Merge
diff --git a/make/sun/awt/mapfile-vers b/make/sun/awt/mapfile-vers
index 06a1d5b..3840aa7 100644
--- a/make/sun/awt/mapfile-vers
+++ b/make/sun/awt/mapfile-vers
@@ -53,7 +53,6 @@
Java_sun_awt_image_GifImageDecoder_initIDs;
Java_sun_awt_image_GifImageDecoder_parseImage;
Java_sun_awt_image_ImageRepresentation_initIDs;
- Java_sun_awt_image_ImageRepresentation_setBytePixels;
Java_sun_awt_image_ImageRepresentation_setDiffICM;
Java_sun_awt_image_ImageRepresentation_setICMpixels;
Java_sun_awt_image_ImagingLib_convolveBI;
diff --git a/make/sun/awt/mapfile-vers-linux b/make/sun/awt/mapfile-vers-linux
index 9b5639b..e56dba3 100644
--- a/make/sun/awt/mapfile-vers-linux
+++ b/make/sun/awt/mapfile-vers-linux
@@ -55,7 +55,6 @@
Java_sun_awt_image_GifImageDecoder_parseImage;
Java_sun_awt_image_Image_initIDs;
Java_sun_awt_image_ImageRepresentation_initIDs;
- Java_sun_awt_image_ImageRepresentation_setBytePixels;
Java_sun_awt_image_ImageRepresentation_setDiffICM;
Java_sun_awt_image_ImageRepresentation_setICMpixels;
Java_sun_awt_image_ImagingLib_convolveBI;
diff --git a/src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java b/src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java
index f8e028d..388d7a1 100644
--- a/src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java
+++ b/src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java
@@ -62,6 +62,8 @@
import java.io.*;
import java.nio.*;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.StringTokenizer;
@@ -502,12 +504,18 @@
iis.reset();
try {
- if (metadata.colorSpace == PROFILE_LINKED)
+ if (metadata.colorSpace == PROFILE_LINKED &&
+ isLinkedProfileAllowed() &&
+ !isUncOrDevicePath(profile))
+ {
+ String path = new String(profile, "windows-1252");
+
colorSpace =
- new ICC_ColorSpace(ICC_Profile.getInstance(new String(profile)));
- else
+ new ICC_ColorSpace(ICC_Profile.getInstance(path));
+ } else {
colorSpace =
new ICC_ColorSpace(ICC_Profile.getInstance(profile));
+ }
} catch (Exception e) {
colorSpace = ColorSpace.getInstance(ColorSpace.CS_sRGB);
}
@@ -1745,4 +1753,69 @@
public void sequenceStarted(ImageReader src, int minIndex) {}
public void readAborted(ImageReader src) {}
}
+
+ private static Boolean isLinkedProfileDisabled = null;
+
+ private static boolean isLinkedProfileAllowed() {
+ if (isLinkedProfileDisabled == null) {
+ PrivilegedAction<Boolean> a = new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ return Boolean.getBoolean("sun.imageio.plugins.bmp.disableLinkedProfiles");
+ }
+ };
+ isLinkedProfileDisabled = AccessController.doPrivileged(a);
+ }
+ return !isLinkedProfileDisabled;
+ }
+
+ private static Boolean isWindowsPlatform = null;
+
+ /**
+ * Verifies whether the byte array contans a unc path.
+ * Non-UNC path examples:
+ * c:\path\to\file - simple notation
+ * \\?\c:\path\to\file - long notation
+ *
+ * UNC path examples:
+ * \\server\share - a UNC path in simple notation
+ * \\?\UNC\server\share - a UNC path in long notation
+ * \\.\some\device - a path to device.
+ */
+ private static boolean isUncOrDevicePath(byte[] p) {
+ if (isWindowsPlatform == null) {
+ PrivilegedAction<Boolean> a = new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ String osname = System.getProperty("os.name");
+ return (osname != null &&
+ osname.toLowerCase().startsWith("win"));
+ }
+ };
+ isWindowsPlatform = AccessController.doPrivileged(a);
+ }
+
+ if (!isWindowsPlatform) {
+ /* no need for the check on platforms except windows */
+ return false;
+ }
+
+ /* normalize prefix of the path */
+ if (p[0] == '/') p[0] = '\\';
+ if (p[1] == '/') p[1] = '\\';
+ if (p[3] == '/') p[3] = '\\';
+
+
+ if ((p[0] == '\\') && (p[1] == '\\')) {
+ if ((p[2] == '?') && (p[3] == '\\')) {
+ // long path: whether unc or local
+ return ((p[4] == 'U' || p[4] == 'u') &&
+ (p[5] == 'N' || p[5] == 'n') &&
+ (p[6] == 'C' || p[6] == 'c'));
+ } else {
+ // device path or short unc notation
+ return true;
+ }
+ } else {
+ return false;
+ }
+ }
}
diff --git a/src/share/classes/com/sun/java/swing/plaf/motif/MotifButtonUI.java b/src/share/classes/com/sun/java/swing/plaf/motif/MotifButtonUI.java
index 5323b0a..bc3a224 100644
--- a/src/share/classes/com/sun/java/swing/plaf/motif/MotifButtonUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/motif/MotifButtonUI.java
@@ -25,6 +25,8 @@
package com.sun.java.swing.plaf.motif;
+import sun.awt.AppContext;
+
import javax.swing.*;
import javax.swing.border.*;
import javax.swing.plaf.basic.*;
@@ -46,16 +48,23 @@
*/
public class MotifButtonUI extends BasicButtonUI {
- private final static MotifButtonUI motifButtonUI = new MotifButtonUI();
-
protected Color selectColor;
private boolean defaults_initialized = false;
+ private static final Object MOTIF_BUTTON_UI_KEY = new Object();
+
// ********************************
// Create PLAF
// ********************************
- public static ComponentUI createUI(JComponent c){
+ public static ComponentUI createUI(JComponent c) {
+ AppContext appContext = AppContext.getAppContext();
+ MotifButtonUI motifButtonUI =
+ (MotifButtonUI) appContext.get(MOTIF_BUTTON_UI_KEY);
+ if (motifButtonUI == null) {
+ motifButtonUI = new MotifButtonUI();
+ appContext.put(MOTIF_BUTTON_UI_KEY, motifButtonUI);
+ }
return motifButtonUI;
}
diff --git a/src/share/classes/com/sun/java/swing/plaf/motif/MotifCheckBoxUI.java b/src/share/classes/com/sun/java/swing/plaf/motif/MotifCheckBoxUI.java
index a356b57..a4354d2 100644
--- a/src/share/classes/com/sun/java/swing/plaf/motif/MotifCheckBoxUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/motif/MotifCheckBoxUI.java
@@ -25,6 +25,8 @@
package com.sun.java.swing.plaf.motif;
+import sun.awt.AppContext;
+
import javax.swing.*;
import javax.swing.plaf.*;
@@ -45,7 +47,7 @@
*/
public class MotifCheckBoxUI extends MotifRadioButtonUI {
- private static final MotifCheckBoxUI motifCheckBoxUI = new MotifCheckBoxUI();
+ private static final Object MOTIF_CHECK_BOX_UI_KEY = new Object();
private final static String propertyPrefix = "CheckBox" + ".";
@@ -55,7 +57,14 @@
// ********************************
// Create PLAF
// ********************************
- public static ComponentUI createUI(JComponent c){
+ public static ComponentUI createUI(JComponent c) {
+ AppContext appContext = AppContext.getAppContext();
+ MotifCheckBoxUI motifCheckBoxUI =
+ (MotifCheckBoxUI) appContext.get(MOTIF_CHECK_BOX_UI_KEY);
+ if (motifCheckBoxUI == null) {
+ motifCheckBoxUI = new MotifCheckBoxUI();
+ appContext.put(MOTIF_CHECK_BOX_UI_KEY, motifCheckBoxUI);
+ }
return motifCheckBoxUI;
}
diff --git a/src/share/classes/com/sun/java/swing/plaf/motif/MotifLabelUI.java b/src/share/classes/com/sun/java/swing/plaf/motif/MotifLabelUI.java
index 7b040ea..bfa9588 100644
--- a/src/share/classes/com/sun/java/swing/plaf/motif/MotifLabelUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/motif/MotifLabelUI.java
@@ -25,6 +25,8 @@
package com.sun.java.swing.plaf.motif;
+import sun.awt.AppContext;
+
import javax.swing.*;
import javax.swing.plaf.basic.BasicLabelUI;
import javax.swing.plaf.ComponentUI;
@@ -44,9 +46,16 @@
*/
public class MotifLabelUI extends BasicLabelUI
{
- static MotifLabelUI sharedInstance = new MotifLabelUI();
+ private static final Object MOTIF_LABEL_UI_KEY = new Object();
public static ComponentUI createUI(JComponent c) {
- return sharedInstance;
+ AppContext appContext = AppContext.getAppContext();
+ MotifLabelUI motifLabelUI =
+ (MotifLabelUI) appContext.get(MOTIF_LABEL_UI_KEY);
+ if (motifLabelUI == null) {
+ motifLabelUI = new MotifLabelUI();
+ appContext.put(MOTIF_LABEL_UI_KEY, motifLabelUI);
+ }
+ return motifLabelUI;
}
}
diff --git a/src/share/classes/com/sun/java/swing/plaf/motif/MotifRadioButtonUI.java b/src/share/classes/com/sun/java/swing/plaf/motif/MotifRadioButtonUI.java
index ea3769c..5029779 100644
--- a/src/share/classes/com/sun/java/swing/plaf/motif/MotifRadioButtonUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/motif/MotifRadioButtonUI.java
@@ -25,6 +25,8 @@
package com.sun.java.swing.plaf.motif;
+import sun.awt.AppContext;
+
import javax.swing.*;
import javax.swing.border.*;
import javax.swing.plaf.basic.BasicRadioButtonUI;
@@ -47,7 +49,7 @@
*/
public class MotifRadioButtonUI extends BasicRadioButtonUI {
- private static final MotifRadioButtonUI motifRadioButtonUI = new MotifRadioButtonUI();
+ private static final Object MOTIF_RADIO_BUTTON_UI_KEY = new Object();
protected Color focusColor;
@@ -57,6 +59,13 @@
// Create PLAF
// ********************************
public static ComponentUI createUI(JComponent c) {
+ AppContext appContext = AppContext.getAppContext();
+ MotifRadioButtonUI motifRadioButtonUI =
+ (MotifRadioButtonUI) appContext.get(MOTIF_RADIO_BUTTON_UI_KEY);
+ if (motifRadioButtonUI == null) {
+ motifRadioButtonUI = new MotifRadioButtonUI();
+ appContext.put(MOTIF_RADIO_BUTTON_UI_KEY, motifRadioButtonUI);
+ }
return motifRadioButtonUI;
}
diff --git a/src/share/classes/com/sun/java/swing/plaf/motif/MotifToggleButtonUI.java b/src/share/classes/com/sun/java/swing/plaf/motif/MotifToggleButtonUI.java
index 43af413..984667e 100644
--- a/src/share/classes/com/sun/java/swing/plaf/motif/MotifToggleButtonUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/motif/MotifToggleButtonUI.java
@@ -25,6 +25,8 @@
package com.sun.java.swing.plaf.motif;
+import sun.awt.AppContext;
+
import java.awt.*;
import java.awt.event.*;
@@ -48,7 +50,7 @@
*/
public class MotifToggleButtonUI extends BasicToggleButtonUI
{
- private final static MotifToggleButtonUI motifToggleButtonUI = new MotifToggleButtonUI();
+ private static final Object MOTIF_TOGGLE_BUTTON_UI_KEY = new Object();
protected Color selectColor;
@@ -58,6 +60,13 @@
// Create PLAF
// ********************************
public static ComponentUI createUI(JComponent b) {
+ AppContext appContext = AppContext.getAppContext();
+ MotifToggleButtonUI motifToggleButtonUI =
+ (MotifToggleButtonUI) appContext.get(MOTIF_TOGGLE_BUTTON_UI_KEY);
+ if (motifToggleButtonUI == null) {
+ motifToggleButtonUI = new MotifToggleButtonUI();
+ appContext.put(MOTIF_TOGGLE_BUTTON_UI_KEY, motifToggleButtonUI);
+ }
return motifToggleButtonUI;
}
diff --git a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsButtonUI.java b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsButtonUI.java
index 4ebc563..2de1f4e 100644
--- a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsButtonUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsButtonUI.java
@@ -35,6 +35,7 @@
import static com.sun.java.swing.plaf.windows.TMSchema.*;
import static com.sun.java.swing.plaf.windows.TMSchema.Part.*;
import static com.sun.java.swing.plaf.windows.XPStyle.Skin;
+import sun.awt.AppContext;
/**
@@ -52,8 +53,6 @@
*/
public class WindowsButtonUI extends BasicButtonUI
{
- private final static WindowsButtonUI windowsButtonUI = new WindowsButtonUI();
-
protected int dashedRectGapX;
protected int dashedRectGapY;
protected int dashedRectGapWidth;
@@ -63,11 +62,19 @@
private boolean defaults_initialized = false;
+ private static final Object WINDOWS_BUTTON_UI_KEY = new Object();
// ********************************
// Create PLAF
// ********************************
- public static ComponentUI createUI(JComponent c){
+ public static ComponentUI createUI(JComponent c) {
+ AppContext appContext = AppContext.getAppContext();
+ WindowsButtonUI windowsButtonUI =
+ (WindowsButtonUI) appContext.get(WINDOWS_BUTTON_UI_KEY);
+ if (windowsButtonUI == null) {
+ windowsButtonUI = new WindowsButtonUI();
+ appContext.put(WINDOWS_BUTTON_UI_KEY, windowsButtonUI);
+ }
return windowsButtonUI;
}
@@ -151,7 +158,7 @@
* allocating them in each paint call substantially reduced the time
* it took paint to run. Obviously, this method can't be re-entered.
*/
- private static Rectangle viewRect = new Rectangle();
+ private Rectangle viewRect = new Rectangle();
public void paint(Graphics g, JComponent c) {
if (XPStyle.getXP() != null) {
diff --git a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsCheckBoxUI.java b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsCheckBoxUI.java
index fa38819..29c8221 100644
--- a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsCheckBoxUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsCheckBoxUI.java
@@ -25,6 +25,8 @@
package com.sun.java.swing.plaf.windows;
+import sun.awt.AppContext;
+
import javax.swing.plaf.basic.*;
import javax.swing.*;
import javax.swing.plaf.*;
@@ -49,7 +51,7 @@
// of BasicCheckBoxUI because we want to pick up all the
// painting changes made in MetalRadioButtonUI.
- private static final WindowsCheckBoxUI windowsCheckBoxUI = new WindowsCheckBoxUI();
+ private static final Object WINDOWS_CHECK_BOX_UI_KEY = new Object();
private final static String propertyPrefix = "CheckBox" + ".";
@@ -59,6 +61,13 @@
// Create PLAF
// ********************************
public static ComponentUI createUI(JComponent c) {
+ AppContext appContext = AppContext.getAppContext();
+ WindowsCheckBoxUI windowsCheckBoxUI =
+ (WindowsCheckBoxUI) appContext.get(WINDOWS_CHECK_BOX_UI_KEY);
+ if (windowsCheckBoxUI == null) {
+ windowsCheckBoxUI = new WindowsCheckBoxUI();
+ appContext.put(WINDOWS_CHECK_BOX_UI_KEY, windowsCheckBoxUI);
+ }
return windowsCheckBoxUI;
}
diff --git a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsLabelUI.java b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsLabelUI.java
index 5abbf51..b0c7410 100644
--- a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsLabelUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsLabelUI.java
@@ -26,6 +26,8 @@
package com.sun.java.swing.plaf.windows;
import sun.swing.SwingUtilities2;
+import sun.awt.AppContext;
+
import java.awt.Color;
import java.awt.Graphics;
@@ -51,12 +53,19 @@
*/
public class WindowsLabelUI extends BasicLabelUI {
- private final static WindowsLabelUI windowsLabelUI = new WindowsLabelUI();
+ private static final Object WINDOWS_LABEL_UI_KEY = new Object();
// ********************************
// Create PLAF
// ********************************
- public static ComponentUI createUI(JComponent c){
+ public static ComponentUI createUI(JComponent c) {
+ AppContext appContext = AppContext.getAppContext();
+ WindowsLabelUI windowsLabelUI =
+ (WindowsLabelUI) appContext.get(WINDOWS_LABEL_UI_KEY);
+ if (windowsLabelUI == null) {
+ windowsLabelUI = new WindowsLabelUI();
+ appContext.put(WINDOWS_LABEL_UI_KEY, windowsLabelUI);
+ }
return windowsLabelUI;
}
diff --git a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsRadioButtonUI.java b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsRadioButtonUI.java
index 4366582..9d78427 100644
--- a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsRadioButtonUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsRadioButtonUI.java
@@ -25,6 +25,8 @@
package com.sun.java.swing.plaf.windows;
+import sun.awt.AppContext;
+
import javax.swing.plaf.basic.*;
import javax.swing.*;
import javax.swing.plaf.*;
@@ -44,7 +46,7 @@
*/
public class WindowsRadioButtonUI extends BasicRadioButtonUI
{
- private static final WindowsRadioButtonUI windowsRadioButtonUI = new WindowsRadioButtonUI();
+ private static final Object WINDOWS_RADIO_BUTTON_UI_KEY = new Object();
protected int dashedRectGapX;
protected int dashedRectGapY;
@@ -59,6 +61,13 @@
// Create PLAF
// ********************************
public static ComponentUI createUI(JComponent c) {
+ AppContext appContext = AppContext.getAppContext();
+ WindowsRadioButtonUI windowsRadioButtonUI =
+ (WindowsRadioButtonUI) appContext.get(WINDOWS_RADIO_BUTTON_UI_KEY);
+ if (windowsRadioButtonUI == null) {
+ windowsRadioButtonUI = new WindowsRadioButtonUI();
+ appContext.put(WINDOWS_RADIO_BUTTON_UI_KEY, windowsRadioButtonUI);
+ }
return windowsRadioButtonUI;
}
diff --git a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsToggleButtonUI.java b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsToggleButtonUI.java
index 3b49ad5..f7a8707 100644
--- a/src/share/classes/com/sun/java/swing/plaf/windows/WindowsToggleButtonUI.java
+++ b/src/share/classes/com/sun/java/swing/plaf/windows/WindowsToggleButtonUI.java
@@ -25,6 +25,8 @@
package com.sun.java.swing.plaf.windows;
+import sun.awt.AppContext;
+
import javax.swing.plaf.basic.*;
import javax.swing.border.*;
import javax.swing.plaf.*;
@@ -49,18 +51,25 @@
*/
public class WindowsToggleButtonUI extends BasicToggleButtonUI
{
- protected static int dashedRectGapX;
- protected static int dashedRectGapY;
- protected static int dashedRectGapWidth;
- protected static int dashedRectGapHeight;
+ protected int dashedRectGapX;
+ protected int dashedRectGapY;
+ protected int dashedRectGapWidth;
+ protected int dashedRectGapHeight;
protected Color focusColor;
- private final static WindowsToggleButtonUI windowsToggleButtonUI = new WindowsToggleButtonUI();
+ private static final Object WINDOWS_TOGGLE_BUTTON_UI_KEY = new Object();
private boolean defaults_initialized = false;
public static ComponentUI createUI(JComponent b) {
+ AppContext appContext = AppContext.getAppContext();
+ WindowsToggleButtonUI windowsToggleButtonUI =
+ (WindowsToggleButtonUI) appContext.get(WINDOWS_TOGGLE_BUTTON_UI_KEY);
+ if (windowsToggleButtonUI == null) {
+ windowsToggleButtonUI = new WindowsToggleButtonUI();
+ appContext.put(WINDOWS_TOGGLE_BUTTON_UI_KEY, windowsToggleButtonUI);
+ }
return windowsToggleButtonUI;
}
diff --git a/src/share/classes/com/sun/jndi/ldap/Connection.java b/src/share/classes/com/sun/jndi/ldap/Connection.java
index 2807e19..364f000 100644
--- a/src/share/classes/com/sun/jndi/ldap/Connection.java
+++ b/src/share/classes/com/sun/jndi/ldap/Connection.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2005 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1999-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -32,12 +32,8 @@
import java.io.OutputStream;
import java.io.InputStream;
import java.net.Socket;
-import java.util.Vector;
-import java.util.Hashtable;
import javax.naming.CommunicationException;
-import javax.naming.AuthenticationException;
-import javax.naming.AuthenticationNotSupportedException;
import javax.naming.ServiceUnavailableException;
import javax.naming.NamingException;
import javax.naming.InterruptedNamingException;
@@ -47,6 +43,8 @@
import java.lang.reflect.Method;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
+import java.util.Arrays;
+import sun.misc.IOUtils;
//import javax.net.SocketFactory;
/**
@@ -799,7 +797,6 @@
byte inbuf[]; // Buffer for reading incoming bytes
int inMsgId; // Message id of incoming response
int bytesread; // Number of bytes in inbuf
- int bytesleft; // Number of bytes that need to read for completing resp
int br; // Temp; number of bytes read from stream
int offset; // Offset of where to store bytes in inbuf
int seqlen; // Length of ASN sequence
@@ -811,7 +808,7 @@
try {
while (true) {
try {
- inbuf = new byte[2048];
+ inbuf = new byte[10];
offset = 0;
seqlen = 0;
@@ -871,19 +868,10 @@
}
// read in seqlen bytes
- bytesleft = seqlen;
- if ((offset + bytesleft) > inbuf.length) {
- byte nbuf[] = new byte[offset + bytesleft];
- System.arraycopy(inbuf, 0, nbuf, 0, offset);
- inbuf = nbuf;
- }
- while (bytesleft > 0) {
- bytesread = in.read(inbuf, offset, bytesleft);
- if (bytesread < 0)
- break; // EOF
- offset += bytesread;
- bytesleft -= bytesread;
- }
+ byte[] left = IOUtils.readFully(in, seqlen, false);
+ inbuf = Arrays.copyOf(inbuf, offset + left.length);
+ System.arraycopy(left, 0, inbuf, offset, left.length);
+ offset += left.length;
/*
if (dump > 0) {
System.err.println("seqlen: " + seqlen);
diff --git a/src/share/classes/java/awt/KeyboardFocusManager.java b/src/share/classes/java/awt/KeyboardFocusManager.java
index da94b62..fd412d8 100644
--- a/src/share/classes/java/awt/KeyboardFocusManager.java
+++ b/src/share/classes/java/awt/KeyboardFocusManager.java
@@ -53,7 +53,8 @@
import java.util.StringTokenizer;
import java.util.WeakHashMap;
-import sun.util.logging.PlatformLogger;
+import java.util.logging.Level;
+import java.util.logging.Logger;
import sun.awt.AppContext;
import sun.awt.HeadlessToolkit;
@@ -110,7 +111,7 @@
{
// Shared focus engine logger
- private static final PlatformLogger focusLog = PlatformLogger.getLogger("java.awt.focus.KeyboardFocusManager");
+ private static final Logger focusLog = Logger.getLogger("java.awt.focus.KeyboardFocusManager");
static {
/* ensure that the necessary native libraries are loaded */
@@ -153,7 +154,7 @@
*/
private static native void initIDs();
- private static final PlatformLogger log = PlatformLogger.getLogger("java.awt.KeyboardFocusManager");
+ private static final Logger log = Logger.getLogger("java.awt.KeyboardFocusManager");
/**
* The identifier for the Forward focus traversal keys.
