--- a/jdk/make/sun/awt/mapfile-vers Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/make/sun/awt/mapfile-vers Wed Oct 07 08:38:43 2009 -0700
@@ -53,7 +53,6 @@
Java_sun_awt_image_GifImageDecoder_initIDs;
Java_sun_awt_image_GifImageDecoder_parseImage;
Java_sun_awt_image_ImageRepresentation_initIDs;
- Java_sun_awt_image_ImageRepresentation_setBytePixels;
Java_sun_awt_image_ImageRepresentation_setDiffICM;
Java_sun_awt_image_ImageRepresentation_setICMpixels;
Java_sun_awt_image_ImagingLib_convolveBI;
--- a/jdk/make/sun/awt/mapfile-vers-linux Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/make/sun/awt/mapfile-vers-linux Wed Oct 07 08:38:43 2009 -0700
@@ -55,7 +55,6 @@
Java_sun_awt_image_GifImageDecoder_parseImage;
Java_sun_awt_image_Image_initIDs;
Java_sun_awt_image_ImageRepresentation_initIDs;
- Java_sun_awt_image_ImageRepresentation_setBytePixels;
Java_sun_awt_image_ImageRepresentation_setDiffICM;
Java_sun_awt_image_ImageRepresentation_setICMpixels;
Java_sun_awt_image_ImagingLib_convolveBI;
--- a/jdk/src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/com/sun/imageio/plugins/bmp/BMPImageReader.java Wed Oct 07 08:38:43 2009 -0700
@@ -62,6 +62,8 @@
import java.io.*;
import java.nio.*;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.StringTokenizer;
@@ -502,12 +504,18 @@
iis.reset();
try {
- if (metadata.colorSpace == PROFILE_LINKED)
+ if (metadata.colorSpace == PROFILE_LINKED &&
+ isLinkedProfileAllowed() &&
+ !isUncOrDevicePath(profile))
+ {
+ String path = new String(profile, "windows-1252");
+
colorSpace =
- new ICC_ColorSpace(ICC_Profile.getInstance(new String(profile)));
- else
+ new ICC_ColorSpace(ICC_Profile.getInstance(path));
+ } else {
colorSpace =
new ICC_ColorSpace(ICC_Profile.getInstance(profile));
+ }
} catch (Exception e) {
colorSpace = ColorSpace.getInstance(ColorSpace.CS_sRGB);
}
@@ -1745,4 +1753,69 @@
public void sequenceStarted(ImageReader src, int minIndex) {}
public void readAborted(ImageReader src) {}
}
+
+ private static Boolean isLinkedProfileDisabled = null;
+
+ private static boolean isLinkedProfileAllowed() {
+ if (isLinkedProfileDisabled == null) {
+ PrivilegedAction<Boolean> a = new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ return Boolean.getBoolean("sun.imageio.plugins.bmp.disableLinkedProfiles");
+ }
+ };
+ isLinkedProfileDisabled = AccessController.doPrivileged(a);
+ }
+ return !isLinkedProfileDisabled;
+ }
+
+ private static Boolean isWindowsPlatform = null;
+
+ /**
+ * Verifies whether the byte array contans a unc path.
+ * Non-UNC path examples:
+ * c:\path\to\file - simple notation
+ * \\?\c:\path\to\file - long notation
+ *
+ * UNC path examples:
+ * \\server\share - a UNC path in simple notation
+ * \\?\UNC\server\share - a UNC path in long notation
+ * \\.\some\device - a path to device.
+ */
+ private static boolean isUncOrDevicePath(byte[] p) {
+ if (isWindowsPlatform == null) {
+ PrivilegedAction<Boolean> a = new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ String osname = System.getProperty("os.name");
+ return (osname != null &&
+ osname.toLowerCase().startsWith("win"));
+ }
+ };
+ isWindowsPlatform = AccessController.doPrivileged(a);
+ }
+
+ if (!isWindowsPlatform) {
+ /* no need for the check on platforms except windows */
+ return false;
+ }
+
+ /* normalize prefix of the path */
+ if (p[0] == '/') p[0] = '\\';
+ if (p[1] == '/') p[1] = '\\';
+ if (p[3] == '/') p[3] = '\\';
+
+
+ if ((p[0] == '\\') && (p[1] == '\\')) {
+ if ((p[2] == '?') && (p[3] == '\\')) {
+ // long path: whether unc or local
+ return ((p[4] == 'U' || p[4] == 'u') &&
+ (p[5] == 'N' || p[5] == 'n') &&
+ (p[6] == 'C' || p[6] == 'c'));
+ } else {
+ // device path or short unc notation
+ return true;
+ }
+ } else {
+ return false;
+ }
+ }
}
--- a/jdk/src/share/classes/com/sun/jndi/ldap/Connection.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/com/sun/jndi/ldap/Connection.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2005 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1999-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -32,12 +32,8 @@
import java.io.OutputStream;
import java.io.InputStream;
import java.net.Socket;
-import java.util.Vector;
-import java.util.Hashtable;
import javax.naming.CommunicationException;
-import javax.naming.AuthenticationException;
-import javax.naming.AuthenticationNotSupportedException;
import javax.naming.ServiceUnavailableException;
import javax.naming.NamingException;
import javax.naming.InterruptedNamingException;
@@ -47,6 +43,8 @@
import java.lang.reflect.Method;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
+import java.util.Arrays;
+import sun.misc.IOUtils;
//import javax.net.SocketFactory;
/**
@@ -799,7 +797,6 @@
byte inbuf[]; // Buffer for reading incoming bytes
int inMsgId; // Message id of incoming response
int bytesread; // Number of bytes in inbuf
- int bytesleft; // Number of bytes that need to read for completing resp
int br; // Temp; number of bytes read from stream
int offset; // Offset of where to store bytes in inbuf
int seqlen; // Length of ASN sequence
@@ -811,7 +808,7 @@
try {
while (true) {
try {
- inbuf = new byte[2048];
+ inbuf = new byte[10];
offset = 0;
seqlen = 0;
@@ -871,19 +868,10 @@
}
// read in seqlen bytes
- bytesleft = seqlen;
- if ((offset + bytesleft) > inbuf.length) {
- byte nbuf[] = new byte[offset + bytesleft];
- System.arraycopy(inbuf, 0, nbuf, 0, offset);
- inbuf = nbuf;
- }
- while (bytesleft > 0) {
- bytesread = in.read(inbuf, offset, bytesleft);
- if (bytesread < 0)
- break; // EOF
- offset += bytesread;
- bytesleft -= bytesread;
- }
+ byte[] left = IOUtils.readFully(in, seqlen, false);
+ inbuf = Arrays.copyOf(inbuf, offset + left.length);
+ System.arraycopy(left, 0, inbuf, offset, left.length);
+ offset += left.length;
/*
if (dump > 0) {
System.err.println("seqlen: " + seqlen);
--- a/jdk/src/share/classes/java/awt/Component.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/java/awt/Component.java Wed Oct 07 08:38:43 2009 -0700
@@ -4477,7 +4477,7 @@
}
if (eventLog.isLoggable(Level.FINEST)) {
- eventLog.log(Level.FINEST, "{0}", e);
+ eventLog.log(Level.FINEST, "{0}", String.valueOf(e));
}
/*
--- a/jdk/src/share/classes/java/awt/DefaultKeyboardFocusManager.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/java/awt/DefaultKeyboardFocusManager.java Wed Oct 07 08:38:43 2009 -0700
@@ -380,7 +380,7 @@
// should receive focus first
if (focusLog.isLoggable(Level.FINER)) {
focusLog.log(Level.FINER, "tempLost {0}, toFocus {1}",
- new Object[]{tempLost, toFocus});
+ new Object[]{String.valueOf(tempLost), String.valueOf(toFocus)});
}
if (tempLost != null) {
tempLost.requestFocusInWindow(CausedFocusEvent.Cause.ACTIVATION);
@@ -448,7 +448,8 @@
Component newFocusOwner = fe.getComponent();
if (oldFocusOwner == newFocusOwner) {
if (focusLog.isLoggable(Level.FINE)) {
- focusLog.log(Level.FINE, "Skipping {0} because focus owner is the same", new Object[] {e});
+ focusLog.log(Level.FINE, "Skipping {0} because focus owner is the same",
+ new Object[] {String.valueOf(e)});
}
// We can't just drop the event - there could be
// type-ahead markers associated with it.
@@ -565,16 +566,20 @@
FocusEvent fe = (FocusEvent)e;
Component currentFocusOwner = getGlobalFocusOwner();
if (currentFocusOwner == null) {
- if (focusLog.isLoggable(Level.FINE)) focusLog.log(Level.FINE, "Skipping {0} because focus owner is null",
- new Object[] {e});
+ if (focusLog.isLoggable(Level.FINE)) {
+ focusLog.log(Level.FINE, "Skipping {0} because focus owner is null",
+ new Object[] {String.valueOf(e)});
+ }
break;
}
// Ignore cases where a Component loses focus to itself.
// If we make a mistake because of retargeting, then the
// FOCUS_GAINED handler will correct it.
if (currentFocusOwner == fe.getOppositeComponent()) {
- if (focusLog.isLoggable(Level.FINE)) focusLog.log(Level.FINE, "Skipping {0} because current focus owner is equal to opposite",
- new Object[] {e});
+ if (focusLog.isLoggable(Level.FINE)) {
+ focusLog.log(Level.FINE, "Skipping {0} because current focus owner is equal to opposite",
+ new Object[] {String.valueOf(e)});
+ }
break;
}
@@ -642,9 +647,11 @@
Window losingFocusWindow = we.getWindow();
Window activeWindow = getGlobalActiveWindow();
Window oppositeWindow = we.getOppositeWindow();
- if (focusLog.isLoggable(Level.FINE)) focusLog.log(Level.FINE, "Active {0}, Current focused {1}, losing focus {2} opposite {3}",
- new Object[] {activeWindow, currentFocusedWindow,
- losingFocusWindow, oppositeWindow});
+ if (focusLog.isLoggable(Level.FINE)) {
+ focusLog.log(Level.FINE, "Active {0}, Current focused {1}, losing focus {2} opposite {3}",
+ new Object[] {String.valueOf(activeWindow), String.valueOf(currentFocusedWindow),
+ String.valueOf(losingFocusWindow), String.valueOf(oppositeWindow)});
+ }
if (currentFocusedWindow == null) {
break;
}
@@ -828,7 +835,10 @@
}
}
if (ke != null) {
- focusLog.log(Level.FINER, "Pumping approved event {0}", new Object[] {ke});
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "Pumping approved event {0}",
+ new Object[] {String.valueOf(ke)});
+ }
enqueuedKeyEvents.removeFirst();
}
}
@@ -850,7 +860,7 @@
Iterator iter = typeAheadMarkers.iterator();
while (iter.hasNext()) {
TypeAheadMarker marker = (TypeAheadMarker)iter.next();
- focusLog.log(Level.FINEST, " {0}", marker);
+ focusLog.log(Level.FINEST, " {0}", String.valueOf(marker));
}
}
}
@@ -878,7 +888,10 @@
// The fix is rolled out.
if (ke.getWhen() > marker.after) {
- focusLog.log(Level.FINER, "Storing event {0} because of marker {1}", new Object[] {ke, marker});
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "Storing event {0} because of marker {1}",
+ new Object[] {String.valueOf(ke), String.valueOf(marker)});
+ }
enqueuedKeyEvents.addLast(ke);
return true;
}
@@ -890,7 +903,10 @@
}
case FocusEvent.FOCUS_GAINED:
- focusLog.log(Level.FINEST, "Markers before FOCUS_GAINED on {0}", new Object[] {target});
+ if (focusLog.isLoggable(Level.FINEST)) {
+ focusLog.log(Level.FINEST, "Markers before FOCUS_GAINED on {0}",
+ new Object[] {String.valueOf(target)});
+ }
dumpMarkers();
// Search the marker list for the first marker tied to
// the Component which just gained focus. Then remove
@@ -919,10 +935,14 @@
}
} else {
// Exception condition - event without marker
- focusLog.log(Level.FINER, "Event without marker {0}", e);
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "Event without marker {0}", String.valueOf(e));
+ }
}
}
+
focusLog.log(Level.FINEST, "Markers after FOCUS_GAINED");
+
dumpMarkers();
redispatchEvent(target, e);
@@ -1159,8 +1179,10 @@
return;
}
- focusLog.log(Level.FINER, "Enqueue at {0} for {1}",
- new Object[] {after, untilFocused});
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "Enqueue at {0} for {1}",
+ new Object[] {after, String.valueOf(untilFocused)});
+ }
int insertionIndex = 0,
i = typeAheadMarkers.size();
@@ -1199,8 +1221,10 @@
return;
}
- focusLog.log(Level.FINER, "Dequeue at {0} for {1}",
- new Object[] {after, untilFocused});
+ if (focusLog.isLoggable(Level.FINER)) {
+ focusLog.log(Level.FINER, "Dequeue at {0} for {1}",
+ new Object[] {after, String.valueOf(untilFocused)});
+ }
TypeAheadMarker marker;
ListIterator iter = typeAheadMarkers.listIterator
--- a/jdk/src/share/classes/java/awt/KeyboardFocusManager.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/java/awt/KeyboardFocusManager.java Wed Oct 07 08:38:43 2009 -0700
@@ -611,7 +611,7 @@
void setNativeFocusOwner(Component comp) {
if (focusLog.isLoggable(Level.FINEST)) {
focusLog.log(Level.FINEST, "Calling peer {0} setCurrentFocusOwner for {1}",
- new Object[] {peer, comp});
+ new Object[] {String.valueOf(peer), String.valueOf(comp)});
}
peer.setCurrentFocusOwner(comp);
}
@@ -2363,20 +2363,20 @@
Window nativeFocusedWindow = thisManager.getNativeFocusedWindow();
if (focusLog.isLoggable(Level.FINER)) {
focusLog.log(Level.FINER, "SNFH for {0} in {1}",
- new Object[] {descendant, heavyweight});
+ new Object[] {String.valueOf(descendant), String.valueOf(heavyweight)});
}
if (focusLog.isLoggable(Level.FINEST)) {
focusLog.log(Level.FINEST, "0. Current focus owner {0}",
- currentFocusOwner);
+ String.valueOf(currentFocusOwner));
focusLog.log(Level.FINEST, "0. Native focus owner {0}",
- nativeFocusOwner);
+ String.valueOf(nativeFocusOwner));
focusLog.log(Level.FINEST, "0. Native focused window {0}",
- nativeFocusedWindow);
+ String.valueOf(nativeFocusedWindow));
}
synchronized (heavyweightRequests) {
HeavyweightFocusRequest hwFocusRequest = getLastHWRequest();
if (focusLog.isLoggable(Level.FINEST)) {
- focusLog.log(Level.FINEST, "Request {0}", hwFocusRequest);
+ focusLog.log(Level.FINEST, "Request {0}", String.valueOf(hwFocusRequest));
}
if (hwFocusRequest == null &&
heavyweight == nativeFocusOwner)
@@ -2385,7 +2385,7 @@
// Redundant request.
if (focusLog.isLoggable(Level.FINEST))
focusLog.log(Level.FINEST, "1. SNFH_FAILURE for {0}",
- descendant);
+ String.valueOf(descendant));
return SNFH_FAILURE;
}
@@ -2418,7 +2418,7 @@
SunToolkit.postEvent(descendant.appContext, newFocusOwnerEvent);
if (focusLog.isLoggable(Level.FINEST))
- focusLog.log(Level.FINEST, "2. SNFH_HANDLED for {0}", descendant);
+ focusLog.log(Level.FINEST, "2. SNFH_HANDLED for {0}", String.valueOf(descendant));
return SNFH_SUCCESS_HANDLED;
} else if (hwFocusRequest != null &&
hwFocusRequest.heavyweight == heavyweight) {
@@ -2857,11 +2857,12 @@
KeyboardFocusManager manager = getCurrentKeyboardFocusManager();
if (focusLog.isLoggable(Level.FINER)) {
if (event instanceof FocusEvent || event instanceof WindowEvent) {
- focusLog.log(Level.FINER, ">>> {0}", new Object[] {event});
+ focusLog.log(Level.FINER, ">>> {0}", new Object[] {String.valueOf(event)});
}
if (focusLog.isLoggable(Level.FINER) && event instanceof KeyEvent) {
- focusLog.log(Level.FINER, " focus owner is {0}", new Object[] {manager.getGlobalFocusOwner()});
- focusLog.log(Level.FINER, ">>> {0}", new Object[] {event});
+ focusLog.log(Level.FINER, " focus owner is {0}",
+ new Object[] {String.valueOf(manager.getGlobalFocusOwner())});
+ focusLog.log(Level.FINER, ">>> {0}", new Object[] {String.valueOf(event)});
}
}
--- a/jdk/src/share/classes/java/awt/color/ICC_Profile.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/java/awt/color/ICC_Profile.java Wed Oct 07 08:38:43 2009 -0700
@@ -865,7 +865,9 @@
case ColorSpace.CS_PYCC:
synchronized(ICC_Profile.class) {
if (PYCCprofile == null) {
- if (getProfileFile("PYCC.pf") != null) {
+ if (!sun.jkernel.DownloadManager.isJREComplete() ||
+ standardProfileExists("PYCC.pf"))
+ {
ProfileDeferralInfo pInfo =
new ProfileDeferralInfo("PYCC.pf",
ColorSpace.TYPE_3CLR, 3,
@@ -963,15 +965,15 @@
* and it does not permit read access to the given file.
