSL} x509 -req -in subca/alice/alice_req_512.pem \
        -extfile openssl.cnf -extensions ee_of_subca \
        -CA subca/subca_cert_sha1_512_1024.pem \
        -CAkey subca/subca_key_512.pem \
        -out subca/alice/alice_cert_sha1_512_512.pem -CAcreateserial -sha1 \
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
    # MD2withRSA 1024 signed with RSA 1024
    ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
        -extfile openssl.cnf -extensions ee_of_subca \
        -CA subca/subca_cert_sha1_1024_1024.pem \
        -CAkey subca/subca_key_1024.pem \
        -out subca/alice/alice_cert_md2_1024_1024.pem -CAcreateserial -md2 \
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
    # MD2withRSA 1024 signed with RSA 512
    ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
        -extfile openssl.cnf -extensions ee_of_subca \
        -CA subca/subca_cert_sha1_512_1024.pem \
        -CAkey subca/subca_key_512.pem \
        -out subca/alice/alice_cert_md2_1024_512.pem -CAcreateserial -md2 \
        -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
    touch subca/alice/finished
 fi
 if [ ! -f root/revoked ]; then
    if [ ! -d root ]; then
        mkdir root
    fi
    if [ ! -f root/index.txt ]; then
        touch root/index.txt
        echo 00 > root/crlnumber
    fi
    openssl ca -gencrl -config openssl.cnf -name ca_top -crldays 7000 -md sha1 \
        -crl_reason superseded -keyfile root/root_crlissuer_key.pem \
        -cert root/root_crlissuer_cert.pem -out root/top_crl.pem \
        -passin pass:passphrase
    touch root/revoked
 fi
 if [ ! -f subca/revoked ]; then
    if [ ! -d subca ]; then
        mkdir subca
    fi
    if [ ! -f subca/index.txt ]; then
        touch subca/index.txt
        echo 00 > subca/crlnumber
    fi
    # revoke alice's SHA1withRSA 1024 signed with RSA 1024
    openssl ca -revoke subca/alice/alice_cert_sha1_1024_1024.pem \
        -config openssl.cnf \
        -name ca_subca -crl_reason superseded \
        -keyfile subca/subca_crlissuer_key.pem \
        -cert subca/subca_crlissuer_cert.pem -passin pass:passphrase
    openssl ca -gencrl -config openssl.cnf \
        -name ca_subca -crldays 7000 -md md2 \
        -crl_reason superseded -keyfile subca/subca_crlissuer_key.pem \
        -cert subca/subca_crlissuer_cert.pem \
        -out subca/subca_crl.pem \
        -passin pass:passphrase
    touch subca/revoked
 fi
--- a/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/openssl.cnf
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/openssl.cnf
@ -0,0 +1,206 @@
 #
 # Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License version 2 only, as
 # published by the Free Software Foundation.  Sun designates this
 # particular file as subject to the "Classpath" exception as provided
 # by Sun in the LICENSE file that accompanied this code.
 #
 # This code is distributed in the hope that it will be useful, but WITHOUT
 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 # FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 # version 2 for more details (a copy is included in the LICENSE file that
 # accompanied this code).
 #
 # You should have received a copy of the GNU General Public License version
 # 2 along with this work; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 # Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 # CA 95054 USA or visit www.sun.com if you need additional information or
 # have any questions.
 #
 #
 # OpenSSL configuration file.
 #
 HOME                = .
 RANDFILE            = $ENV::HOME/.rnd
 [ ca ]
 default_ca          = CA_default
 [ CA_default ]
 dir                 = ./top
 certs               = $dir/certs
 crl_dir             = $dir/crl
 database            = $dir/index.txt
 unique_subject      = no
 new_certs_dir       = $dir/newcerts
 certificate         = $dir/cacert.pem
 serial              = $dir/serial
 crlnumber           = $dir/crlnumber
 crl                 = $dir/crl.pem
 private_key         = $dir/private/cakey.pem
 RANDFILE            = $dir/private/.rand
 x509_extensions     = v3_ca
 name_opt            = ca_default
 cert_opt            = ca_default
 default_days        = 7650
 default_crl_days    = 30
 default_md          = sha1
 preserve            = no
 policy              = policy_anything
 [ ca_top ]
 dir                 = ./root
 certs               = $dir/certs
 crl_dir             = $dir/crl
 database            = $dir/index.txt
 unique_subject      = no
 new_certs_dir       = $dir/newcerts
 certificate         = $dir/cacert.pem
 serial              = $dir/serial
 crlnumber           = $dir/crlnumber
 crl                 = $dir/crl.pem
 private_key         = $dir/private/cakey.pem
 RANDFILE            = $dir/private/.rand
 x509_extensions     = v3_ca
 name_opt            = ca_default
 cert_opt            = ca_default
 default_days        = 7650
 default_crl_days    = 30
 default_md          = sha1
 preserve            = no
 policy              = policy_anything
 [ ca_subca ]
 dir                 = ./subca
 certs               = $dir/certs
 crl_dir             = $dir/crl
 database            = $dir/index.txt
 unique_subject      = no
 new_certs_dir       = $dir/newcerts
 certificate         = $dir/cacert.pem
 serial              = $dir/serial
 crlnumber           = $dir/crlnumber
 crl                 = $dir/crl.pem
 private_key         = $dir/private/cakey.pem
 RANDFILE            = $dir/private/.rand
 x509_extensions     = usr_cert
 name_opt            = ca_default
 cert_opt            = ca_default
 default_days        = 7650
 default_crl_days    = 30
 default_md          = sha1
 preserve            = no