@@ -503,8 +504,8 @@
if (this == getCurrentKeyboardFocusManager()) {
return focusOwner;
} else {
- if (focusLog.isLoggable(PlatformLogger.FINER)) {
- focusLog.finer("This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
}
throw new SecurityException(notPrivileged);
}
@@ -608,9 +609,9 @@
}
void setNativeFocusOwner(Component comp) {
- if (focusLog.isLoggable(PlatformLogger.FINEST)) {
- focusLog.finest("Calling peer {0} setCurrentFocusOwner for {1}",
- peer, comp);
+ if (focusLog.isLoggable(Level.FINEST)) {
+ focusLog.log(Level.FINEST, "Calling peer {0} setCurrentFocusOwner for {1}",
+ new Object[] {String.valueOf(peer), String.valueOf(comp)});
}
peer.setCurrentFocusOwner(comp);
}
@@ -672,8 +673,8 @@
if (this == getCurrentKeyboardFocusManager()) {
return permanentFocusOwner;
} else {
- if (focusLog.isLoggable(PlatformLogger.FINER)) {
- focusLog.finer("This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
}
throw new SecurityException(notPrivileged);
}
@@ -780,8 +781,8 @@
if (this == getCurrentKeyboardFocusManager()) {
return focusedWindow;
} else {
- if (focusLog.isLoggable(PlatformLogger.FINER)) {
- focusLog.finer("This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
}
throw new SecurityException(notPrivileged);
}
@@ -884,8 +885,8 @@
if (this == getCurrentKeyboardFocusManager()) {
return activeWindow;
} else {
- if (focusLog.isLoggable(PlatformLogger.FINER)) {
- focusLog.finer("This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
}
throw new SecurityException(notPrivileged);
}
@@ -918,8 +919,8 @@
Window oldActiveWindow;
synchronized (KeyboardFocusManager.class) {
oldActiveWindow = getActiveWindow();
- if (focusLog.isLoggable(PlatformLogger.FINER)) {
- focusLog.finer("Setting global active window to " + activeWindow + ", old active " + oldActiveWindow);
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "Setting global active window to " + activeWindow + ", old active " + oldActiveWindow);
}
try {
@@ -1214,8 +1215,8 @@
if (this == getCurrentKeyboardFocusManager()) {
return currentFocusCycleRoot;
} else {
- if (focusLog.isLoggable(PlatformLogger.FINER)) {
- focusLog.finer("This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "This manager is " + this + ", current is " + getCurrentKeyboardFocusManager());
}
throw new SecurityException(notPrivileged);
}
@@ -2148,9 +2149,9 @@
HeavyweightFocusRequest(Component heavyweight, Component descendant,
boolean temporary, CausedFocusEvent.Cause cause) {
- if (log.isLoggable(PlatformLogger.FINE)) {
+ if (log.isLoggable(Level.FINE)) {
if (heavyweight == null) {
- log.fine("Assertion (heavyweight != null) failed");
+ log.log(Level.FINE, "Assertion (heavyweight != null) failed");
}
}
@@ -2160,12 +2161,12 @@
}
boolean addLightweightRequest(Component descendant,
boolean temporary, CausedFocusEvent.Cause cause) {
- if (log.isLoggable(PlatformLogger.FINE)) {
+ if (log.isLoggable(Level.FINE)) {
if (this == HeavyweightFocusRequest.CLEAR_GLOBAL_FOCUS_OWNER) {
- log.fine("Assertion (this != HeavyweightFocusRequest.CLEAR_GLOBAL_FOCUS_OWNER) failed");
+ log.log(Level.FINE, "Assertion (this != HeavyweightFocusRequest.CLEAR_GLOBAL_FOCUS_OWNER) failed");
}
if (descendant == null) {
- log.fine("Assertion (descendant != null) failed");
+ log.log(Level.FINE, "Assertion (descendant != null) failed");
}
}
@@ -2338,12 +2339,12 @@
(Component heavyweight, Component descendant, boolean temporary,
boolean focusedWindowChangeAllowed, long time, CausedFocusEvent.Cause cause)
{
- if (log.isLoggable(PlatformLogger.FINE)) {
+ if (log.isLoggable(Level.FINE)) {
if (heavyweight == null) {
- log.fine("Assertion (heavyweight != null) failed");
+ log.log(Level.FINE, "Assertion (heavyweight != null) failed");
}
if (time == 0) {
- log.fine("Assertion (time != 0) failed");
+ log.log(Level.FINE, "Assertion (time != 0) failed");
}
}
@@ -2360,31 +2361,31 @@
Component currentFocusOwner = thisManager.getGlobalFocusOwner();
Component nativeFocusOwner = thisManager.getNativeFocusOwner();
Window nativeFocusedWindow = thisManager.getNativeFocusedWindow();
- if (focusLog.isLoggable(PlatformLogger.FINER)) {
- focusLog.finer("SNFH for {0} in {1}",
- descendant, heavyweight);
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "SNFH for {0} in {1}",
+ new Object[] {String.valueOf(descendant), String.valueOf(heavyweight)});
}
- if (focusLog.isLoggable(PlatformLogger.FINEST)) {
- focusLog.finest("0. Current focus owner {0}",
- currentFocusOwner);
- focusLog.finest("0. Native focus owner {0}",
- nativeFocusOwner);
- focusLog.finest("0. Native focused window {0}",
- nativeFocusedWindow);
+ if (focusLog.isLoggable(Level.FINEST)) {
+ focusLog.log(Level.FINEST, "0. Current focus owner {0}",
+ String.valueOf(currentFocusOwner));
+ focusLog.log(Level.FINEST, "0. Native focus owner {0}",
+ String.valueOf(nativeFocusOwner));
+ focusLog.log(Level.FINEST, "0. Native focused window {0}",
+ String.valueOf(nativeFocusedWindow));
}
synchronized (heavyweightRequests) {
HeavyweightFocusRequest hwFocusRequest = getLastHWRequest();
- if (focusLog.isLoggable(PlatformLogger.FINEST)) {
- focusLog.finest("Request {0}", hwFocusRequest);
+ if (focusLog.isLoggable(Level.FINEST)) {
+ focusLog.log(Level.FINEST, "Request {0}", String.valueOf(hwFocusRequest));
}
if (hwFocusRequest == null &&
heavyweight == nativeFocusOwner)
{
if (descendant == currentFocusOwner) {
// Redundant request.
- if (focusLog.isLoggable(PlatformLogger.FINEST))
- focusLog.finest("1. SNFH_FAILURE for {0}",
- descendant);
+ if (focusLog.isLoggable(Level.FINEST))
+ focusLog.log(Level.FINEST, "1. SNFH_FAILURE for {0}",
+ String.valueOf(descendant));
return SNFH_FAILURE;
}
@@ -2416,8 +2417,8 @@
// SunToolkit.postPriorityEvent(newFocusOwnerEvent);
SunToolkit.postEvent(descendant.appContext, newFocusOwnerEvent);
- if (focusLog.isLoggable(PlatformLogger.FINEST))
- focusLog.finest("2. SNFH_HANDLED for {0}", descendant);
+ if (focusLog.isLoggable(Level.FINEST))
+ focusLog.log(Level.FINEST, "2. SNFH_HANDLED for {0}", String.valueOf(descendant));
return SNFH_SUCCESS_HANDLED;
} else if (hwFocusRequest != null &&
hwFocusRequest.heavyweight == heavyweight) {
@@ -2430,7 +2431,7 @@
manager.enqueueKeyEvents(time, descendant);
}
- if (focusLog.isLoggable(PlatformLogger.FINEST))
+ if (focusLog.isLoggable(Level.FINEST))
focusLog.finest("3. SNFH_HANDLED for lightweight" +
descendant + " in " + heavyweight);
return SNFH_SUCCESS_HANDLED;
@@ -2453,7 +2454,7 @@
(hwFocusRequest != null)
? hwFocusRequest.heavyweight
: nativeFocusedWindow)) {
- if (focusLog.isLoggable(PlatformLogger.FINEST))
+ if (focusLog.isLoggable(Level.FINEST))
focusLog.finest("4. SNFH_FAILURE for " + descendant);
return SNFH_FAILURE;
}
@@ -2463,7 +2464,7 @@
heavyweightRequests.add
(new HeavyweightFocusRequest(heavyweight, descendant,
temporary, cause));
- if (focusLog.isLoggable(PlatformLogger.FINEST))
+ if (focusLog.isLoggable(Level.FINEST))
focusLog.finest("5. SNFH_PROCEED for " + descendant);
return SNFH_SUCCESS_PROCEED;
}
@@ -2854,13 +2855,14 @@
}
KeyboardFocusManager manager = getCurrentKeyboardFocusManager();
- if (focusLog.isLoggable(PlatformLogger.FINER)) {
+ if (focusLog.isLoggable(Level.FINER)) {
if (event instanceof FocusEvent || event instanceof WindowEvent) {
- focusLog.finer(">>> {0}", event);
+ focusLog.log(Level.FINER, ">>> {0}", new Object[] {String.valueOf(event)});
}
- if (focusLog.isLoggable(PlatformLogger.FINER) && event instanceof KeyEvent) {
- focusLog.finer(" focus owner is {0}", manager.getGlobalFocusOwner());
- focusLog.finer(">>> {0}", event);
+ if (focusLog.isLoggable(Level.FINER) && event instanceof KeyEvent) {
+ focusLog.log(Level.FINER, " focus owner is {0}",
+ new Object[] {String.valueOf(manager.getGlobalFocusOwner())});
+ focusLog.log(Level.FINER, ">>> {0}", new Object[] {String.valueOf(event)});
}
}
@@ -2944,9 +2946,9 @@
}
}
static void removeLastFocusRequest(Component heavyweight) {
- if (log.isLoggable(PlatformLogger.FINE)) {
+ if (log.isLoggable(Level.FINE)) {
if (heavyweight == null) {
- log.fine("Assertion (heavyweight != null) failed");
+ log.log(Level.FINE, "Assertion (heavyweight != null) failed");
}
}
diff --git a/src/share/classes/java/awt/color/ICC_Profile.java b/src/share/classes/java/awt/color/ICC_Profile.java
index 78ba43d..488e6f4 100644
--- a/src/share/classes/java/awt/color/ICC_Profile.java
+++ b/src/share/classes/java/awt/color/ICC_Profile.java
@@ -865,7 +865,9 @@
case ColorSpace.CS_PYCC:
synchronized(ICC_Profile.class) {
if (PYCCprofile == null) {
- if (getProfileFile("PYCC.pf") != null) {
+ if (!sun.jkernel.DownloadManager.isJREComplete() ||
+ standardProfileExists("PYCC.pf"))
+ {
ProfileDeferralInfo pInfo =
new ProfileDeferralInfo("PYCC.pf",
ColorSpace.TYPE_3CLR, 3,
@@ -963,15 +965,15 @@
* and it does not permit read access to the given file.
*/
public static ICC_Profile getInstance(String fileName) throws IOException {
- ICC_Profile thisProfile;
- FileInputStream fis;
+ ICC_Profile thisProfile;
+ FileInputStream fis = null;
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(fileName);
+
+ File f = getProfileFile(fileName);
+ if (f != null) {
+ fis = new FileInputStream(f);
}
-
- if ((fis = openProfile(fileName)) == null) {
+ if (fis == null) {
throw new IOException("Cannot open file " + fileName);
}
@@ -1083,11 +1085,22 @@
void activateDeferredProfile() throws ProfileDataException {
byte profileData[];
FileInputStream fis;
- String fileName = deferralInfo.filename;
+ final String fileName = deferralInfo.filename;
profileActivator = null;
deferralInfo = null;
- if ((fis = openProfile(fileName)) == null) {
+ PrivilegedAction<FileInputStream> pa = new PrivilegedAction<FileInputStream>() {
+ public FileInputStream run() {
+ File f = getStandardProfileFile(fileName);
+ if (f != null) {
+ try {
+ return new FileInputStream(f);
+ } catch (FileNotFoundException e) {}
+ }
+ return null;
+ }
+ };
+ if ((fis = AccessController.doPrivileged(pa)) == null) {
throw new ProfileDataException("Cannot open file " + fileName);
}
try {
@@ -1786,59 +1799,36 @@
* available, such as a profile for sRGB. Built-in profiles use .pf as
* the file name extension for profiles, e.g. sRGB.pf.
*/
- private static FileInputStream openProfile(final String fileName) {
- return (FileInputStream)java.security.AccessController.doPrivileged(
- new java.security.PrivilegedAction() {
- public Object run() {
- File f = privilegedGetProfileFile(fileName);
- if (f != null) {
- try {
- return new FileInputStream(f);
- } catch (FileNotFoundException e) {
- }
- }
- return null;
- }
- });
- }
-
- private static File getProfileFile(final String fileName) {
- return (File)java.security.AccessController.doPrivileged(
- new java.security.PrivilegedAction() {
- public Object run() {
- return privilegedGetProfileFile(fileName);
- }
- });
- }
-
- /*
- * this version is called from doPrivileged in openProfile
- * or getProfileFile, so the whole method is privileged!
- */
-
- private static File privilegedGetProfileFile(String fileName) {
+ private static File getProfileFile(String fileName) {
String path, dir, fullPath;
File f = new File(fileName); /* try absolute file name */
-
+ if (f.isAbsolute()) {
+ /* Rest of code has little sense for an absolute pathname,
+ so return here. */
+ return f.isFile() ? f : null;
+ }
if ((!f.isFile()) &&
((path = System.getProperty("java.iccprofile.path")) != null)){
/* try relative to java.iccprofile.path */
StringTokenizer st =
new StringTokenizer(path, File.pathSeparator);
- while (st.hasMoreTokens() && (!f.isFile())) {
+ while (st.hasMoreTokens() && ((f == null) || (!f.isFile()))) {
dir = st.nextToken();
fullPath = dir + File.separatorChar + fileName;
f = new File(fullPath);
+ if (!isChildOf(f, dir)) {
+ f = null;
+ }
}
}
- if ((!f.isFile()) &&
+ if (((f == null) || (!f.isFile())) &&
((path = System.getProperty("java.class.path")) != null)) {
/* try relative to java.class.path */
StringTokenizer st =
new StringTokenizer(path, File.pathSeparator);
- while (st.hasMoreTokens() && (!f.isFile())) {
+ while (st.hasMoreTokens() && ((f == null) || (!f.isFile()))) {
dir = st.nextToken();
fullPath = dir + File.separatorChar + fileName;
f = new File(fullPath);
@@ -1858,13 +1848,69 @@
}
}
}
-
- if (f.isFile()) {
+ if ((f == null) || (!f.isFile())) {
+ /* try the directory of built-in profiles */
+ f = getStandardProfileFile(fileName);
+ }
+ if (f != null && f.isFile()) {
return f;
}
return null;
}
+ /**
+ * Returns a file object corresponding to a built-in profile
+ * specified by fileName.
+ * If there is no built-in profile with such name, then the method
+ * returns null.
+ */
+ private static File getStandardProfileFile(String fileName) {
+ String dir = System.getProperty("java.home") +
+ File.separatorChar + "lib" + File.separatorChar + "cmm";
+ String fullPath = dir + File.separatorChar + fileName;
+ File f = new File(fullPath);
+ if (!f.isFile()) {
+ //make sure file was installed in the kernel mode
+ try {
+ //kernel uses platform independent paths =>
+ // should not use platform separator char
+ sun.jkernel.DownloadManager.downloadFile("lib/cmm/"+fileName);
+ } catch (IOException ioe) {}
+ }
+ return (f.isFile() && isChildOf(f, dir)) ? f : null;
+ }
+
+ /**
+ * Checks whether given file resides inside give directory.
+ */
+ private static boolean isChildOf(File f, String dirName) {
+ try {
+ File dir = new File(dirName);
+ String canonicalDirName = dir.getCanonicalPath();
+ if (!canonicalDirName.endsWith(File.separator)) {
+ canonicalDirName += File.separator;
+ }
+ String canonicalFileName = f.getCanonicalPath();
+ return canonicalFileName.startsWith(canonicalDirName);
+ } catch (IOException e) {
+ /* we do not expect the IOException here, because invocation
+ * of this function is always preceeded by isFile() call.
+ */
+ return false;
+ }
+ }
+
+ /**
+ * Checks whether built-in profile specified by fileName exists.
+ */
+ private static boolean standardProfileExists(final String fileName) {
+ return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ return getStandardProfileFile(fileName) != null;
+ }
+ });
+ }
+
/*
* Serialization support.
diff --git a/src/share/classes/java/lang/ClassLoader.java b/src/share/classes/java/lang/ClassLoader.java
index bd59d95..323240b 100644
--- a/src/share/classes/java/lang/ClassLoader.java
+++ b/src/share/classes/java/lang/ClassLoader.java
@@ -186,11 +186,6 @@
parallelLoaders.add(ClassLoader.class);
}
- // If initialization succeed this is set to true and security checks will
- // succeed. Otherwise the object is not initialized and the object is
- // useless.
- private final boolean initialized;
-
// The parent class loader for delegation
// Note: VM hardcoded the offset of this field, thus all new fields
// must be added *after* it.
@@ -232,6 +227,31 @@
private final HashMap<String, Package> packages =
new HashMap<String, Package>();
+ private static Void checkCreateClassLoader() {
+ SecurityManager security = System.getSecurityManager();
+ if (security != null) {
+ security.checkCreateClassLoader();
+ }
+ return null;
+ }
+
+ private ClassLoader(Void unused, ClassLoader parent) {
+ this.parent = parent;
+ if (parallelLoaders.contains(this.getClass())) {
+ parallelLockMap = new ConcurrentHashMap<String, Object>();
+ package2certs = new ConcurrentHashMap<String, Certificate[]>();
+ domains =
+ Collections.synchronizedSet(new HashSet<ProtectionDomain>());
+ assertionLock = new Object();
+ } else {
+ // no finer-grained lock; lock on the classloader instance
+ parallelLockMap = null;
+ package2certs = new Hashtable<String, Certificate[]>();
+ domains = new HashSet<ProtectionDomain>();
+ assertionLock = this;
+ }
+ }
+
/**
* Creates a new class loader using the specified parent class loader for
* delegation.
@@ -252,25 +272,7 @@
* @since 1.2
*/
protected ClassLoader(ClassLoader parent) {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkCreateClassLoader();
- }
- this.parent = parent;
- if (parallelLoaders.contains(this.getClass())) {
- parallelLockMap = new ConcurrentHashMap<String, Object>();
- package2certs = new ConcurrentHashMap<String, Certificate[]>();
- domains =
- Collections.synchronizedSet(new HashSet<ProtectionDomain>());
- assertionLock = new Object();
- } else {
- // no finer-grained lock; lock on the classloader instance
- parallelLockMap = null;
- package2certs = new Hashtable<String, Certificate[]>();
- domains = new HashSet<ProtectionDomain>();
- assertionLock = this;
- }
- initialized = true;
+ this(checkCreateClassLoader(), parent);
}
/**
@@ -289,25 +291,7 @@
* of a new class loader.
*/
protected ClassLoader() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkCreateClassLoader();
- }
- this.parent = getSystemClassLoader();
- if (parallelLoaders.contains(this.getClass())) {
- parallelLockMap = new ConcurrentHashMap<String, Object>();
- package2certs = new ConcurrentHashMap<String, Certificate[]>();
- domains =
- Collections.synchronizedSet(new HashSet<ProtectionDomain>());
- assertionLock = new Object();
- } else {
- // no finer-grained lock; lock on the classloader instance
- parallelLockMap = null;
- package2certs = new Hashtable<String, Certificate[]>();
- domains = new HashSet<ProtectionDomain>();
- assertionLock = this;
- }
- initialized = true;
+ this(checkCreateClassLoader(), getSystemClassLoader());
}
// -- Class --
@@ -754,7 +738,6 @@
ProtectionDomain protectionDomain)
throws ClassFormatError
{
- check();
protectionDomain = preDefineClass(name, protectionDomain);
Class c = null;
@@ -838,8 +821,6 @@
ProtectionDomain protectionDomain)
throws ClassFormatError
{
- check();
-
int len = b.remaining();
// Use byte[] if not a direct ByteBufer:
@@ -984,7 +965,6 @@
* @see #defineClass(String, byte[], int, int)
*/
protected final void resolveClass(Class<?> c) {
- check();
resolveClass0(c);
}
@@ -1015,7 +995,6 @@
protected final Class<?> findSystemClass(String name)
throws ClassNotFoundException
{
- check();
ClassLoader system = getSystemClassLoader();
if (system == null) {
if (!checkName(name))
@@ -1035,7 +1014,6 @@
*/
private Class findBootstrapClassOrNull(String name)
{
- check();
if (!checkName(name)) return null;
return findBootstrapClass(name);
@@ -1044,13 +1022,6 @@
// return null if not found
private native Class findBootstrapClass(String name);
- // Check to make sure the class loader has been initialized.
- private void check() {
- if (!initialized) {
- throw new SecurityException("ClassLoader object not initialized");
- }
- }
-
/**
* Returns the class with the given <a href="#name">binary name</a> if this
* loader has been recorded by the Java virtual machine as an initiating
@@ -1066,7 +1037,6 @@
* @since 1.1
*/
protected final Class<?> findLoadedClass(String name) {
- check();
if (!checkName(name))
return null;
return findLoadedClass0(name);
@@ -1087,7 +1057,6 @@
* @since 1.1
*/
protected final void setSigners(Class<?> c, Object[] signers) {
- check();
c.setSigners(signers);
}
@@ -2205,3 +2174,4 @@
return sys;
}
}
+
diff --git a/src/share/classes/java/security/MessageDigest.java b/src/share/classes/java/security/MessageDigest.java
index 9ff8390..f08b6fd 100644
--- a/src/share/classes/java/security/MessageDigest.java
+++ b/src/share/classes/java/security/MessageDigest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1996-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1996-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -414,16 +414,17 @@
*
* @return true if the digests are equal, false otherwise.
*/
- public static boolean isEqual(byte digesta[], byte digestb[]) {
- if (digesta.length != digestb.length)
+ public static boolean isEqual(byte[] digesta, byte[] digestb) {
+ if (digesta.length != digestb.length) {
return false;
-
- for (int i = 0; i < digesta.length; i++) {
- if (digesta[i] != digestb[i]) {
- return false;
- }
}
- return true;
+
+ int result = 0;
+ // time-constant comparison
+ for (int i = 0; i < digesta.length; i++) {
+ result |= digesta[i] ^ digestb[i];
+ }
+ return result == 0;
}
/**
diff --git a/src/share/classes/javax/swing/ToolTipManager.java b/src/share/classes/javax/swing/ToolTipManager.java
index 6ee279b..6325834 100644
--- a/src/share/classes/javax/swing/ToolTipManager.java
+++ b/src/share/classes/javax/swing/ToolTipManager.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -27,10 +27,7 @@
package javax.swing;
import java.awt.event.*;
-import java.applet.*;
import java.awt.*;
-import java.io.Serializable;
-import sun.swing.UIAction;
/**
* Manages all the <code>ToolTips</code> in the system.
@@ -60,7 +57,7 @@
JComponent insideComponent;
MouseEvent mouseEvent;
boolean showImmediately;
- final static ToolTipManager sharedInstance = new ToolTipManager();
+ private static final Object TOOL_TIP_MANAGER_KEY = new Object();
transient Popup tipWindow;
/** The Window tip is being displayed in. This will be non-null if
* the Window tip is in differs from that of insideComponent's Window.
@@ -345,7 +342,13 @@
* @return a shared <code>ToolTipManager</code> object
*/
public static ToolTipManager sharedInstance() {
- return sharedInstance;
+ Object value = SwingUtilities.appContextGet(TOOL_TIP_MANAGER_KEY);
+ if (value instanceof ToolTipManager) {
+ return (ToolTipManager) value;
+ }
+ ToolTipManager manager = new ToolTipManager();
+ SwingUtilities.appContextPut(TOOL_TIP_MANAGER_KEY, manager);
+ return manager;
}
// add keylistener here to trigger tip for access
diff --git a/src/share/classes/javax/swing/UIManager.java b/src/share/classes/javax/swing/UIManager.java
index e4c7c7c..4dee6f3 100644
--- a/src/share/classes/javax/swing/UIManager.java
+++ b/src/share/classes/javax/swing/UIManager.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -197,6 +197,8 @@
Vector<LookAndFeel> auxLookAndFeels = null;
SwingPropertyChangeSupport changeSupport;
+ LookAndFeelInfo[] installedLAFs;
+
UIDefaults getLookAndFeelDefaults() { return tables[0]; }
void setLookAndFeelDefaults(UIDefaults x) { tables[0] = x; }
@@ -227,18 +229,6 @@
*/
private static final Object classLock = new Object();
-
- /* Cache the last referenced LAFState to improve performance
- * when accessing it. The cache is based on last thread rather
- * than last AppContext because of the cost of looking up the
- * AppContext each time. Since most Swing UI work is on the
- * EventDispatchThread, this hits often enough to justify the
- * overhead. (4193032)
- */
- private static Thread currentLAFStateThread = null;
- private static LAFState currentLAFState = null;
-
-
/**
* Return the <code>LAFState</code> object, lazily create one if necessary.
* All access to the <code>LAFState</code> fields is done via this method,
@@ -248,13 +238,6 @@
* </pre>
*/
private static LAFState getLAFState() {
- // First check whether we're running on the same thread as
- // the last request.
- Thread thisThread = Thread.currentThread();
- if (thisThread == currentLAFStateThread) {
- return currentLAFState;
- }
-
LAFState rv = (LAFState)SwingUtilities.appContextGet(
SwingUtilities2.LAF_STATE_KEY);
if (rv == null) {
@@ -268,10 +251,6 @@
}
}
}
-
- currentLAFStateThread = thisThread;
- currentLAFState = rv;
-
return rv;
}
@@ -431,7 +410,10 @@
*/
public static LookAndFeelInfo[] getInstalledLookAndFeels() {
maybeInitialize();
- LookAndFeelInfo[] ilafs = installedLAFs;
+ LookAndFeelInfo[] ilafs = getLAFState().installedLAFs;
+ if (ilafs == null) {
+ ilafs = installedLAFs;
+ }
LookAndFeelInfo[] rv = new LookAndFeelInfo[ilafs.length];
System.arraycopy(ilafs, 0, rv, 0, ilafs.length);
return rv;
@@ -453,9 +435,10 @@
public static void setInstalledLookAndFeels(LookAndFeelInfo[] infos)
throws SecurityException
{
+ maybeInitialize();
LookAndFeelInfo[] newInfos = new LookAndFeelInfo[infos.length];
System.arraycopy(infos, 0, newInfos, 0, infos.length);
- installedLAFs = newInfos;
+ getLAFState().installedLAFs = newInfos;
}
@@ -1307,10 +1290,11 @@
}
}
- installedLAFs = new LookAndFeelInfo[ilafs.size()];
+ LookAndFeelInfo[] installedLAFs = new LookAndFeelInfo[ilafs.size()];
for(int i = 0; i < ilafs.size(); i++) {
installedLAFs[i] = ilafs.elementAt(i);
}
+ getLAFState().installedLAFs = installedLAFs;
}
diff --git a/src/share/classes/javax/swing/plaf/basic/BasicButtonUI.java b/src/share/classes/javax/swing/plaf/basic/BasicButtonUI.java
index 5dc98f2..7daf35c 100644
--- a/src/share/classes/javax/swing/plaf/basic/BasicButtonUI.java
+++ b/src/share/classes/javax/swing/plaf/basic/BasicButtonUI.java
@@ -26,6 +26,8 @@
package javax.swing.plaf.basic;
import sun.swing.SwingUtilities2;
+import sun.awt.AppContext;
+
import java.awt.*;
import java.awt.event.*;
import java.io.Serializable;
@@ -44,9 +46,6 @@
* @author Jeff Dinkins
*/
public class BasicButtonUI extends ButtonUI{
- // Shared UI object
- private final static BasicButtonUI buttonUI = new BasicButtonUI();
-
// Visual constants
// NOTE: This is not used or set any where. Were we allowed to remove
// fields, this would be removed.