*/
public static ICC_Profile getInstance(String fileName) throws IOException {
- ICC_Profile thisProfile;
- FileInputStream fis;
+ ICC_Profile thisProfile;
+ FileInputStream fis = null;
+
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(fileName);
+ File f = getProfileFile(fileName);
+ if (f != null) {
+ fis = new FileInputStream(f);
}
-
- if ((fis = openProfile(fileName)) == null) {
+ if (fis == null) {
throw new IOException("Cannot open file " + fileName);
}
@@ -1083,11 +1085,22 @@
void activateDeferredProfile() throws ProfileDataException {
byte profileData[];
FileInputStream fis;
- String fileName = deferralInfo.filename;
+ final String fileName = deferralInfo.filename;
profileActivator = null;
deferralInfo = null;
- if ((fis = openProfile(fileName)) == null) {
+ PrivilegedAction<FileInputStream> pa = new PrivilegedAction<FileInputStream>() {
+ public FileInputStream run() {
+ File f = getStandardProfileFile(fileName);
+ if (f != null) {
+ try {
+ return new FileInputStream(f);
+ } catch (FileNotFoundException e) {}
+ }
+ return null;
+ }
+ };
+ if ((fis = AccessController.doPrivileged(pa)) == null) {
throw new ProfileDataException("Cannot open file " + fileName);
}
try {
@@ -1786,59 +1799,36 @@
* available, such as a profile for sRGB. Built-in profiles use .pf as
* the file name extension for profiles, e.g. sRGB.pf.
*/
- private static FileInputStream openProfile(final String fileName) {
- return (FileInputStream)java.security.AccessController.doPrivileged(
- new java.security.PrivilegedAction() {
- public Object run() {
- File f = privilegedGetProfileFile(fileName);
- if (f != null) {
- try {
- return new FileInputStream(f);
- } catch (FileNotFoundException e) {
- }
- }
- return null;
- }
- });
- }
-
- private static File getProfileFile(final String fileName) {
- return (File)java.security.AccessController.doPrivileged(
- new java.security.PrivilegedAction() {
- public Object run() {
- return privilegedGetProfileFile(fileName);
- }
- });
- }
-
- /*
- * this version is called from doPrivileged in openProfile
- * or getProfileFile, so the whole method is privileged!
- */
-
- private static File privilegedGetProfileFile(String fileName) {
+ private static File getProfileFile(String fileName) {
String path, dir, fullPath;
File f = new File(fileName); /* try absolute file name */
-
+ if (f.isAbsolute()) {
+ /* Rest of code has little sense for an absolute pathname,
+ so return here. */
+ return f.isFile() ? f : null;
+ }
if ((!f.isFile()) &&
((path = System.getProperty("java.iccprofile.path")) != null)){
/* try relative to java.iccprofile.path */
StringTokenizer st =
new StringTokenizer(path, File.pathSeparator);
- while (st.hasMoreTokens() && (!f.isFile())) {
+ while (st.hasMoreTokens() && ((f == null) || (!f.isFile()))) {
dir = st.nextToken();
fullPath = dir + File.separatorChar + fileName;
f = new File(fullPath);
+ if (!isChildOf(f, dir)) {
+ f = null;
+ }
}
}
- if ((!f.isFile()) &&
+ if (((f == null) || (!f.isFile())) &&
((path = System.getProperty("java.class.path")) != null)) {
/* try relative to java.class.path */
StringTokenizer st =
new StringTokenizer(path, File.pathSeparator);
- while (st.hasMoreTokens() && (!f.isFile())) {
+ while (st.hasMoreTokens() && ((f == null) || (!f.isFile()))) {
dir = st.nextToken();
fullPath = dir + File.separatorChar + fileName;
f = new File(fullPath);
@@ -1858,13 +1848,69 @@
}
}
}
-
- if (f.isFile()) {
+ if ((f == null) || (!f.isFile())) {
+ /* try the directory of built-in profiles */
+ f = getStandardProfileFile(fileName);
+ }
+ if (f != null && f.isFile()) {
return f;
}
return null;
}
+ /**
+ * Returns a file object corresponding to a built-in profile
+ * specified by fileName.
+ * If there is no built-in profile with such name, then the method
+ * returns null.
+ */
+ private static File getStandardProfileFile(String fileName) {
+ String dir = System.getProperty("java.home") +
+ File.separatorChar + "lib" + File.separatorChar + "cmm";
+ String fullPath = dir + File.separatorChar + fileName;
+ File f = new File(fullPath);
+ if (!f.isFile()) {
+ //make sure file was installed in the kernel mode
+ try {
+ //kernel uses platform independent paths =>
+ // should not use platform separator char
+ sun.jkernel.DownloadManager.downloadFile("lib/cmm/"+fileName);
+ } catch (IOException ioe) {}
+ }
+ return (f.isFile() && isChildOf(f, dir)) ? f : null;
+ }
+
+ /**
+ * Checks whether given file resides inside give directory.
+ */
+ private static boolean isChildOf(File f, String dirName) {
+ try {
+ File dir = new File(dirName);
+ String canonicalDirName = dir.getCanonicalPath();
+ if (!canonicalDirName.endsWith(File.separator)) {
+ canonicalDirName += File.separator;
+ }
+ String canonicalFileName = f.getCanonicalPath();
+ return canonicalFileName.startsWith(canonicalDirName);
+ } catch (IOException e) {
+ /* we do not expect the IOException here, because invocation
+ * of this function is always preceeded by isFile() call.
+ */
+ return false;
+ }
+ }
+
+ /**
+ * Checks whether built-in profile specified by fileName exists.
+ */
+ private static boolean standardProfileExists(final String fileName) {
+ return AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ return getStandardProfileFile(fileName) != null;
+ }
+ });
+ }
+
/*
* Serialization support.
--- a/jdk/src/share/classes/java/lang/ClassLoader.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/java/lang/ClassLoader.java Wed Oct 07 08:38:43 2009 -0700
@@ -186,11 +186,6 @@
parallelLoaders.add(ClassLoader.class);
}
- // If initialization succeed this is set to true and security checks will
- // succeed. Otherwise the object is not initialized and the object is
- // useless.
- private final boolean initialized;
-
// The parent class loader for delegation
// Note: VM hardcoded the offset of this field, thus all new fields
// must be added *after* it.
@@ -232,6 +227,31 @@
private final HashMap<String, Package> packages =
new HashMap<String, Package>();
+ private static Void checkCreateClassLoader() {
+ SecurityManager security = System.getSecurityManager();
+ if (security != null) {
+ security.checkCreateClassLoader();
+ }
+ return null;
+ }
+
+ private ClassLoader(Void unused, ClassLoader parent) {
+ this.parent = parent;
+ if (parallelLoaders.contains(this.getClass())) {
+ parallelLockMap = new ConcurrentHashMap<String, Object>();
+ package2certs = new ConcurrentHashMap<String, Certificate[]>();
+ domains =
+ Collections.synchronizedSet(new HashSet<ProtectionDomain>());
+ assertionLock = new Object();
+ } else {
+ // no finer-grained lock; lock on the classloader instance
+ parallelLockMap = null;
+ package2certs = new Hashtable<String, Certificate[]>();
+ domains = new HashSet<ProtectionDomain>();
+ assertionLock = this;
+ }
+ }
+
/**
* Creates a new class loader using the specified parent class loader for
* delegation.
@@ -252,25 +272,7 @@
* @since 1.2
*/
protected ClassLoader(ClassLoader parent) {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkCreateClassLoader();
- }
- this.parent = parent;
- if (parallelLoaders.contains(this.getClass())) {
- parallelLockMap = new ConcurrentHashMap<String, Object>();
- package2certs = new ConcurrentHashMap<String, Certificate[]>();
- domains =
- Collections.synchronizedSet(new HashSet<ProtectionDomain>());
- assertionLock = new Object();
- } else {
- // no finer-grained lock; lock on the classloader instance
- parallelLockMap = null;
- package2certs = new Hashtable<String, Certificate[]>();
- domains = new HashSet<ProtectionDomain>();
- assertionLock = this;
- }
- initialized = true;
+ this(checkCreateClassLoader(), parent);
}
/**
@@ -289,25 +291,7 @@
* of a new class loader.
*/
protected ClassLoader() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkCreateClassLoader();
- }
- this.parent = getSystemClassLoader();
- if (parallelLoaders.contains(this.getClass())) {
- parallelLockMap = new ConcurrentHashMap<String, Object>();
- package2certs = new ConcurrentHashMap<String, Certificate[]>();
- domains =
- Collections.synchronizedSet(new HashSet<ProtectionDomain>());
- assertionLock = new Object();
- } else {
- // no finer-grained lock; lock on the classloader instance
- parallelLockMap = null;
- package2certs = new Hashtable<String, Certificate[]>();
- domains = new HashSet<ProtectionDomain>();
- assertionLock = this;
- }
- initialized = true;
+ this(checkCreateClassLoader(), getSystemClassLoader());
}
// -- Class --
@@ -754,7 +738,6 @@
ProtectionDomain protectionDomain)
throws ClassFormatError
{
- check();
protectionDomain = preDefineClass(name, protectionDomain);
Class c = null;
@@ -838,8 +821,6 @@
ProtectionDomain protectionDomain)
throws ClassFormatError
{
- check();
-
int len = b.remaining();
// Use byte[] if not a direct ByteBufer:
@@ -984,7 +965,6 @@
* @see #defineClass(String, byte[], int, int)
*/
protected final void resolveClass(Class<?> c) {
- check();
resolveClass0(c);
}
@@ -1015,7 +995,6 @@
protected final Class<?> findSystemClass(String name)
throws ClassNotFoundException
{
- check();
ClassLoader system = getSystemClassLoader();
if (system == null) {
if (!checkName(name))
@@ -1035,7 +1014,6 @@
*/
private Class findBootstrapClassOrNull(String name)
{
- check();
if (!checkName(name)) return null;
return findBootstrapClass(name);
@@ -1044,13 +1022,6 @@
// return null if not found
private native Class findBootstrapClass(String name);
- // Check to make sure the class loader has been initialized.
- private void check() {
- if (!initialized) {
- throw new SecurityException("ClassLoader object not initialized");
- }
- }
-
/**
* Returns the class with the given <a href="#name">binary name</a> if this
* loader has been recorded by the Java virtual machine as an initiating
@@ -1066,7 +1037,6 @@
* @since 1.1
*/
protected final Class<?> findLoadedClass(String name) {
- check();
if (!checkName(name))
return null;
return findLoadedClass0(name);
@@ -1087,7 +1057,6 @@
* @since 1.1
*/
protected final void setSigners(Class<?> c, Object[] signers) {
- check();
c.setSigners(signers);
}
@@ -2205,3 +2174,4 @@
return sys;
}
}
+
--- a/jdk/src/share/classes/java/security/MessageDigest.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/java/security/MessageDigest.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1996-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1996-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -414,16 +414,17 @@
*
* @return true if the digests are equal, false otherwise.
*/
- public static boolean isEqual(byte digesta[], byte digestb[]) {
- if (digesta.length != digestb.length)
+ public static boolean isEqual(byte[] digesta, byte[] digestb) {
+ if (digesta.length != digestb.length) {
return false;
+ }
+ int result = 0;
+ // time-constant comparison
for (int i = 0; i < digesta.length; i++) {
- if (digesta[i] != digestb[i]) {
- return false;
- }
+ result |= digesta[i] ^ digestb[i];
}
- return true;
+ return result == 0;
}
/**
--- a/jdk/src/share/classes/javax/swing/ToolTipManager.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/javax/swing/ToolTipManager.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -27,10 +27,7 @@
package javax.swing;
import java.awt.event.*;
-import java.applet.*;
import java.awt.*;
-import java.io.Serializable;
-import sun.swing.UIAction;
/**
* Manages all the <code>ToolTips</code> in the system.
@@ -60,7 +57,7 @@
JComponent insideComponent;
MouseEvent mouseEvent;
boolean showImmediately;
- final static ToolTipManager sharedInstance = new ToolTipManager();
+ private static final Object TOOL_TIP_MANAGER_KEY = new Object();
transient Popup tipWindow;
/** The Window tip is being displayed in. This will be non-null if
* the Window tip is in differs from that of insideComponent's Window.
@@ -345,7 +342,13 @@
* @return a shared <code>ToolTipManager</code> object
*/
public static ToolTipManager sharedInstance() {
- return sharedInstance;
+ Object value = SwingUtilities.appContextGet(TOOL_TIP_MANAGER_KEY);
+ if (value instanceof ToolTipManager) {
+ return (ToolTipManager) value;
+ }
+ ToolTipManager manager = new ToolTipManager();
+ SwingUtilities.appContextPut(TOOL_TIP_MANAGER_KEY, manager);
+ return manager;
}
// add keylistener here to trigger tip for access
--- a/jdk/src/share/classes/javax/swing/UIManager.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/javax/swing/UIManager.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -197,6 +197,8 @@
Vector<LookAndFeel> auxLookAndFeels = null;
SwingPropertyChangeSupport changeSupport;
+ LookAndFeelInfo[] installedLAFs;
+
UIDefaults getLookAndFeelDefaults() { return tables[0]; }
void setLookAndFeelDefaults(UIDefaults x) { tables[0] = x; }
@@ -227,18 +229,6 @@
*/
private static final Object classLock = new Object();
-
- /* Cache the last referenced LAFState to improve performance
- * when accessing it. The cache is based on last thread rather
- * than last AppContext because of the cost of looking up the
- * AppContext each time. Since most Swing UI work is on the
- * EventDispatchThread, this hits often enough to justify the
- * overhead. (4193032)
- */
- private static Thread currentLAFStateThread = null;
- private static LAFState currentLAFState = null;
-
-
/**
* Return the <code>LAFState</code> object, lazily create one if necessary.
* All access to the <code>LAFState</code> fields is done via this method,
@@ -248,13 +238,6 @@
* </pre>
*/
private static LAFState getLAFState() {
- // First check whether we're running on the same thread as
- // the last request.
- Thread thisThread = Thread.currentThread();
- if (thisThread == currentLAFStateThread) {
- return currentLAFState;
- }
-
LAFState rv = (LAFState)SwingUtilities.appContextGet(
SwingUtilities2.LAF_STATE_KEY);
if (rv == null) {
@@ -268,10 +251,6 @@
}
}
}
-
- currentLAFStateThread = thisThread;
- currentLAFState = rv;
-
return rv;
}
@@ -431,7 +410,10 @@
*/
public static LookAndFeelInfo[] getInstalledLookAndFeels() {
maybeInitialize();
- LookAndFeelInfo[] ilafs = installedLAFs;
+ LookAndFeelInfo[] ilafs = getLAFState().installedLAFs;
+ if (ilafs == null) {
+ ilafs = installedLAFs;
+ }
LookAndFeelInfo[] rv = new LookAndFeelInfo[ilafs.length];
System.arraycopy(ilafs, 0, rv, 0, ilafs.length);
return rv;
@@ -453,9 +435,10 @@
public static void setInstalledLookAndFeels(LookAndFeelInfo[] infos)
throws SecurityException
{
+ maybeInitialize();
LookAndFeelInfo[] newInfos = new LookAndFeelInfo[infos.length];
System.arraycopy(infos, 0, newInfos, 0, infos.length);
- installedLAFs = newInfos;
+ getLAFState().installedLAFs = newInfos;
}
@@ -1307,10 +1290,11 @@
}
}
- installedLAFs = new LookAndFeelInfo[ilafs.size()];
+ LookAndFeelInfo[] installedLAFs = new LookAndFeelInfo[ilafs.size()];
for(int i = 0; i < ilafs.size(); i++) {
installedLAFs[i] = ilafs.elementAt(i);
}
+ getLAFState().installedLAFs = installedLAFs;
}
--- a/jdk/src/share/classes/javax/swing/plaf/basic/BasicSplitPaneUI.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/javax/swing/plaf/basic/BasicSplitPaneUI.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1997-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1997-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -31,14 +31,12 @@
import sun.swing.UIAction;
import javax.swing.*;
import javax.swing.border.Border;
-import javax.swing.event.*;
import java.awt.*;
import java.awt.event.*;
import java.awt.peer.ComponentPeer;
import java.awt.peer.LightweightPeer;
import java.beans.*;
import java.util.*;
-import javax.swing.plaf.ActionMapUIResource;
import javax.swing.plaf.SplitPaneUI;
import javax.swing.plaf.ComponentUI;
import javax.swing.plaf.UIResource;
@@ -106,13 +104,13 @@
* Keys to use for forward focus traversal when the JComponent is
* managing focus.