 policy              = policy_anything
 [ policy_match ]
 countryName         = match
 stateOrProvinceName = match
 organizationName    = match
 organizationalUnitName  = optional
 commonName          = supplied
 emailAddress        = optional
 [ policy_anything ]
 countryName         = optional
 stateOrProvinceName = optional
 localityName        = optional
 organizationName    = optional
 organizationalUnitName  = optional
 commonName          = supplied
 emailAddress        = optional
 [ req ]
 default_bits        = 1024
 default_keyfile     = privkey.pem
 distinguished_name  = req_distinguished_name
 attributes          = req_attributes
 x509_extensions     = v3_ca
 string_mask = nombstr
 [ req_distinguished_name ]
 countryName         = Country Name (2 letter code)
 countryName_default = NO
 countryName_min     = 2
 countryName_max     = 2
 stateOrProvinceName = State or Province Name (full name)
 stateOrProvinceName_default  = A-State
 localityName        = Locality Name (eg, city)
 0.organizationName  = Organization Name (eg, company)
 0.organizationName_default   = Internet Widgits Pty Ltd
 organizationalUnitName       = Organizational Unit Name (eg, section)
 commonName              = Common Name (eg, YOUR name)
 commonName_max          = 64
 emailAddress            = Email Address
 emailAddress_max        = 64
 [ req_attributes ]
 challengePassword       = A challenge password
 challengePassword_min   = 4
 challengePassword_max   = 20
 unstructuredName        = An optional company name
 [ usr_cert ]
 keyUsage                = nonRepudiation, digitalSignature, keyEncipherment
 subjectKeyIdentifier    = hash
 authorityKeyIdentifier  = keyid,issuer
 [ v3_req ]
 basicConstraints        = CA:FALSE
 keyUsage                = nonRepudiation, digitalSignature, keyEncipherment
 subjectAltName          = email:example@openjdk.net, RID:1.2.3.4:true
 [ v3_ca ]
 subjectKeyIdentifier    = hash
 authorityKeyIdentifier  = keyid:always,issuer:always
 basicConstraints        = critical,CA:true
 keyUsage                = keyCertSign
 [ cert_issuer ]
 subjectKeyIdentifier    = hash
 authorityKeyIdentifier  = keyid:always,issuer:always
 basicConstraints        = critical,CA:true
 keyUsage                = keyCertSign
 [ crl_issuer ]
 subjectKeyIdentifier    = hash
 authorityKeyIdentifier  = keyid:always,issuer:always
 keyUsage                = cRLSign
 [ crl_ext ]
 authorityKeyIdentifier  = keyid:always,issuer:always
 [ ee_of_subca ]
 keyUsage    = nonRepudiation, digitalSignature, keyEncipherment, keyAgreement
 subjectKeyIdentifier    = hash
 authorityKeyIdentifier  = keyid,issuer
--- a/jdk/test/sun/security/util/DerValue/BadValue.java
+++ b/jdk/test/sun/security/util/DerValue/BadValue.java
@ -0,0 +1,119 @@
 /*
 * Copyright 2009 Sun Microsystems, Inc.  All Rights Reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
 * CA 95054 USA or visit www.sun.com if you need additional information or
 * have any questions.
 */
 /*
 * @test
 * @bug 6864911
 * @summary ASN.1/DER input stream parser needs more work
 */
 import java.io.*;
 import sun.security.util.*;
 import sun.misc.IOUtils;
 public class BadValue {
    public static void main(String[] args) throws Exception {
        // Test IOUtils.readFully
        // We have 4 bytes
        InputStream in = new ByteArrayInputStream(new byte[10]);
        byte[] bs = IOUtils.readFully(in, 4, true);
        if (bs.length != 4 || in.available() != 6) {
            throw new Exception("First read error");
        }
        // But only 6 left
        bs = IOUtils.readFully(in, 10, false);
        if (bs.length != 6 || in.available() != 0) {
            throw new Exception("Second read error");
        }
        // MAX read as much as it can
        in = new ByteArrayInputStream(new byte[10]);
        bs = IOUtils.readFully(in, Integer.MAX_VALUE, true);
        if (bs.length != 10 || in.available() != 0) {
            throw new Exception("Second read error");
        }
        // MAX ignore readAll
        in = new ByteArrayInputStream(new byte[10]);
        bs = IOUtils.readFully(in, Integer.MAX_VALUE, false);
        if (bs.length != 10 || in.available() != 0) {
            throw new Exception("Second read error");
        }
        // 20>10, readAll means failure
        in = new ByteArrayInputStream(new byte[10]);
        try {
            bs = IOUtils.readFully(in, 20, true);
            throw new Exception("Third read error");
        } catch (EOFException e) {
            // OK
        }
        int bignum = 10 * 1024 * 1024;
        bs = IOUtils.readFully(new SuperSlowStream(bignum), -1, true);
        if (bs.length != bignum) {
            throw new Exception("Fourth read error");
        }
        // Test DerValue
        byte[] input = {0x04, (byte)0x84, 0x40, 0x00, 0x42, 0x46, 0x4b};
        try {
            new DerValue(new ByteArrayInputStream(input));
        } catch (IOException ioe) {
            // This is OK
        }
    }
 }
 /**
 * An InputStream contains a given number of bytes, but only returns one byte
 * per read.
 */
 class SuperSlowStream extends InputStream {
    private int p;
    /**
     * @param Initial capacity
     */
    public SuperSlowStream(int capacity) {
        p = capacity;
    }
    @Override
    public int read() throws IOException {
        if (p > 0) {
            p--;
            return 0;
        } else {
            return -1;
        }
    }
    @Override
    public int read(byte b[], int off, int len) throws IOException {
        if (len == 0) return 0;
        if (p > 0) {
            p--;
            b[off] = 0;
            return 1;
        } else {
            return -1;
        }
    }
 }