@@ -61,10 +60,19 @@
private final static String propertyPrefix = "Button" + ".";
+ private static final Object BASIC_BUTTON_UI_KEY = new Object();
+
// ********************************
// Create PLAF
// ********************************
public static ComponentUI createUI(JComponent c) {
+ AppContext appContext = AppContext.getAppContext();
+ BasicButtonUI buttonUI =
+ (BasicButtonUI) appContext.get(BASIC_BUTTON_UI_KEY);
+ if (buttonUI == null) {
+ buttonUI = new BasicButtonUI();
+ appContext.put(BASIC_BUTTON_UI_KEY, buttonUI);
+ }
return buttonUI;
}
diff --git a/src/share/classes/javax/swing/plaf/basic/BasicCheckBoxUI.java b/src/share/classes/javax/swing/plaf/basic/BasicCheckBoxUI.java
index 443d059..3d048d8 100644
--- a/src/share/classes/javax/swing/plaf/basic/BasicCheckBoxUI.java
+++ b/src/share/classes/javax/swing/plaf/basic/BasicCheckBoxUI.java
@@ -25,6 +25,8 @@
package javax.swing.plaf.basic;
+import sun.awt.AppContext;
+
import javax.swing.*;
import java.awt.*;
@@ -49,7 +51,7 @@
*/
public class BasicCheckBoxUI extends BasicRadioButtonUI {
- private final static BasicCheckBoxUI checkboxUI = new BasicCheckBoxUI();
+ private static final Object BASIC_CHECK_BOX_UI_KEY = new Object();
private final static String propertyPrefix = "CheckBox" + ".";
@@ -57,6 +59,13 @@
// Create PLAF
// ********************************
public static ComponentUI createUI(JComponent b) {
+ AppContext appContext = AppContext.getAppContext();
+ BasicCheckBoxUI checkboxUI =
+ (BasicCheckBoxUI) appContext.get(BASIC_CHECK_BOX_UI_KEY);
+ if (checkboxUI == null) {
+ checkboxUI = new BasicCheckBoxUI();
+ appContext.put(BASIC_CHECK_BOX_UI_KEY, checkboxUI);
+ }
return checkboxUI;
}
diff --git a/src/share/classes/javax/swing/plaf/basic/BasicLabelUI.java b/src/share/classes/javax/swing/plaf/basic/BasicLabelUI.java
index 9ca6dcd..2e663fb 100644
--- a/src/share/classes/javax/swing/plaf/basic/BasicLabelUI.java
+++ b/src/share/classes/javax/swing/plaf/basic/BasicLabelUI.java
@@ -28,6 +28,8 @@
import sun.swing.SwingUtilities2;
import sun.swing.DefaultLookup;
import sun.swing.UIAction;
+import sun.awt.AppContext;
+
import javax.swing.*;
import javax.swing.plaf.*;
import javax.swing.text.View;
@@ -63,7 +65,7 @@
* name in defaults table under the key "LabelUI".
*/
protected static BasicLabelUI labelUI = new BasicLabelUI();
- private final static BasicLabelUI SAFE_BASIC_LABEL_UI = new BasicLabelUI();
+ private static final Object BASIC_LABEL_UI_KEY = new Object();
private Rectangle paintIconR = new Rectangle();
private Rectangle paintTextR = new Rectangle();
@@ -394,10 +396,16 @@
public static ComponentUI createUI(JComponent c) {
if (System.getSecurityManager() != null) {
- return SAFE_BASIC_LABEL_UI;
- } else {
- return labelUI;
+ AppContext appContext = AppContext.getAppContext();
+ BasicLabelUI safeBasicLabelUI =
+ (BasicLabelUI) appContext.get(BASIC_LABEL_UI_KEY);
+ if (safeBasicLabelUI == null) {
+ safeBasicLabelUI = new BasicLabelUI();
+ appContext.put(BASIC_LABEL_UI_KEY, safeBasicLabelUI);
+ }
+ return safeBasicLabelUI;
}
+ return labelUI;
}
public void propertyChange(PropertyChangeEvent e) {
diff --git a/src/share/classes/javax/swing/plaf/basic/BasicRadioButtonUI.java b/src/share/classes/javax/swing/plaf/basic/BasicRadioButtonUI.java
index be9d132..1dc7816 100644
--- a/src/share/classes/javax/swing/plaf/basic/BasicRadioButtonUI.java
+++ b/src/share/classes/javax/swing/plaf/basic/BasicRadioButtonUI.java
@@ -32,6 +32,7 @@
import javax.swing.plaf.*;
import javax.swing.text.View;
import sun.swing.SwingUtilities2;
+import sun.awt.AppContext;
/**
@@ -41,7 +42,7 @@
*/
public class BasicRadioButtonUI extends BasicToggleButtonUI
{
- private final static BasicRadioButtonUI radioButtonUI = new BasicRadioButtonUI();
+ private static final Object BASIC_RADIO_BUTTON_UI_KEY = new Object();
protected Icon icon;
@@ -53,6 +54,13 @@
// Create PLAF
// ********************************
public static ComponentUI createUI(JComponent b) {
+ AppContext appContext = AppContext.getAppContext();
+ BasicRadioButtonUI radioButtonUI =
+ (BasicRadioButtonUI) appContext.get(BASIC_RADIO_BUTTON_UI_KEY);
+ if (radioButtonUI == null) {
+ radioButtonUI = new BasicRadioButtonUI();
+ appContext.put(BASIC_RADIO_BUTTON_UI_KEY, radioButtonUI);
+ }
return radioButtonUI;
}
diff --git a/src/share/classes/javax/swing/plaf/basic/BasicSplitPaneUI.java b/src/share/classes/javax/swing/plaf/basic/BasicSplitPaneUI.java
index b35a75e..0be4694 100644
--- a/src/share/classes/javax/swing/plaf/basic/BasicSplitPaneUI.java
+++ b/src/share/classes/javax/swing/plaf/basic/BasicSplitPaneUI.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -31,14 +31,12 @@
import sun.swing.UIAction;
import javax.swing.*;
import javax.swing.border.Border;
-import javax.swing.event.*;
import java.awt.*;
import java.awt.event.*;
import java.awt.peer.ComponentPeer;
import java.awt.peer.LightweightPeer;
import java.beans.*;
import java.util.*;
-import javax.swing.plaf.ActionMapUIResource;
import javax.swing.plaf.SplitPaneUI;
import javax.swing.plaf.ComponentUI;
import javax.swing.plaf.UIResource;
@@ -106,13 +104,13 @@
* Keys to use for forward focus traversal when the JComponent is
* managing focus.
*/
- private static Set<KeyStroke> managingFocusForwardTraversalKeys;
+ private Set<KeyStroke> managingFocusForwardTraversalKeys;
/**
* Keys to use for backward focus traversal when the JComponent is
* managing focus.
*/
- private static Set<KeyStroke> managingFocusBackwardTraversalKeys;
+ private Set<KeyStroke> managingFocusBackwardTraversalKeys;
/**
@@ -675,7 +673,7 @@
* @return increment via keyboard methods.
*/
int getKeyboardMoveIncrement() {
- return KEYBOARD_DIVIDER_MOVE_OFFSET;
+ return 3;
}
/**
diff --git a/src/share/classes/javax/swing/plaf/basic/BasicToggleButtonUI.java b/src/share/classes/javax/swing/plaf/basic/BasicToggleButtonUI.java
index e519d32..07c2e47 100644
--- a/src/share/classes/javax/swing/plaf/basic/BasicToggleButtonUI.java
+++ b/src/share/classes/javax/swing/plaf/basic/BasicToggleButtonUI.java
@@ -25,6 +25,8 @@
package javax.swing.plaf.basic;
+import sun.awt.AppContext;
+
import java.awt.*;
import java.awt.event.*;
@@ -43,7 +45,7 @@
*/
public class BasicToggleButtonUI extends BasicButtonUI {
- private final static BasicToggleButtonUI toggleButtonUI = new BasicToggleButtonUI();
+ private static final Object BASIC_TOGGLE_BUTTON_UI_KEY = new Object();
private final static String propertyPrefix = "ToggleButton" + ".";
@@ -51,6 +53,13 @@
// Create PLAF
// ********************************
public static ComponentUI createUI(JComponent b) {
+ AppContext appContext = AppContext.getAppContext();
+ BasicToggleButtonUI toggleButtonUI =
+ (BasicToggleButtonUI) appContext.get(BASIC_TOGGLE_BUTTON_UI_KEY);
+ if (toggleButtonUI == null) {
+ toggleButtonUI = new BasicToggleButtonUI();
+ appContext.put(BASIC_TOGGLE_BUTTON_UI_KEY, toggleButtonUI);
+ }
return toggleButtonUI;
}
diff --git a/src/share/classes/javax/swing/plaf/metal/MetalBumps.java b/src/share/classes/javax/swing/plaf/metal/MetalBumps.java
index 655393b..ae3ad67 100644
--- a/src/share/classes/javax/swing/plaf/metal/MetalBumps.java
+++ b/src/share/classes/javax/swing/plaf/metal/MetalBumps.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -28,8 +28,9 @@
import java.awt.*;
import java.awt.image.*;
import javax.swing.*;
-import java.io.*;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.List;
+import sun.awt.AppContext;
/**
* Implements the bumps used throughout the Metal Look and Feel.
@@ -49,19 +50,9 @@
protected Color shadowColor;
protected Color backColor;
- protected static Vector<BumpBuffer> buffers = new Vector<BumpBuffer>();
+ private static final Object METAL_BUMPS = new Object();
protected BumpBuffer buffer;
- public MetalBumps( Dimension bumpArea ) {
- this( bumpArea.width, bumpArea.height );
- }
-
- public MetalBumps( int width, int height ) {
- this(width, height, MetalLookAndFeel.getPrimaryControlHighlight(),
- MetalLookAndFeel.getPrimaryControlDarkShadow(),
- MetalLookAndFeel.getPrimaryControlShadow());
- }
-
/**
* Creates MetalBumps of the specified size with the specified colors.
* If <code>newBackColor</code> is null, the background will be
@@ -73,26 +64,22 @@
setBumpColors( newTopColor, newShadowColor, newBackColor );
}
- private BumpBuffer getBuffer(GraphicsConfiguration gc, Color aTopColor,
- Color aShadowColor, Color aBackColor) {
- if (buffer != null && buffer.hasSameConfiguration(
- gc, aTopColor, aShadowColor, aBackColor)) {
- return buffer;
+ private static BumpBuffer createBuffer(GraphicsConfiguration gc,
+ Color topColor, Color shadowColor, Color backColor) {
+ AppContext context = AppContext.getAppContext();
+ List<BumpBuffer> buffers = (List<BumpBuffer>) context.get(METAL_BUMPS);
+ if (buffers == null) {
+ buffers = new ArrayList<BumpBuffer>();
+ context.put(METAL_BUMPS, buffers);
}
- BumpBuffer result = null;
-
- for (BumpBuffer aBuffer : buffers) {
- if ( aBuffer.hasSameConfiguration(gc, aTopColor, aShadowColor,
- aBackColor)) {
- result = aBuffer;
- break;
+ for (BumpBuffer buffer : buffers) {
+ if (buffer.hasSameConfiguration(gc, topColor, shadowColor, backColor)) {
+ return buffer;
}
}
- if (result == null) {
- result = new BumpBuffer(gc, topColor, shadowColor, backColor);
- buffers.addElement(result);
- }
- return result;
+ BumpBuffer buffer = new BumpBuffer(gc, topColor, shadowColor, backColor);
+ buffers.add(buffer);
+ return buffer;
}
public void setBumpArea( Dimension bumpArea ) {
@@ -119,10 +106,12 @@
GraphicsConfiguration gc = (g instanceof Graphics2D) ?
((Graphics2D) g).getDeviceConfiguration() : null;
- buffer = getBuffer(gc, topColor, shadowColor, backColor);
+ if ((buffer == null) || !buffer.hasSameConfiguration(gc, topColor, shadowColor, backColor)) {
+ buffer = createBuffer(gc, topColor, shadowColor, backColor);
+ }
- int bufferWidth = buffer.getImageSize().width;
- int bufferHeight = buffer.getImageSize().height;
+ int bufferWidth = BumpBuffer.IMAGE_SIZE;
+ int bufferHeight = BumpBuffer.IMAGE_SIZE;
int iconWidth = getIconWidth();
int iconHeight = getIconHeight();
int x2 = x + iconWidth;
@@ -155,7 +144,6 @@
class BumpBuffer {
static final int IMAGE_SIZE = 64;
- static Dimension imageSize = new Dimension( IMAGE_SIZE, IMAGE_SIZE );
transient Image image;
Color topColor;
@@ -197,10 +185,6 @@
return image;
}
- public Dimension getImageSize() {
- return imageSize;
- }
-
/**
* Paints the bumps into the current image.
*/
diff --git a/src/share/classes/javax/swing/plaf/metal/MetalButtonUI.java b/src/share/classes/javax/swing/plaf/metal/MetalButtonUI.java
index 9917640..6593154 100644
--- a/src/share/classes/javax/swing/plaf/metal/MetalButtonUI.java
+++ b/src/share/classes/javax/swing/plaf/metal/MetalButtonUI.java
@@ -26,6 +26,8 @@
package javax.swing.plaf.metal;
import sun.swing.SwingUtilities2;
+import sun.awt.AppContext;
+
import javax.swing.*;
import javax.swing.border.*;
import javax.swing.plaf.basic.*;
@@ -49,19 +51,25 @@
* @author Tom Santos
*/
public class MetalButtonUI extends BasicButtonUI {
-
- private final static MetalButtonUI metalButtonUI = new MetalButtonUI();
-
// NOTE: These are not really needed, but at this point we can't pull
// them. Their values are updated purely for historical reasons.
protected Color focusColor;
protected Color selectColor;
protected Color disabledTextColor;
+ private static final Object METAL_BUTTON_UI_KEY = new Object();
+
// ********************************
// Create PLAF
// ********************************
public static ComponentUI createUI(JComponent c) {
+ AppContext appContext = AppContext.getAppContext();
+ MetalButtonUI metalButtonUI =
+ (MetalButtonUI) appContext.get(METAL_BUTTON_UI_KEY);
+ if (metalButtonUI == null) {
+ metalButtonUI = new MetalButtonUI();
+ appContext.put(METAL_BUTTON_UI_KEY, metalButtonUI);
+ }
return metalButtonUI;
}
diff --git a/src/share/classes/javax/swing/plaf/metal/MetalCheckBoxUI.java b/src/share/classes/javax/swing/plaf/metal/MetalCheckBoxUI.java
index a061ac0..650eda0 100644
--- a/src/share/classes/javax/swing/plaf/metal/MetalCheckBoxUI.java
+++ b/src/share/classes/javax/swing/plaf/metal/MetalCheckBoxUI.java
@@ -25,6 +25,8 @@
package javax.swing.plaf.metal;
+import sun.awt.AppContext;
+
import javax.swing.*;
import javax.swing.plaf.basic.BasicCheckBoxUI;
@@ -55,7 +57,7 @@
// of BasicCheckBoxUI because we want to pick up all the
// painting changes made in MetalRadioButtonUI.
- private final static MetalCheckBoxUI checkboxUI = new MetalCheckBoxUI();
+ private static final Object METAL_CHECK_BOX_UI_KEY = new Object();
private final static String propertyPrefix = "CheckBox" + ".";
@@ -65,6 +67,13 @@
// Create PlAF
// ********************************
public static ComponentUI createUI(JComponent b) {
+ AppContext appContext = AppContext.getAppContext();
+ MetalCheckBoxUI checkboxUI =
+ (MetalCheckBoxUI) appContext.get(METAL_CHECK_BOX_UI_KEY);
+ if (checkboxUI == null) {
+ checkboxUI = new MetalCheckBoxUI();
+ appContext.put(METAL_CHECK_BOX_UI_KEY, checkboxUI);
+ }
return checkboxUI;
}
diff --git a/src/share/classes/javax/swing/plaf/metal/MetalInternalFrameUI.java b/src/share/classes/javax/swing/plaf/metal/MetalInternalFrameUI.java
index d960ca1..adac940 100644
--- a/src/share/classes/javax/swing/plaf/metal/MetalInternalFrameUI.java
+++ b/src/share/classes/javax/swing/plaf/metal/MetalInternalFrameUI.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -31,10 +31,8 @@
import javax.swing.event.*;
import javax.swing.border.*;
import javax.swing.plaf.basic.*;
-import java.util.EventListener;
import java.beans.PropertyChangeListener;
import java.beans.PropertyChangeEvent;
-import java.beans.PropertyVetoException;
import javax.swing.plaf.*;
/**
@@ -51,7 +49,7 @@
private static final Border handyEmptyBorder = new EmptyBorder(0,0,0,0);
protected static String IS_PALETTE = "JInternalFrame.isPalette";
-
+ private static String IS_PALETTE_KEY = "JInternalFrame.isPalette";
private static String FRAME_TYPE = "JInternalFrame.frameType";
private static String NORMAL_FRAME = "normal";
private static String PALETTE_FRAME = "palette";
@@ -68,7 +66,7 @@
public void installUI(JComponent c) {
super.installUI(c);
- Object paletteProp = c.getClientProperty( IS_PALETTE );
+ Object paletteProp = c.getClientProperty(IS_PALETTE_KEY);
if ( paletteProp != null ) {
setPalette( ((Boolean)paletteProp).booleanValue() );
}
@@ -187,7 +185,7 @@
ui.setFrameType( (String) e.getNewValue() );
}
}
- else if ( name.equals( IS_PALETTE ) )
+ else if ( name.equals(IS_PALETTE_KEY) )
{
if ( e.getNewValue() != null )
{
diff --git a/src/share/classes/javax/swing/plaf/metal/MetalLabelUI.java b/src/share/classes/javax/swing/plaf/metal/MetalLabelUI.java
index f19fc99..d4a341b 100644
--- a/src/share/classes/javax/swing/plaf/metal/MetalLabelUI.java
+++ b/src/share/classes/javax/swing/plaf/metal/MetalLabelUI.java
@@ -26,6 +26,8 @@
package javax.swing.plaf.metal;
import sun.swing.SwingUtilities2;
+import sun.awt.AppContext;
+
import javax.swing.*;
import javax.swing.plaf.*;
import javax.swing.plaf.basic.*;
@@ -51,15 +53,21 @@
* name in defaults table under the key "LabelUI".
*/
protected static MetalLabelUI metalLabelUI = new MetalLabelUI();
- private final static MetalLabelUI SAFE_METAL_LABEL_UI = new MetalLabelUI();
+ private static final Object METAL_LABEL_UI_KEY = new Object();
public static ComponentUI createUI(JComponent c) {
if (System.getSecurityManager() != null) {
- return SAFE_METAL_LABEL_UI;
- } else {
- return metalLabelUI;
+ AppContext appContext = AppContext.getAppContext();
+ MetalLabelUI safeMetalLabelUI =
+ (MetalLabelUI) appContext.get(METAL_LABEL_UI_KEY);
+ if (safeMetalLabelUI == null) {
+ safeMetalLabelUI = new MetalLabelUI();
+ appContext.put(METAL_LABEL_UI_KEY, safeMetalLabelUI);
+ }
+ return safeMetalLabelUI;
}
+ return metalLabelUI;
}
/**
diff --git a/src/share/classes/javax/swing/plaf/metal/MetalRadioButtonUI.java b/src/share/classes/javax/swing/plaf/metal/MetalRadioButtonUI.java
index 088daed..42a3703 100644
--- a/src/share/classes/javax/swing/plaf/metal/MetalRadioButtonUI.java
+++ b/src/share/classes/javax/swing/plaf/metal/MetalRadioButtonUI.java
@@ -26,6 +26,8 @@
package javax.swing.plaf.metal;
import sun.swing.SwingUtilities2;
+import sun.awt.AppContext;
+
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
@@ -53,7 +55,7 @@
*/
public class MetalRadioButtonUI extends BasicRadioButtonUI {
- private static final MetalRadioButtonUI metalRadioButtonUI = new MetalRadioButtonUI();
+ private static final Object METAL_RADIO_BUTTON_UI_KEY = new Object();
protected Color focusColor;
protected Color selectColor;
@@ -65,6 +67,13 @@
// Create PlAF
// ********************************
public static ComponentUI createUI(JComponent c) {
+ AppContext appContext = AppContext.getAppContext();
+ MetalRadioButtonUI metalRadioButtonUI =
+ (MetalRadioButtonUI) appContext.get(METAL_RADIO_BUTTON_UI_KEY);
+ if (metalRadioButtonUI == null) {
+ metalRadioButtonUI = new MetalRadioButtonUI();
+ appContext.put(METAL_RADIO_BUTTON_UI_KEY, metalRadioButtonUI);
+ }
return metalRadioButtonUI;
}
diff --git a/src/share/classes/javax/swing/plaf/metal/MetalSliderUI.java b/src/share/classes/javax/swing/plaf/metal/MetalSliderUI.java
index 28d2270..da3d424 100644
--- a/src/share/classes/javax/swing/plaf/metal/MetalSliderUI.java
+++ b/src/share/classes/javax/swing/plaf/metal/MetalSliderUI.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -54,12 +54,13 @@
protected final int TICK_BUFFER = 4;
protected boolean filledSlider = false;
- // NOTE: these next three variables are currently unused.
+ // NOTE: these next five variables are currently unused.
protected static Color thumbColor;
protected static Color highlightColor;
protected static Color darkShadowColor;
protected static int trackWidth;
protected static int tickLength;
+ private int safeLength;
/**
* A default horizontal thumb <code>Icon</code>. This field might not be
@@ -107,7 +108,7 @@
public void installUI( JComponent c ) {
trackWidth = ((Integer)UIManager.get( "Slider.trackWidth" )).intValue();
- tickLength = ((Integer)UIManager.get( "Slider.majorTickLength" )).intValue();
+ tickLength = safeLength = ((Integer)UIManager.get( "Slider.majorTickLength" )).intValue();
horizThumbIcon = SAFE_HORIZ_THUMB_ICON =
UIManager.getIcon( "Slider.horizontalThumbIcon" );
vertThumbIcon = SAFE_VERT_THUMB_ICON =
@@ -477,8 +478,8 @@
* determine the tick area rectangle.