*/
- private static Set<KeyStroke> managingFocusForwardTraversalKeys;
+ private Set<KeyStroke> managingFocusForwardTraversalKeys;
/**
* Keys to use for backward focus traversal when the JComponent is
* managing focus.
*/
- private static Set<KeyStroke> managingFocusBackwardTraversalKeys;
+ private Set<KeyStroke> managingFocusBackwardTraversalKeys;
/**
@@ -675,7 +673,7 @@
* @return increment via keyboard methods.
*/
int getKeyboardMoveIncrement() {
- return KEYBOARD_DIVIDER_MOVE_OFFSET;
+ return 3;
}
/**
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalBumps.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalBumps.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -28,8 +28,9 @@
import java.awt.*;
import java.awt.image.*;
import javax.swing.*;
-import java.io.*;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.List;
+import sun.awt.AppContext;
/**
* Implements the bumps used throughout the Metal Look and Feel.
@@ -49,19 +50,9 @@
protected Color shadowColor;
protected Color backColor;
- protected static Vector<BumpBuffer> buffers = new Vector<BumpBuffer>();
+ private static final Object METAL_BUMPS = new Object();
protected BumpBuffer buffer;
- public MetalBumps( Dimension bumpArea ) {
- this( bumpArea.width, bumpArea.height );
- }
-
- public MetalBumps( int width, int height ) {
- this(width, height, MetalLookAndFeel.getPrimaryControlHighlight(),
- MetalLookAndFeel.getPrimaryControlDarkShadow(),
- MetalLookAndFeel.getPrimaryControlShadow());
- }
-
/**
* Creates MetalBumps of the specified size with the specified colors.
* If <code>newBackColor</code> is null, the background will be
@@ -73,26 +64,22 @@
setBumpColors( newTopColor, newShadowColor, newBackColor );
}
- private BumpBuffer getBuffer(GraphicsConfiguration gc, Color aTopColor,
- Color aShadowColor, Color aBackColor) {
- if (buffer != null && buffer.hasSameConfiguration(
- gc, aTopColor, aShadowColor, aBackColor)) {
- return buffer;
+ private static BumpBuffer createBuffer(GraphicsConfiguration gc,
+ Color topColor, Color shadowColor, Color backColor) {
+ AppContext context = AppContext.getAppContext();
+ List<BumpBuffer> buffers = (List<BumpBuffer>) context.get(METAL_BUMPS);
+ if (buffers == null) {
+ buffers = new ArrayList<BumpBuffer>();
+ context.put(METAL_BUMPS, buffers);
}
- BumpBuffer result = null;
-
- for (BumpBuffer aBuffer : buffers) {
- if ( aBuffer.hasSameConfiguration(gc, aTopColor, aShadowColor,
- aBackColor)) {
- result = aBuffer;
- break;
+ for (BumpBuffer buffer : buffers) {
+ if (buffer.hasSameConfiguration(gc, topColor, shadowColor, backColor)) {
+ return buffer;
}
}
- if (result == null) {
- result = new BumpBuffer(gc, topColor, shadowColor, backColor);
- buffers.addElement(result);
- }
- return result;
+ BumpBuffer buffer = new BumpBuffer(gc, topColor, shadowColor, backColor);
+ buffers.add(buffer);
+ return buffer;
}
public void setBumpArea( Dimension bumpArea ) {
@@ -119,10 +106,12 @@
GraphicsConfiguration gc = (g instanceof Graphics2D) ?
((Graphics2D) g).getDeviceConfiguration() : null;
- buffer = getBuffer(gc, topColor, shadowColor, backColor);
+ if ((buffer == null) || !buffer.hasSameConfiguration(gc, topColor, shadowColor, backColor)) {
+ buffer = createBuffer(gc, topColor, shadowColor, backColor);
+ }
- int bufferWidth = buffer.getImageSize().width;
- int bufferHeight = buffer.getImageSize().height;
+ int bufferWidth = BumpBuffer.IMAGE_SIZE;
+ int bufferHeight = BumpBuffer.IMAGE_SIZE;
int iconWidth = getIconWidth();
int iconHeight = getIconHeight();
int x2 = x + iconWidth;
@@ -155,7 +144,6 @@
class BumpBuffer {
static final int IMAGE_SIZE = 64;
- static Dimension imageSize = new Dimension( IMAGE_SIZE, IMAGE_SIZE );
transient Image image;
Color topColor;
@@ -197,10 +185,6 @@
return image;
}
- public Dimension getImageSize() {
- return imageSize;
- }
-
/**
* Paints the bumps into the current image.
*/
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalInternalFrameUI.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalInternalFrameUI.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -31,10 +31,8 @@
import javax.swing.event.*;
import javax.swing.border.*;
import javax.swing.plaf.basic.*;
-import java.util.EventListener;
import java.beans.PropertyChangeListener;
import java.beans.PropertyChangeEvent;
-import java.beans.PropertyVetoException;
import javax.swing.plaf.*;
/**
@@ -51,7 +49,7 @@
private static final Border handyEmptyBorder = new EmptyBorder(0,0,0,0);
protected static String IS_PALETTE = "JInternalFrame.isPalette";
-
+ private static String IS_PALETTE_KEY = "JInternalFrame.isPalette";
private static String FRAME_TYPE = "JInternalFrame.frameType";
private static String NORMAL_FRAME = "normal";
private static String PALETTE_FRAME = "palette";
@@ -68,7 +66,7 @@
public void installUI(JComponent c) {
super.installUI(c);
- Object paletteProp = c.getClientProperty( IS_PALETTE );
+ Object paletteProp = c.getClientProperty(IS_PALETTE_KEY);
if ( paletteProp != null ) {
setPalette( ((Boolean)paletteProp).booleanValue() );
}
@@ -187,7 +185,7 @@
ui.setFrameType( (String) e.getNewValue() );
}
}
- else if ( name.equals( IS_PALETTE ) )
+ else if ( name.equals(IS_PALETTE_KEY) )
{
if ( e.getNewValue() != null )
{
--- a/jdk/src/share/classes/javax/swing/plaf/metal/MetalSliderUI.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/javax/swing/plaf/metal/MetalSliderUI.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -54,12 +54,13 @@
protected final int TICK_BUFFER = 4;
protected boolean filledSlider = false;
- // NOTE: these next three variables are currently unused.
+ // NOTE: these next five variables are currently unused.
protected static Color thumbColor;
protected static Color highlightColor;
protected static Color darkShadowColor;
protected static int trackWidth;
protected static int tickLength;
+ private int safeLength;
/**
* A default horizontal thumb <code>Icon</code>. This field might not be
@@ -107,7 +108,7 @@
public void installUI( JComponent c ) {
trackWidth = ((Integer)UIManager.get( "Slider.trackWidth" )).intValue();
- tickLength = ((Integer)UIManager.get( "Slider.majorTickLength" )).intValue();
+ tickLength = safeLength = ((Integer)UIManager.get( "Slider.majorTickLength" )).intValue();
horizThumbIcon = SAFE_HORIZ_THUMB_ICON =
UIManager.getIcon( "Slider.horizontalThumbIcon" );
vertThumbIcon = SAFE_VERT_THUMB_ICON =
@@ -477,8 +478,8 @@
* determine the tick area rectangle.
*/
public int getTickLength() {
- return slider.getOrientation() == JSlider.HORIZONTAL ? tickLength + TICK_BUFFER + 1 :
- tickLength + TICK_BUFFER + 3;
+ return slider.getOrientation() == JSlider.HORIZONTAL ? safeLength + TICK_BUFFER + 1 :
+ safeLength + TICK_BUFFER + 3;
}
/**
@@ -523,22 +524,22 @@
protected void paintMinorTickForHorizSlider( Graphics g, Rectangle tickBounds, int x ) {
g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
- g.drawLine( x, TICK_BUFFER, x, TICK_BUFFER + (tickLength / 2) );
+ g.drawLine( x, TICK_BUFFER, x, TICK_BUFFER + (safeLength / 2) );
}
protected void paintMajorTickForHorizSlider( Graphics g, Rectangle tickBounds, int x ) {
g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
- g.drawLine( x, TICK_BUFFER , x, TICK_BUFFER + (tickLength - 1) );
+ g.drawLine( x, TICK_BUFFER , x, TICK_BUFFER + (safeLength - 1) );
}
protected void paintMinorTickForVertSlider( Graphics g, Rectangle tickBounds, int y ) {
g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
if (MetalUtils.isLeftToRight(slider)) {
- g.drawLine( TICK_BUFFER, y, TICK_BUFFER + (tickLength / 2), y );
+ g.drawLine( TICK_BUFFER, y, TICK_BUFFER + (safeLength / 2), y );
}
else {
- g.drawLine( 0, y, tickLength/2, y );
+ g.drawLine( 0, y, safeLength/2, y );
}
}
@@ -546,10 +547,10 @@
g.setColor( slider.isEnabled() ? slider.getForeground() : MetalLookAndFeel.getControlShadow() );
if (MetalUtils.isLeftToRight(slider)) {
- g.drawLine( TICK_BUFFER, y, TICK_BUFFER + tickLength, y );
+ g.drawLine( TICK_BUFFER, y, TICK_BUFFER + safeLength, y );
}
else {
- g.drawLine( 0, y, tickLength, y );
+ g.drawLine( 0, y, safeLength, y );
}
}
}
--- a/jdk/src/share/classes/sun/applet/AppletClassLoader.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/applet/AppletClassLoader.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2005 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1995-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -51,6 +51,7 @@
import java.security.PermissionCollection;
import sun.awt.AppContext;
import sun.awt.SunToolkit;
+import sun.misc.IOUtils;
import sun.net.www.ParseUtil;
import sun.security.util.SecurityConstants;
@@ -331,36 +332,7 @@
byte[] b;
try {
- if (len != -1) {
- // Read exactly len bytes from the input stream
- b = new byte[len];
- while (len > 0) {
- int n = in.read(b, b.length - len, len);
- if (n == -1) {
- throw new IOException("unexpected EOF");
- }
- len -= n;
- }
- } else {
- // Read until end of stream is reached - use 8K buffer
- // to speed up performance [stanleyh]
- b = new byte[8192];
- int total = 0;
- while ((len = in.read(b, total, b.length - total)) != -1) {
- total += len;
- if (total >= b.length) {
- byte[] tmp = new byte[total * 2];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
- }
- }
- // Trim array to correct size, if necessary
- if (total != b.length) {
- byte[] tmp = new byte[total];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
- }
- }
+ b = IOUtils.readFully(in, len, true);
} finally {
in.close();
}
--- a/jdk/src/share/classes/sun/awt/DebugSettings.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/awt/DebugSettings.java Wed Oct 07 08:38:43 2009 -0700
@@ -129,7 +129,7 @@
// echo the initial property settings to stdout
if (log.isLoggable(Level.FINE)) {
- log.log(Level.FINE, "DebugSettings:\n{0}", this);
+ log.log(Level.FINE, "DebugSettings:\n{0}", String.valueOf(this));
}
}
--- a/jdk/src/share/classes/sun/awt/image/ImageRepresentation.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/awt/image/ImageRepresentation.java Wed Oct 07 08:38:43 2009 -0700
@@ -336,10 +336,6 @@
public native void setICMpixels(int x, int y, int w, int h, int[] lut,
byte[] pix, int off, int scansize,
IntegerComponentRaster ict);
-
- public native void setBytePixels(int x, int y, int w, int h, byte[] pix,
- int off, int scansize,
- ByteComponentRaster bct, int chanOff);
public native int setDiffICM(int x, int y, int w, int h, int[] lut,
int transPix, int numLut, IndexColorModel icm,
byte[] pix, int off, int scansize,
@@ -450,27 +446,17 @@
(biRaster instanceof ByteComponentRaster) &&
(biRaster.getNumDataElements() == 1)){
ByteComponentRaster bt = (ByteComponentRaster) biRaster;
- if (w*h > 200) {
- if (off == 0 && scansize == w) {
- bt.putByteData(x, y, w, h, pix);
- }
- else {
- byte[] bpix = new byte[w];
- poff = off;
- for (int yoff=y; yoff < y+h; yoff++) {
- System.arraycopy(pix, poff, bpix, 0, w);
- bt.putByteData(x, yoff, w, 1, bpix);
- poff += scansize;
- }
- }
+ if (off == 0 && scansize == w) {
+ bt.putByteData(x, y, w, h, pix);
}
else {
- // Only is faster if #pixels
- // Note that setBytePixels modifies the raster directly
- // so we must mark it as changed afterwards
- setBytePixels(x, y, w, h, pix, off, scansize, bt,
- bt.getDataOffset(0));
- bt.markDirty();
+ byte[] bpix = new byte[w];
+ poff = off;
+ for (int yoff=y; yoff < y+h; yoff++) {
+ System.arraycopy(pix, poff, bpix, 0, w);
+ bt.putByteData(x, yoff, w, 1, bpix);
+ poff += scansize;
+ }
}
}
else {
--- a/jdk/src/share/classes/sun/dyn/anon/AnonymousClassLoader.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/dyn/anon/AnonymousClassLoader.java Wed Oct 07 08:38:43 2009 -0700
@@ -26,9 +26,9 @@
package sun.dyn.anon;
import java.io.IOException;
-import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
+import sun.misc.IOUtils;
/**
* Anonymous class loader. Will load any valid classfile, producing
@@ -285,13 +285,6 @@
if (contentLength < 0)
throw new IOException("invalid content length "+contentLength);
- byte[] classFile = new byte[contentLength];
- InputStream tcs = connection.getInputStream();
- for (int fill = 0, nr; fill < classFile.length; fill += nr) {
- nr = tcs.read(classFile, fill, classFile.length - fill);
- if (nr < 0)
- throw new IOException("premature end of file");
- }
- return classFile;
+ return IOUtils.readFully(connection.getInputStream(), contentLength, true);
}
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/misc/IOUtils.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,80 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Sun designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Sun in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * IOUtils: A collection of IO-related public static methods.
+ */
+
+package sun.misc;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Arrays;
+
+public class IOUtils {
+
+ /**
+ * Read up to <code>length</code> of bytes from <code>in</code>
+ * until EOF is detected.