*/
public int getTickLength() {
- return slider.getOrientation() == JSlider.HORIZONTAL ? tickLength + TICK_BUFFER + 1 :
- tickLength + TICK_BUFFER + 3;
+ return slider.getOrientation() == JSlider.HORIZONTAL ? safeLength + TICK_BUFFER + 1 :
+ safeLength + TICK_BUFFER + 3;
}
/**
@@ -523,22 +524,22 @@
protected void paintMinorTickForHorizSlider( Graphics g, Rectangle tickBounds, int x ) {
g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
- g.drawLine( x, TICK_BUFFER, x, TICK_BUFFER + (tickLength / 2) );
+ g.drawLine( x, TICK_BUFFER, x, TICK_BUFFER + (safeLength / 2) );
}
protected void paintMajorTickForHorizSlider( Graphics g, Rectangle tickBounds, int x ) {
g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
- g.drawLine( x, TICK_BUFFER , x, TICK_BUFFER + (tickLength - 1) );
+ g.drawLine( x, TICK_BUFFER , x, TICK_BUFFER + (safeLength - 1) );
}
protected void paintMinorTickForVertSlider( Graphics g, Rectangle tickBounds, int y ) {
g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
if (MetalUtils.isLeftToRight(slider)) {
- g.drawLine( TICK_BUFFER, y, TICK_BUFFER + (tickLength / 2), y );
+ g.drawLine( TICK_BUFFER, y, TICK_BUFFER + (safeLength / 2), y );
}
else {
- g.drawLine( 0, y, tickLength/2, y );
+ g.drawLine( 0, y, safeLength/2, y );
}
}
@@ -546,10 +547,10 @@
g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
if (MetalUtils.isLeftToRight(slider)) {
- g.drawLine( TICK_BUFFER, y, TICK_BUFFER + tickLength, y );
+ g.drawLine( TICK_BUFFER, y, TICK_BUFFER + safeLength, y );
}
else {
- g.drawLine( 0, y, tickLength, y );
+ g.drawLine( 0, y, safeLength, y );
}
}
}
diff --git a/src/share/classes/javax/swing/plaf/metal/MetalToggleButtonUI.java b/src/share/classes/javax/swing/plaf/metal/MetalToggleButtonUI.java
index c6a8ce8..03b2454 100644
--- a/src/share/classes/javax/swing/plaf/metal/MetalToggleButtonUI.java
+++ b/src/share/classes/javax/swing/plaf/metal/MetalToggleButtonUI.java
@@ -26,6 +26,8 @@
package javax.swing.plaf.metal;
import sun.swing.SwingUtilities2;
+import sun.awt.AppContext;
+
import java.awt.*;
import java.awt.event.*;
import java.lang.ref.*;
@@ -55,7 +57,7 @@
*/
public class MetalToggleButtonUI extends BasicToggleButtonUI {
- private static final MetalToggleButtonUI metalToggleButtonUI = new MetalToggleButtonUI();
+ private static final Object METAL_TOGGLE_BUTTON_UI_KEY = new Object();
protected Color focusColor;
protected Color selectColor;
@@ -67,6 +69,13 @@
// Create PLAF
// ********************************
public static ComponentUI createUI(JComponent b) {
+ AppContext appContext = AppContext.getAppContext();
+ MetalToggleButtonUI metalToggleButtonUI =
+ (MetalToggleButtonUI) appContext.get(METAL_TOGGLE_BUTTON_UI_KEY);
+ if (metalToggleButtonUI == null) {
+ metalToggleButtonUI = new MetalToggleButtonUI();
+ appContext.put(METAL_TOGGLE_BUTTON_UI_KEY, metalToggleButtonUI);
+ }
return metalToggleButtonUI;
}
diff --git a/src/share/classes/sun/applet/AppletClassLoader.java b/src/share/classes/sun/applet/AppletClassLoader.java
index 3489256..0eeba15 100644
--- a/src/share/classes/sun/applet/AppletClassLoader.java
+++ b/src/share/classes/sun/applet/AppletClassLoader.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2005 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1995-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -51,6 +51,7 @@
import java.security.PermissionCollection;
import sun.awt.AppContext;
import sun.awt.SunToolkit;
+import sun.misc.IOUtils;
import sun.net.www.ParseUtil;
import sun.security.util.SecurityConstants;
@@ -331,36 +332,7 @@
byte[] b;
try {
- if (len != -1) {
- // Read exactly len bytes from the input stream
- b = new byte[len];
- while (len > 0) {
- int n = in.read(b, b.length - len, len);
- if (n == -1) {
- throw new IOException("unexpected EOF");
- }
- len -= n;
- }
- } else {
- // Read until end of stream is reached - use 8K buffer
- // to speed up performance [stanleyh]
- b = new byte[8192];
- int total = 0;
- while ((len = in.read(b, total, b.length - total)) != -1) {
- total += len;
- if (total >= b.length) {
- byte[] tmp = new byte[total * 2];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
- }
- }
- // Trim array to correct size, if necessary
- if (total != b.length) {
- byte[] tmp = new byte[total];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
- }
- }
+ b = IOUtils.readFully(in, len, true);
} finally {
in.close();
}
diff --git a/src/share/classes/sun/awt/image/ImageRepresentation.java b/src/share/classes/sun/awt/image/ImageRepresentation.java
index ca9260b..1f034ea 100644
--- a/src/share/classes/sun/awt/image/ImageRepresentation.java
+++ b/src/share/classes/sun/awt/image/ImageRepresentation.java
@@ -336,10 +336,6 @@
public native void setICMpixels(int x, int y, int w, int h, int[] lut,
byte[] pix, int off, int scansize,
IntegerComponentRaster ict);
-
- public native void setBytePixels(int x, int y, int w, int h, byte[] pix,
- int off, int scansize,
- ByteComponentRaster bct, int chanOff);
public native int setDiffICM(int x, int y, int w, int h, int[] lut,
int transPix, int numLut, IndexColorModel icm,
byte[] pix, int off, int scansize,
@@ -450,27 +446,17 @@
(biRaster instanceof ByteComponentRaster) &&
(biRaster.getNumDataElements() == 1)){
ByteComponentRaster bt = (ByteComponentRaster) biRaster;
- if (w*h > 200) {
- if (off == 0 && scansize == w) {
- bt.putByteData(x, y, w, h, pix);
- }
- else {
- byte[] bpix = new byte[w];
- poff = off;
- for (int yoff=y; yoff < y+h; yoff++) {
- System.arraycopy(pix, poff, bpix, 0, w);
- bt.putByteData(x, yoff, w, 1, bpix);
- poff += scansize;
- }
- }
+ if (off == 0 && scansize == w) {
+ bt.putByteData(x, y, w, h, pix);
}
else {
- // Only is faster if #pixels
- // Note that setBytePixels modifies the raster directly
- // so we must mark it as changed afterwards
- setBytePixels(x, y, w, h, pix, off, scansize, bt,
- bt.getDataOffset(0));
- bt.markDirty();
+ byte[] bpix = new byte[w];
+ poff = off;
+ for (int yoff=y; yoff < y+h; yoff++) {
+ System.arraycopy(pix, poff, bpix, 0, w);
+ bt.putByteData(x, yoff, w, 1, bpix);
+ poff += scansize;
+ }
}
}
else {
diff --git a/src/share/classes/sun/dyn/anon/AnonymousClassLoader.java b/src/share/classes/sun/dyn/anon/AnonymousClassLoader.java
index a182161..5515d93 100644
--- a/src/share/classes/sun/dyn/anon/AnonymousClassLoader.java
+++ b/src/share/classes/sun/dyn/anon/AnonymousClassLoader.java
@@ -26,9 +26,9 @@
package sun.dyn.anon;
import java.io.IOException;
-import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
+import sun.misc.IOUtils;
/**
* Anonymous class loader. Will load any valid classfile, producing
@@ -285,13 +285,6 @@
if (contentLength < 0)
throw new IOException("invalid content length "+contentLength);
- byte[] classFile = new byte[contentLength];
- InputStream tcs = connection.getInputStream();
- for (int fill = 0, nr; fill < classFile.length; fill += nr) {
- nr = tcs.read(classFile, fill, classFile.length - fill);
- if (nr < 0)
- throw new IOException("premature end of file");
- }
- return classFile;
+ return IOUtils.readFully(connection.getInputStream(), contentLength, true);
}
}
diff --git a/src/share/classes/sun/misc/IOUtils.java b/src/share/classes/sun/misc/IOUtils.java
new file mode 100644
index 0000000..c6f4fb2
--- /dev/null
+++ b/src/share/classes/sun/misc/IOUtils.java
@@ -0,0 +1,80 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Sun designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Sun in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * IOUtils: A collection of IO-related public static methods.
+ */
+
+package sun.misc;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Arrays;
+
+public class IOUtils {
+
+ /**
+ * Read up to <code>length</code> of bytes from <code>in</code>
+ * until EOF is detected.
+ * @param in input stream, must not be null
+ * @param length number of bytes to read, -1 or Integer.MAX_VALUE means
+ * read as much as possible
+ * @param readAll if true, an EOFException will be thrown if not enough
+ * bytes are read. Ignored when length is -1 or Integer.MAX_VALUE
+ * @return bytes read
+ * @throws IOException Any IO error or a premature EOF is detected
+ */
+ public static byte[] readFully(InputStream is, int length, boolean readAll)
+ throws IOException {
+ byte[] output = {};
+ if (length == -1) length = Integer.MAX_VALUE;
+ int pos = 0;
+ while (pos < length) {
+ int bytesToRead;
+ if (pos >= output.length) { // Only expand when there's no room
+ bytesToRead = Math.min(length - pos, output.length + 1024);
+ if (output.length < pos + bytesToRead) {
+ output = Arrays.copyOf(output, pos + bytesToRead);
+ }
+ } else {
+ bytesToRead = output.length - pos;
+ }
+ int cc = is.read(output, pos, bytesToRead);
+ if (cc < 0) {
+ if (readAll && length != Integer.MAX_VALUE) {
+ throw new EOFException("Detect premature EOF");
+ } else {
+ if (output.length != pos) {
+ output = Arrays.copyOf(output, pos);
+ }
+ break;
+ }
+ }
+ pos += cc;
+ }
+ return output;
+ }
+}
diff --git a/src/share/classes/sun/misc/Resource.java b/src/share/classes/sun/misc/Resource.java
index 0c3579b..43a82b0 100644
--- a/src/share/classes/sun/misc/Resource.java
+++ b/src/share/classes/sun/misc/Resource.java
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,14 +25,15 @@
package sun.misc;
+import java.io.EOFException;
import java.net.URL;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.io.InputStream;
import java.security.CodeSigner;
import java.util.jar.Manifest;
-import java.util.jar.Attributes;
import java.nio.ByteBuffer;
+import java.util.Arrays;
import sun.nio.ByteBuffered;
/**
@@ -105,49 +106,37 @@
}
try {
- if (len != -1) {
- // Read exactly len bytes from the input stream
- b = new byte[len];
- while (len > 0) {
- int n = 0;
- try {
- n = in.read(b, b.length - len, len);
- } catch (InterruptedIOException iioe) {
- Thread.interrupted();
- isInterrupted = true;
+ b = new byte[0];
+ if (len == -1) len = Integer.MAX_VALUE;
+ int pos = 0;
+ while (pos < len) {
+ int bytesToRead;
+ if (pos >= b.length) { // Only expand when there's no room
+ bytesToRead = Math.min(len - pos, b.length + 1024);
+ if (b.length < pos + bytesToRead) {
+ b = Arrays.copyOf(b, pos + bytesToRead);
}
- if (n == -1) {
- throw new IOException("unexpected EOF");
- }
- len -= n;
+ } else {
+ bytesToRead = b.length - pos;
}
- } else {
- // Read until end of stream is reached
- b = new byte[1024];
- int total = 0;
- for (;;) {
- len = 0;
- try {
- len = in.read(b, total, b.length - total);
- if (len == -1)
- break;
- } catch (InterruptedIOException iioe) {
- Thread.interrupted();
- isInterrupted = true;
- }
- total += len;
- if (total >= b.length) {
- byte[] tmp = new byte[total * 2];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
+ int cc = 0;
+ try {
+ cc = in.read(b, pos, bytesToRead);
+ } catch (InterruptedIOException iioe) {
+ Thread.interrupted();
+ isInterrupted = true;
+ }
+ if (cc < 0) {
+ if (len != Integer.MAX_VALUE) {
+ throw new EOFException("Detect premature EOF");
+ } else {
+ if (b.length != pos) {
+ b = Arrays.copyOf(b, pos);
+ }
+ break;
}
}
- // Trim array to correct size, if necessary
- if (total != b.length) {
- byte[] tmp = new byte[total];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
- }
+ pos += cc;
}
} finally {
try {
diff --git a/src/share/classes/sun/reflect/misc/MethodUtil.java b/src/share/classes/sun/reflect/misc/MethodUtil.java
index 09b14f5..39fa2d8 100644
--- a/src/share/classes/sun/reflect/misc/MethodUtil.java
+++ b/src/share/classes/sun/reflect/misc/MethodUtil.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -44,6 +44,7 @@
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
+import sun.misc.IOUtils;
import sun.net.www.ParseUtil;
import sun.security.util.SecurityConstants;
@@ -373,34 +374,7 @@
byte[] b;
try {
- if (len != -1) {
- // Read exactly len bytes from the input stream
- b = new byte[len];
- while (len > 0) {
- int n = in.read(b, b.length - len, len);
- if (n == -1) {
- throw new IOException("unexpected EOF");
- }
- len -= n;
- }
- } else {
- b = new byte[8192];
- int total = 0;
- while ((len = in.read(b, total, b.length - total)) != -1) {
- total += len;
- if (total >= b.length) {
- byte[] tmp = new byte[total * 2];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
- }
- }
- // Trim array to correct size, if necessary
- if (total != b.length) {
- byte[] tmp = new byte[total];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
- }
- }
+ b = IOUtils.readFully(in, len, true);
} finally {
in.close();
}
diff --git a/src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java b/src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java
new file mode 100644
index 0000000..0921351
--- /dev/null
+++ b/src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Sun designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Sun in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+package sun.security.provider.certpath;
+
+import java.util.Set;
+import java.util.Collection;
+import java.util.Locale;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.security.cert.X509CRL;
+import java.security.cert.CertPathValidatorException;
+import java.security.cert.PKIXCertPathChecker;
+
+import sun.security.x509.AlgorithmId;
+
+/**
+ * AlgorithmChecker is a <code>PKIXCertPathChecker</code> that checks that
+ * the signature algorithm of the specified certificate is not disabled.
+ *
+ * @author Xuelei Fan
+ */
+final public class AlgorithmChecker extends PKIXCertPathChecker {
+
+ // the disabled algorithms
+ private static final String[] disabledAlgorithms = new String[] {"md2"};
+
+ // singleton instance
+ static final AlgorithmChecker INSTANCE = new AlgorithmChecker();
+
+ /**
+ * Default Constructor
+ */
+ private AlgorithmChecker() {
+ // do nothing
+ }
+
+ /**
+ * Return a AlgorithmChecker instance.
+ */
+ static AlgorithmChecker getInstance() {
+ return INSTANCE;
+ }
+
+ /**
+ * Initializes the internal state of the checker from parameters
+ * specified in the constructor.
+ */
+ public void init(boolean forward) throws CertPathValidatorException {
+ // do nothing
+ }
+
+ public boolean isForwardCheckingSupported() {
+ return false;
+ }
+
+ public Set<String> getSupportedExtensions() {
+ return null;
+ }
+
+ /**
+ * Checks the signature algorithm of the specified certificate.
+ */
+ public void check(Certificate cert, Collection<String> unresolvedCritExts)
+ throws CertPathValidatorException {
+ check(cert);
+ }
+
+ public static void check(Certificate cert)
+ throws CertPathValidatorException {
+ X509Certificate xcert = (X509Certificate)cert;
+ check(xcert.getSigAlgName());
+ }
+
+ static void check(AlgorithmId aid) throws CertPathValidatorException {
+ check(aid.getName());
+ }
+
+ static void check(X509CRL crl) throws CertPathValidatorException {
+ check(crl.getSigAlgName());
+ }
+
+ private static void check(String algName)
+ throws CertPathValidatorException {
+
+ String lowerCaseAlgName = algName.toLowerCase(Locale.ENGLISH);
+
+ for (String disabled : disabledAlgorithms) {
+ // checking the signature algorithm name
+ if (lowerCaseAlgName.indexOf(disabled) != -1) {
+ throw new CertPathValidatorException(
+ "algorithm check failed: " + algName + " is disabled");
+ }
+ }
+ }
+
+}
diff --git a/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java b/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
index dea521a..f1005ac 100644
--- a/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
+++ b/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
@@ -289,6 +289,16 @@
X500Name certIssuer = (X500Name) certImpl.getIssuerDN();
X500Name crlIssuer = (X500Name) crlImpl.getIssuerDN();
+ // check the crl signature algorithm
+ try {
+ AlgorithmChecker.check(crl);
+ } catch (CertPathValidatorException cpve) {
+ if (debug != null) {
+ debug.println("CRL signature algorithm check failed: " + cpve);
+ }
+ return false;
+ }
+
// if crlIssuer is set, verify that it matches the issuer of the
// CRL and the CRL contains an IDP extension with the indirectCRL
// boolean asserted. Otherwise, verify that the CRL issuer matches the
diff --git a/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java b/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
index 41fe50d..59ce3a9 100644
--- a/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
+++ b/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
@@ -719,6 +719,11 @@
/* we don't perform any validation of the trusted cert */
if (!isTrustedCert) {
/*
+ * check that the signature algorithm is not disabled.
+ */
+ AlgorithmChecker.check(cert);
+
+ /*
* Check CRITICAL private extensions for user checkers that
* support forward checking (forwardCheckers) and remove
* ones we know how to check.
diff --git a/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java b/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
index 1458792..8dab2f3 100644
--- a/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
+++ b/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java
@@ -275,6 +275,7 @@
int certPathLen = certList.size();
basicChecker = new BasicChecker(anchor, testDate, sigProvider, false);
+ AlgorithmChecker algorithmChecker= AlgorithmChecker.getInstance();
KeyChecker keyChecker = new KeyChecker(certPathLen,
pkixParam.getTargetCertConstraints());
ConstraintsChecker constraintsChecker =
@@ -291,6 +292,7 @@
ArrayList<PKIXCertPathChecker> certPathCheckers =
new ArrayList<PKIXCertPathChecker>();
// add standard checkers that we will be using
+ certPathCheckers.add(algorithmChecker);
certPathCheckers.add(keyChecker);
certPathCheckers.add(constraintsChecker);
certPathCheckers.add(policyChecker);
diff --git a/src/share/classes/sun/security/provider/certpath/ReverseBuilder.java b/src/share/classes/sun/security/provider/certpath/ReverseBuilder.java
index 6f82602..c8762ef 100644
--- a/src/share/classes/sun/security/provider/certpath/ReverseBuilder.java
+++ b/src/share/classes/sun/security/provider/certpath/ReverseBuilder.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2000-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -347,6 +347,9 @@
return;
}
+ /* check that the signature algorithm is not disabled. */
+ AlgorithmChecker.check(cert);
+
/*
* check for looping - abort a loop if
* ((we encounter the same certificate twice) AND
diff --git a/src/share/classes/sun/security/timestamp/HttpTimestamper.java b/src/share/classes/sun/security/timestamp/HttpTimestamper.java
index bb73514..04c0b67 100644
--- a/src/share/classes/sun/security/timestamp/HttpTimestamper.java
+++ b/src/share/classes/sun/security/timestamp/HttpTimestamper.java
@@ -34,6 +34,7 @@
import java.util.Set;
import java.util.Arrays;
+import sun.misc.IOUtils;
import sun.security.pkcs.*;
/**
@@ -142,25 +143,7 @@
int total = 0;
int contentLength = connection.getContentLength();
- if (contentLength != -1) {
- replyBuffer = new byte[contentLength];
- } else {
- replyBuffer = new byte[2048];
- contentLength = Integer.MAX_VALUE;
- }
-
- while (total < contentLength) {
- int count = input.read(replyBuffer, total,
- replyBuffer.length - total);
- if (count < 0)
- break;
-
- total += count;
- if (total >= replyBuffer.length && total < contentLength) {
- replyBuffer = Arrays.copyOf(replyBuffer, total * 2);
- }
- }
- replyBuffer = Arrays.copyOf(replyBuffer, total);
+ replyBuffer = IOUtils.readFully(input, contentLength, false);
if (DEBUG) {
System.out.println("received timestamp response (length=" +
diff --git a/src/share/classes/sun/security/util/DerValue.java b/src/share/classes/sun/security/util/DerValue.java
index 114788b..c0f920d 100644
--- a/src/share/classes/sun/security/util/DerValue.java
+++ b/src/share/classes/sun/security/util/DerValue.java
@@ -28,6 +28,7 @@
import java.io.*;
import java.math.BigInteger;
import java.util.Date;
+import sun.misc.IOUtils;
/**
* Represents a single DER-encoded value. DER encoding rules are a subset
@@ -382,12 +383,8 @@
if (fullyBuffered && in.available() != length)
throw new IOException("extra data given to DerValue constructor");
- byte[] bytes = new byte[length];
+ byte[] bytes = IOUtils.readFully(in, length, true);
- // n.b. readFully not needed in normal fullyBuffered case
- DataInputStream dis = new DataInputStream(in);
-
- dis.readFully(bytes);
buffer = new DerInputBuffer(bytes);
return new DerInputStream(buffer);
}
diff --git a/src/share/classes/sun/security/validator/SimpleValidator.java b/src/share/classes/sun/security/validator/SimpleValidator.java
index d21466a..eff9045 100644
--- a/src/share/classes/sun/security/validator/SimpleValidator.java
+++ b/src/share/classes/sun/security/validator/SimpleValidator.java
@@ -40,6 +40,8 @@
import sun.security.util.DerOutputStream;
import sun.security.util.ObjectIdentifier;
+import sun.security.provider.certpath.AlgorithmChecker;
+
/**
* A simple validator implementation. It is based on code from the JSSE
* X509TrustManagerImpl. This implementation is designed for compatibility with
@@ -134,6 +136,13 @@
X509Certificate issuerCert = chain[i + 1];
X509Certificate cert = chain[i];
+ // check certificate algorithm
+ try {
+ AlgorithmChecker.check(cert);
+ } catch (CertPathValidatorException cpve) {
+ throw new ValidatorException
+ (ValidatorException.T_ALGORITHM_DISABLED, cert, cpve);
+ }
// no validity check for code signing certs
if ((variant.equals(VAR_CODE_SIGNING) == false)
diff --git a/src/share/classes/sun/security/validator/ValidatorException.java b/src/share/classes/sun/security/validator/ValidatorException.java
index 67f42cf..53b8667 100644
--- a/src/share/classes/sun/security/validator/ValidatorException.java
+++ b/src/share/classes/sun/security/validator/ValidatorException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2003 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2002-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -55,6 +55,9 @@
public final static Object T_NAME_CHAINING =
"Certificate chaining error";
+ public final static Object T_ALGORITHM_DISABLED =
+ "Certificate signature algorithm disabled";
+
private Object type;
private X509Certificate cert;
diff --git a/src/share/classes/sun/util/calendar/ZoneInfoFile.java b/src/share/classes/sun/util/calendar/ZoneInfoFile.java
index 6ada1af..52ec709 100644
--- a/src/share/classes/sun/util/calendar/ZoneInfoFile.java
+++ b/src/share/classes/sun/util/calendar/ZoneInfoFile.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2000-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -472,6 +472,18 @@
private static Map<String, ZoneInfo> zoneInfoObjects = null;
+ private static final String ziDir;
+ static {
+ String zi = (String) AccessController.doPrivileged(
+ new sun.security.action.GetPropertyAction("java.home"))
+ + File.separator + "lib" + File.separator + "zi";
+ try {
+ zi = new File(zi).getCanonicalPath();
+ } catch (Exception e) {
+ }
+ ziDir = zi;
+ }
+
/**
* Converts the given time zone ID to a platform dependent path
* name. For example, "America/Los_Angeles" is converted to
@@ -576,20 +588,7 @@
return null;
}
- int index;
- for (index = 0; index < JAVAZI_LABEL.length; index++) {
- if (buf[index] != JAVAZI_LABEL[index]) {
- System.err.println("ZoneInfo: wrong magic number: " + id);
- return null;
- }
- }
-
- if (buf[index++] > JAVAZI_VERSION) {
- System.err.println("ZoneInfo: incompatible version ("
- + buf[index - 1] + "): " + id);
- return null;
- }
-
+ int index = 0;
int filesize = buf.length;
int rawOffset = 0;
int dstSavings = 0;
@@ -600,6 +599,18 @@
int[] simpleTimeZoneParams = null;
try {
+ for (index = 0; index < JAVAZI_LABEL.length; index++) {
+ if (buf[index] != JAVAZI_LABEL[index]) {
+ System.err.println("ZoneInfo: wrong magic number: " + id);
+ return null;
+ }
+ }
+ if (buf[index++] > JAVAZI_VERSION) {
+ System.err.println("ZoneInfo: incompatible version ("
+ + buf[index - 1] + "): " + id);
+ return null;
+ }
+
while (index < filesize) {
byte tag = buf[index++];
int len = ((buf[index++] & 0xFF) << 8) + (buf[index++] & 0xFF);
@@ -1017,30 +1028,33 @@
* Reads the specified file under <java.home>/lib/zi into a buffer.
* @return the buffer, or null if any I/O error occurred.
*/
- private static byte[] readZoneInfoFile(String fileName) {
+ private static byte[] readZoneInfoFile(final String fileName) {
byte[] buffer = null;
try {
- String homeDir = AccessController.doPrivileged(
- new sun.security.action.GetPropertyAction("java.home"));
- final String fname = homeDir + File.separator + "lib" + File.separator
- + "zi" + File.separator + fileName;
buffer = (byte[]) AccessController.doPrivileged(new PrivilegedExceptionAction() {
public Object run() throws IOException {
- File file = new File(fname);
- if (!file.canRead()) {
+ File file = new File(ziDir, fileName);
+ if (!file.exists() || !file.isFile()) {
return null;
}
- int filesize = (int)file.length();
- byte[] buf = new byte[filesize];
-
- FileInputStream fis = new FileInputStream(file);
-
- if (fis.read(buf) != filesize) {
- fis.close();
- throw new IOException("read error on " + fname);
+ file = file.getCanonicalFile();
+ String path = file.getCanonicalPath();
+ byte[] buf = null;
+ if (path != null && path.startsWith(ziDir)) {
+ int filesize = (int)file.length();
+ if (filesize > 0) {
+ FileInputStream fis = new FileInputStream(file);
+ buf = new byte[filesize];
+ try {
+ if (fis.read(buf) != filesize) {
+ throw new IOException("read error on " + fileName);
+ }
+ } finally {
+ fis.close();
+ }
+ }
}
- fis.close();
return buf;
}
});
diff --git a/src/share/native/sun/awt/image/awt_ImageRep.c b/src/share/native/sun/awt/image/awt_ImageRep.c
index 9017ee9..b40eec8 100644
--- a/src/share/native/sun/awt/image/awt_ImageRep.c
+++ b/src/share/native/sun/awt/image/awt_ImageRep.c
@@ -142,84 +142,6 @@
}
-JNIEXPORT void JNICALL
-Java_sun_awt_image_ImageRepresentation_setBytePixels(JNIEnv *env, jclass cls,
- jint x, jint y, jint w,
- jint h, jbyteArray jpix,
- jint off, jint scansize,
- jobject jbct,
- jint chanOffs)
-{
- int sStride;
- int pixelStride;
- jobject jdata;
- unsigned char *srcData;
- unsigned char *dstData;
- unsigned char *dataP;
- unsigned char *pixP;
- int i;
- int j;
-
-
- if (JNU_IsNull(env, jpix)) {
- JNU_ThrowNullPointerException(env, "NullPointerException");
- return;
- }
-
- sStride = (*env)->GetIntField(env, jbct, g_BCRscanstrID);
- pixelStride = (*env)->GetIntField(env, jbct, g_BCRpixstrID);
- jdata = (*env)->GetObjectField(env, jbct, g_BCRdataID);
-
- srcData = (unsigned char *) (*env)->GetPrimitiveArrayCritical(env, jpix,
- NULL);
- if (srcData == NULL) {
- /* out of memory error already thrown */
- return;
- }
-
- dstData = (unsigned char *) (*env)->GetPrimitiveArrayCritical(env, jdata,
- NULL);
- if (dstData == NULL) {
- /* out of memory error already thrown */
- (*env)->ReleasePrimitiveArrayCritical(env, jpix, srcData, JNI_ABORT);
- return;
- }
-
- dataP = dstData + chanOffs + y*sStride + x*pixelStride;
- pixP = srcData + off;
- if (pixelStride == 1) {
- if (sStride == scansize && scansize == w) {
- memcpy(dataP, pixP, w*h);
- }
- else {
- for (i=0; i < h; i++) {
- memcpy(dataP, pixP, w);
- dataP += sStride;
- pixP += scansize;
- }
- }
- }
- else {
- unsigned char *ydataP = dataP;
- unsigned char *ypixP = pixP;
-
- for (i=0; i < h; i++) {
- dataP = ydataP;
- pixP = ypixP;
- for (j=0; j < w; j++) {
- *dataP = *pixP++;
- dataP += pixelStride;
- }
- ydataP += sStride;
- ypixP += scansize;
- }
- }
-
- (*env)->ReleasePrimitiveArrayCritical(env, jpix, srcData, JNI_ABORT);
- (*env)->ReleasePrimitiveArrayCritical(env, jdata, dstData, JNI_ABORT);
-
-}
-
JNIEXPORT jint JNICALL
Java_sun_awt_image_ImageRepresentation_setDiffICM(JNIEnv *env, jclass cls,
jint x, jint y, jint w,
@@ -266,6 +188,13 @@
jnewlut = (*env)->GetObjectField(env, jicm, g_ICMrgbID);
mapSize = (*env)->GetIntField(env, jicm, g_ICMmapSizeID);
+ if (numLut < 0 || numLut > 256 || mapSize < 0 || mapSize > 256) {
+ /* Ether old or new ICM has a palette that exceeds capacity
+ of byte data type, so we have to convert the image data
+ to default representation.
+ */
+ return 0;
+ }
srcLUT = (unsigned int *) (*env)->GetPrimitiveArrayCritical(env, jlut,
NULL);
if (srcLUT == NULL) {
diff --git a/src/share/native/sun/awt/image/jpeg/imageioJPEG.c b/src/share/native/sun/awt/image/jpeg/imageioJPEG.c
index 7d39c61..3897ddc 100644
--- a/src/share/native/sun/awt/image/jpeg/imageioJPEG.c
+++ b/src/share/native/sun/awt/image/jpeg/imageioJPEG.c
@@ -676,6 +676,10 @@
#ifdef DEBUG_IIO_JPEG
printf("in setQTables, qlen = %d, write is %d\n", qlen, write);
#endif
+ if (qlen > NUM_QUANT_TBLS) {
+ /* Ignore extra qunterization tables. */
+ qlen = NUM_QUANT_TBLS;
+ }
for (i = 0; i < qlen; i++) {
table = (*env)->GetObjectArrayElement(env, qtables, i);
qdata = (*env)->GetObjectField(env, table, JPEGQTable_tableID);
@@ -727,6 +731,11 @@
hlensBody = (*env)->GetShortArrayElements(env,
huffLens,
NULL);
+ if (hlensLen > 16) {
+ /* Ignore extra elements of bits array. Only 16 elements can be
+ stored. 0-th element is not used. (see jpeglib.h, line 107) */
+ hlensLen = 16;
+ }
for (i = 1; i <= hlensLen; i++) {
huff_ptr->bits[i] = (UINT8)hlensBody[i-1];
}
@@ -743,6 +752,11 @@
huffValues,
NULL);
+ if (hvalsLen > 256) {
+ /* Ignore extra elements of hufval array. Only 256 elements
+ can be stored. (see jpeglib.h, line 109) */
+ hlensLen = 256;
+ }
for (i = 0; i < hvalsLen; i++) {
huff_ptr->huffval[i] = (UINT8)hvalsBody[i];
}
@@ -763,6 +777,11 @@
j_compress_ptr comp;
j_decompress_ptr decomp;
jsize hlen = (*env)->GetArrayLength(env, DCHuffmanTables);
+
+ if (hlen > NUM_HUFF_TBLS) {
+ /* Ignore extra DC huffman tables. */
+ hlen = NUM_HUFF_TBLS;
+ }
for (i = 0; i < hlen; i++) {
if (cinfo->is_decompressor) {
decomp = (j_decompress_ptr) cinfo;
@@ -784,6 +803,10 @@
huff_ptr->sent_table = !write;
}
hlen = (*env)->GetArrayLength(env, ACHuffmanTables);
+ if (hlen > NUM_HUFF_TBLS) {
+ /* Ignore extra AC huffman tables. */
+ hlen = NUM_HUFF_TBLS;
+ }
for (i = 0; i < hlen; i++) {
if (cinfo->is_decompressor) {
decomp = (j_decompress_ptr) cinfo;
@@ -1833,6 +1856,13 @@
return JNI_FALSE;
}
+ if (stepX > cinfo->image_width) {
+ stepX = cinfo->image_width;
+ }
+ if (stepY > cinfo->image_height) {
+ stepY = cinfo->image_height;
+ }
+
/*
* First get the source bands array and copy it to our local array
* so we don't have to worry about pinning and unpinning it again.
diff --git a/src/solaris/classes/sun/awt/X11GraphicsDevice.java b/src/solaris/classes/sun/awt/X11GraphicsDevice.java
index ed495b1..81491ab 100644
--- a/src/solaris/classes/sun/awt/X11GraphicsDevice.java
+++ b/src/solaris/classes/sun/awt/X11GraphicsDevice.java
@@ -134,7 +134,7 @@
makeConfigurations();
}
}
- return configs;
+ return configs.clone();
}
private void makeConfigurations() {
diff --git a/src/windows/classes/sun/awt/Win32GraphicsDevice.java b/src/windows/classes/sun/awt/Win32GraphicsDevice.java
index 1da339c..8a0960b 100644
--- a/src/windows/classes/sun/awt/Win32GraphicsDevice.java
+++ b/src/windows/classes/sun/awt/Win32GraphicsDevice.java
@@ -165,7 +165,7 @@
if (defaultConfig != null) {
configs = new GraphicsConfiguration[1];
configs[0] = defaultConfig;
- return configs;
+ return configs.clone();
}
}
@@ -196,7 +196,7 @@
configs = new GraphicsConfiguration[v.size()];
v.copyInto(configs);
}
- return configs;
+ return configs.clone();
}
/**
diff --git a/src/windows/classes/sun/java2d/d3d/D3DGraphicsDevice.java b/src/windows/classes/sun/java2d/d3d/D3DGraphicsDevice.java
index 788a4d0..462223e 100644
--- a/src/windows/classes/sun/java2d/d3d/D3DGraphicsDevice.java
+++ b/src/windows/classes/sun/java2d/d3d/D3DGraphicsDevice.java
@@ -429,7 +429,7 @@
if (defaultConfig != null) {
configs = new GraphicsConfiguration[1];
configs[0] = defaultConfig;
- return configs;
+ return configs.clone();
}
}
}
diff --git a/test/java/awt/GraphicsDevice/CloneConfigsTest.java b/test/java/awt/GraphicsDevice/CloneConfigsTest.java
new file mode 100644
index 0000000..44eec54
--- /dev/null
+++ b/test/java/awt/GraphicsDevice/CloneConfigsTest.java
@@ -0,0 +1,118 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6822057
+ *
+ * @summary Test verifies that list of supported graphics configurations
+ * can not be changed via modification of elements of an array
+ * returned by getConfiguration() method.
+ *
+ * @run main CloneConfigsTest
+ * @run main/othervm -Dsun.java2d.opengl=True CloneConfigsTest
+ * @run main/othervm -Dsun.java2d.d3d=true CloneConfigsTest
+ * @run main/othervm -Dsun.java2d.noddraw=true CloneConfigsTest
+ */
+
+import java.awt.GraphicsConfiguration;
+import java.awt.GraphicsDevice;
+import java.awt.GraphicsEnvironment;
+import java.awt.Rectangle;
+import java.awt.geom.AffineTransform;
+import java.awt.image.BufferedImage;
+import java.awt.image.ColorModel;
+
+public class CloneConfigsTest {
+
+ public static void main(String[] args) {
+ GraphicsEnvironment env =
+ GraphicsEnvironment.getLocalGraphicsEnvironment();
+
+ GraphicsDevice[] devices = env.getScreenDevices();
+
+ GraphicsConfiguration c = new TestConfig();
+
+ for (GraphicsDevice gd : devices) {
+ System.out.println("Device: " + gd);
+
+ GraphicsConfiguration[] configs = gd.getConfigurations();
+
+ for (int i = 0; i < configs.length; i++) {
+ GraphicsConfiguration gc = configs[i];
+ System.out.println("\tConfig: " + gc);
+
+ configs[i] = c;
+ }
+
+ // verify whether array of configs was modified
+ configs = gd.getConfigurations();
+ for (GraphicsConfiguration gc : configs) {
+ if (gc == c) {
+ throw new RuntimeException("Test failed.");
+ }
+ }
+ System.out.println("Test passed.");
+ }
+ }
+
+ private static class TestConfig extends GraphicsConfiguration {
+
+ @Override
+ public GraphicsDevice getDevice() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public BufferedImage createCompatibleImage(int width, int height) {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public ColorModel getColorModel() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public ColorModel getColorModel(int transparency) {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public AffineTransform getDefaultTransform() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public AffineTransform getNormalizingTransform() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public Rectangle getBounds() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ }
+
+}
diff --git a/test/java/lang/ClassLoader/UninitializedParent.java b/test/java/lang/ClassLoader/UninitializedParent.java
new file mode 100644
index 0000000..155ae17
--- /dev/null
+++ b/test/java/lang/ClassLoader/UninitializedParent.java
@@ -0,0 +1,68 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6636650
+ * @summary Uninitialized class loaders should not be a parent of other
+ * class loaders.
+ */
+
+
+import java.net.*;
+
+public class UninitializedParent {
+ private static ClassLoader loader;
+ public static void main(String[] args) throws Exception {
+ System.setSecurityManager(new SecurityManager());
+
+ // Create an uninitialized class loader
+ try {
+ new ClassLoader(null) {
+ @Override
+ protected void finalize() {
+ loader = this;
+ }
+ };
+ } catch (SecurityException exc) {
+ // Expected
+ }
+ System.gc();
+ System.runFinalization();
+
+ // if 'loader' isn't null, need to ensure that it can't be used as
+ // parent
+ if (loader != null) {
+ try {
+ // Create a class loader with 'loader' being the parent
+ URLClassLoader child = URLClassLoader.newInstance
+ (new URL[0], loader);
+ throw new RuntimeException("Test Failed!");
+ } catch (SecurityException se) {
+ System.out.println("Test Passed: Exception thrown");
+ }
+ } else {
+ System.out.println("Test Passed: Loader is null");
+ }
+ }
+}
diff --git a/test/javax/swing/Security/6657138/ComponentTest.java b/test/javax/swing/Security/6657138/ComponentTest.java
new file mode 100644
index 0000000..a1a3a7b
--- /dev/null
+++ b/test/javax/swing/Security/6657138/ComponentTest.java
@@ -0,0 +1,76 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657138
+ * @summary Verifies that buttons and labels work well after the fix for 6657138
+ * @author Alexander Potochkin
+ */
+
+import sun.awt.SunToolkit;
+
+import javax.swing.*;
+import java.awt.*;
+
+public class ComponentTest extends JFrame {
+ private static JFrame frame;
+
+ public ComponentTest() {
+ setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+ setLayout(new FlowLayout());
+ add(new JButton("JButton"));
+ add(new JToggleButton("JToggleButton"));
+ add(new JCheckBox("JCheckBox"));
+ add(new JRadioButton("JRadioButton"));
+ add(new JLabel("JLabel"));
+ pack();
+ setLocationRelativeTo(null);
+ }
+
+
+ public static void main(String[] args) throws Exception {
+ SunToolkit toolkit = (SunToolkit) Toolkit.getDefaultToolkit();
+ SwingUtilities.invokeAndWait(new Runnable() {
+ public void run() {
+ frame = new ComponentTest();
+ frame.setVisible(true);
+ }
+ });
+ toolkit.realSync();
+ UIManager.LookAndFeelInfo[] lafs = UIManager.getInstalledLookAndFeels();
+ for (final UIManager.LookAndFeelInfo laf : lafs) {
+ SwingUtilities.invokeAndWait(new Runnable() {
+ public void run() {
+ try {
+ UIManager.setLookAndFeel(laf.getClassName());
+ } catch (Exception e) {
+ new RuntimeException(e);
+ }
+ SwingUtilities.updateComponentTreeUI(frame);
+ }
+ });
+ toolkit.realSync();
+ }
+ }
+}
diff --git a/test/javax/swing/Security/6657138/bug6657138.java b/test/javax/swing/Security/6657138/bug6657138.java
new file mode 100644
index 0000000..5a3562d
--- /dev/null
+++ b/test/javax/swing/Security/6657138/bug6657138.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657138
+ * @summary Verifies that buttons and labels don't share their ui's across appContexts
+ * @author Alexander Potochkin
+ */
+
+import sun.awt.SunToolkit;
+
+import javax.swing.*;
+import javax.swing.plaf.ButtonUI;
+import javax.swing.plaf.ComponentUI;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+public class bug6657138 implements Runnable {
+
+ private static Map<JComponent, Map<String, ComponentUI>> componentMap =
+ Collections.synchronizedMap(
+ new HashMap<JComponent, Map<String, ComponentUI>>());
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ try {
+ testUIMap();
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ private static void testUIMap() throws Exception {
+ UIManager.LookAndFeelInfo[] lafs = UIManager.getInstalledLookAndFeels();
+ Set<JComponent> components = componentMap.keySet();
+ for (JComponent c : components) {
+ Map<String, ComponentUI> uiMap = componentMap.get(c);
+
+ for (UIManager.LookAndFeelInfo laf : lafs) {
+ if ("Nimbus".equals(laf.getName())) {
+ // for some unclear reasons
+ // Nimbus ui delegate for a button is null
+ // when this method is called from the new AppContext
+ continue;
+ }
+ String className = laf.getClassName();
+ UIManager.setLookAndFeel(className);
+ ComponentUI ui = UIManager.getUI(c);
+ if (ui == null) {
+ throw new RuntimeException("UI is null for " + c);
+ }
+ if (ui == uiMap.get(laf.getName())) {
+ throw new RuntimeException(
+ "Two AppContexts share the same UI delegate! \n" +
+ c + "\n" + ui);
+ }
+ uiMap.put(laf.getName(), ui);
+ }
+ }
+ }
+
+ public static void main(String[] args) throws Exception {
+ componentMap.put(new JButton("JButton"),
+ new HashMap<String, ComponentUI>());
+ componentMap.put(new JToggleButton("JToggleButton"),
+ new HashMap<String, ComponentUI>());
+ componentMap.put(new JRadioButton("JRadioButton"),
+ new HashMap<String, ComponentUI>());
+ componentMap.put(new JCheckBox("JCheckBox"),
+ new HashMap<String, ComponentUI>());
+ componentMap.put(new JCheckBox("JLabel"),
+ new HashMap<String, ComponentUI>());
+ testUIMap();
+ ThreadGroup group = new ThreadGroup("6657138");
+ Thread thread = new Thread(group, new bug6657138());
+ thread.start();
+ thread.join();
+ }
+}
+
diff --git a/test/javax/swing/ToolTipManager/Test6657026.java b/test/javax/swing/ToolTipManager/Test6657026.java
new file mode 100644
index 0000000..f9e23b9
--- /dev/null
+++ b/test/javax/swing/ToolTipManager/Test6657026.java
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared ToolTipManager in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+import javax.swing.ToolTipManager;
+
+public class Test6657026 implements Runnable {
+
+ private static final int DISMISS = 4000;
+ private static final int INITIAL = 750;
+ private static final int RESHOW = 500;
+
+ public static void main(String[] args) throws InterruptedException {
+ ToolTipManager manager = ToolTipManager.sharedInstance();
+ if (DISMISS != manager.getDismissDelay()) {
+ throw new Error("unexpected dismiss delay");
+ }
+ if (INITIAL != manager.getInitialDelay()) {
+ throw new Error("unexpected initial delay");
+ }
+ if (RESHOW != manager.getReshowDelay()) {
+ throw new Error("unexpected reshow delay");
+ }
+ manager.setDismissDelay(DISMISS + 1);
+ manager.setInitialDelay(INITIAL + 1);
+ manager.setReshowDelay(RESHOW + 1);
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ ToolTipManager manager = ToolTipManager.sharedInstance();
+ if (DISMISS != manager.getDismissDelay()) {
+ throw new Error("shared dismiss delay");
+ }
+ if (INITIAL != manager.getInitialDelay()) {
+ throw new Error("shared initial delay");
+ }
+ if (RESHOW != manager.getReshowDelay()) {
+ throw new Error("shared reshow delay");
+ }
+ }
+}
diff --git a/test/javax/swing/UIManager/Test6657026.java b/test/javax/swing/UIManager/Test6657026.java
new file mode 100644
index 0000000..7b93a22
--- /dev/null
+++ b/test/javax/swing/UIManager/Test6657026.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared UIManager in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+
+import javax.swing.UIManager;
+import javax.swing.UIManager.LookAndFeelInfo;
+
+public class Test6657026 implements Runnable {
+
+ public static void main(String[] args) throws Exception {
+ if (UIManager.getInstalledLookAndFeels().length == 0) {
+ throw new Error("unexpected amount of look&feels");
+ }
+ UIManager.setInstalledLookAndFeels(new LookAndFeelInfo[0]);
+ if (UIManager.getInstalledLookAndFeels().length != 0) {
+ throw new Error("unexpected amount of look&feels");
+ }
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ if (UIManager.getInstalledLookAndFeels().length == 0) {
+ throw new Error("shared look&feels");
+ }
+ }
+}
diff --git a/test/javax/swing/plaf/basic/BasicSplitPaneUI/Test6657026.java b/test/javax/swing/plaf/basic/BasicSplitPaneUI/Test6657026.java
new file mode 100644
index 0000000..1608041
--- /dev/null
+++ b/test/javax/swing/plaf/basic/BasicSplitPaneUI/Test6657026.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared BasicSplitPaneUI in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+
+import java.awt.event.ActionEvent;
+import java.util.Set;
+import javax.swing.JSplitPane;
+import javax.swing.plaf.basic.BasicSplitPaneUI;
+
+public class Test6657026 extends BasicSplitPaneUI implements Runnable {
+
+ public static void main(String[] args) throws InterruptedException {
+ if (new JSplitPane().getFocusTraversalKeys(0).isEmpty()){
+ throw new Error("unexpected traversal keys");
+ }
+ new JSplitPane() {
+ public void setFocusTraversalKeys(int id, Set keystrokes) {
+ keystrokes.clear();
+ super.setFocusTraversalKeys(id, keystrokes);
+ }
+ };
+ if (new JSplitPane().getFocusTraversalKeys(0).isEmpty()) {
+ throw new Error("shared traversal keys");
+ }
+ KEYBOARD_DIVIDER_MOVE_OFFSET = -KEYBOARD_DIVIDER_MOVE_OFFSET;
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ if (new JSplitPane().getFocusTraversalKeys(0).isEmpty()) {
+ throw new Error("shared traversal keys");
+ }
+ JSplitPane pane = new JSplitPane();
+ pane.setUI(this);
+
+ createFocusListener().focusGained(null); // allows actions
+ test(pane, "positiveIncrement", 3);
+ test(pane, "negativeIncrement", 0);
+ }
+
+ private static void test(JSplitPane pane, String action, int expected) {
+ ActionEvent event = new ActionEvent(pane, expected, action);
+ pane.getActionMap().get(action).actionPerformed(event);
+ int actual = pane.getDividerLocation();
+ if (actual != expected) {
+ throw new Error(actual + ", but expected " + expected);
+ }
+ }
+}
diff --git a/test/javax/swing/plaf/metal/MetalBorders/Test6657026.java b/test/javax/swing/plaf/metal/MetalBorders/Test6657026.java
new file mode 100644
index 0000000..194b310
--- /dev/null
+++ b/test/javax/swing/plaf/metal/MetalBorders/Test6657026.java
@@ -0,0 +1,91 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests constancy of borders
+ * @author Sergey Malenkov
+ */
+
+import java.awt.Insets;
+import javax.swing.border.Border;
+import javax.swing.plaf.metal.MetalBorders.ButtonBorder;
+import javax.swing.plaf.metal.MetalBorders.MenuBarBorder;
+import javax.swing.plaf.metal.MetalBorders.MenuItemBorder;
+import javax.swing.plaf.metal.MetalBorders.PopupMenuBorder;
+
+public class Test6657026 {
+
+ private static final Insets NEGATIVE = new Insets(Integer.MIN_VALUE,
+ Integer.MIN_VALUE,
+ Integer.MIN_VALUE,
+ Integer.MIN_VALUE);
+
+ public static void main(String[] args) {
+ new ButtonBorder() {{borderInsets = NEGATIVE;}};
+ new MenuBarBorder() {{borderInsets = NEGATIVE;}};
+ new MenuItemBorder() {{borderInsets = NEGATIVE;}};
+ new PopupMenuBorder() {{borderInsets = NEGATIVE;}};
+
+ test(create("ButtonBorder"));
+ test(create("MenuBarBorder"));
+ test(create("MenuItemBorder"));
+ test(create("PopupMenuBorder"));
+
+ test(create("Flush3DBorder"));
+ test(create("InternalFrameBorder"));
+ // NOT USED: test(create("FrameBorder"));
+ // NOT USED: test(create("DialogBorder"));
+ test(create("PaletteBorder"));
+ test(create("OptionDialogBorder"));
+ test(create("ScrollPaneBorder"));
+ }
+
+ private static Border create(String name) {
+ try {
+ name = "javax.swing.plaf.metal.MetalBorders$" + name;
+ return (Border) Class.forName(name).newInstance();
+ }
+ catch (Exception exception) {
+ throw new Error("unexpected exception", exception);
+ }
+ }
+
+ private static void test(Border border) {
+ Insets actual = border.getBorderInsets(null);
+ if (NEGATIVE.equals(actual)) {
+ throw new Error("unexpected insets in " + border.getClass());
+ }
+ Insets expected = (Insets) actual.clone();
+ // modify
+ actual.top++;
+ actual.left++;
+ actual.right++;
+ actual.bottom++;
+ // validate
+ if (!expected.equals(border.getBorderInsets(null))) {
+ throw new Error("shared insets in " + border.getClass());
+ }
+ }
+}
diff --git a/test/javax/swing/plaf/metal/MetalBumps/Test6657026.java b/test/javax/swing/plaf/metal/MetalBumps/Test6657026.java
new file mode 100644
index 0000000..f804162
--- /dev/null
+++ b/test/javax/swing/plaf/metal/MetalBumps/Test6657026.java
@@ -0,0 +1,238 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared MetalBumps in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+
+import java.awt.Color;
+import java.awt.Component;
+import java.awt.Font;
+import java.awt.FontMetrics;
+import java.awt.Graphics;
+import java.awt.Image;
+import java.awt.Rectangle;
+import java.awt.Shape;
+import java.awt.image.BufferedImage;
+import java.awt.image.ImageObserver;
+import java.text.AttributedCharacterIterator;
+import javax.swing.Icon;
+import javax.swing.plaf.metal.MetalBorders.ToolBarBorder;
+
+public class Test6657026 extends ToolBarBorder implements Runnable {
+
+ public static void main(String[] args) throws Exception {
+ new Test6657026().test();
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ test();
+ }
+
+ private void test() {
+ MyGraphics mg = new MyGraphics();
+ Icon icon = bumps;
+ icon.paintIcon(mg.component, mg, 0, 0);
+ if (mg.image != null) {
+ boolean failed = true;
+ int value = mg.image.getRGB(0, 0);
+ for (int x = 0; x < mg.image.getWidth(); x++) {
+ for (int y = 0; y < mg.image.getHeight(); y++) {
+ int current = mg.image.getRGB(x, y);
+ if (current != value) {
+ mg.image.setRGB(x, y, value);
+ failed = false;
+ }
+
+ }
+ }
+ if (failed) {
+ throw new Error("shared metal bumps");
+ }
+ }
+ }
+
+ private static class MyGraphics extends Graphics {
+
+ private final Component component = new Component() {};
+ private BufferedImage image;
+
+ public Graphics create() {
+ return null; // TODO: check
+ }
+
+ public void translate(int x, int y) {
+ // TODO: check
+ }
+
+ public Color getColor() {
+ return null; // TODO: check
+ }
+
+ public void setColor(Color color) {
+ // TODO: check
+ }
+
+ public void setPaintMode() {
+ // TODO: check
+ }
+
+ public void setXORMode(Color c1) {
+ // TODO: check
+ }
+
+ public Font getFont() {
+ return null; // TODO: check
+ }
+
+ public void setFont(Font font) {
+ // TODO: check
+ }
+
+ public FontMetrics getFontMetrics(Font font) {
+ return null; // TODO: check
+ }
+
+ public Rectangle getClipBounds() {
+ return null; // TODO: check
+ }
+
+ public void clipRect(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public void setClip(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public Shape getClip() {
+ return null; // TODO: check
+ }
+
+ public void setClip(Shape clip) {
+ // TODO: check
+ }
+
+ public void copyArea(int x, int y, int width, int height, int dx, int dy) {
+ // TODO: check
+ }
+
+ public void drawLine(int x1, int y1, int x2, int y2) {
+ // TODO: check
+ }
+
+ public void fillRect(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public void clearRect(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public void drawRoundRect(int x, int y, int width, int height, int arcWidth, int arcHeight) {
+ // TODO: check
+ }
+
+ public void fillRoundRect(int x, int y, int width, int height, int arcWidth, int arcHeight) {
+ // TODO: check
+ }
+
+ public void drawOval(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public void fillOval(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public void drawArc(int x, int y, int width, int height, int startAngle, int arcAngle) {
+ // TODO: check
+ }
+
+ public void fillArc(int x, int y, int width, int height, int startAngle, int arcAngle) {
+ // TODO: check
+ }
+
+ public void drawPolyline(int[] xPoints, int[] yPoints, int nPoints) {
+ // TODO: check
+ }
+
+ public void drawPolygon(int[] xPoints, int[] yPoints, int nPoints) {
+ // TODO: check
+ }
+
+ public void fillPolygon(int[] xPoints, int[] yPoints, int nPoints) {
+ // TODO: check
+ }
+
+ public void drawString(String str, int x, int y) {
+ // TODO: check
+ }
+
+ public void drawString(AttributedCharacterIterator iterator, int x, int y) {
+ // TODO: check
+ }
+
+ public boolean drawImage(Image img, int x, int y, ImageObserver observer) {
+ return false; // TODO: check
+ }
+
+ public boolean drawImage(Image img, int x, int y, int width, int height, ImageObserver observer) {
+ return false; // TODO: check
+ }
+
+ public boolean drawImage(Image img, int x, int y, Color bgcolor, ImageObserver observer) {
+ return false; // TODO: check
+ }
+
+ public boolean drawImage(Image img, int x, int y, int width, int height, Color bgcolor, ImageObserver observer) {
+ return false; // TODO: check
+ }
+
+ public boolean drawImage(Image img, int dx1, int dy1, int dx2, int dy2, int sx1, int sy1, int sx2, int sy2, ImageObserver observer) {
+ if (img instanceof BufferedImage) {
+ this.image = (BufferedImage) img;
+ }
+ return false; // TODO: check
+ }
+
+ public boolean drawImage(Image img, int dx1, int dy1, int dx2, int dy2, int sx1, int sy1, int sx2, int sy2, Color bgcolor, ImageObserver observer) {
+ return false; // TODO: check
+ }
+
+ public void dispose() {
+ // TODO: check
+ }
+ }
+}
diff --git a/test/javax/swing/plaf/metal/MetalInternalFrameUI/Test6657026.java b/test/javax/swing/plaf/metal/MetalInternalFrameUI/Test6657026.java
new file mode 100644
index 0000000..bbfec61
--- /dev/null
+++ b/test/javax/swing/plaf/metal/MetalInternalFrameUI/Test6657026.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared MetalInternalFrameUI in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+
+import javax.swing.JInternalFrame;
+import javax.swing.JPanel;
+import javax.swing.UIManager;
+import javax.swing.plaf.metal.MetalInternalFrameUI;
+import javax.swing.plaf.metal.MetalLookAndFeel;
+
+public class Test6657026 extends MetalInternalFrameUI implements Runnable {
+
+ public static void main(String[] args) throws Exception {
+ UIManager.setLookAndFeel(new MetalLookAndFeel());
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+
+ new JInternalFrame().setContentPane(new JPanel());
+ }
+
+ public Test6657026() {
+ super(null);
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ IS_PALETTE = JInternalFrame.CONTENT_PANE_PROPERTY;
+ }
+}
diff --git a/test/javax/swing/plaf/metal/MetalSliderUI/Test6657026.java b/test/javax/swing/plaf/metal/MetalSliderUI/Test6657026.java
new file mode 100644
index 0000000..250889a
--- /dev/null
+++ b/test/javax/swing/plaf/metal/MetalSliderUI/Test6657026.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared MetalSliderUI in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+
+import javax.swing.JSlider;
+import javax.swing.UIManager;
+import javax.swing.plaf.metal.MetalLookAndFeel;
+import javax.swing.plaf.metal.MetalSliderUI;
+
+public class Test6657026 extends MetalSliderUI implements Runnable {
+
+ public static void main(String[] args) throws Exception {
+ UIManager.setLookAndFeel(new MetalLookAndFeel());
+ JSlider slider = new JSlider();
+ test(slider);
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+
+ test(slider);
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ JSlider slider = new JSlider();
+ test(slider);
+ tickLength = -10000;
+ }
+
+ private static void test(JSlider slider) {
+ MetalSliderUI ui = (MetalSliderUI) slider.getUI();
+ int actual = ui.getTickLength();
+ if (actual != 11) {
+ throw new Error(actual + ", but expected 11");
+ }
+ }
+}
diff --git a/test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilder.java b/test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilder.java
new file mode 100644
index 0000000..891967f
--- /dev/null
+++ b/test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilder.java
@@ -0,0 +1,442 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * @test
+ *
+ * @bug 6861062
+ * @summary Disable MD2 support
+ *
+ * @run main/othervm CPBuilder trustAnchor_SHA1withRSA_1024 0 true
+ * @run main/othervm CPBuilder trustAnchor_SHA1withRSA_512 0 true
+ * @run main/othervm CPBuilder intermediate_SHA1withRSA_1024_1024 1 true
+ * @run main/othervm CPBuilder intermediate_SHA1withRSA_1024_512 1 true
+ * @run main/othervm CPBuilder intermediate_SHA1withRSA_512_1024 1 true
+ * @run main/othervm CPBuilder intermediate_SHA1withRSA_512_512 1 true
+ * @run main/othervm CPBuilder intermediate_MD2withRSA_1024_1024 1 false
+ * @run main/othervm CPBuilder intermediate_MD2withRSA_1024_512 1 false
+ * @run main/othervm CPBuilder endentiry_SHA1withRSA_1024_1024 2 true
+ * @run main/othervm CPBuilder endentiry_SHA1withRSA_1024_512 2 true
+ * @run main/othervm CPBuilder endentiry_SHA1withRSA_512_1024 2 true
+ * @run main/othervm CPBuilder endentiry_SHA1withRSA_512_512 2 true
+ * @run main/othervm CPBuilder endentiry_MD2withRSA_1024_1024 2 false
+ * @run main/othervm CPBuilder endentiry_MD2withRSA_1024_512 2 false
+ *
+ * @author Xuelei Fan
+ */
+
+import java.io.*;
+import java.net.SocketException;
+import java.util.*;
+import java.security.Security;
+import java.security.cert.*;
+import sun.security.util.DerInputStream;
+
+public class CPBuilder {
+
+ // SHA1withRSA 1024
+ static String trustAnchor_SHA1withRSA_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
+ "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
+ "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
+ "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
+ "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
+ "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
+ "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
+ "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
+ "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
+ "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
+ "tas=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512
+ static String trustAnchor_SHA1withRSA_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
+ "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
+ "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
+ "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
+ "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
+ "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
+ "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
+ "U5r+8B9nzx+j2Zh3kw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 1024