+ * @param in input stream, must not be null
+ * @param length number of bytes to read, -1 or Integer.MAX_VALUE means
+ * read as much as possible
+ * @param readAll if true, an EOFException will be thrown if not enough
+ * bytes are read. Ignored when length is -1 or Integer.MAX_VALUE
+ * @return bytes read
+ * @throws IOException Any IO error or a premature EOF is detected
+ */
+ public static byte[] readFully(InputStream is, int length, boolean readAll)
+ throws IOException {
+ byte[] output = {};
+ if (length == -1) length = Integer.MAX_VALUE;
+ int pos = 0;
+ while (pos < length) {
+ int bytesToRead;
+ if (pos >= output.length) { // Only expand when there's no room
+ bytesToRead = Math.min(length - pos, output.length + 1024);
+ if (output.length < pos + bytesToRead) {
+ output = Arrays.copyOf(output, pos + bytesToRead);
+ }
+ } else {
+ bytesToRead = output.length - pos;
+ }
+ int cc = is.read(output, pos, bytesToRead);
+ if (cc < 0) {
+ if (readAll && length != Integer.MAX_VALUE) {
+ throw new EOFException("Detect premature EOF");
+ } else {
+ if (output.length != pos) {
+ output = Arrays.copyOf(output, pos);
+ }
+ break;
+ }
+ }
+ pos += cc;
+ }
+ return output;
+ }
+}
--- a/jdk/src/share/classes/sun/misc/Resource.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/misc/Resource.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 1998-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 1998-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -25,14 +25,15 @@
package sun.misc;
+import java.io.EOFException;
import java.net.URL;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.io.InputStream;
import java.security.CodeSigner;
import java.util.jar.Manifest;
-import java.util.jar.Attributes;
import java.nio.ByteBuffer;
+import java.util.Arrays;
import sun.nio.ByteBuffered;
/**
@@ -105,49 +106,37 @@
}
try {
- if (len != -1) {
- // Read exactly len bytes from the input stream
- b = new byte[len];
- while (len > 0) {
- int n = 0;
- try {
- n = in.read(b, b.length - len, len);
- } catch (InterruptedIOException iioe) {
- Thread.interrupted();
- isInterrupted = true;
+ b = new byte[0];
+ if (len == -1) len = Integer.MAX_VALUE;
+ int pos = 0;
+ while (pos < len) {
+ int bytesToRead;
+ if (pos >= b.length) { // Only expand when there's no room
+ bytesToRead = Math.min(len - pos, b.length + 1024);
+ if (b.length < pos + bytesToRead) {
+ b = Arrays.copyOf(b, pos + bytesToRead);
}
- if (n == -1) {
- throw new IOException("unexpected EOF");
- }
- len -= n;
+ } else {
+ bytesToRead = b.length - pos;
}
- } else {
- // Read until end of stream is reached
- b = new byte[1024];
- int total = 0;
- for (;;) {
- len = 0;
- try {
- len = in.read(b, total, b.length - total);
- if (len == -1)
- break;
- } catch (InterruptedIOException iioe) {
- Thread.interrupted();
- isInterrupted = true;
- }
- total += len;
- if (total >= b.length) {
- byte[] tmp = new byte[total * 2];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
+ int cc = 0;
+ try {
+ cc = in.read(b, pos, bytesToRead);
+ } catch (InterruptedIOException iioe) {
+ Thread.interrupted();
+ isInterrupted = true;
+ }
+ if (cc < 0) {
+ if (len != Integer.MAX_VALUE) {
+ throw new EOFException("Detect premature EOF");
+ } else {
+ if (b.length != pos) {
+ b = Arrays.copyOf(b, pos);
+ }
+ break;
}
}
- // Trim array to correct size, if necessary
- if (total != b.length) {
- byte[] tmp = new byte[total];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
- }
+ pos += cc;
}
} finally {
try {
--- a/jdk/src/share/classes/sun/reflect/misc/MethodUtil.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/reflect/misc/MethodUtil.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 2005-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2005-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -44,6 +44,7 @@
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
+import sun.misc.IOUtils;
import sun.net.www.ParseUtil;
import sun.security.util.SecurityConstants;
@@ -373,34 +374,7 @@
byte[] b;
try {
- if (len != -1) {
- // Read exactly len bytes from the input stream
- b = new byte[len];
- while (len > 0) {
- int n = in.read(b, b.length - len, len);
- if (n == -1) {
- throw new IOException("unexpected EOF");
- }
- len -= n;
- }
- } else {
- b = new byte[8192];
- int total = 0;
- while ((len = in.read(b, total, b.length - total)) != -1) {
- total += len;
- if (total >= b.length) {
- byte[] tmp = new byte[total * 2];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
- }
- }
- // Trim array to correct size, if necessary
- if (total != b.length) {
- byte[] tmp = new byte[total];
- System.arraycopy(b, 0, tmp, 0, total);
- b = tmp;
- }
- }
+ b = IOUtils.readFully(in, len, true);
} finally {
in.close();
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/security/provider/certpath/AlgorithmChecker.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Sun designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Sun in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+package sun.security.provider.certpath;
+
+import java.util.Set;
+import java.util.Collection;
+import java.util.Locale;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.security.cert.X509CRL;
+import java.security.cert.CertPathValidatorException;
+import java.security.cert.PKIXCertPathChecker;
+
+import sun.security.x509.AlgorithmId;
+
+/**
+ * AlgorithmChecker is a <code>PKIXCertPathChecker</code> that checks that
+ * the signature algorithm of the specified certificate is not disabled.
+ *
+ * @author Xuelei Fan
+ */
+final public class AlgorithmChecker extends PKIXCertPathChecker {
+
+ // the disabled algorithms
+ private static final String[] disabledAlgorithms = new String[] {"md2"};
+
+ // singleton instance
+ static final AlgorithmChecker INSTANCE = new AlgorithmChecker();
+
+ /**
+ * Default Constructor
+ */
+ private AlgorithmChecker() {
+ // do nothing
+ }
+
+ /**
+ * Return a AlgorithmChecker instance.
+ */
+ static AlgorithmChecker getInstance() {
+ return INSTANCE;
+ }
+
+ /**
+ * Initializes the internal state of the checker from parameters
+ * specified in the constructor.
+ */
+ public void init(boolean forward) throws CertPathValidatorException {
+ // do nothing
+ }
+
+ public boolean isForwardCheckingSupported() {
+ return false;
+ }
+
+ public Set<String> getSupportedExtensions() {
+ return null;
+ }
+
+ /**
+ * Checks the signature algorithm of the specified certificate.
+ */
+ public void check(Certificate cert, Collection<String> unresolvedCritExts)
+ throws CertPathValidatorException {
+ check(cert);
+ }
+
+ public static void check(Certificate cert)
+ throws CertPathValidatorException {
+ X509Certificate xcert = (X509Certificate)cert;
+ check(xcert.getSigAlgName());
+ }
+
+ static void check(AlgorithmId aid) throws CertPathValidatorException {
+ check(aid.getName());
+ }
+
+ static void check(X509CRL crl) throws CertPathValidatorException {
+ check(crl.getSigAlgName());
+ }
+
+ private static void check(String algName)
+ throws CertPathValidatorException {
+
+ String lowerCaseAlgName = algName.toLowerCase(Locale.ENGLISH);
+
+ for (String disabled : disabledAlgorithms) {
+ // checking the signature algorithm name
+ if (lowerCaseAlgName.indexOf(disabled) != -1) {
+ throw new CertPathValidatorException(
+ "algorithm check failed: " + algName + " is disabled");
+ }
+ }
+ }
+
+}
--- a/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java Wed Oct 07 08:38:43 2009 -0700
@@ -289,6 +289,16 @@
X500Name certIssuer = (X500Name) certImpl.getIssuerDN();
X500Name crlIssuer = (X500Name) crlImpl.getIssuerDN();
+ // check the crl signature algorithm
+ try {
+ AlgorithmChecker.check(crl);
+ } catch (CertPathValidatorException cpve) {
+ if (debug != null) {
+ debug.println("CRL signature algorithm check failed: " + cpve);
+ }
+ return false;
+ }
+
// if crlIssuer is set, verify that it matches the issuer of the
// CRL and the CRL contains an IDP extension with the indirectCRL
// boolean asserted. Otherwise, verify that the CRL issuer matches the
--- a/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/security/provider/certpath/ForwardBuilder.java Wed Oct 07 08:38:43 2009 -0700
@@ -719,6 +719,11 @@
/* we don't perform any validation of the trusted cert */
if (!isTrustedCert) {
/*
+ * check that the signature algorithm is not disabled.
+ */
+ AlgorithmChecker.check(cert);
+
+ /*
* Check CRITICAL private extensions for user checkers that
* support forward checking (forwardCheckers) and remove
* ones we know how to check.
--- a/jdk/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java Wed Oct 07 08:38:43 2009 -0700
@@ -275,6 +275,7 @@
int certPathLen = certList.size();
basicChecker = new BasicChecker(anchor, testDate, sigProvider, false);
+ AlgorithmChecker algorithmChecker= AlgorithmChecker.getInstance();
KeyChecker keyChecker = new KeyChecker(certPathLen,
pkixParam.getTargetCertConstraints());
ConstraintsChecker constraintsChecker =
@@ -291,6 +292,7 @@
ArrayList<PKIXCertPathChecker> certPathCheckers =
new ArrayList<PKIXCertPathChecker>();
// add standard checkers that we will be using
+ certPathCheckers.add(algorithmChecker);
certPathCheckers.add(keyChecker);
certPathCheckers.add(constraintsChecker);
certPathCheckers.add(policyChecker);
--- a/jdk/src/share/classes/sun/security/provider/certpath/ReverseBuilder.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/security/provider/certpath/ReverseBuilder.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 2000-2008 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -347,6 +347,9 @@
return;
}
+ /* check that the signature algorithm is not disabled. */
+ AlgorithmChecker.check(cert);
+
/*
* check for looping - abort a loop if
* ((we encounter the same certificate twice) AND
--- a/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/security/timestamp/HttpTimestamper.java Wed Oct 07 08:38:43 2009 -0700
@@ -34,6 +34,7 @@
import java.util.Set;
import java.util.Arrays;
+import sun.misc.IOUtils;
import sun.security.pkcs.*;
/**
@@ -142,25 +143,7 @@
int total = 0;
int contentLength = connection.getContentLength();
- if (contentLength != -1) {
- replyBuffer = new byte[contentLength];
- } else {
- replyBuffer = new byte[2048];
- contentLength = Integer.MAX_VALUE;
- }
-
- while (total < contentLength) {
- int count = input.read(replyBuffer, total,
- replyBuffer.length - total);
- if (count < 0)
- break;
-
- total += count;
- if (total >= replyBuffer.length && total < contentLength) {
- replyBuffer = Arrays.copyOf(replyBuffer, total * 2);
- }
- }
- replyBuffer = Arrays.copyOf(replyBuffer, total);
+ replyBuffer = IOUtils.readFully(input, contentLength, false);
if (DEBUG) {
System.out.println("received timestamp response (length=" +
--- a/jdk/src/share/classes/sun/security/util/DerValue.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/security/util/DerValue.java Wed Oct 07 08:38:43 2009 -0700
@@ -28,6 +28,7 @@
import java.io.*;
import java.math.BigInteger;
import java.util.Date;
+import sun.misc.IOUtils;
/**
* Represents a single DER-encoded value. DER encoding rules are a subset
@@ -382,12 +383,8 @@
if (fullyBuffered && in.available() != length)
throw new IOException("extra data given to DerValue constructor");
- byte[] bytes = new byte[length];
+ byte[] bytes = IOUtils.readFully(in, length, true);
- // n.b. readFully not needed in normal fullyBuffered case
- DataInputStream dis = new DataInputStream(in);
-
- dis.readFully(bytes);
buffer = new DerInputBuffer(bytes);
return new DerInputStream(buffer);
}
--- a/jdk/src/share/classes/sun/security/validator/SimpleValidator.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/security/validator/SimpleValidator.java Wed Oct 07 08:38:43 2009 -0700
@@ -40,6 +40,8 @@
import sun.security.util.DerOutputStream;
import sun.security.util.ObjectIdentifier;
+import sun.security.provider.certpath.AlgorithmChecker;
+
/**
* A simple validator implementation. It is based on code from the JSSE
* X509TrustManagerImpl. This implementation is designed for compatibility with
@@ -134,6 +136,13 @@
X509Certificate issuerCert = chain[i + 1];
X509Certificate cert = chain[i];
+ // check certificate algorithm
+ try {
+ AlgorithmChecker.check(cert);
+ } catch (CertPathValidatorException cpve) {
+ throw new ValidatorException
+ (ValidatorException.T_ALGORITHM_DISABLED, cert, cpve);
+ }
// no validity check for code signing certs
if ((variant.equals(VAR_CODE_SIGNING) == false)
--- a/jdk/src/share/classes/sun/security/validator/ValidatorException.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/security/validator/ValidatorException.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2003 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2002-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -55,6 +55,9 @@
public final static Object T_NAME_CHAINING =
"Certificate chaining error";
+ public final static Object T_ALGORITHM_DISABLED =
+ "Certificate signature algorithm disabled";
+
private Object type;
private X509Certificate cert;
--- a/jdk/src/share/classes/sun/util/calendar/ZoneInfoFile.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/classes/sun/util/calendar/ZoneInfoFile.java Wed Oct 07 08:38:43 2009 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright 2000-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2000-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -472,6 +472,18 @@
private static Map<String, ZoneInfo> zoneInfoObjects = null;
+ private static final String ziDir;
+ static {
+ String zi = (String) AccessController.doPrivileged(
+ new sun.security.action.GetPropertyAction("java.home"))
+ + File.separator + "lib" + File.separator + "zi";
+ try {
+ zi = new File(zi).getCanonicalPath();
+ } catch (Exception e) {
+ }
+ ziDir = zi;
+ }
+
/**
* Converts the given time zone ID to a platform dependent path
* name. For example, "America/Los_Angeles" is converted to
@@ -576,20 +588,7 @@
return null;
}
- int index;
- for (index = 0; index < JAVAZI_LABEL.length; index++) {
- if (buf[index] != JAVAZI_LABEL[index]) {
- System.err.println("ZoneInfo: wrong magic number: " + id);
- return null;
- }
- }
-
- if (buf[index++] > JAVAZI_VERSION) {
- System.err.println("ZoneInfo: incompatible version ("
- + buf[index - 1] + "): " + id);
- return null;
- }
-
+ int index = 0;
int filesize = buf.length;
int rawOffset = 0;
int dstSavings = 0;
@@ -600,6 +599,18 @@
int[] simpleTimeZoneParams = null;
try {
+ for (index = 0; index < JAVAZI_LABEL.length; index++) {
+ if (buf[index] != JAVAZI_LABEL[index]) {
+ System.err.println("ZoneInfo: wrong magic number: " + id);
+ return null;
+ }
+ }
+ if (buf[index++] > JAVAZI_VERSION) {
+ System.err.println("ZoneInfo: incompatible version ("
+ + buf[index - 1] + "): " + id);
+ return null;
+ }
+
while (index < filesize) {
byte tag = buf[index++];
int len = ((buf[index++] & 0xFF) << 8) + (buf[index++] & 0xFF);
@@ -1017,30 +1028,33 @@
* Reads the specified file under <java.home>/lib/zi into a buffer.
* @return the buffer, or null if any I/O error occurred.
*/
- private static byte[] readZoneInfoFile(String fileName) {
+ private static byte[] readZoneInfoFile(final String fileName) {
byte[] buffer = null;
try {
- String homeDir = AccessController.doPrivileged(
- new sun.security.action.GetPropertyAction("java.home"));
- final String fname = homeDir + File.separator + "lib" + File.separator
- + "zi" + File.separator + fileName;
buffer = (byte[]) AccessController.doPrivileged(new PrivilegedExceptionAction() {
public Object run() throws IOException {
- File file = new File(fname);
- if (!file.canRead()) {
+ File file = new File(ziDir, fileName);
+ if (!file.exists() || !file.isFile()) {
return null;
}
- int filesize = (int)file.length();
- byte[] buf = new byte[filesize];
-
- FileInputStream fis = new FileInputStream(file);
-
- if (fis.read(buf) != filesize) {
- fis.close();
- throw new IOException("read error on " + fname);
+ file = file.getCanonicalFile();
+ String path = file.getCanonicalPath();
+ byte[] buf = null;
+ if (path != null && path.startsWith(ziDir)) {
+ int filesize = (int)file.length();
+ if (filesize > 0) {
+ FileInputStream fis = new FileInputStream(file);
+ buf = new byte[filesize];
+ try {
+ if (fis.read(buf) != filesize) {
+ throw new IOException("read error on " + fileName);
+ }
+ } finally {
+ fis.close();
+ }
+ }
}
- fis.close();
return buf;
}
});
--- a/jdk/src/share/native/sun/awt/image/awt_ImageRep.c Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/native/sun/awt/image/awt_ImageRep.c Wed Oct 07 08:38:43 2009 -0700
@@ -142,84 +142,6 @@
}
-JNIEXPORT void JNICALL
-Java_sun_awt_image_ImageRepresentation_setBytePixels(JNIEnv *env, jclass cls,
- jint x, jint y, jint w,
- jint h, jbyteArray jpix,
- jint off, jint scansize,
- jobject jbct,
- jint chanOffs)
-{
- int sStride;
- int pixelStride;
- jobject jdata;
- unsigned char *srcData;
- unsigned char *dstData;
- unsigned char *dataP;
- unsigned char *pixP;
- int i;
- int j;
-
-
- if (JNU_IsNull(env, jpix)) {
- JNU_ThrowNullPointerException(env, "NullPointerException");
- return;
- }
-
- sStride = (*env)->GetIntField(env, jbct, g_BCRscanstrID);
- pixelStride = (*env)->GetIntField(env, jbct, g_BCRpixstrID);
- jdata = (*env)->GetObjectField(env, jbct, g_BCRdataID);
-
- srcData = (unsigned char *) (*env)->GetPrimitiveArrayCritical(env, jpix,
- NULL);
- if (srcData == NULL) {
- /* out of memory error already thrown */
- return;
- }
-
- dstData = (unsigned char *) (*env)->GetPrimitiveArrayCritical(env, jdata,
- NULL);
- if (dstData == NULL) {
- /* out of memory error already thrown */
- (*env)->ReleasePrimitiveArrayCritical(env, jpix, srcData, JNI_ABORT);
- return;
- }
-
- dataP = dstData + chanOffs + y*sStride + x*pixelStride;
- pixP = srcData + off;
- if (pixelStride == 1) {
- if (sStride == scansize && scansize == w) {
- memcpy(dataP, pixP, w*h);
- }
- else {
- for (i=0; i < h; i++) {
- memcpy(dataP, pixP, w);
- dataP += sStride;
- pixP += scansize;
- }
- }
- }
- else {
- unsigned char *ydataP = dataP;
- unsigned char *ypixP = pixP;
-
- for (i=0; i < h; i++) {
- dataP = ydataP;
- pixP = ypixP;
- for (j=0; j < w; j++) {
- *dataP = *pixP++;
- dataP += pixelStride;
- }
- ydataP += sStride;
- ypixP += scansize;
- }
- }
-
- (*env)->ReleasePrimitiveArrayCritical(env, jpix, srcData, JNI_ABORT);
- (*env)->ReleasePrimitiveArrayCritical(env, jdata, dstData, JNI_ABORT);
-
-}
-
JNIEXPORT jint JNICALL
Java_sun_awt_image_ImageRepresentation_setDiffICM(JNIEnv *env, jclass cls,
jint x, jint y, jint w,
@@ -266,6 +188,13 @@
jnewlut = (*env)->GetObjectField(env, jicm, g_ICMrgbID);
mapSize = (*env)->GetIntField(env, jicm, g_ICMmapSizeID);
+ if (numLut < 0 || numLut > 256 || mapSize < 0 || mapSize > 256) {
+ /* Ether old or new ICM has a palette that exceeds capacity
+ of byte data type, so we have to convert the image data
+ to default representation.