+ static String intermediate_SHA1withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN\n" +
+ "P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb\n" +
+ "Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y\n" +
+ "e4q7TSwe6QevGOZaL5N/iy2XGEs=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 512
+ static String intermediate_SHA1withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze\n" +
+ "WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm\n" +
+ "w6Dd\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 1024
+ static String intermediate_SHA1withRSA_512_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY\n" +
+ "h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG\n" +
+ "LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 512
+ static String intermediate_SHA1withRSA_512_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx\n" +
+ "O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 1024
+ static String intermediate_MD2withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc\n" +
+ "Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB\n" +
+ "E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd\n" +
+ "m8omKDKeCgcw5dR4ITQYvyxe1as=\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 512
+ static String intermediate_MD2withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy\n" +
+ "0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx\n" +
+ "KQdp\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 1024
+ static String endentiry_SHA1withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
+ "9w0BAQUFAAOBgQAOfIeasDg91CR3jGfuAEVKwncM1OPFmniAUcdPm74cCAyJ90Me\n" +
+ "dhUElWPGoAuXGfiyZlOlGUYWqEroe/dnkmnotJjLWR+MA4ZyX3O1YI8T4W3deWcC\n" +
+ "J4WMCF7mp17SaYYKX9F0AxwNJFpUkbB41IkTxPr0MmzB1871/pbY8dLAvA==\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 512
+ static String endentiry_SHA1withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
+ "9w0BAQUFAANBADV6X+ea0ftEKXy7yKNAbdIp35893T6AVwbdclomPkeOs86OtoTG\n" +
+ "1BIzWSK9QE7W6Wbf63e2RdcqoLK+DxsuwUg=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 1024
+ static String endentiry_SHA1withRSA_512_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
+ "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
+ "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
+ "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
+ "31g/ZkU6aXFAJVKhrrv0ebfAgeYwDQYJKoZIhvcNAQEFBQADgYEAUyW8PrEdbzLu\n" +
+ "B+h6UemBOJ024rYq90hJE/5wUEKPvxZ9vPEUgl+io6cGhL3cLfxfh6z5xtEGp4Tb\n" +
+ "NB0Ye3Qi01FBiNDY8s3rQRrmel6VysU8u+0Oi2jmQY6vZXn/zXN5rrTLITCaSicG\n" +
+ "dOMv1xLM83Ee432WWlDwKOUxhzDGpWc=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 512
+ static String endentiry_SHA1withRSA_512_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
+ "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
+ "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
+ "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
+ "N0CHiTYPtjyvpP2a6y6mhsZ6U40wDQYJKoZIhvcNAQEFBQADQQBG4grtrVEHick0\n" +
+ "z/6Lcl/MGyHT0c8KTXE0AMVXG1NRjAicAmYno/yDaJ9OmfymObKZKV9fF7yCW/N/\n" +
+ "TMU6m7N0\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 1024
+ static String endentiry_MD2withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
+ "9w0BAQIFAAOBgQBxKsFf8NNQcXjDoKJJSG4Rk6ikcrhiGYuUI32+XHvs6hnav1Zc\n" +
+ "aJUpy7J4gMj/MnysMh/4AF9+m6zEEjuisXKUbYZhgtJxz+ukGSo163mJ8QJiAlRb\n" +
+ "Iwsy81r08mlSCR6jx2YhDAUxJIPC92R5Vb4CEutB7tWTwwz7vIHq330erA==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 512
+ static String endentiry_MD2withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
+ "9w0BAQIFAANBAIX63Ypi9P71RnC/pcMbhD+wekRFsTzU593X3MC7tyBJtEXwvAZG\n" +
+ "iMxXF5A+ohlr7/CrkV7ZTL8PLxnJdY5Y8rQ=\n" +
+ "-----END CERTIFICATE-----";
+
+ static HashMap<String, String> certmap = new HashMap<String, String>();
+ static {
+ certmap.put("trustAnchor_SHA1withRSA_1024",
+ trustAnchor_SHA1withRSA_1024);
+ certmap.put("trustAnchor_SHA1withRSA_512",
+ trustAnchor_SHA1withRSA_512);
+ certmap.put("intermediate_SHA1withRSA_1024_1024",
+ intermediate_SHA1withRSA_1024_1024);
+ certmap.put("intermediate_SHA1withRSA_1024_512",
+ intermediate_SHA1withRSA_1024_512);
+ certmap.put("intermediate_SHA1withRSA_512_1024",
+ intermediate_SHA1withRSA_512_1024);
+ certmap.put("intermediate_SHA1withRSA_512_512",
+ intermediate_SHA1withRSA_512_512);
+ certmap.put("intermediate_MD2withRSA_1024_1024",
+ intermediate_MD2withRSA_1024_1024);
+ certmap.put("intermediate_MD2withRSA_1024_512",
+ intermediate_MD2withRSA_1024_512);
+ certmap.put("endentiry_SHA1withRSA_1024_1024",
+ endentiry_SHA1withRSA_1024_1024);
+ certmap.put("endentiry_SHA1withRSA_1024_512",
+ endentiry_SHA1withRSA_1024_512);
+ certmap.put("endentiry_SHA1withRSA_512_1024",
+ endentiry_SHA1withRSA_512_1024);
+ certmap.put("endentiry_SHA1withRSA_512_512",
+ endentiry_SHA1withRSA_512_512);
+ certmap.put("endentiry_MD2withRSA_1024_1024",
+ endentiry_MD2withRSA_1024_1024);
+ certmap.put("endentiry_MD2withRSA_1024_512",
+ endentiry_MD2withRSA_1024_512);
+ }
+
+ private static Set<TrustAnchor> generateTrustAnchors()
+ throws CertificateException {
+ // generate certificate from cert string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ HashSet<TrustAnchor> anchors = new HashSet<TrustAnchor>();
+
+ ByteArrayInputStream is =
+ new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes());
+ Certificate cert = cf.generateCertificate(is);
+ TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes());
+ cert = cf.generateCertificate(is);
+ anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ return anchors;
+ }
+
+ private static CertStore generateCertificateStore() throws Exception {
+ Collection entries = new HashSet();
+
+ // generate certificate from certificate string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+ for (String key : certmap.keySet()) {
+ String certStr = certmap.get(key);
+ ByteArrayInputStream is =
+ new ByteArrayInputStream(certStr.getBytes());;
+ Certificate cert = cf.generateCertificate(is);
+ entries.add(cert);
+ }
+
+ return CertStore.getInstance("Collection",
+ new CollectionCertStoreParameters(entries));
+ }
+
+ private static X509CertSelector generateSelector(String name)
+ throws Exception {
+ X509CertSelector selector = new X509CertSelector();
+
+ String certStr = certmap.get(name);
+ if (certStr == null) {
+ return null;
+ }
+
+ // generate certificate from certificate string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
+ X509Certificate target = (X509Certificate)cf.generateCertificate(is);
+
+ selector.setCertificate(target);
+
+ return selector;
+ }
+
+ private static boolean match(String name, Certificate cert)
+ throws Exception {
+ X509CertSelector selector = new X509CertSelector();
+
+ String certStr = certmap.get(name);
+ if (certStr == null) {
+ return false;
+ }
+
+ // generate certificate from certificate string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
+ X509Certificate target = (X509Certificate)cf.generateCertificate(is);
+
+ return target.equals(cert);
+ }
+
+ public static void main(String args[]) throws Exception {
+
+ CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
+
+ X509CertSelector selector = generateSelector(args[0]);
+ if (selector == null) {
+ // no target certificate, ignore it
+ return;
+ }
+
+ Set<TrustAnchor> anchors = generateTrustAnchors();
+ CertStore certs = generateCertificateStore();
+
+ PKIXBuilderParameters params =
+ new PKIXBuilderParameters(anchors, selector);
+ params.addCertStore(certs);
+ params.setRevocationEnabled(false);
+ params.setDate(new Date(109, 9, 1)); // 2009-09-01
+
+ boolean success = Boolean.valueOf(args[2]);
+ try {
+ PKIXCertPathBuilderResult result =
+ (PKIXCertPathBuilderResult)builder.build(params);
+ if (!success) {
+ throw new Exception("expected algorithm disabled exception");
+ }
+
+ int length = Integer.parseInt(args[1]);
+ List<? extends Certificate> path =
+ result.getCertPath().getCertificates();
+ if (length != path.size()) {
+ throw new Exception("unexpected certification path length");
+ }
+
+ if (!path.isEmpty()) { // the target is not a trust anchor
+ if (!match(args[0], path.get(0))) {
+ throw new Exception("unexpected certificate");
+ }
+ }
+ } catch (CertPathBuilderException cpbe) {
+ if (success) {
+ throw new Exception("unexpected exception");
+ } else {
+ System.out.println("Get the expected exception " + cpbe);
+ }
+ }
+ }
+
+}
diff --git a/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorEndEntity.java b/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorEndEntity.java
new file mode 100644
index 0000000..bb0e886
--- /dev/null
+++ b/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorEndEntity.java
@@ -0,0 +1,363 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * @test
+ *
+ * @bug 6861062
+ * @summary Disable MD2 support
+ *
+ * @author Xuelei Fan
+ */
+
+import java.io.*;
+import java.net.SocketException;
+import java.util.*;
+import java.security.Security;
+import java.security.cert.*;
+
+public class CPValidatorEndEntity {
+
+ // SHA1withRSA 1024
+ static String trustAnchor_SHA1withRSA_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
+ "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
+ "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
+ "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
+ "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
+ "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
+ "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
+ "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
+ "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
+ "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
+ "tas=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512
+ static String trustAnchor_SHA1withRSA_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
+ "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
+ "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
+ "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
+ "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
+ "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
+ "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
+ "U5r+8B9nzx+j2Zh3kw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 1024
+ static String intermediate_SHA1withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN\n" +
+ "P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb\n" +
+ "Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y\n" +
+ "e4q7TSwe6QevGOZaL5N/iy2XGEs=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 512
+ static String intermediate_SHA1withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze\n" +
+ "WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm\n" +
+ "w6Dd\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 1024
+ static String intermediate_SHA1withRSA_512_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY\n" +
+ "h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG\n" +
+ "LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 512
+ static String intermediate_SHA1withRSA_512_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx\n" +
+ "O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 1024
+ static String intermediate_MD2withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc\n" +
+ "Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB\n" +
+ "E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd\n" +
+ "m8omKDKeCgcw5dR4ITQYvyxe1as=\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 512
+ static String intermediate_MD2withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy\n" +
+ "0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx\n" +
+ "KQdp\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 1024
+ static String endentiry_SHA1withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
+ "9w0BAQUFAAOBgQAOfIeasDg91CR3jGfuAEVKwncM1OPFmniAUcdPm74cCAyJ90Me\n" +
+ "dhUElWPGoAuXGfiyZlOlGUYWqEroe/dnkmnotJjLWR+MA4ZyX3O1YI8T4W3deWcC\n" +
+ "J4WMCF7mp17SaYYKX9F0AxwNJFpUkbB41IkTxPr0MmzB1871/pbY8dLAvA==\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 512
+ static String endentiry_SHA1withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
+ "9w0BAQUFAANBADV6X+ea0ftEKXy7yKNAbdIp35893T6AVwbdclomPkeOs86OtoTG\n" +
+ "1BIzWSK9QE7W6Wbf63e2RdcqoLK+DxsuwUg=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 1024
+ static String endentiry_SHA1withRSA_512_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
+ "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
+ "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
+ "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
+ "31g/ZkU6aXFAJVKhrrv0ebfAgeYwDQYJKoZIhvcNAQEFBQADgYEAUyW8PrEdbzLu\n" +
+ "B+h6UemBOJ024rYq90hJE/5wUEKPvxZ9vPEUgl+io6cGhL3cLfxfh6z5xtEGp4Tb\n" +
+ "NB0Ye3Qi01FBiNDY8s3rQRrmel6VysU8u+0Oi2jmQY6vZXn/zXN5rrTLITCaSicG\n" +
+ "dOMv1xLM83Ee432WWlDwKOUxhzDGpWc=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 512
+ static String endentiry_SHA1withRSA_512_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
+ "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
+ "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
+ "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
+ "N0CHiTYPtjyvpP2a6y6mhsZ6U40wDQYJKoZIhvcNAQEFBQADQQBG4grtrVEHick0\n" +
+ "z/6Lcl/MGyHT0c8KTXE0AMVXG1NRjAicAmYno/yDaJ9OmfymObKZKV9fF7yCW/N/\n" +
+ "TMU6m7N0\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 1024
+ static String endentiry_MD2withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
+ "9w0BAQIFAAOBgQBxKsFf8NNQcXjDoKJJSG4Rk6ikcrhiGYuUI32+XHvs6hnav1Zc\n" +
+ "aJUpy7J4gMj/MnysMh/4AF9+m6zEEjuisXKUbYZhgtJxz+ukGSo163mJ8QJiAlRb\n" +
+ "Iwsy81r08mlSCR6jx2YhDAUxJIPC92R5Vb4CEutB7tWTwwz7vIHq330erA==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 512
+ static String endentiry_MD2withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
+ "9w0BAQIFAANBAIX63Ypi9P71RnC/pcMbhD+wekRFsTzU593X3MC7tyBJtEXwvAZG\n" +
+ "iMxXF5A+ohlr7/CrkV7ZTL8PLxnJdY5Y8rQ=\n" +
+ "-----END CERTIFICATE-----";
+
+ private static CertPath generateCertificatePath(String castr,
+ String eestr) throws CertificateException {
+ // generate certificate from cert strings
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+ ByteArrayInputStream is;
+
+ is = new ByteArrayInputStream(castr.getBytes());
+ Certificate cacert = cf.generateCertificate(is);
+
+ is = new ByteArrayInputStream(eestr.getBytes());
+ Certificate eecert = cf.generateCertificate(is);
+
+ // generate certification path
+ List<Certificate> list = Arrays.asList(new Certificate[] {
+ eecert, cacert});
+
+ return cf.generateCertPath(list);
+ }
+
+ private static Set<TrustAnchor> generateTrustAnchors()
+ throws CertificateException {
+ // generate certificate from cert string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ HashSet<TrustAnchor> anchors = new HashSet<TrustAnchor>();
+
+ ByteArrayInputStream is =
+ new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes());
+ Certificate cert = cf.generateCertificate(is);
+ TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes());
+ cert = cf.generateCertificate(is);
+ anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ return anchors;
+ }
+
+ public static void main(String args[]) throws Exception {
+ try {
+ validate(endentiry_SHA1withRSA_1024_1024,
+ intermediate_SHA1withRSA_1024_1024);
+ validate(endentiry_SHA1withRSA_1024_512,
+ intermediate_SHA1withRSA_512_1024);
+ validate(endentiry_SHA1withRSA_512_1024,
+ intermediate_SHA1withRSA_1024_1024);
+ validate(endentiry_SHA1withRSA_512_512,
+ intermediate_SHA1withRSA_512_1024);
+ } catch (CertPathValidatorException cpve) {
+ throw new Exception(
+ "unexpect exception, it is valid cert", cpve);
+ }
+
+ try {
+ validate(endentiry_MD2withRSA_1024_1024,
+ intermediate_SHA1withRSA_1024_1024);
+ throw new Exception("expected algorithm disabled exception");
+ } catch (CertPathValidatorException cpve) {
+ System.out.println("Get the expected exception " + cpve);
+ }
+
+ try {
+ validate(endentiry_MD2withRSA_1024_512,
+ intermediate_SHA1withRSA_512_1024);
+ throw new Exception("expected algorithm disabled exception");
+ } catch (CertPathValidatorException cpve) {
+ System.out.println("Get the expected exception " + cpve);
+ }
+ }
+
+ private static void validate(String eecert, String cacert)
+ throws CertPathValidatorException, Exception {
+
+ CertPath path = generateCertificatePath(cacert, eecert);
+ Set<TrustAnchor> anchors = generateTrustAnchors();
+
+ PKIXParameters params = new PKIXParameters(anchors);
+
+ // disable certificate revocation checking
+ params.setRevocationEnabled(false);
+
+ // set the validation time
+ params.setDate(new Date(109, 9, 1)); // 2009-09-01
+
+ CertPathValidator validator = CertPathValidator.getInstance("PKIX");
+
+ validator.validate(path, params);
+ }
+
+}
diff --git a/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorIntermediate.java b/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorIntermediate.java
new file mode 100644
index 0000000..ee450f9
--- /dev/null
+++ b/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorIntermediate.java
@@ -0,0 +1,256 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * @test
+ *
+ * @bug 6861062
+ * @summary Disable MD2 support
+ *
+ * @author Xuelei Fan
+ */
+
+import java.io.*;
+import java.net.SocketException;
+import java.util.*;
+import java.security.Security;
+import java.security.cert.*;
+
+public class CPValidatorIntermediate {
+
+ // SHA1withRSA 1024
+ static String trustAnchor_SHA1withRSA_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
+ "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
+ "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
+ "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
+ "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
+ "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
+ "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
+ "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
+ "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
+ "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
+ "tas=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512
+ static String trustAnchor_SHA1withRSA_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
+ "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
+ "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
+ "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
+ "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
+ "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
+ "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
+ "U5r+8B9nzx+j2Zh3kw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 1024
+ static String intermediate_SHA1withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN\n" +
+ "P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb\n" +
+ "Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y\n" +
+ "e4q7TSwe6QevGOZaL5N/iy2XGEs=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 512
+ static String intermediate_SHA1withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze\n" +
+ "WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm\n" +
+ "w6Dd\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 1024
+ static String intermediate_SHA1withRSA_512_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY\n" +
+ "h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG\n" +
+ "LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 512
+ static String intermediate_SHA1withRSA_512_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx\n" +
+ "O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 1024
+ static String intermediate_MD2withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc\n" +
+ "Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB\n" +
+ "E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd\n" +
+ "m8omKDKeCgcw5dR4ITQYvyxe1as=\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 512
+ static String intermediate_MD2withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy\n" +
+ "0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx\n" +
+ "KQdp\n" +
+ "-----END CERTIFICATE-----";
+
+ private static CertPath generateCertificatePath(String certStr)
+ throws CertificateException {
+ // generate certificate from cert strings
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+ ByteArrayInputStream is;
+
+ is = new ByteArrayInputStream(certStr.getBytes());
+ Certificate cert = cf.generateCertificate(is);
+
+ // generate certification path
+ List<Certificate> list = Arrays.asList(new Certificate[] {cert});
+
+ return cf.generateCertPath(list);
+ }
+
+ private static Set<TrustAnchor> generateTrustAnchors()
+ throws CertificateException {
+ // generate certificate from cert string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ HashSet<TrustAnchor> anchors = new HashSet<TrustAnchor>();
+
+ ByteArrayInputStream is =
+ new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes());
+ Certificate cert = cf.generateCertificate(is);
+ TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes());
+ cert = cf.generateCertificate(is);
+ anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ return anchors;
+ }
+
+ public static void main(String args[]) throws Exception {
+ try {
+ validate(intermediate_SHA1withRSA_1024_1024);
+ validate(intermediate_SHA1withRSA_1024_512);
+ validate(intermediate_SHA1withRSA_512_1024);
+ validate(intermediate_SHA1withRSA_512_512);
+ } catch (CertPathValidatorException cpve) {
+ throw new Exception(
+ "unexpect exception, it is valid cert", cpve);
+ }
+
+ try {
+ validate(intermediate_MD2withRSA_1024_1024);
+ throw new Exception("expected algorithm disabled exception");
+ } catch (CertPathValidatorException cpve) {
+ System.out.println("Get the expected exception " + cpve);
+ }
+
+ try {
+ validate(intermediate_MD2withRSA_1024_512);
+ throw new Exception("expected algorithm disabled exception");
+ } catch (CertPathValidatorException cpve) {
+ System.out.println("Get the expected exception " + cpve);
+ }
+ }
+
+ private static void validate(String intermediate)
+ throws CertPathValidatorException, Exception {
+
+ CertPath path = generateCertificatePath(intermediate);
+ Set<TrustAnchor> anchors = generateTrustAnchors();
+
+ PKIXParameters params = new PKIXParameters(anchors);
+
+ // disable certificate revocation checking
+ params.setRevocationEnabled(false);
+
+ // set the validation time
+ params.setDate(new Date(109, 9, 1)); // 2009-09-01
+
+ CertPathValidator validator = CertPathValidator.getInstance("PKIX");
+
+ validator.validate(path, params);
+ }
+
+}
diff --git a/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorTrustAnchor.java b/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorTrustAnchor.java
new file mode 100644
index 0000000..1aeac57
--- /dev/null
+++ b/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorTrustAnchor.java
@@ -0,0 +1,169 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * @test
+ *
+ * @bug 6861062
+ * @summary Disable MD2 support
+ *
+ * @author Xuelei Fan
+ */
+
+import java.io.*;
+import java.net.SocketException;
+import java.util.*;
+import java.security.Security;
+import java.security.cert.*;
+
+public class CPValidatorTrustAnchor {
+
+ static String selfSignedCertStr = null;
+
+ // SHA1withRSA 1024
+ static String trustAnchor_SHA1withRSA_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
+ "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
+ "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
+ "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
+ "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
+ "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
+ "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
+ "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
+ "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
+ "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
+ "tas=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512
+ static String trustAnchor_SHA1withRSA_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
+ "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
+ "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
+ "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
+ "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
+ "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
+ "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
+ "U5r+8B9nzx+j2Zh3kw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 2048
+ static String trustAnchor_MD2withRSA_2048 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIDQzCCAiugAwIBAgIBADANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDdaFw0zMDA3MTcwMTExNDda\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIIBIjANBgkqhkiG9w0B\n" +
+ "AQEFAAOCAQ8AMIIBCgKCAQEArF5pINc5s+aUlmdYlxtAQ3V4TXFnP/XOYHxjfLuX\n" +
+ "eKO/kh78LMvbDisTPQ2yo9YEawwwbUU40xcuzgi0axXgKveHXYdUmTr0hEapq3rv\n" +
+ "g/q2EbOjyXvq4qK2RDoVCN8R3wXiytnY2OFALTx6zc2tW4imJ20svdNVtWhv2syj\n" +
+ "ZTmmRXAeFUbD4qKWAFij0I6pnSgVssvWzeyJUNemym+oiYyaSd7n5j1RNAqUKioo\n" +
+ "K/T0FOOiuPGMqottgx5YRHa6yapCP5QVWRQ+WBIYJY3Wyq7N+Es20LT6761Pk3to\n" +
+ "EFCzM7+zqT/c+pC079HOKXz+m2us+HKp5BKWNnbvgaYPOQIDAQABo4GJMIGGMB0G\n" +
+ "A1UdDgQWBBSrSukJf+mO5LTRasAGD9RRs7SASTBHBgNVHSMEQDA+gBSrSukJf+mO\n" +
+ "5LTRasAGD9RRs7SASaEjpCEwHzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1w\n" +
+ "bGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEC\n" +
+ "BQADggEBAHvsv+DqMJeIW/D+ltkhw37OdMzkMPp4E6Hbp03O3GZ5LfNGczHCb2uL\n" +
+ "sr5T7e/jaBFn6QfmqbOAYAHJSNq2bNNtTbatnHBLuVx13cfxmwk89Cg/tFeoUdcf\n" +
+ "m5hzurB6Ub6SsYMOxZHUYp/KxM9x9a7llC1bK3SKXwd4rVDlXh8DOBvdQNr5Q3yq\n" +
+ "JjY86bSXO14VzNxL/1rqHiszQdPyR/28SBsQVYSi0Zeyc4Yy1ui/cXu1+PWYw3YZ\n" +
+ "QUPHTnkVdPGwRiUqeZIcps+q+ePlQQmDu5qiLD6d8gsyGyY/RvCHWKO5Y9DuX9hs\n" +
+ "he/AhCWQx+TQYGLu0liQqLkGZydyRnA=\n" +
+ "-----END CERTIFICATE-----";
+
+ private static CertPath generateCertificatePath()
+ throws CertificateException {
+ // generate certificate from cert strings
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+ ByteArrayInputStream is;
+
+ is = new ByteArrayInputStream(selfSignedCertStr.getBytes());
+ Certificate selfSignedCert = cf.generateCertificate(is);
+
+ // generate certification path
+ List<Certificate> list = Arrays.asList(new Certificate[] {
+ selfSignedCert});
+
+ return cf.generateCertPath(list);
+ }
+
+ private static Set<TrustAnchor> generateTrustAnchors()
+ throws CertificateException {
+ // generate certificate from cert string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+ ByteArrayInputStream is =
+ new ByteArrayInputStream(selfSignedCertStr.getBytes());
+ Certificate selfSignedCert = cf.generateCertificate(is);
+
+ // generate a trust anchor
+ TrustAnchor anchor =
+ new TrustAnchor((X509Certificate)selfSignedCert, null);
+
+ return Collections.singleton(anchor);
+ }
+
+ public static void main(String args[]) throws Exception {
+ try {
+ validate(trustAnchor_SHA1withRSA_1024);
+ validate(trustAnchor_SHA1withRSA_512);
+ } catch (CertPathValidatorException cpve) {
+ throw new Exception(
+ "unexpect exception, it is valid cert", cpve);
+ }
+
+ try {
+ validate(trustAnchor_MD2withRSA_2048);
+ throw new Exception("expected algorithm disabled exception");
+ } catch (CertPathValidatorException cpve) {
+ System.out.println("Get the expected exception " + cpve);
+ }
+ }
+
+ private static void validate(String trustAnchor)
+ throws CertPathValidatorException, Exception {
+ selfSignedCertStr = trustAnchor;
+
+ CertPath path = generateCertificatePath();
+ Set<TrustAnchor> anchors = generateTrustAnchors();
+
+ PKIXParameters params = new PKIXParameters(anchors);
+
+ // disable certificate revocation checking
+ params.setRevocationEnabled(false);
+
+ // set the validation time
+ params.setDate(new Date(109, 9, 1)); // 2009-09-01
+
+ CertPathValidator validator = CertPathValidator.getInstance("PKIX");
+
+ validator.validate(path, params);
+ }
+
+}
diff --git a/test/sun/security/provider/certpath/DisabledAlgorithms/README b/test/sun/security/provider/certpath/DisabledAlgorithms/README
new file mode 100644
index 0000000..6577db9
--- /dev/null
+++ b/test/sun/security/provider/certpath/DisabledAlgorithms/README
@@ -0,0 +1,640 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+ Certificates and CRLs
+
+Here lists the Certificates, which was generated by generate.sh, used in the
+test cases.
+
+The generate.sh depends on openssl, and it should be run under ksh. The
+script will create many directories and files, please run it in a
+directory outside of JDK workspace.
+
+1. root certifiate and key (SHA1withRSA 1024, root_cert_sha1_1024.pem)
+-----BEGIN CERTIFICATE-----
+MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa
+MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH
+E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd
+rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID
+AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME
+QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO
+BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw
+DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z
+Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+
+UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc
+tas=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,DF5249E009A0FD79
+
+rc316yLipp/vH0i6rhEbEwZpZ+HfKIXnnp/bIIZv2+4lyGUDWrxN0Hk0TcSgWEKm
+dRGI2fsyWjTgaiHwwmusofXPAjB3s0I2rUUAHXk8/sEuiLLTICx2UAL8k6R33CSQ
+NKR8t+TluBW3Us71vibWauuMHa5860KiiLWdhkQVLin7m/JBGLtz0zQ0/lZ8CgEm
+p7eDupPi8FBClCyVewdpmKjgI2KPI4fVIZLMzLeGcWLaOQPN1ERcFWQ1CS/qjfMb
+F4rtpZ+AzCqP75XPhitT2CnZgaVDxHBtAZQVPuKONMdijKphjqiT/Sd86Gx6OEVE
+EwwmQya2Q/5aCuH96S00mj00oeIZ7ZtUcVQcch+saJy4vpuxK8pFcEDKmgsvL9+8
+Hho9RUXVUKRH67uA1NjQSK5+syEIj5sJCDcxOda4QGXeIq9ygaZswxF3nfvffrsa
+S6IVBXrx0G+Ascu29SHoI+zi3feQszQJIzijHoTTq6FacLHUWzfVuaYa47uaj5qa
+VYsMVCzi1eX486o7YKPKWiclNczQN86v5n9+c9uggXY12wSOmnf6BB1Ds+oL8JlU
+IZa67lAyg6G9joAb9rTXN2EE5OTArcFuImK8GHse/3wkIPMglBNnfwpvjC1U+vQm
+F7iXp+OxnZ5d9sBcrTBEZ9BDlTVlpiZI7EeS1oC8x6DDTdbJR/40Y3wJIDMI9q9T
+O5EnyXqbmQziO0Tgal43w6mMTUnhG34kqovwxy03mAOZb3yz/RgWlez9wQmPseiI
+2p2fQIjCPbGFNJt3rdyXOW/BRCii0970HEZeov/TVV/A0vUVajNAjA==
+-----END RSA PRIVATE KEY-----
+
+2. root certifiate and key (SHA1withRSA 512, root_cert_sha1_512.pem)
+-----BEGIN CERTIFICATE-----
+MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa
+MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv
+7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU
+g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ
+5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G
+A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b
+FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia
+U5r+8B9nzx+j2Zh3kw==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,B8BDE38F08C6BB76
+
+eJzx2oZE0UXxWpzssSWtKBOCbm3ZXR6iBKX8iKoDUB5SzzmKr+XzxI7kyv92y0pe
+rNTuuCWpBsLdlz7h8Ipn4pBDYswGU5F9MQOEgIYx60OvGhZODHGRzJ05FXTeCmmu
+LLp6lGW4SWALcd8g/gJUn1/vp7f1VzQ7RwXWBn4/b34RRYtwr3E6nl4Hc2tEI1in
+OL+lCdAAyxjGK7KYFHJQK+1E8tYNrer3cejQDcNysGx4o0H123vfp3NtJ6U7LXyi
+D21y3zmPueJos8LluJiLRsONcrcI3mIfpPBsO+Yl2EJtzS9V6Aaq/YdPkwPHH6Y5
+lazGMPXq/nffb12fWLL7m5aFb3FNLwWi/qwEynWCEv7Vl/6kLk+aHhjTnYkLvLNH
+9maQFn6j0S3wqogRfW9BDbfC3fRHP6+8YjEEmQ0RTfE=
+-----END RSA PRIVATE KEY-----
+
+3. root certifiate and key (MD2withRSA 2048, root_cert_md2_2048.pem)
+-----BEGIN CERTIFICATE-----
+MIIDQzCCAiugAwIBAgIBADANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDdaFw0zMDA3MTcwMTExNDda
+MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEArF5pINc5s+aUlmdYlxtAQ3V4TXFnP/XOYHxjfLuX
+eKO/kh78LMvbDisTPQ2yo9YEawwwbUU40xcuzgi0axXgKveHXYdUmTr0hEapq3rv
+g/q2EbOjyXvq4qK2RDoVCN8R3wXiytnY2OFALTx6zc2tW4imJ20svdNVtWhv2syj
+ZTmmRXAeFUbD4qKWAFij0I6pnSgVssvWzeyJUNemym+oiYyaSd7n5j1RNAqUKioo
+K/T0FOOiuPGMqottgx5YRHa6yapCP5QVWRQ+WBIYJY3Wyq7N+Es20LT6761Pk3to
+EFCzM7+zqT/c+pC079HOKXz+m2us+HKp5BKWNnbvgaYPOQIDAQABo4GJMIGGMB0G
+A1UdDgQWBBSrSukJf+mO5LTRasAGD9RRs7SASTBHBgNVHSMEQDA+gBSrSukJf+mO
+5LTRasAGD9RRs7SASaEjpCEwHzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1w
+bGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEC
+BQADggEBAHvsv+DqMJeIW/D+ltkhw37OdMzkMPp4E6Hbp03O3GZ5LfNGczHCb2uL
+sr5T7e/jaBFn6QfmqbOAYAHJSNq2bNNtTbatnHBLuVx13cfxmwk89Cg/tFeoUdcf
+m5hzurB6Ub6SsYMOxZHUYp/KxM9x9a7llC1bK3SKXwd4rVDlXh8DOBvdQNr5Q3yq
+JjY86bSXO14VzNxL/1rqHiszQdPyR/28SBsQVYSi0Zeyc4Yy1ui/cXu1+PWYw3YZ
+QUPHTnkVdPGwRiUqeZIcps+q+ePlQQmDu5qiLD6d8gsyGyY/RvCHWKO5Y9DuX9hs
+he/AhCWQx+TQYGLu0liQqLkGZydyRnA=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,3910D329AD49ECFC
+
+6K0OU3Xrl2H6kz7x7EHXkM0/Wd6jXBBwWsaroUIGnbIMmljJXPfgcuDUu6f5Imk1
+ndoU0GWjxa1QNjteAQQtFoLDP8rienLs0b969OcAxB0EOffQFkEfsfXdyEIgdwkD
+ETczwDIyd8Wj62ClydJES3jKB9Nc9kMIlsoZ+h24TyJeeRsHAtMrz+mlOHsUWDQ5
+FyYZelnx+fQ5maD3bura7xLiNl8CvgWz0wt2Wt4djdMGhQ3OWd0/GWweP+2xnL6n
+5tDJ5On50+Z5T8Jhx62yg+wQiBKAYnYw6OX3skJwWknuAvYz3Z3e12DHFx6w5EAU
+K7lg7fHMqHNirUkJOlYzgJ21ybV4uQmFRNQJwI9h6GVfdZWPEU+Ni42AlNgNYskF
+K19dONNNt0Gwkcm2VOYzwYGDyaQW2YIGDk1fbZdVSu/h/lyOC/RmorGWroAbYsyB
+/GUIilcLtQHPGI8XuojTS2/UWcKactpceN3UOnQkus3/smViEqqB/NQ/lcozgs0o
+7ZG6H6to7w1yb5VR2d7B2bS7MNJt1AsOB5ydAMYIccdHDTI7CfRK6axQ70O/JPnJ
+WLY2e41ig2uAWk/3fRb8L6d3keVcN7y4WnkXPbHhulqtxQo78iSQQAf7tDMBxWKx
+C5LQW3CxLkHKp6g22SDxl2LjJyu5nDbtIh3Pq+BCoA25uqXC4rPoWwV7EWYv8Z+Y
+E6dS98SEa+cDhpllvGzbTKgcP1VqtQbb9VT92UT1mFrklqRuQIxROeCe4wjp5TKo
+D2losUDdzpqBHkBNo2I8qZkgybeCvWEq73my2+JG1AAIFFB1kzfBNaBDGiGSuUuS
+5peV8156aaLg5pxdieoRJ3Y7eaWN1wH5CnRnafoB+lxSUsQO1a7y2LbpedrKjs+2
+AryPHQw7HLd8IQevmvd7BhJLdvlt+kXzWID/pUsSAYvI7aP4daQJuAt/kwmU27Gd
+wqhV8Tjbb84vFGmqGHtb2YbKfUrsPUNOLBF+U4SDAgBhEyhINQZyRDcqqoywO5Dr
+sV46nTEfwAgt88KFt2CEhiyvoJbtCj1iMJeAzuljwF4z4RzB1i3TK0MaJYID2rxB
+E1vK9EZIssk/NeImN2YCbuqOhU58jtOwYh3ruS+mZQm1APvJF9N4tCCVQsjWC6zY
+4eqs7T6VDFH4AaT7b3J3rTsEpWIDUfagetZs5kR9SiWJC7dU7r53gGg4avVyIIHD
++MYCS+auD9/nmVf4iYstVgJFMUJXC2EUOLi0r8KmDkCILl/K3X/W7QwFTnC07gLh
+/9HjWFJ0R6cyODzvE8NGPMeuJGUT2F+mA1vaAC/PBGz+61AF0BjWTZ7x2sH+tSPP
+/GVEaCgyzrKRX5XX+7DulTcmFj1JNfMmtbDaJa9WnwOI4qszBGrAcYeYTHXR6Yov
+Ux/P6RStfa+UwSjo8i3nfdgLk+RXCpN0srMjSmiQx8d5R/kISqXKDtQfS5M6gsoh
+ROz+6zZP8Gh8yakr1p4C6JUSiLDYP5qXzxr8bp+oxvpY7anEDAqx21HyExEAu+gy
+IrNl75FWqV8BbKxoFfe9LqyDaryXXA8oy6F+4BT/zRrxp+dym9pbd+OZR423BIij
+-----END RSA PRIVATE KEY-----
+
+4. subca certificate and key (SHA1withRSA 1024, root_cert_sha1_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
+BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
+bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
+AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
+UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw
+HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
+AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN
+P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb
+Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y
+e4q7TSwe6QevGOZaL5N/iy2XGEs=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0480E76FD259323B
+
+npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
+LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
+yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
+5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
+FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
+W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
+4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
+Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
+UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
+mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
+eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
+6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
+GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
+-----END RSA PRIVATE KEY-----
+
+
+5. subca certificate and key (SHA1withRSA 1024, root_cert_sha1_512.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
+BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
+bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
+AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
+UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw
+HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
+AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze
+WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm
+w6Dd
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0480E76FD259323B
+
+npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
+LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
+yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
+5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
+FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
+W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
+4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
+Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
+UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
+mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
+eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
+6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
+GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
+-----END RSA PRIVATE KEY-----
+
+
+6. subca certificate and key (SHA1withRSA 512, root_cert_sha1_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV
+lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA
+AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw
+PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD
+VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G
+CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY
+h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG
+LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0A94F7EA4C89CA33
+
+tfKdAZVSrpeS/hU4+mGYcGGx3nNqrE+CzDAfLadVuXz5ju5p9oFhLTZj99wK+uHn
+prrWmDNOdYKRBJn7h40WV6zi4lR3JgnuYNxH8fxO3PI+HQ9IuvdoTyqUeXTP4Zj1
+BCnr1k1D2WGDXvnh+saq9qRpMKThjK/OF0YmDa07PI5NOBdMA3EmkNYfwib2GfBV
+el4FVkfnPQkLGahTh3SC62TzPlnsAgirCeua7ZLPqN3fkZkYbXZd9op2D31n7cBP
+zztg0ah8WF4gPOd/BBZeR9XDog5qm/wzyBj0F6ClHRPjpGYhAm2Vw66xOBlGFYI9
+lVmFQzrPcDNlFTybzhl5C6Qy4cPQh+QErDWxljVI52oYYmY/KRmUGGL7hEG8ZGOn
+EUgFrEJyAY7w4wpBC5n9SotwyPXhwKQ1uCBq+1zElPw=
+-----END RSA PRIVATE KEY-----
+
+7. subca certificate and key (SHA1withRSA 512, root_cert_sha1_512.pem signed)
+-----BEGIN CERTIFICATE-----
+MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV
+lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA
+AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw
+PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD
+VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G
+CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx
+O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0A94F7EA4C89CA33
+
+tfKdAZVSrpeS/hU4+mGYcGGx3nNqrE+CzDAfLadVuXz5ju5p9oFhLTZj99wK+uHn
+prrWmDNOdYKRBJn7h40WV6zi4lR3JgnuYNxH8fxO3PI+HQ9IuvdoTyqUeXTP4Zj1
+BCnr1k1D2WGDXvnh+saq9qRpMKThjK/OF0YmDa07PI5NOBdMA3EmkNYfwib2GfBV
+el4FVkfnPQkLGahTh3SC62TzPlnsAgirCeua7ZLPqN3fkZkYbXZd9op2D31n7cBP
+zztg0ah8WF4gPOd/BBZeR9XDog5qm/wzyBj0F6ClHRPjpGYhAm2Vw66xOBlGFYI9
+lVmFQzrPcDNlFTybzhl5C6Qy4cPQh+QErDWxljVI52oYYmY/KRmUGGL7hEG8ZGOn
+EUgFrEJyAY7w4wpBC5n9SotwyPXhwKQ1uCBq+1zElPw=
+-----END RSA PRIVATE KEY-----
+
+8. subca certificate and key (MD2withRSA 1024, root_cert_sha1_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
+BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
+bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
+AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
+UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw
+HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
+AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc
+Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB
+E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd
+m8omKDKeCgcw5dR4ITQYvyxe1as=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0480E76FD259323B
+
+npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
+LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
+yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
+5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
+FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
+W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
+4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
+Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
+UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
+mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
+eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
+6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
+GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
+-----END RSA PRIVATE KEY-----
+
+
+9. subca certificate and key (MD2withRSA 1024, root_cert_sha1_512.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
+BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
+bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
+AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
+UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw
+HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
+AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy
+0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx
+KQdp
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0480E76FD259323B
+
+npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
+LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
+yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
+5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
+FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
+W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
+4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
+Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
+UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
+mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
+eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
+6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
+GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
+-----END RSA PRIVATE KEY-----
+
+
+a. end entity certificate and key
+ (SHA1withRSA 1024, subca_cert_sha1_1024_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
+vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
+z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
+c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
+OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG
+9w0BAQUFAAOBgQAOfIeasDg91CR3jGfuAEVKwncM1OPFmniAUcdPm74cCAyJ90Me
+dhUElWPGoAuXGfiyZlOlGUYWqEroe/dnkmnotJjLWR+MA4ZyX3O1YI8T4W3deWcC
+J4WMCF7mp17SaYYKX9F0AxwNJFpUkbB41IkTxPr0MmzB1871/pbY8dLAvA==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
+
+042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
+Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
+8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
+NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
+pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
+XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
+ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
+HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
+4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
+CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
+DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
++Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
+eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
+-----END RSA PRIVATE KEY-----
+
+b. end entity certificate and key
+ (SHA1withRSA 1024, subca_cert_sha1_512_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
+vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
+z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
+c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
+OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG
+9w0BAQUFAANBADV6X+ea0ftEKXy7yKNAbdIp35893T6AVwbdclomPkeOs86OtoTG
+1BIzWSK9QE7W6Wbf63e2RdcqoLK+DxsuwUg=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
+
+042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
+Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
+8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
+NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
+pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
+XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
+ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
+HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
+4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
+CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
+DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
++Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
+eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
+-----END RSA PRIVATE KEY-----
+
+c. end entity certificate and key
+ (SHA1withRSA 512, subca_cert_sha1_1024_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3
+DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo
+uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE
+AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU
+31g/ZkU6aXFAJVKhrrv0ebfAgeYwDQYJKoZIhvcNAQEFBQADgYEAUyW8PrEdbzLu
+B+h6UemBOJ024rYq90hJE/5wUEKPvxZ9vPEUgl+io6cGhL3cLfxfh6z5xtEGp4Tb
+NB0Ye3Qi01FBiNDY8s3rQRrmel6VysU8u+0Oi2jmQY6vZXn/zXN5rrTLITCaSicG
+dOMv1xLM83Ee432WWlDwKOUxhzDGpWc=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,153918982D82A26E
+
+5w5MNd16M1draSfIFAuWNfP3869l9y8vMI1kOcxqsxjeG6YfgKUyu6PEYlj1R7d1
+/+UwVs9RGm3V7AwV4G1Qpnd+jaMLpgPVMP12sHPnslBE4SQe9bAZ+X5i2/5uesHv
+bF7OBMqsYW8+Kgsy1Ac0pBx/8yoFYdD3KYFnIP20kV2Xxy4PtQQ6tHJ33dGslTNU
+qrcJsyUyYj6wORlb7huuP5Ua8f28Xs/KvnNJG0094kC1WHi3Raf4AoD/rvraVtCQ
+5jrK9se8D6su+S3SEW0YndxivbNx3xJu2O72e7lS6yb5ht3U7xNSSWTffIlW1okI
+zjscK0iv9S+x452mLIFUgkmriVJLFfjTMRCbhS1J6q9FXLDdre/2O18FO2TvwRIE
+6Bwt2utfOAGccRHLsdgcXkv+ngCTCkuCnmh2XZWqmvA=
+-----END RSA PRIVATE KEY-----
+
+d. end entity certificate and key
+ (SHA1withRSA 512, subca_cert_sha1_512_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3
+DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo
+uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE
+AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU
+N0CHiTYPtjyvpP2a6y6mhsZ6U40wDQYJKoZIhvcNAQEFBQADQQBG4grtrVEHick0
+z/6Lcl/MGyHT0c8KTXE0AMVXG1NRjAicAmYno/yDaJ9OmfymObKZKV9fF7yCW/N/
+TMU6m7N0
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,153918982D82A26E
+
+5w5MNd16M1draSfIFAuWNfP3869l9y8vMI1kOcxqsxjeG6YfgKUyu6PEYlj1R7d1
+/+UwVs9RGm3V7AwV4G1Qpnd+jaMLpgPVMP12sHPnslBE4SQe9bAZ+X5i2/5uesHv
+bF7OBMqsYW8+Kgsy1Ac0pBx/8yoFYdD3KYFnIP20kV2Xxy4PtQQ6tHJ33dGslTNU
+qrcJsyUyYj6wORlb7huuP5Ua8f28Xs/KvnNJG0094kC1WHi3Raf4AoD/rvraVtCQ
+5jrK9se8D6su+S3SEW0YndxivbNx3xJu2O72e7lS6yb5ht3U7xNSSWTffIlW1okI
+zjscK0iv9S+x452mLIFUgkmriVJLFfjTMRCbhS1J6q9FXLDdre/2O18FO2TvwRIE
+6Bwt2utfOAGccRHLsdgcXkv+ngCTCkuCnmh2XZWqmvA=
+-----END RSA PRIVATE KEY-----
+
+e. end entity certificate and key
+ (MD2withRSA 1024, subca_cert_sha1_1024_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
+vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
+z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
+c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
+OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG
+9w0BAQIFAAOBgQBxKsFf8NNQcXjDoKJJSG4Rk6ikcrhiGYuUI32+XHvs6hnav1Zc
+aJUpy7J4gMj/MnysMh/4AF9+m6zEEjuisXKUbYZhgtJxz+ukGSo163mJ8QJiAlRb
+Iwsy81r08mlSCR6jx2YhDAUxJIPC92R5Vb4CEutB7tWTwwz7vIHq330erA==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
+
+042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
+Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
+8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
+NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
+pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
+XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
+ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
+HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
+4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
+CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
+DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
++Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
+eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
+-----END RSA PRIVATE KEY-----
+
+f. end entity certificate and key
+ (MD2withRSA 1024, subca_cert_sha1_512_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
+vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