+ */
+ return 0;
+ }
srcLUT = (unsigned int *) (*env)->GetPrimitiveArrayCritical(env, jlut,
NULL);
if (srcLUT == NULL) {
--- a/jdk/src/share/native/sun/awt/image/jpeg/imageioJPEG.c Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/share/native/sun/awt/image/jpeg/imageioJPEG.c Wed Oct 07 08:38:43 2009 -0700
@@ -676,6 +676,10 @@
#ifdef DEBUG_IIO_JPEG
printf("in setQTables, qlen = %d, write is %d\n", qlen, write);
#endif
+ if (qlen > NUM_QUANT_TBLS) {
+ /* Ignore extra qunterization tables. */
+ qlen = NUM_QUANT_TBLS;
+ }
for (i = 0; i < qlen; i++) {
table = (*env)->GetObjectArrayElement(env, qtables, i);
qdata = (*env)->GetObjectField(env, table, JPEGQTable_tableID);
@@ -727,6 +731,11 @@
hlensBody = (*env)->GetShortArrayElements(env,
huffLens,
NULL);
+ if (hlensLen > 16) {
+ /* Ignore extra elements of bits array. Only 16 elements can be
+ stored. 0-th element is not used. (see jpeglib.h, line 107) */
+ hlensLen = 16;
+ }
for (i = 1; i <= hlensLen; i++) {
huff_ptr->bits[i] = (UINT8)hlensBody[i-1];
}
@@ -743,6 +752,11 @@
huffValues,
NULL);
+ if (hvalsLen > 256) {
+ /* Ignore extra elements of hufval array. Only 256 elements
+ can be stored. (see jpeglib.h, line 109) */
+ hlensLen = 256;
+ }
for (i = 0; i < hvalsLen; i++) {
huff_ptr->huffval[i] = (UINT8)hvalsBody[i];
}
@@ -763,6 +777,11 @@
j_compress_ptr comp;
j_decompress_ptr decomp;
jsize hlen = (*env)->GetArrayLength(env, DCHuffmanTables);
+
+ if (hlen > NUM_HUFF_TBLS) {
+ /* Ignore extra DC huffman tables. */
+ hlen = NUM_HUFF_TBLS;
+ }
for (i = 0; i < hlen; i++) {
if (cinfo->is_decompressor) {
decomp = (j_decompress_ptr) cinfo;
@@ -784,6 +803,10 @@
huff_ptr->sent_table = !write;
}
hlen = (*env)->GetArrayLength(env, ACHuffmanTables);
+ if (hlen > NUM_HUFF_TBLS) {
+ /* Ignore extra AC huffman tables. */
+ hlen = NUM_HUFF_TBLS;
+ }
for (i = 0; i < hlen; i++) {
if (cinfo->is_decompressor) {
decomp = (j_decompress_ptr) cinfo;
@@ -1833,6 +1856,13 @@
return JNI_FALSE;
}
+ if (stepX > cinfo->image_width) {
+ stepX = cinfo->image_width;
+ }
+ if (stepY > cinfo->image_height) {
+ stepY = cinfo->image_height;
+ }
+
/*
* First get the source bands array and copy it to our local array
* so we don't have to worry about pinning and unpinning it again.
--- a/jdk/src/solaris/classes/sun/awt/X11/XBaseWindow.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XBaseWindow.java Wed Oct 07 08:38:43 2009 -0700
@@ -824,7 +824,9 @@
* The active grab overrides activated automatic grab.
*/
public boolean grabInput() {
- grabLog.log(Level.FINE, "Grab input on {0}", new Object[] {this});
+ if (grabLog.isLoggable(Level.FINE)) {
+ grabLog.log(Level.FINE, "Grab input on {0}", new Object[] {String.valueOf(this)});
+ }
XToolkit.awtLock();
try {
@@ -887,7 +889,10 @@
XToolkit.awtLock();
try {
XBaseWindow grabWindow = XAwtState.getGrabWindow();
- grabLog.log(Level.FINE, "UnGrab input on {0}", new Object[] {grabWindow});
+ if (grabLog.isLoggable(Level.FINE)) {
+ grabLog.log(Level.FINE, "UnGrab input on {0}",
+ new Object[] {String.valueOf(grabWindow)});
+ }
if (grabWindow != null) {
grabWindow.ungrabInputImpl();
if (!XToolkit.getSunAwtDisableGrab()) {
@@ -940,7 +945,7 @@
XPropertyCache.clearCache(window, XAtom.get(msg.get_atom()));
}
if (eventLog.isLoggable(Level.FINER)) {
- eventLog.log(Level.FINER, "{0}", new Object[] {msg});
+ eventLog.log(Level.FINER, "{0}", new Object[] {String.valueOf(msg)});
}
}
@@ -1021,8 +1026,10 @@
}
public void handleConfigureNotifyEvent(XEvent xev) {
XConfigureEvent xe = xev.get_xconfigure();
- insLog.log(Level.FINER, "Configure, {0}",
- new Object[] {xe});
+ if (insLog.isLoggable(Level.FINER)) {
+ insLog.log(Level.FINER, "Configure, {0}",
+ new Object[] {String.valueOf(xe)});
+ }
x = xe.get_x();
y = xe.get_y();
width = xe.get_width();
--- a/jdk/src/solaris/classes/sun/awt/X11/XCheckboxMenuItemPeer.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XCheckboxMenuItemPeer.java Wed Oct 07 08:38:43 2009 -0700
@@ -29,8 +29,6 @@
import java.awt.peer.*;
import java.awt.event.*;
-import java.util.logging.*;
-
import java.lang.reflect.Field;
import sun.awt.SunToolkit;
@@ -42,8 +40,6 @@
*
************************************************/
- private static Logger log = Logger.getLogger("sun.awt.X11.XCheckboxMenuItemPeer");
-
/*
* CheckboxMenuItem's fields
*/
--- a/jdk/src/solaris/classes/sun/awt/X11/XComponentPeer.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XComponentPeer.java Wed Oct 07 08:38:43 2009 -0700
@@ -253,7 +253,9 @@
* Called when component receives focus
*/
public void focusGained(FocusEvent e) {
- focusLog.log(Level.FINE, "{0}", new Object[] {e});
+ if (focusLog.isLoggable(Level.FINE)) {
+ focusLog.log(Level.FINE, "{0}", new Object[] {String.valueOf(e)});
+ }
bHasFocus = true;
}
@@ -261,7 +263,9 @@
* Called when component loses focus
*/
public void focusLost(FocusEvent e) {
- focusLog.log(Level.FINE, "{0}", new Object[] {e});
+ if (focusLog.isLoggable(Level.FINE)) {
+ focusLog.log(Level.FINE, "{0}", new Object[] {String.valueOf(e)});
+ }
bHasFocus = false;
}
@@ -414,7 +418,10 @@
* @see java.awt.peer.ComponentPeer
*/
public void setEnabled(boolean value) {
- enableLog.log(Level.FINE, "{0}ing {1}", new Object[] {(value?"Enabl":"Disabl"), this});
+ if (enableLog.isLoggable(Level.FINE)) {
+ enableLog.log(Level.FINE, "{0}ing {1}",
+ new Object[] {(value?"Enabl":"Disabl"), String.valueOf(this)});
+ }
boolean repaintNeeded = (enabled != value);
enabled = value;
if (target instanceof Container) {
@@ -1262,7 +1269,10 @@
* ButtonPress, ButtonRelease, KeyPress, KeyRelease, EnterNotify, LeaveNotify, MotionNotify
*/
protected boolean isEventDisabled(XEvent e) {
- enableLog.log(Level.FINEST, "Component is {1}, checking for disabled event {0}", new Object[] {e, (isEnabled()?"enabled":"disable")});
+ if (enableLog.isLoggable(Level.FINEST)) {
+ enableLog.log(Level.FINEST, "Component is {1}, checking for disabled event {0}",
+ new Object[] {String.valueOf(e), (isEnabled()?"enabled":"disable")});
+ }
if (!isEnabled()) {
switch (e.get_type()) {
case XConstants.ButtonPress:
@@ -1272,7 +1282,9 @@
case XConstants.EnterNotify:
case XConstants.LeaveNotify:
case XConstants.MotionNotify:
- enableLog.log(Level.FINER, "Event {0} is disable", new Object[] {e});
+ if (enableLog.isLoggable(Level.FINER)) {
+ enableLog.log(Level.FINER, "Event {0} is disable", new Object[] {String.valueOf(e)});
+ }
return true;
}
}
--- a/jdk/src/solaris/classes/sun/awt/X11/XContentWindow.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XContentWindow.java Wed Oct 07 08:38:43 2009 -0700
@@ -116,8 +116,10 @@
if (in != null) {
newBounds.setLocation(-in.left, -in.top);
}
- if (insLog.isLoggable(Level.FINE)) insLog.log(Level.FINE, "Setting content bounds {0}, old bounds {1}",
- new Object[] {newBounds, getBounds()});
+ if (insLog.isLoggable(Level.FINE)) {
+ insLog.log(Level.FINE, "Setting content bounds {0}, old bounds {1}",
+ new Object[] {String.valueOf(newBounds), String.valueOf(getBounds())});
+ }
// Fix for 5023533:
// Change in the size of the content window means, well, change of the size
// Change in the location of the content window means change in insets
--- a/jdk/src/solaris/classes/sun/awt/X11/XDecoratedPeer.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XDecoratedPeer.java Wed Oct 07 08:38:43 2009 -0700
@@ -79,7 +79,9 @@
Rectangle bounds = (Rectangle)params.get(BOUNDS);
dimensions = new WindowDimensions(bounds, getRealInsets(), false);
params.put(BOUNDS, dimensions.getClientRect());
- insLog.log(Level.FINE, "Initial dimensions {0}", new Object[] { dimensions });
+ if (insLog.isLoggable(Level.FINE)) {
+ insLog.log(Level.FINE, "Initial dimensions {0}",new Object[] { String.valueOf(dimensions) });
+ }
// Deny default processing of these events on the shell - proxy will take care of
// them instead
@@ -265,7 +267,10 @@
wm_set_insets = XWM.getInsetsFromProp(getWindow(), changedAtom);
}
- insLog.log(Level.FINER, "FRAME_EXTENTS: {0}", new Object[]{wm_set_insets});
+ if (insLog.isLoggable(Level.FINER)) {
+ insLog.log(Level.FINER, "FRAME_EXTENTS: {0}",
+ new Object[]{String.valueOf(wm_set_insets)});
+ }
if (wm_set_insets != null) {
wm_set_insets = copy(wm_set_insets);
@@ -331,7 +336,10 @@
// Check if we have insets provided by the WM
Insets correctWM = getWMSetInsets(null);
if (correctWM != null) {
- insLog.log(Level.FINER, "wm-provided insets {0}", new Object[]{correctWM});
+ if (insLog.isLoggable(Level.FINER)) {
+ insLog.log(Level.FINER, "wm-provided insets {0}",
+ new Object[]{String.valueOf(correctWM)});
+ }
// If these insets are equal to our current insets - no actions are necessary
Insets dimInsets = dimensions.getInsets();
if (correctWM.equals(dimInsets)) {
@@ -345,7 +353,9 @@
correctWM = XWM.getWM().getInsets(this, xe.get_window(), xe.get_parent());
if (correctWM != null) {
- insLog.log(Level.FINER, "correctWM {0}", new Object[] {correctWM});
+ if (insLog.isLoggable(Level.FINE)) {
+ insLog.log(Level.FINER, "correctWM {0}", new Object[] {String.valueOf(correctWM)});
+ }
} else {
insLog.log(Level.FINER, "correctWM insets are not available, waiting for configureNotify");
}
@@ -368,7 +378,10 @@
* initial insets were wrong (most likely they were).
*/
Insets correction = difference(correctWM, currentInsets);
- insLog.log(Level.FINEST, "Corrention {0}", new Object[] {correction});
+ if (insLog.isLoggable(Level.FINEST)) {
+ insLog.log(Level.FINEST, "Corrention {0}",
+ new Object[] {String.valueOf(correction)});
+ }
if (!isNull(correction)) {
currentInsets = copy(correctWM);
applyGuessedInsets();
@@ -453,7 +466,7 @@
Insets in = copy(getRealInsets());
in.top += getMenuBarHeight();
if (insLog.isLoggable(Level.FINEST)) {
- insLog.log(Level.FINEST, "Get insets returns {0}", new Object[] {in});
+ insLog.log(Level.FINEST, "Get insets returns {0}", new Object[] {String.valueOf(in)});
}
return in;
}
@@ -610,7 +623,7 @@
break;
}
if (insLog.isLoggable(Level.FINE)) insLog.log(Level.FINE, "For the operation {0} new dimensions are {1}",
- new Object[] {operationToString(operation), dims});
+ new Object[] {operationToString(operation), String.valueOf(dims)});
reshape(dims, operation, userReshape);
}
@@ -640,7 +653,9 @@
public void handleConfigureNotifyEvent(XEvent xev) {
assert (SunToolkit.isAWTLockHeldByCurrentThread());
XConfigureEvent xe = xev.get_xconfigure();
- insLog.log(Level.FINE, "Configure notify {0}", new Object[] {xe});
+ if (insLog.isLoggable(Level.FINE)) {
+ insLog.log(Level.FINE, "Configure notify {0}", new Object[] {String.valueOf(xe)});
+ }
// XXX: should really only consider synthetic events, but
if (isReparented()) {
@@ -732,7 +747,10 @@
case XWM.SAWFISH_WM:
{
Point xlocation = queryXLocation();
- if (log.isLoggable(Level.FINE)) log.log(Level.FINE, "New X location: {0}", new Object[]{xlocation});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINE, "New X location: {0}",
+ new Object[]{String.valueOf(xlocation)});
+ }
if (xlocation != null) {
newLocation = xlocation;
}
@@ -749,8 +767,10 @@
copy(currentInsets),
true);
- insLog.log(Level.FINER, "Insets are {0}, new dimensions {1}",
- new Object[] {currentInsets, newDimensions});
+ if (insLog.isLoggable(Level.FINER)) {
+ insLog.log(Level.FINER, "Insets are {0}, new dimensions {1}",
+ new Object[] {String.valueOf(currentInsets), String.valueOf(newDimensions)});
+ }
checkIfOnNewScreen(newDimensions.getBounds());
@@ -917,7 +937,7 @@
Point location = target.getLocation();
if (insLog.isLoggable(Level.FINE))
insLog.log(Level.FINE, "getLocationOnScreen {0} not reparented: {1} ",
- new Object[] {this, location});
+ new Object[] {String.valueOf(this), String.valueOf(location)});
return location;
}
} finally {
@@ -954,7 +974,10 @@
}
public void setVisible(boolean vis) {
- log.log(Level.FINER, "Setting {0} to visible {1}", new Object[] {this, Boolean.valueOf(vis)});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINER, "Setting {0} to visible {1}",
+ new Object[] {String.valueOf(this), Boolean.valueOf(vis)});
+ }
if (vis && !isVisible()) {
XWM.setShellDecor(this);
super.setVisible(vis);
@@ -1005,7 +1028,9 @@
}
private void handleWmTakeFocus(XClientMessageEvent cl) {
- focusLog.log(Level.FINE, "WM_TAKE_FOCUS on {0}", new Object[]{this});
+ if (focusLog.isLoggable(Level.FINE)) {
+ focusLog.log(Level.FINE, "WM_TAKE_FOCUS on {0}", new Object[]{String.valueOf(this)});
+ }
requestWindowFocus(cl.get_data(1), true);
}
--- a/jdk/src/solaris/classes/sun/awt/X11/XDropTargetProtocol.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XDropTargetProtocol.java Wed Oct 07 08:38:43 2009 -0700
@@ -117,7 +117,7 @@
EmbedderRegistryEntry entry = getEmbedderRegistryEntry(toplevel);
if (logger.isLoggable(Level.FINEST)) {
- logger.log(Level.FINEST, " entry={0}", new Object[] {entry});
+ logger.log(Level.FINEST, " entry={0}", new Object[] {String.valueOf(entry)});
}
// Window not registered as an embedder for this protocol.
if (entry == null) {
@@ -138,7 +138,8 @@
long proxy = entry.getProxy();
if (logger.isLoggable(Level.FINEST)) {
- logger.log(Level.FINEST, " proxy={0} toplevel={1}", new Object[] {proxy, toplevel});
+ logger.log(Level.FINEST, " proxy={0} toplevel={1}",
+ new Object[] {String.valueOf(proxy), String.valueOf(toplevel)});
}
if (proxy == 0) {
proxy = toplevel;
--- a/jdk/src/solaris/classes/sun/awt/X11/XFocusProxyWindow.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XFocusProxyWindow.java Wed Oct 07 08:38:43 2009 -0700
@@ -34,7 +34,6 @@
* and therefore X doesn't control focus after we have set it to proxy.