+z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
+c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
+OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG
+9w0BAQIFAANBAIX63Ypi9P71RnC/pcMbhD+wekRFsTzU593X3MC7tyBJtEXwvAZG
+iMxXF5A+ohlr7/CrkV7ZTL8PLxnJdY5Y8rQ=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
+
+042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
+Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
+8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
+NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
+pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
+XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
+ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
+HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
+4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
+CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
+DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
++Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
+eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
+-----END RSA PRIVATE KEY-----
+
+h. root CRL issuer
+-----BEGIN CERTIFICATE-----
+MIICKzCCAZSgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDgxNjMwNTdaFw0yOTA0MjUxNjMwNTda
+MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQCy6RoQ6nMdeGJ6ijfjqDu3tDmeGLgnvfBcUKvcsvz9Ji3m
+oGnTzECo1oLV+A4/TJxOlak+ZiQ5KVyvfMcXLJeT6dRpXQZ+uc6TT3SkBq94VFzX
+qkk08z42JNdk1s5uyW8nRfg7+xntajQVrysoPYNDhu21cPnjDkRiBsIdS7+75QID
+AQABo3cwdTAdBgNVHQ4EFgQUGcJU6xWo66kI1QBvlfTQKxxmx9IwRwYDVR0jBEAw
+PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD
+VQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjANBgkqhkiG9w0BAQQFAAOBgQBx
+uKL59VInPdCi+8JL4B+S5YjlPL4ZOBHTjS0JlNxtjbGZdfs+3E9PUAdqhMJO4vq7
+XD+hGtgZtwSqGaSUYAtpLdoCr7vvPkcrxYTG2Ak+UiTbZhmJeSswKgFaCmjjdMCy
+y64UP2DQfn6Zi0wCfeao0m9s3zRLuJpgaQGiSHTQKA==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,41E4237825CE0148
+
+9nbfd7dsaS+fkFYrU1+wTcevjdRLF/j9DUVQh/2bsFlVEYgeL8A+XpvpbXHYBd7H
+oBreofDNseibHe4EgISGPK8RymjYutQqPpbHwXd25jlUuUapvvuCj8V6qnhgpqEo
+zXL1Nd2c6KZgdySosyWy8JfIBZJ3kwiSkXVwzs8R4bAGrg1VS80GuszvCv8Fzjoc
+LuesX6fViE9yFzLsyOvn/W12DKhTXwiXTQYLUupM8zI9Kpozbea52ZIPMJ9HEiaY
+JgwNj05w33VxTe/tq3R9vS2Ee6aM4odi6CQEheLsUAnyE0BTsITKzwwTI25WTv25
+W+gwSF3V49a34MojTdlORq5iH0b3rYl7OMdk+99elJSkyQIbVwwOCFrKuSXYXvV7
+s9iMPFUbi+bZ3oP6zM5kVUcH6KyVeYfkuLf2+k1vPlav8/W5v+WfnvUNOBx76Ira
+BzVPYmm2V+YFiFL1hugm5Wv+yyx8QcfgXbvhNHoIEj7hh6Ac48FhtqEcBHjuT/gy
+7atJJUdOH6hhmD34hkHGnhcDE15ZOczxTLRC9450h5HKsZ0FILRlCBZLmiedycs2
+zqhUpR4jzDG9jKrlDU4ErfMgPLjveZc3/VT3bc+TYfuC8szCaQ5XX1JVcabZ+HQw
+pwmA1ONZDVsFzwbJy9+5bgXX+wLD5kaez8EHNDS5PgqgL0UdrWjdRi6e1RwlTDEw
+g/d7TZm/iQeL1iUIfkPA1f0ByYIiyd3XQqiQ/Mf1C16lQkhTHDwofFJdL8otT2Ha
+dk6fa7lBOnrpbRKUdpJpYfyqHg80BYNPu6BacVXlYqtJtkFK04qHbA==
+-----END RSA PRIVATE KEY-----
+
+i. CRL issued by root CRL issuer
+-----BEGIN X509 CRL-----
+MIH2MGECAQEwDQYJKoZIhvcNAQEFBQAwHzELMAkGA1UEBhMCVVMxEDAOBgNVBAoT
+B0V4YW1wbGUXDTA5MDgwODE2MzU1MFoXDTI4MTAwNzE2MzU1MFqgDjAMMAoGA1Ud
+FAQDAgEAMA0GCSqGSIb3DQEBBQUAA4GBAJCd7e25MruuWJP/KmenGC6CR22pQuG+
+XhRaAtpHkNRls8+TfBxm2PtRrXCAcDb68kNLdwvlAlCUwmL6HOx4VB3r+8QRUlDa
+T48wVp1ojGU2b2XbPtXiYZBXW6hBsFHGDJM/IAGJPE2PbVYGlBc23A9V9WyPyThi
+9XXG1iOTIJ6u
+-----END X509 CRL-----
+
+j. subca CRL issuer
+-----BEGIN CERTIFICATE-----
+MIICPTCCAaagAwIBAgIBCzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDgxNjMwNThaFw0yOTA0MjUxNjMwNTha
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8KICP0bdOZVlR9gZu7TgD
+znXgSMER1IQtompgr1mWeZjX4LmRck3/ogHoxwC4RbNPKI3KIihcVdFHw2jgvE0M
+mpf2lI50tmhnLitM8P0/q8xUU/KncipADo4hkM5TbpjPeGUBTGLKzGrq7yyT9Uli
+Z74rrp1mS59TxcEI2YQMIQIDAQABo3cwdTAdBgNVHQ4EFgQUDGgpD4L8V3aBJPLx
+C7diZ0M0wWMwRwYDVR0jBEAwPoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8x
+CzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjAN
+BgkqhkiG9w0BAQQFAAOBgQCcXqRge5UuW0duf/XnUWP4hrm4Q9EHJaiHZDYxI+WW
+Ca3OXdsrpgGi+RSgeMtQzlZ7YAwyYVV91U4BnX6s/97Vp5xbR3wr8Qbx67inM8Lp
+Tuo+e0nyTxwlwi9cSyy5MfJ8jfzaD+n8akhV+sx0Mmiv77YlrShP24lod55gJHKC
+vQ==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,16EC4E2C0855BD5C
+
+dJHcUsnACMhfESAalWrWrfARnUgGhpp3vupjePUiBJ86YmKaNNr6GAwDukg3EJvs
+tboO1QQziLSf9pP7gw82Vp5YctEkk7vJVvCcq3QkZAsjNUHf3m3ne2qg8HngufzY
+IS/C3EtKuMr3oqa7P8wvMcsBs1G1ga/YqCWoKzowXhybaYPe20fwUNRtgqgdS5Gy
+bAzQB9R+Ua2tCaXb3CBYnrczsYFPhjuULr4qbWgHVBWhnkS3OIz71WqcCoXmvD3s
+bsjoZRCJUM6Zavyzs0kVGZogiPdr+KUyzjNNsnxle5cEET6nqkYR16UT/Fvemz9Q
+szh/y0gCi1nZb6cw5e9BJyF1GlobzxWyMwwY9L4vZNaBNaVRun+6dRWy0svaPuEy
+fV/9Y0/la9scyA5yNHz8xud3Njhj2ghyG5Nqbs3N/pPXRVdh7WNFBnc+L/SIBhhB
+/Ha9+OZdqyuMf3G+I1+WVADQr8xQP8/yLEvybZYtssjnuCmQSLPDDQFnp2Z3spax
++AT+T4dRimMjf0mZK/NlRJU9PWqMHzsJGBY1A903oAiiHiRFD10z8vyPBigSDF2W
+ct6a8WI1prKho6HbMqeIlSPk+HkdCGZedNNbvRlKl4Y56IsHGAhb3wvQ+94049P9
+wu5thK69jNb7ie3YEefAZTb5kD0h+oB8BILOJ5B29C04JdDe6P6hjGKD7x3nRhHM
+nyCUMB/fhYpoXdDhz8CeJ77hFt2zFZRstlDctQsDqLkC0AdvlOFsEFqGM4AkBGcV
+f6Y+ykNQB3vEWPZsWqVXHB2vQvk00R55tgu+R5JJ45NLG2TqyOp/4A==
+-----END RSA PRIVATE KEY-----
+
+k. CRL issued by subca CRL issuer
+-----BEGIN X509 CRL-----
+MIIBLTCBlwIBATANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQMA4GA1UE
+ChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMRcNMDkwODA4MTYzNTUxWhcNMjgx
+MDA3MTYzNTUxWjAiMCACAQIXDTA5MDgwODE2MzU1MFowDDAKBgNVHRUEAwoBBKAO
+MAwwCgYDVR0UBAMCAQAwDQYJKoZIhvcNAQECBQADgYEAbIs7ws4/M24NYrIO0XY6
+UVxni0ZoQa+1R7NwU6unr4jFEVD+W/b+JEMfm0RUmpSa7HrUYsw+NycD3m5CD6VJ
+U4iuGGeJvHdrYJiPIYkEiFQnhAGOj8oS/nWtPvDKbuBMZI9atKkypby9At8h9URq
+1g/KSIM3rd1PYADdcPsok4I=
+-----END X509 CRL-----
+
diff --git a/test/sun/security/provider/certpath/DisabledAlgorithms/generate.sh b/test/sun/security/provider/certpath/DisabledAlgorithms/generate.sh
new file mode 100644
index 0000000..ff936e5
--- /dev/null
+++ b/test/sun/security/provider/certpath/DisabledAlgorithms/generate.sh
@@ -0,0 +1,255 @@
+#
+# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation. Sun designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Sun in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+# CA 95054 USA or visit www.sun.com if you need additional information or
+# have any questions.
+#
+
+#!/bin/ksh
+#
+# needs ksh to run the script.
+set -e
+
+OPENSSL=openssl
+
+# generate a self-signed root certificate
+if [ ! -f root/finished ]; then
+ if [ ! -d root ]; then
+ mkdir root
+ fi
+
+ # SHA1withRSA 1024
+ ${OPENSSL} req -x509 -newkey rsa:1024 -keyout root/root_key_1024.pem \
+ -out root/root_cert_sha1_1024.pem -subj "/C=US/O=Example" \
+ -config openssl.cnf -reqexts cert_issuer -days 7650 -sha1 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ # SHA1withRSA 512
+ ${OPENSSL} req -x509 -newkey rsa:512 -keyout root/root_key_512.pem \
+ -out root/root_cert_sha1_512.pem -subj "/C=US/O=Example" \
+ -config openssl.cnf -reqexts cert_issuer -days 7650 -sha1 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ # MD2withRSA 2048
+ ${OPENSSL} req -x509 -newkey rsa:2048 -keyout root/root_key_2048.pem \
+ -out root/root_cert_md2_2048.pem -subj "/C=US/O=Example" \
+ -config openssl.cnf -reqexts cert_issuer -days 7650 -md2 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ openssl req -newkey rsa:1024 -keyout root/root_crlissuer_key.pem \
+ -out root/root_crlissuer_req.pem -subj "/C=US/O=Example" -days 7650 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ openssl x509 -req -in root/root_crlissuer_req.pem -extfile openssl.cnf \
+ -extensions crl_issuer -CA root/root_cert_sha1_1024.pem \
+ -CAkey root/root_key_1024.pem -out root/root_crlissuer_cert.pem \
+ -CAcreateserial -CAserial root/root_cert.srl -days 7200 \
+ -passin pass:passphrase
+
+ touch root/finished
+fi
+
+
+# generate subca cert issuer
+if [ ! -f subca/finished ]; then
+ if [ ! -d subca ]; then
+ mkdir subca
+ fi
+
+ # RSA 1024
+ ${OPENSSL} req -newkey rsa:1024 -keyout subca/subca_key_1024.pem \
+ -out subca/subca_req_1024.pem -subj "/C=US/O=Example/OU=Class-1" \
+ -days 7650 -passin pass:passphrase -passout pass:passphrase
+
+ # RSA 512
+ ${OPENSSL} req -newkey rsa:512 -keyout subca/subca_key_512.pem \
+ -out subca/subca_req_512.pem -subj "/C=US/O=Example/OU=Class-1" \
+ -days 7650 -passin pass:passphrase -passout pass:passphrase
+
+ # SHA1withRSA 1024 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \
+ -CAkey root/root_key_1024.pem -out subca/subca_cert_sha1_1024_1024.pem \
+ -CAcreateserial -sha1 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 1024 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_512.pem \
+ -CAkey root/root_key_512.pem -out subca/subca_cert_sha1_1024_512.pem \
+ -CAcreateserial -sha1 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 512 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/subca_req_512.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \
+ -CAkey root/root_key_1024.pem -out subca/subca_cert_sha1_512_1024.pem \
+ -CAcreateserial -sha1 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 512 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/subca_req_512.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_512.pem \
+ -CAkey root/root_key_512.pem -out subca/subca_cert_sha1_512_512.pem \
+ -CAcreateserial -sha1 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ # MD2withRSA 1024 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \
+ -CAkey root/root_key_1024.pem -out subca/subca_cert_md2_1024_1024.pem \
+ -CAcreateserial -md2 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ # MD2withRSA 1024 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_512.pem \
+ -CAkey root/root_key_512.pem -out subca/subca_cert_md2_1024_512.pem \
+ -CAcreateserial -md2 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ openssl req -newkey rsa:1024 -keyout subca/subca_crlissuer_key.pem \
+ -out subca/subca_crlissuer_req.pem -subj "/C=US/O=Example/OU=Class-1" \
+ -days 7650 -passin pass:passphrase -passout pass:passphrase
+
+ openssl x509 -req -in subca/subca_crlissuer_req.pem -extfile openssl.cnf \
+ -extensions crl_issuer -CA root/root_cert_sha1_1024.pem \
+ -CAkey root/root_key_1024.pem -out subca/subca_crlissuer_cert.pem \
+ -CAcreateserial -CAserial root/root_cert.srl -days 7200 \
+ -passin pass:passphrase
+
+ touch subca/finished
+fi
+
+
+# generate certifiacte for Alice
+if [ ! -f subca/alice/finished ]; then
+ if [ ! -d subca/alice ]; then
+ mkdir -p subca/alice
+ fi
+
+ # RSA 1024
+ ${OPENSSL} req -newkey rsa:1024 -keyout subca/alice/alice_key_1024.pem \
+ -out subca/alice/alice_req_1024.pem \
+ -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ # RSA 512
+ ${OPENSSL} req -newkey rsa:512 -keyout subca/alice/alice_key_512.pem \
+ -out subca/alice/alice_req_512.pem \
+ -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ # SHA1withRSA 1024 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_1024_1024.pem \
+ -CAkey subca/subca_key_1024.pem \
+ -out subca/alice/alice_cert_sha1_1024_1024.pem -CAcreateserial -sha1 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 1024 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_512_1024.pem \
+ -CAkey subca/subca_key_512.pem \
+ -out subca/alice/alice_cert_sha1_1024_512.pem -CAcreateserial -sha1 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 512 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_512.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_1024_1024.pem \
+ -CAkey subca/subca_key_1024.pem \
+ -out subca/alice/alice_cert_sha1_512_1024.pem -CAcreateserial -sha1 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 512 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_512.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_512_1024.pem \
+ -CAkey subca/subca_key_512.pem \
+ -out subca/alice/alice_cert_sha1_512_512.pem -CAcreateserial -sha1 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ # MD2withRSA 1024 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_1024_1024.pem \
+ -CAkey subca/subca_key_1024.pem \
+ -out subca/alice/alice_cert_md2_1024_1024.pem -CAcreateserial -md2 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ # MD2withRSA 1024 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_512_1024.pem \
+ -CAkey subca/subca_key_512.pem \
+ -out subca/alice/alice_cert_md2_1024_512.pem -CAcreateserial -md2 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ touch subca/alice/finished
+fi
+
+if [ ! -f root/revoked ]; then
+ if [ ! -d root ]; then
+ mkdir root
+ fi
+
+ if [ ! -f root/index.txt ]; then
+ touch root/index.txt
+ echo 00 > root/crlnumber
+ fi
+
+ openssl ca -gencrl -config openssl.cnf -name ca_top -crldays 7000 -md sha1 \
+ -crl_reason superseded -keyfile root/root_crlissuer_key.pem \
+ -cert root/root_crlissuer_cert.pem -out root/top_crl.pem \
+ -passin pass:passphrase
+
+ touch root/revoked
+fi
+
+if [ ! -f subca/revoked ]; then
+ if [ ! -d subca ]; then
+ mkdir subca
+ fi
+
+ if [ ! -f subca/index.txt ]; then
+ touch subca/index.txt
+ echo 00 > subca/crlnumber
+ fi
+
+ # revoke alice's SHA1withRSA 1024 signed with RSA 1024
+ openssl ca -revoke subca/alice/alice_cert_sha1_1024_1024.pem \
+ -config openssl.cnf \
+ -name ca_subca -crl_reason superseded \
+ -keyfile subca/subca_crlissuer_key.pem \
+ -cert subca/subca_crlissuer_cert.pem -passin pass:passphrase
+
+ openssl ca -gencrl -config openssl.cnf \
+ -name ca_subca -crldays 7000 -md md2 \
+ -crl_reason superseded -keyfile subca/subca_crlissuer_key.pem \
+ -cert subca/subca_crlissuer_cert.pem \
+ -out subca/subca_crl.pem \
+ -passin pass:passphrase
+
+ touch subca/revoked
+fi
diff --git a/test/sun/security/provider/certpath/DisabledAlgorithms/openssl.cnf b/test/sun/security/provider/certpath/DisabledAlgorithms/openssl.cnf
new file mode 100644
index 0000000..5a090f0
--- /dev/null
+++ b/test/sun/security/provider/certpath/DisabledAlgorithms/openssl.cnf
@@ -0,0 +1,206 @@
+#
+# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation. Sun designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Sun in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+# CA 95054 USA or visit www.sun.com if you need additional information or
+# have any questions.
+#
+
+#
+# OpenSSL configuration file.
+#
+
+HOME = .
+RANDFILE = $ENV::HOME/.rnd
+
+[ ca ]
+default_ca = CA_default
+
+[ CA_default ]
+dir = ./top
+certs = $dir/certs
+crl_dir = $dir/crl
+database = $dir/index.txt
+unique_subject = no
+new_certs_dir = $dir/newcerts
+certificate = $dir/cacert.pem
+serial = $dir/serial
+crlnumber = $dir/crlnumber
+crl = $dir/crl.pem
+private_key = $dir/private/cakey.pem
+RANDFILE = $dir/private/.rand
+x509_extensions = v3_ca
+
+name_opt = ca_default
+cert_opt = ca_default
+
+default_days = 7650
+default_crl_days = 30
+default_md = sha1
+preserve = no
+
+policy = policy_anything
+
+[ ca_top ]
+dir = ./root
+certs = $dir/certs
+crl_dir = $dir/crl
+database = $dir/index.txt
+unique_subject = no
+new_certs_dir = $dir/newcerts
+certificate = $dir/cacert.pem
+serial = $dir/serial
+crlnumber = $dir/crlnumber
+crl = $dir/crl.pem
+private_key = $dir/private/cakey.pem
+RANDFILE = $dir/private/.rand
+
+x509_extensions = v3_ca
+
+name_opt = ca_default
+cert_opt = ca_default
+
+default_days = 7650
+default_crl_days = 30
+default_md = sha1
+preserve = no
+
+policy = policy_anything
+
+[ ca_subca ]
+dir = ./subca
+certs = $dir/certs
+crl_dir = $dir/crl
+database = $dir/index.txt
+unique_subject = no
+new_certs_dir = $dir/newcerts
+
+certificate = $dir/cacert.pem
+serial = $dir/serial
+crlnumber = $dir/crlnumber
+crl = $dir/crl.pem
+private_key = $dir/private/cakey.pem
+RANDFILE = $dir/private/.rand
+
+x509_extensions = usr_cert
+
+name_opt = ca_default
+cert_opt = ca_default
+
+default_days = 7650
+default_crl_days = 30
+default_md = sha1
+preserve = no
+
+policy = policy_anything
+
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+[ req ]
+default_bits = 1024
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = v3_ca
+
+string_mask = nombstr
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = NO
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = A-State
+
+localityName = Locality Name (eg, city)
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = Internet Widgits Pty Ltd
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+
+commonName = Common Name (eg, YOUR name)
+commonName_max = 64
+
+emailAddress = Email Address
+emailAddress_max = 64
+
+[ req_attributes ]
+challengePassword = A challenge password
+challengePassword_min = 4
+challengePassword_max = 20
+unstructuredName = An optional company name
+
+
+[ usr_cert ]
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
+
+[ v3_req ]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = email:example@openjdk.net, RID:1.2.3.4:true
+
+[ v3_ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+basicConstraints = critical,CA:true
+keyUsage = keyCertSign
+
+[ cert_issuer ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+basicConstraints = critical,CA:true
+keyUsage = keyCertSign
+
+
+[ crl_issuer ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+keyUsage = cRLSign
+
+
+[ crl_ext ]
+authorityKeyIdentifier = keyid:always,issuer:always
+
+[ ee_of_subca ]
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment, keyAgreement
+
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
diff --git a/test/sun/security/util/DerValue/BadValue.java b/test/sun/security/util/DerValue/BadValue.java
new file mode 100644
index 0000000..cbe2c6a
--- /dev/null
+++ b/test/sun/security/util/DerValue/BadValue.java
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6864911
+ * @summary ASN.1/DER input stream parser needs more work
+ */
+
+import java.io.*;
+import sun.security.util.*;
+import sun.misc.IOUtils;
+
+public class BadValue {
+
+ public static void main(String[] args) throws Exception {
+
+ // Test IOUtils.readFully
+
+ // We have 4 bytes
+ InputStream in = new ByteArrayInputStream(new byte[10]);
+ byte[] bs = IOUtils.readFully(in, 4, true);
+ if (bs.length != 4 || in.available() != 6) {
+ throw new Exception("First read error");
+ }
+ // But only 6 left
+ bs = IOUtils.readFully(in, 10, false);
+ if (bs.length != 6 || in.available() != 0) {
+ throw new Exception("Second read error");
+ }
+ // MAX read as much as it can
+ in = new ByteArrayInputStream(new byte[10]);
+ bs = IOUtils.readFully(in, Integer.MAX_VALUE, true);
+ if (bs.length != 10 || in.available() != 0) {
+ throw new Exception("Second read error");
+ }
+ // MAX ignore readAll
+ in = new ByteArrayInputStream(new byte[10]);
+ bs = IOUtils.readFully(in, Integer.MAX_VALUE, false);
+ if (bs.length != 10 || in.available() != 0) {
+ throw new Exception("Second read error");
+ }
+ // 20>10, readAll means failure
+ in = new ByteArrayInputStream(new byte[10]);
+ try {
+ bs = IOUtils.readFully(in, 20, true);
+ throw new Exception("Third read error");
+ } catch (EOFException e) {
+ // OK
+ }
+ int bignum = 10 * 1024 * 1024;
+ bs = IOUtils.readFully(new SuperSlowStream(bignum), -1, true);
+ if (bs.length != bignum) {
+ throw new Exception("Fourth read error");
+ }
+
+ // Test DerValue
+ byte[] input = {0x04, (byte)0x84, 0x40, 0x00, 0x42, 0x46, 0x4b};
+ try {
+ new DerValue(new ByteArrayInputStream(input));
+ } catch (IOException ioe) {
+ // This is OK
+ }
+ }
+}
+
+/**
+ * An InputStream contains a given number of bytes, but only returns one byte
+ * per read.
+ */
+class SuperSlowStream extends InputStream {
+ private int p;
+ /**
+ * @param Initial capacity
+ */
+ public SuperSlowStream(int capacity) {
+ p = capacity;
+ }
+ @Override
+ public int read() throws IOException {
+ if (p > 0) {
+ p--;
+ return 0;
+ } else {
+ return -1;
+ }
+ }
+ @Override
+ public int read(byte b[], int off, int len) throws IOException {
+ if (len == 0) return 0;
+ if (p > 0) {
+ p--;
+ b[off] = 0;
+ return 1;
+ } else {
+ return -1;
+ }
+ }
+}