*/
public class XFocusProxyWindow extends XBaseWindow {
- private static final Logger focusLog = Logger.getLogger("sun.awt.X11.focus.XFocusProxyWindow");
XWindowPeer owner;
public XFocusProxyWindow(XWindowPeer owner) {
--- a/jdk/src/solaris/classes/sun/awt/X11/XFramePeer.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XFramePeer.java Wed Oct 07 08:38:43 2009 -0700
@@ -283,7 +283,9 @@
super.handlePropertyNotify(xev);
XPropertyEvent ev = xev.get_xproperty();
- log.log(Level.FINER, "Property change {0}", new Object[] {ev});
+ if (log.isLoggable(Level.FINER)) {
+ log.log(Level.FINER, "Property change {0}", new Object[] {String.valueOf(ev)});
+ }
/*
* Let's see if this is a window state protocol message, and
* if it is - decode a new state in terms of java constants.
--- a/jdk/src/solaris/classes/sun/awt/X11/XIconWindow.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XIconWindow.java Wed Oct 07 08:38:43 2009 -0700
@@ -75,7 +75,7 @@
XIconSize[] res = new XIconSize[count];
for (int i = 0; i < count; i++, sizes_ptr += XIconSize.getSize()) {
res[i] = new XIconSize(sizes_ptr);
- log.log(Level.FINEST, "sizes_ptr[{1}] = {0}", new Object[] {res[i], Integer.valueOf(i)});
+ log.log(Level.FINEST, "sizes_ptr[{1}] = {0}", new Object[] {String.valueOf(res[i]), Integer.valueOf(i)});
}
return res;
} finally {
@@ -92,7 +92,10 @@
}
XIconSize[] sizeList = getIconSizes();
- log.log(Level.FINEST, "Icon sizes: {0}", new Object[] {sizeList});
+
+ if (log.isLoggable(Level.FINEST)) {
+ log.log(Level.FINEST, "Icon sizes: {0}", new Object[] {String.valueOf(sizeList)});
+ }
if (sizeList == null) {
// No icon sizes so we simply fall back to 16x16
return new Dimension(16, 16);
@@ -444,7 +447,9 @@
}
Dimension iconSize = getIconSize(width, height);
if (iconSize != null) {
- log.log(Level.FINEST, "Icon size: {0}", iconSize);
+ if (log.isLoggable(Level.FINEST)) {
+ log.log(Level.FINEST, "Icon size: {0}", String.valueOf(iconSize));
+ }
iconWidth = iconSize.width;
iconHeight = iconSize.height;
} else {
--- a/jdk/src/solaris/classes/sun/awt/X11/XInputMethod.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XInputMethod.java Wed Oct 07 08:38:43 2009 -0700
@@ -108,7 +108,10 @@
client = getParent(client);
peer = (XComponentPeer)XToolkit.targetToPeer(client);
}
- log.log(Level.FINE, "Peer is {0}, client is {1}", new Object[] {peer, client});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINE, "Peer is {0}, client is {1}",
+ new Object[] {String.valueOf(peer), String.valueOf(client)});
+ }
if (peer != null)
return peer;
--- a/jdk/src/solaris/classes/sun/awt/X11/XMenuItemPeer.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XMenuItemPeer.java Wed Oct 07 08:38:43 2009 -0700
@@ -43,8 +43,6 @@
*
************************************************/
- private static Logger log = Logger.getLogger("sun.awt.X11.XMenuItemPeer");
-
/*
* Primary members
*/
--- a/jdk/src/solaris/classes/sun/awt/X11/XNETProtocol.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XNETProtocol.java Wed Oct 07 08:38:43 2009 -0700
@@ -54,7 +54,11 @@
private void setInitialState(XWindowPeer window, int state) {
XAtomList old_state = window.getNETWMState();
- log.log(Level.FINE, "Current state of the window {0} is {1}", new Object[] {window, old_state});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINE, "Current state of the window {0} is {1}",
+ new Object[] {String.valueOf(window),
+ String.valueOf(old_state)});
+ }
if ((state & Frame.MAXIMIZED_VERT) != 0) {
old_state.add(XA_NET_WM_STATE_MAXIMIZED_VERT);
} else {
@@ -65,7 +69,10 @@
} else {
old_state.remove(XA_NET_WM_STATE_MAXIMIZED_HORZ);
}
- log.log(Level.FINE, "Setting initial state of the window {0} to {1}", new Object[] {window, old_state});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINE, "Setting initial state of the window {0} to {1}",
+ new Object[] {String.valueOf(window), String.valueOf(old_state)});
+ }
window.setNETWMState(old_state);
}
@@ -180,7 +187,11 @@
req.set_data(1, state.getAtom());
// Fix for 6735584: req.data[2] must be set to 0 when only one property is changed
req.set_data(2, 0);
- log.log(Level.FINE, "Setting _NET_STATE atom {0} on {1} for {2}", new Object[] {state, window, Boolean.valueOf(isAdd)});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINE, "Setting _NET_STATE atom {0} on {1} for {2}",
+ new Object[] {String.valueOf(state), String.valueOf(window),
+ Boolean.valueOf(isAdd)});
+ }
XToolkit.awtLock();
try {
XlibWrapper.XSendEvent(XToolkit.getDisplay(),
@@ -212,13 +223,19 @@
requestState(window, state, set);
} else {
XAtomList net_wm_state = window.getNETWMState();
- log.log(Level.FINE, "Current state on {0} is {1}", new Object[] {window, net_wm_state});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINE, "Current state on {0} is {1}",
+ new Object[] {String.valueOf(window), net_wm_state});
+ }
if (!set) {
net_wm_state.remove(state);
} else {
net_wm_state.add(state);
}
- log.log(Level.FINE, "Setting states on {0} to {1}", new Object[] {window, net_wm_state});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINE, "Setting states on {0} to {1}",
+ new Object[] {String.valueOf(window), net_wm_state});
+ }
window.setNETWMState(net_wm_state);
}
XToolkit.XSync();
--- a/jdk/src/solaris/classes/sun/awt/X11/XProtocol.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XProtocol.java Wed Oct 07 08:38:43 2009 -0700
@@ -54,7 +54,11 @@
} finally {
if (firstCheck) {
firstCheck = false;
- log.log(Level.FINE, "{0}:{1} supports {2}", new Object[] {this, listName, protocols});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINE, "{0}:{1} supports {2}",
+ new Object[] {String.valueOf(this), String.valueOf(listName),
+ String.valueOf(protocols)});
+ }
}
}
}
--- a/jdk/src/solaris/classes/sun/awt/X11/XQueryTree.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XQueryTree.java Wed Oct 07 08:38:43 2009 -0700
@@ -32,7 +32,6 @@
public class XQueryTree {
private static Unsafe unsafe = XlibWrapper.unsafe;
- private static final Logger log = Logger.getLogger("sun.awt.X11.XQueryTree");
private boolean __executed = false;
long _w;
long root_ptr = unsafe.allocateMemory(Native.getLongSize());
--- a/jdk/src/solaris/classes/sun/awt/X11/XToolkit.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XToolkit.java Wed Oct 07 08:38:43 2009 -0700
@@ -627,7 +627,7 @@
}
if (eventLog.isLoggable(Level.FINER)) {
- eventLog.log(Level.FINER, "{0}", ev);
+ eventLog.log(Level.FINER, "{0}", String.valueOf(ev));
}
// Check if input method consumes the event
@@ -1840,8 +1840,10 @@
if (timeoutTaskLog.isLoggable(Level.FINER)) {
timeoutTaskLog.log(Level.FINER, "XToolkit.schedule(): current time={0}" +
"; interval={1}" +
- "; task being added={2}" + "; tasks before addition={3}", new Object[] {
- Long.valueOf(System.currentTimeMillis()), Long.valueOf(interval), task, timeoutTasks});
+ "; task being added={2}" + "; tasks before addition={3}",
+ new Object[] {Long.valueOf(System.currentTimeMillis()),
+ Long.valueOf(interval), String.valueOf(task),
+ String.valueOf(timeoutTasks)});
}
if (timeoutTasks == null) {
@@ -1886,7 +1888,8 @@
private static void callTimeoutTasks() {
if (timeoutTaskLog.isLoggable(Level.FINER)) {
timeoutTaskLog.log(Level.FINER, "XToolkit.callTimeoutTasks(): current time={0}" +
- "; tasks={1}", new Object[] {Long.valueOf(System.currentTimeMillis()), timeoutTasks});
+ "; tasks={1}",
+ new Object[] {Long.valueOf(System.currentTimeMillis()), String.valueOf(timeoutTasks)});
}
if (timeoutTasks == null || timeoutTasks.isEmpty()) {
@@ -1904,7 +1907,8 @@
if (timeoutTaskLog.isLoggable(Level.FINER)) {
timeoutTaskLog.log(Level.FINER, "XToolkit.callTimeoutTasks(): current time={0}" +
- "; about to run task={1}", new Object[] {Long.valueOf(currentTime), task});
+ "; about to run task={1}",
+ new Object[] {Long.valueOf(currentTime), String.valueOf(task)});
}
try {
@@ -2361,7 +2365,10 @@
// Wait for selection notify for oops on win
long event_number = getEventNumber();
XAtom atom = XAtom.get("WM_S0");
- eventLog.log(Level.FINER, "WM_S0 selection owner {0}", new Object[] {XlibWrapper.XGetSelectionOwner(getDisplay(), atom.getAtom())});
+ if (eventLog.isLoggable(Level.FINER)) {
+ eventLog.log(Level.FINER, "WM_S0 selection owner {0}",
+ new Object[] {String.valueOf(XlibWrapper.XGetSelectionOwner(getDisplay(), atom.getAtom()))});
+ }
XlibWrapper.XConvertSelection(getDisplay(), atom.getAtom(),
XAtom.get("VERSION").getAtom(), oops.getAtom(),
win.getWindow(), XConstants.CurrentTime);
--- a/jdk/src/solaris/classes/sun/awt/X11/XTrayIconPeer.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XTrayIconPeer.java Wed Oct 07 08:38:43 2009 -0700
@@ -129,14 +129,17 @@
// If both the height and the width differ from the fixed size then WM
// must level at least one side to the fixed size. For some reason it may take
// a few hops (even after reparenting) and we have to skip the intermediate ones.
- ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}. Skipping as intermediate resizing.",
- XTrayIconPeer.this);
+ if (ctrLog.isLoggable(Level.FINE)) {
+ ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}. Skipping as intermediate resizing.",
+ String.valueOf(XTrayIconPeer.this));
+ }
return;
} else if (ce.get_height() > TRAY_ICON_HEIGHT) {
-
- ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}. Centering by \"Y\".",
- XTrayIconPeer.this);
+ if (ctrLog.isLoggable(Level.FINE)) {
+ ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}. Centering by \"Y\".",
+ String.valueOf(XTrayIconPeer.this));
+ }
XlibWrapper.XMoveResizeWindow(XToolkit.getDisplay(), eframeParentID,
ce.get_x(),
@@ -147,9 +150,10 @@
ex_width = 0;
} else if (ce.get_width() > TRAY_ICON_WIDTH) {
-
- ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}. Centering by \"X\".",
- XTrayIconPeer.this);
+ if (ctrLog.isLoggable(Level.FINE)) {
+ ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}. Centering by \"X\".",
+ String.valueOf(XTrayIconPeer.this));
+ }
XlibWrapper.XMoveResizeWindow(XToolkit.getDisplay(), eframeParentID,
ce.get_x()+ce.get_width()/2 - TRAY_ICON_WIDTH/2,
@@ -165,25 +169,32 @@
// In this case the parent window also lose centering. We have to restore it.
if (ex_height != 0) {
-
- ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}. Move detected. Centering by \"Y\".",
- XTrayIconPeer.this);
+ if (ctrLog.isLoggable(Level.FINE)) {
+ ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}." +
+ " Move detected. Centering by \"Y\".",
+ String.valueOf(XTrayIconPeer.this));
+ }
XlibWrapper.XMoveWindow(XToolkit.getDisplay(), eframeParentID,
ce.get_x(),
ce.get_y() + ex_height/2 - TRAY_ICON_HEIGHT/2);
} else if (ex_width != 0) {
-
- ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}. Move detected. Centering by \"X\".",
- XTrayIconPeer.this);
+ if (ctrLog.isLoggable(Level.FINE)) {
+ ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}." +
+ "Move detected. Centering by \"X\".",
+ String.valueOf(XTrayIconPeer.this));
+ }
XlibWrapper.XMoveWindow(XToolkit.getDisplay(), eframeParentID,
ce.get_x() + ex_width/2 - TRAY_ICON_WIDTH/2,
ce.get_y());
} else {
- ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}. Move detected. Skipping.",
- XTrayIconPeer.this);
+ if (ctrLog.isLoggable(Level.FINE)) {
+ ctrLog.log(Level.FINE, "ConfigureNotify on parent of {0}." +
+ "Move detected. Skipping.",
+ String.valueOf(XTrayIconPeer.this));
+ }
}
}
old_x = ce.get_x();
--- a/jdk/src/solaris/classes/sun/awt/X11/XWM.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XWM.java Wed Oct 07 08:38:43 2009 -0700
@@ -401,7 +401,10 @@
static boolean isCDE() {
if (!XA_DT_SM_WINDOW_INFO.isInterned()) {
- log.log(Level.FINER, "{0} is not interned", new Object[] {XA_DT_SM_WINDOW_INFO});
+ if (log.isLoggable(Level.FINER)) {
+ log.log(Level.FINER, "{0} is not interned",
+ new Object[] {String.valueOf(XA_DT_SM_WINDOW_INFO)});
+ }
return false;
}
@@ -432,7 +435,10 @@
/* Now check that this window has _DT_SM_STATE_INFO (ignore contents) */
if (!XA_DT_SM_STATE_INFO.isInterned()) {
- log.log(Level.FINER, "{0} is not interned", new Object[] {XA_DT_SM_STATE_INFO});
+ if (log.isLoggable(Level.FINER)) {
+ log.log(Level.FINER, "{0} is not interned",
+ new Object[] {String.valueOf(XA_DT_SM_STATE_INFO)});
+ }
return false;
}
WindowPropertyGetter getter2 =
@@ -596,7 +602,10 @@
*/
if (!XA_ICEWM_WINOPTHINT.isInterned()) {
- log.log(Level.FINER, "{0} is not interned", new Object[] {XA_ICEWM_WINOPTHINT});
+ if (log.isLoggable(Level.FINER)) {
+ log.log(Level.FINER, "{0} is not interned",
+ String.valueOf(XA_ICEWM_WINOPTHINT));
+ }
return false;
}
@@ -629,7 +638,10 @@
*/
static boolean isIceWM() {
if (!XA_ICEWM_WINOPTHINT.isInterned()) {
- log.log(Level.FINER, "{0} is not interned", new Object[] {XA_ICEWM_WINOPTHINT});
+ if (log.isLoggable(Level.FINER)) {
+ log.log(Level.FINER, "{0} is not interned",
+ new Object[] {String.valueOf(XA_ICEWM_WINOPTHINT)});
+ }
return false;
}
@@ -1354,7 +1366,9 @@
XNETProtocol net_protocol = getWM().getNETProtocol();
if (net_protocol != null && net_protocol.active()) {
Insets insets = getInsetsFromProp(window, XA_NET_FRAME_EXTENTS);
- insLog.log(Level.FINE, "_NET_FRAME_EXTENTS: {0}", insets);
+ if (insLog.isLoggable(Level.FINE)) {
+ insLog.log(Level.FINE, "_NET_FRAME_EXTENTS: {0}", String.valueOf(insets));
+ }
if (insets != null) {
return insets;
@@ -1495,7 +1509,10 @@
* [mwm, e!, kwin, fvwm2 ... ]
*/
Insets correctWM = XWM.getInsetsFromExtents(window);
- insLog.log(Level.FINER, "Got insets from property: {0}", correctWM);
+ if (insLog.isLoggable(Level.FINER)) {
+ insLog.log(Level.FINER, "Got insets from property: {0}",
+ String.valueOf(correctWM));
+ }
if (correctWM == null) {
correctWM = new Insets(0,0,0,0);
@@ -1556,7 +1573,10 @@
}
case XWM.OTHER_WM:
default: { /* this is very similar to the E! case above */
- insLog.log(Level.FINEST, "Getting correct insets for OTHER_WM/default, parent: {0}", parent);
+ if (insLog.isLoggable(Level.FINEST)) {
+ insLog.log(Level.FINEST, "Getting correct insets for OTHER_WM/default, parent: {0}",
+ String.valueOf(parent));
+ }
syncTopLevelPos(parent, lwinAttr);
int status = XlibWrapper.XGetWindowAttributes(XToolkit.getDisplay(),
window, lwinAttr.pData);
@@ -1583,8 +1603,11 @@
&& lwinAttr.get_width()+2*lwinAttr.get_border_width() == pattr.get_width()
&& lwinAttr.get_height()+2*lwinAttr.get_border_width() == pattr.get_height())
{
- insLog.log(Level.FINEST, "Double reparenting detected, pattr({2})={0}, lwinAttr({3})={1}",
- new Object[] {lwinAttr, pattr, parent, window});
+ if (insLog.isLoggable(Level.FINEST)) {
+ insLog.log(Level.FINEST, "Double reparenting detected, pattr({2})={0}, lwinAttr({3})={1}",
+ new Object[] {String.valueOf(lwinAttr), String.valueOf(pattr),
+ String.valueOf(parent), String.valueOf(window)});
+ }
lwinAttr.set_x(pattr.get_x());
lwinAttr.set_y(pattr.get_y());
lwinAttr.set_border_width(lwinAttr.get_border_width()+pattr.get_border_width());
@@ -1611,8 +1634,11 @@
* widths and inner/outer distinction, so for the time
* being, just ignore it.
*/
- insLog.log(Level.FINEST, "Attrs before calculation: pattr({2})={0}, lwinAttr({3})={1}",
- new Object[] {lwinAttr, pattr, parent, window});
+ if (insLog.isLoggable(Level.FINEST)) {
+ insLog.log(Level.FINEST, "Attrs before calculation: pattr({2})={0}, lwinAttr({3})={1}",
+ new Object[] {String.valueOf(lwinAttr), String.valueOf(pattr),
+ String.valueOf(parent), String.valueOf(window)});
+ }
correctWM = new Insets(lwinAttr.get_y() + lwinAttr.get_border_width(),
lwinAttr.get_x() + lwinAttr.get_border_width(),
pattr.get_height() - (lwinAttr.get_y() + lwinAttr.get_height() + 2*lwinAttr.get_border_width()),
--- a/jdk/src/solaris/classes/sun/awt/X11/XWindow.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XWindow.java Wed Oct 07 08:38:43 2009 -0700
@@ -997,8 +997,10 @@
Rectangle oldBounds = getBounds();
super.handleConfigureNotifyEvent(xev);
- insLog.log(Level.FINER, "Configure, {0}, event disabled: {1}",
- new Object[] {xev.get_xconfigure(), isEventDisabled(xev)});
+ if (insLog.isLoggable(Level.FINER)) {
+ insLog.log(Level.FINER, "Configure, {0}, event disabled: {1}",
+ new Object[] {String.valueOf(xev.get_xconfigure()), isEventDisabled(xev)});
+ }
if (isEventDisabled(xev)) {
return;
}
@@ -1017,7 +1019,9 @@
public void handleMapNotifyEvent(XEvent xev) {
super.handleMapNotifyEvent(xev);
- log.log(Level.FINE, "Mapped {0}", new Object[] {this});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINE, "Mapped {0}", new Object[] {String.valueOf(this)});
+ }
if (isEventDisabled(xev)) {
return;
}
@@ -1333,10 +1337,16 @@
void updateSizeHints(int x, int y, int width, int height) {
long flags = XUtilConstants.PSize | (isLocationByPlatform() ? 0 : (XUtilConstants.PPosition | XUtilConstants.USPosition));
if (!isResizable()) {
- log.log(Level.FINER, "Window {0} is not resizable", new Object[] {this});
+ if (log.isLoggable(Level.FINER)) {
+ log.log(Level.FINER, "Window {0} is not resizable",
+ new Object[] {String.valueOf(this)});
+ }
flags |= XUtilConstants.PMinSize | XUtilConstants.PMaxSize;
} else {
- log.log(Level.FINER, "Window {0} is resizable", new Object[] {this});
+ if (keyEventLog.isLoggable(Level.FINER)) {
+ log.log(Level.FINER, "Window {0} is resizable",
+ new Object[] {String.valueOf(this)});
+ }
}
setSizeHints(flags, x, y, width, height);
}
@@ -1344,10 +1354,16 @@
void updateSizeHints(int x, int y) {
long flags = isLocationByPlatform() ? 0 : (XUtilConstants.PPosition | XUtilConstants.USPosition);
if (!isResizable()) {
- log.log(Level.FINER, "Window {0} is not resizable", new Object[] {this});
+ if (log.isLoggable(Level.FINER)) {
+ log.log(Level.FINER, "Window {0} is not resizable",
+ new Object[] {String.valueOf(this)});
+ }
flags |= XUtilConstants.PMinSize | XUtilConstants.PMaxSize | XUtilConstants.PSize;
} else {
- log.log(Level.FINER, "Window {0} is resizable", new Object[] {this});
+ if (log.isLoggable(Level.FINER)) {
+ log.log(Level.FINER, "Window {0} is resizable",
+ new Object[] {String.valueOf(this)});
+ }
}
setSizeHints(flags, x, y, width, height);
}
--- a/jdk/src/solaris/classes/sun/awt/X11/XWindowPeer.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11/XWindowPeer.java Wed Oct 07 08:38:43 2009 -0700
@@ -354,7 +354,7 @@
if (iconLog.isLoggable(Level.FINEST)) {
iconLog.log(Level.FINEST, ">>> Sizes of icon images:");
for (Iterator<XIconInfo> i = icons.iterator(); i.hasNext(); ) {
- iconLog.log(Level.FINEST, " {0}", i.next());
+ iconLog.log(Level.FINEST, " {0}", String.valueOf(i.next()));
}
}
}
@@ -769,7 +769,9 @@
public void handleFocusEvent(XEvent xev) {
XFocusChangeEvent xfe = xev.get_xfocus();
FocusEvent fe;
- focusLog.log(Level.FINE, "{0}", new Object[] {xfe});
+ if (focusLog.isLoggable(Level.FINE)) {
+ focusLog.log(Level.FINE, "{0}", new Object[] {String.valueOf(xfe)});
+ }
if (isEventDisabled(xev)) {
return;
}
@@ -1388,7 +1390,10 @@
synchronized(getStateLock()) {
XDialogPeer blockerPeer = (XDialogPeer) ComponentAccessor.getPeer(d);
if (blocked) {
- log.log(Level.FINE, "{0} is blocked by {1}", new Object[] { this, blockerPeer});
+ if (log.isLoggable(Level.FINE)) {
+ log.log(Level.FINE, "{0} is blocked by {1}",
+ new Object[] { String.valueOf(this), String.valueOf(blockerPeer)});
+ }
modalBlocker = d;
if (isReparented() || XWM.isNonReparentingWM()) {
@@ -1866,7 +1871,8 @@
XCrossingEvent xce = xev.get_xcrossing();
if (grabLog.isLoggable(Level.FINE)) {
grabLog.log(Level.FINE, "{0}, when grabbed {1}, contains {2}",
- new Object[] {xce, isGrabbed(), containsGlobal(xce.get_x_root(), xce.get_y_root())});
+ new Object[] {String.valueOf(xce), isGrabbed(),
+ containsGlobal(xce.get_x_root(), xce.get_y_root())});
}
if (isGrabbed()) {
// When window is grabbed, all events are dispatched to
@@ -1877,7 +1883,10 @@
// since it generates MOUSE_ENTERED/MOUSE_EXITED for frame and dialog.
// (fix for 6390326)
XBaseWindow target = XToolkit.windowToXWindow(xce.get_window());
- grabLog.log(Level.FINER, " - Grab event target {0}", new Object[] {target});
+ if (grabLog.isLoggable(Level.FINER)) {
+ grabLog.log(Level.FINER, " - Grab event target {0}",
+ new Object[] {String.valueOf(target)});
+ }
if (target != null && target != this) {
target.dispatchEvent(xev);
return;
@@ -1890,7 +1899,8 @@
XMotionEvent xme = xev.get_xmotion();
if (grabLog.isLoggable(Level.FINE)) {
grabLog.log(Level.FINER, "{0}, when grabbed {1}, contains {2}",
- new Object[] {xme, isGrabbed(), containsGlobal(xme.get_x_root(), xme.get_y_root())});
+ new Object[] {String.valueOf(xme), isGrabbed(),
+ containsGlobal(xme.get_x_root(), xme.get_y_root())});
}
if (isGrabbed()) {
boolean dragging = false;
@@ -1919,7 +1929,10 @@
xme.set_x(localCoord.x);
xme.set_y(localCoord.y);
}
- grabLog.log(Level.FINER, " - Grab event target {0}", new Object[] {target});
+ if (grabLog.isLoggable(Level.FINER)) {
+ grabLog.log(Level.FINER, " - Grab event target {0}",
+ new Object[] {String.valueOf(target)});
+ }
if (target != null) {
if (target != getContentXWindow() && target != this) {
target.dispatchEvent(xev);
@@ -1953,7 +1966,9 @@
}
if (grabLog.isLoggable(Level.FINE)) {
grabLog.log(Level.FINE, "{0}, when grabbed {1}, contains {2} ({3}, {4}, {5}x{6})",
- new Object[] {xbe, isGrabbed(), containsGlobal(xbe.get_x_root(), xbe.get_y_root()), getAbsoluteX(), getAbsoluteY(), getWidth(), getHeight()});
+ new Object[] {String.valueOf(xbe), isGrabbed(),
+ containsGlobal(xbe.get_x_root(), xbe.get_y_root()),
+ getAbsoluteX(), getAbsoluteY(), getWidth(), getHeight()});
}
if (isGrabbed()) {
// When window is grabbed, all events are dispatched to
@@ -1962,7 +1977,10 @@
// translation)
XBaseWindow target = XToolkit.windowToXWindow(xbe.get_window());
try {
- grabLog.log(Level.FINER, " - Grab event target {0} (press target {1})", new Object[] {target, pressTarget});
+ if (grabLog.isLoggable(Level.FINER)) {
+ grabLog.log(Level.FINER, " - Grab event target {0} (press target {1})",
+ new Object[] {String.valueOf(target), String.valueOf(pressTarget)});
+ }
if (xbe.get_type() == XConstants.ButtonPress
&& xbe.get_button() == XConstants.buttons[0])
{
@@ -1995,7 +2013,10 @@
// Outside this toplevel hierarchy
// According to the specification of UngrabEvent, post it
// when press occurs outside of the window and not on its owned windows
- grabLog.log(Level.FINE, "Generating UngrabEvent on {0} because not inside of shell", this);
+ if (grabLog.isLoggable(Level.FINE)) {
+ grabLog.log(Level.FINE, "Generating UngrabEvent on {0} because not inside of shell",
+ String.valueOf(this));
+ }
postEventToEventQueue(new sun.awt.UngrabEvent(getEventSource()));
return;
}
@@ -2013,18 +2034,27 @@
// toplevel == null - outside of
// hierarchy, toplevel is Dialog - should
// send ungrab (but shouldn't for Window)
- grabLog.log(Level.FINE, "Generating UngrabEvent on {0} because hierarchy ended", this);
+ if (grabLog.isLoggable(Level.FINE)) {
+ grabLog.log(Level.FINE, "Generating UngrabEvent on {0} because hierarchy ended",
+ String.valueOf(this));
+ }
postEventToEventQueue(new sun.awt.UngrabEvent(getEventSource()));
}
} else {
// toplevel is null - outside of hierarchy
- grabLog.log(Level.FINE, "Generating UngrabEvent on {0} because toplevel is null", this);
+ if (grabLog.isLoggable(Level.FINE)) {
+ grabLog.log(Level.FINE, "Generating UngrabEvent on {0} because toplevel is null",
+ String.valueOf(this));
+ }
postEventToEventQueue(new sun.awt.UngrabEvent(getEventSource()));
return;
}
} else {
// target doesn't map to XAWT window - outside of hierarchy
- grabLog.log(Level.FINE, "Generating UngrabEvent on because target is null {0}", this);
+ if (grabLog.isLoggable(Level.FINE)) {
+ grabLog.log(Level.FINE, "Generating UngrabEvent on because target is null {0}",
+ String.valueOf(this));
+ }
postEventToEventQueue(new sun.awt.UngrabEvent(getEventSource()));
return;
}
--- a/jdk/src/solaris/classes/sun/awt/X11GraphicsDevice.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/solaris/classes/sun/awt/X11GraphicsDevice.java Wed Oct 07 08:38:43 2009 -0700
@@ -134,7 +134,7 @@
makeConfigurations();
}
}
- return configs;
+ return configs.clone();
}
private void makeConfigurations() {
--- a/jdk/src/windows/classes/sun/awt/Win32GraphicsDevice.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/windows/classes/sun/awt/Win32GraphicsDevice.java Wed Oct 07 08:38:43 2009 -0700
@@ -165,7 +165,7 @@
if (defaultConfig != null) {
configs = new GraphicsConfiguration[1];
configs[0] = defaultConfig;
- return configs;
+ return configs.clone();
}
}
@@ -196,7 +196,7 @@
configs = new GraphicsConfiguration[v.size()];
v.copyInto(configs);
}
- return configs;
+ return configs.clone();
}
/**
--- a/jdk/src/windows/classes/sun/awt/windows/WMenuItemPeer.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/windows/classes/sun/awt/windows/WMenuItemPeer.java Wed Oct 07 08:38:43 2009 -0700
@@ -35,7 +35,7 @@
import java.util.logging.Level;
class WMenuItemPeer extends WObjectPeer implements MenuItemPeer {
- private static final Logger log = Logger.getLogger("sun.awt.WMenuItemPeer");
+ private static final Logger log = Logger.getLogger("sun.awt.windows.WMenuItemPeer");
static {
initIDs();
--- a/jdk/src/windows/classes/sun/awt/windows/WPanelPeer.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/windows/classes/sun/awt/windows/WPanelPeer.java Wed Oct 07 08:38:43 2009 -0700
@@ -34,7 +34,6 @@
class WPanelPeer extends WCanvasPeer implements PanelPeer {
- private static final Logger log = Logger.getLogger("sun.awt.windows.WPanelPeer");
// ComponentPeer overrides
public void paint(Graphics g) {
--- a/jdk/src/windows/classes/sun/java2d/d3d/D3DGraphicsDevice.java Tue Oct 06 22:01:18 2009 -0400
+++ b/jdk/src/windows/classes/sun/java2d/d3d/D3DGraphicsDevice.java Wed Oct 07 08:38:43 2009 -0700
@@ -429,7 +429,7 @@
if (defaultConfig != null) {
configs = new GraphicsConfiguration[1];
configs[0] = defaultConfig;
- return configs;
+ return configs.clone();
}
}
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/awt/GraphicsDevice/CloneConfigsTest.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,118 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6822057
+ *
+ * @summary Test verifies that list of supported graphics configurations
+ * can not be changed via modification of elements of an array
+ * returned by getConfiguration() method.
+ *
+ * @run main CloneConfigsTest
+ * @run main/othervm -Dsun.java2d.opengl=True CloneConfigsTest
+ * @run main/othervm -Dsun.java2d.d3d=true CloneConfigsTest
+ * @run main/othervm -Dsun.java2d.noddraw=true CloneConfigsTest
+ */
+
+import java.awt.GraphicsConfiguration;
+import java.awt.GraphicsDevice;
+import java.awt.GraphicsEnvironment;
+import java.awt.Rectangle;
+import java.awt.geom.AffineTransform;
+import java.awt.image.BufferedImage;
+import java.awt.image.ColorModel;
+
+public class CloneConfigsTest {
+
+ public static void main(String[] args) {
+ GraphicsEnvironment env =
+ GraphicsEnvironment.getLocalGraphicsEnvironment();
+
+ GraphicsDevice[] devices = env.getScreenDevices();
+
+ GraphicsConfiguration c = new TestConfig();
+
+ for (GraphicsDevice gd : devices) {
+ System.out.println("Device: " + gd);
+
+ GraphicsConfiguration[] configs = gd.getConfigurations();
+
+ for (int i = 0; i < configs.length; i++) {
+ GraphicsConfiguration gc = configs[i];
+ System.out.println("\tConfig: " + gc);
+
+ configs[i] = c;
+ }
+
+ // verify whether array of configs was modified
+ configs = gd.getConfigurations();
+ for (GraphicsConfiguration gc : configs) {
+ if (gc == c) {
+ throw new RuntimeException("Test failed.");
+ }
+ }
+ System.out.println("Test passed.");
+ }
+ }
+
+ private static class TestConfig extends GraphicsConfiguration {
+
+ @Override
+ public GraphicsDevice getDevice() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public BufferedImage createCompatibleImage(int width, int height) {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public ColorModel getColorModel() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public ColorModel getColorModel(int transparency) {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public AffineTransform getDefaultTransform() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public AffineTransform getNormalizingTransform() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ @Override
+ public Rectangle getBounds() {
+ throw new UnsupportedOperationException("Not supported yet.");
+ }
+
+ }
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/lang/ClassLoader/UninitializedParent.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,68 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6636650
+ * @summary Uninitialized class loaders should not be a parent of other
+ * class loaders.
+ */
+
+
+import java.net.*;
+
+public class UninitializedParent {
+ private static ClassLoader loader;
+ public static void main(String[] args) throws Exception {
+ System.setSecurityManager(new SecurityManager());
+
+ // Create an uninitialized class loader
+ try {
+ new ClassLoader(null) {
+ @Override
+ protected void finalize() {
+ loader = this;
+ }
+ };
+ } catch (SecurityException exc) {
+ // Expected
+ }
+ System.gc();
+ System.runFinalization();
+
+ // if 'loader' isn't null, need to ensure that it can't be used as
+ // parent
+ if (loader != null) {
+ try {
+ // Create a class loader with 'loader' being the parent
+ URLClassLoader child = URLClassLoader.newInstance
+ (new URL[0], loader);
+ throw new RuntimeException("Test Failed!");
+ } catch (SecurityException se) {
+ System.out.println("Test Passed: Exception thrown");
+ }
+ } else {
+ System.out.println("Test Passed: Loader is null");
+ }
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/swing/ToolTipManager/Test6657026.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared ToolTipManager in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+import javax.swing.ToolTipManager;
+
+public class Test6657026 implements Runnable {
+
+ private static final int DISMISS = 4000;
+ private static final int INITIAL = 750;
+ private static final int RESHOW = 500;
+
+ public static void main(String[] args) throws InterruptedException {
+ ToolTipManager manager = ToolTipManager.sharedInstance();
+ if (DISMISS != manager.getDismissDelay()) {
+ throw new Error("unexpected dismiss delay");
+ }
+ if (INITIAL != manager.getInitialDelay()) {
+ throw new Error("unexpected initial delay");
+ }
+ if (RESHOW != manager.getReshowDelay()) {
+ throw new Error("unexpected reshow delay");
+ }
+ manager.setDismissDelay(DISMISS + 1);
+ manager.setInitialDelay(INITIAL + 1);
+ manager.setReshowDelay(RESHOW + 1);
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ ToolTipManager manager = ToolTipManager.sharedInstance();
+ if (DISMISS != manager.getDismissDelay()) {
+ throw new Error("shared dismiss delay");
+ }
+ if (INITIAL != manager.getInitialDelay()) {
+ throw new Error("shared initial delay");
+ }
+ if (RESHOW != manager.getReshowDelay()) {
+ throw new Error("shared reshow delay");
+ }
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/swing/UIManager/Test6657026.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared UIManager in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+
+import javax.swing.UIManager;
+import javax.swing.UIManager.LookAndFeelInfo;
+
+public class Test6657026 implements Runnable {
+
+ public static void main(String[] args) throws Exception {
+ if (UIManager.getInstalledLookAndFeels().length == 0) {
+ throw new Error("unexpected amount of look&feels");
+ }
+ UIManager.setInstalledLookAndFeels(new LookAndFeelInfo[0]);
+ if (UIManager.getInstalledLookAndFeels().length != 0) {
+ throw new Error("unexpected amount of look&feels");
+ }
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ if (UIManager.getInstalledLookAndFeels().length == 0) {
+ throw new Error("shared look&feels");
+ }
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/swing/plaf/basic/BasicSplitPaneUI/Test6657026.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared BasicSplitPaneUI in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+
+import java.awt.event.ActionEvent;
+import java.util.Set;
+import javax.swing.JSplitPane;
+import javax.swing.plaf.basic.BasicSplitPaneUI;
+
+public class Test6657026 extends BasicSplitPaneUI implements Runnable {
+
+ public static void main(String[] args) throws InterruptedException {
+ if (new JSplitPane().getFocusTraversalKeys(0).isEmpty()){
+ throw new Error("unexpected traversal keys");
+ }
+ new JSplitPane() {
+ public void setFocusTraversalKeys(int id, Set keystrokes) {
+ keystrokes.clear();
+ super.setFocusTraversalKeys(id, keystrokes);
+ }
+ };
+ if (new JSplitPane().getFocusTraversalKeys(0).isEmpty()) {
+ throw new Error("shared traversal keys");
+ }
+ KEYBOARD_DIVIDER_MOVE_OFFSET = -KEYBOARD_DIVIDER_MOVE_OFFSET;
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ if (new JSplitPane().getFocusTraversalKeys(0).isEmpty()) {
+ throw new Error("shared traversal keys");
+ }
+ JSplitPane pane = new JSplitPane();
+ pane.setUI(this);
+
+ createFocusListener().focusGained(null); // allows actions
+ test(pane, "positiveIncrement", 3);
+ test(pane, "negativeIncrement", 0);
+ }
+
+ private static void test(JSplitPane pane, String action, int expected) {
+ ActionEvent event = new ActionEvent(pane, expected, action);
+ pane.getActionMap().get(action).actionPerformed(event);
+ int actual = pane.getDividerLocation();
+ if (actual != expected) {
+ throw new Error(actual + ", but expected " + expected);
+ }
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/swing/plaf/metal/MetalBorders/Test6657026.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,91 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests constancy of borders
+ * @author Sergey Malenkov
+ */
+
+import java.awt.Insets;
+import javax.swing.border.Border;
+import javax.swing.plaf.metal.MetalBorders.ButtonBorder;
+import javax.swing.plaf.metal.MetalBorders.MenuBarBorder;
+import javax.swing.plaf.metal.MetalBorders.MenuItemBorder;
+import javax.swing.plaf.metal.MetalBorders.PopupMenuBorder;
+
+public class Test6657026 {
+
+ private static final Insets NEGATIVE = new Insets(Integer.MIN_VALUE,
+ Integer.MIN_VALUE,
+ Integer.MIN_VALUE,
+ Integer.MIN_VALUE);
+
+ public static void main(String[] args) {
+ new ButtonBorder() {{borderInsets = NEGATIVE;}};
+ new MenuBarBorder() {{borderInsets = NEGATIVE;}};
+ new MenuItemBorder() {{borderInsets = NEGATIVE;}};
+ new PopupMenuBorder() {{borderInsets = NEGATIVE;}};
+
+ test(create("ButtonBorder"));
+ test(create("MenuBarBorder"));
+ test(create("MenuItemBorder"));
+ test(create("PopupMenuBorder"));
+
+ test(create("Flush3DBorder"));
+ test(create("InternalFrameBorder"));
+ // NOT USED: test(create("FrameBorder"));
+ // NOT USED: test(create("DialogBorder"));
+ test(create("PaletteBorder"));
+ test(create("OptionDialogBorder"));
+ test(create("ScrollPaneBorder"));
+ }
+
+ private static Border create(String name) {
+ try {
+ name = "javax.swing.plaf.metal.MetalBorders$" + name;
+ return (Border) Class.forName(name).newInstance();
+ }
+ catch (Exception exception) {
+ throw new Error("unexpected exception", exception);
+ }
+ }
+
+ private static void test(Border border) {
+ Insets actual = border.getBorderInsets(null);
+ if (NEGATIVE.equals(actual)) {
+ throw new Error("unexpected insets in " + border.getClass());
+ }
+ Insets expected = (Insets) actual.clone();
+ // modify
+ actual.top++;
+ actual.left++;
+ actual.right++;
+ actual.bottom++;
+ // validate
+ if (!expected.equals(border.getBorderInsets(null))) {
+ throw new Error("shared insets in " + border.getClass());
+ }
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/swing/plaf/metal/MetalBumps/Test6657026.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,238 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared MetalBumps in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+
+import java.awt.Color;
+import java.awt.Component;
+import java.awt.Font;
+import java.awt.FontMetrics;
+import java.awt.Graphics;
+import java.awt.Image;
+import java.awt.Rectangle;
+import java.awt.Shape;
+import java.awt.image.BufferedImage;
+import java.awt.image.ImageObserver;
+import java.text.AttributedCharacterIterator;
+import javax.swing.Icon;
+import javax.swing.plaf.metal.MetalBorders.ToolBarBorder;
+
+public class Test6657026 extends ToolBarBorder implements Runnable {
+
+ public static void main(String[] args) throws Exception {
+ new Test6657026().test();
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ test();
+ }
+
+ private void test() {
+ MyGraphics mg = new MyGraphics();
+ Icon icon = bumps;
+ icon.paintIcon(mg.component, mg, 0, 0);
+ if (mg.image != null) {
+ boolean failed = true;
+ int value = mg.image.getRGB(0, 0);
+ for (int x = 0; x < mg.image.getWidth(); x++) {
+ for (int y = 0; y < mg.image.getHeight(); y++) {
+ int current = mg.image.getRGB(x, y);
+ if (current != value) {
+ mg.image.setRGB(x, y, value);
+ failed = false;
+ }
+
+ }
+ }
+ if (failed) {
+ throw new Error("shared metal bumps");
+ }
+ }
+ }
+
+ private static class MyGraphics extends Graphics {
+
+ private final Component component = new Component() {};
+ private BufferedImage image;
+
+ public Graphics create() {
+ return null; // TODO: check
+ }
+
+ public void translate(int x, int y) {
+ // TODO: check
+ }
+
+ public Color getColor() {
+ return null; // TODO: check
+ }
+
+ public void setColor(Color color) {
+ // TODO: check
+ }
+
+ public void setPaintMode() {
+ // TODO: check
+ }
+
+ public void setXORMode(Color c1) {
+ // TODO: check
+ }
+
+ public Font getFont() {
+ return null; // TODO: check
+ }
+
+ public void setFont(Font font) {
+ // TODO: check
+ }
+
+ public FontMetrics getFontMetrics(Font font) {
+ return null; // TODO: check
+ }
+
+ public Rectangle getClipBounds() {
+ return null; // TODO: check
+ }
+
+ public void clipRect(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public void setClip(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public Shape getClip() {
+ return null; // TODO: check
+ }
+
+ public void setClip(Shape clip) {
+ // TODO: check
+ }
+
+ public void copyArea(int x, int y, int width, int height, int dx, int dy) {
+ // TODO: check
+ }
+
+ public void drawLine(int x1, int y1, int x2, int y2) {
+ // TODO: check
+ }
+
+ public void fillRect(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public void clearRect(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public void drawRoundRect(int x, int y, int width, int height, int arcWidth, int arcHeight) {
+ // TODO: check
+ }
+
+ public void fillRoundRect(int x, int y, int width, int height, int arcWidth, int arcHeight) {
+ // TODO: check
+ }
+
+ public void drawOval(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public void fillOval(int x, int y, int width, int height) {
+ // TODO: check
+ }
+
+ public void drawArc(int x, int y, int width, int height, int startAngle, int arcAngle) {
+ // TODO: check
+ }
+
+ public void fillArc(int x, int y, int width, int height, int startAngle, int arcAngle) {
+ // TODO: check
+ }
+
+ public void drawPolyline(int[] xPoints, int[] yPoints, int nPoints) {
+ // TODO: check
+ }
+
+ public void drawPolygon(int[] xPoints, int[] yPoints, int nPoints) {
+ // TODO: check
+ }
+
+ public void fillPolygon(int[] xPoints, int[] yPoints, int nPoints) {
+ // TODO: check
+ }
+
+ public void drawString(String str, int x, int y) {
+ // TODO: check
+ }
+
+ public void drawString(AttributedCharacterIterator iterator, int x, int y) {
+ // TODO: check
+ }
+
+ public boolean drawImage(Image img, int x, int y, ImageObserver observer) {
+ return false; // TODO: check
+ }
+
+ public boolean drawImage(Image img, int x, int y, int width, int height, ImageObserver observer) {
+ return false; // TODO: check
+ }
+
+ public boolean drawImage(Image img, int x, int y, Color bgcolor, ImageObserver observer) {
+ return false; // TODO: check
+ }
+
+ public boolean drawImage(Image img, int x, int y, int width, int height, Color bgcolor, ImageObserver observer) {
+ return false; // TODO: check
+ }
+
+ public boolean drawImage(Image img, int dx1, int dy1, int dx2, int dy2, int sx1, int sy1, int sx2, int sy2, ImageObserver observer) {
+ if (img instanceof BufferedImage) {
+ this.image = (BufferedImage) img;
+ }
+ return false; // TODO: check
+ }
+
+ public boolean drawImage(Image img, int dx1, int dy1, int dx2, int dy2, int sx1, int sy1, int sx2, int sy2, Color bgcolor, ImageObserver observer) {
+ return false; // TODO: check
+ }
+
+ public void dispose() {
+ // TODO: check
+ }
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/swing/plaf/metal/MetalInternalFrameUI/Test6657026.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared MetalInternalFrameUI in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+
+import javax.swing.JInternalFrame;
+import javax.swing.JPanel;
+import javax.swing.UIManager;
+import javax.swing.plaf.metal.MetalInternalFrameUI;
+import javax.swing.plaf.metal.MetalLookAndFeel;
+
+public class Test6657026 extends MetalInternalFrameUI implements Runnable {
+
+ public static void main(String[] args) throws Exception {
+ UIManager.setLookAndFeel(new MetalLookAndFeel());
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+
+ new JInternalFrame().setContentPane(new JPanel());
+ }
+
+ public Test6657026() {
+ super(null);
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ IS_PALETTE = JInternalFrame.CONTENT_PANE_PROPERTY;
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/swing/plaf/metal/MetalSliderUI/Test6657026.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6657026
+ * @summary Tests shared MetalSliderUI in different application contexts
+ * @author Sergey Malenkov
+ */
+
+import sun.awt.SunToolkit;
+
+import javax.swing.JSlider;
+import javax.swing.UIManager;
+import javax.swing.plaf.metal.MetalLookAndFeel;
+import javax.swing.plaf.metal.MetalSliderUI;
+
+public class Test6657026 extends MetalSliderUI implements Runnable {
+
+ public static void main(String[] args) throws Exception {
+ UIManager.setLookAndFeel(new MetalLookAndFeel());
+ JSlider slider = new JSlider();
+ test(slider);
+
+ ThreadGroup group = new ThreadGroup("$$$");
+ Thread thread = new Thread(group, new Test6657026());
+ thread.start();
+ thread.join();
+
+ test(slider);
+ }
+
+ public void run() {
+ SunToolkit.createNewAppContext();
+ JSlider slider = new JSlider();
+ test(slider);
+ tickLength = -10000;
+ }
+
+ private static void test(JSlider slider) {
+ MetalSliderUI ui = (MetalSliderUI) slider.getUI();
+ int actual = ui.getTickLength();
+ if (actual != 11) {
+ throw new Error(actual + ", but expected 11");
+ }
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilder.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,442 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * @test
+ *
+ * @bug 6861062
+ * @summary Disable MD2 support
+ *
+ * @run main/othervm CPBuilder trustAnchor_SHA1withRSA_1024 0 true
+ * @run main/othervm CPBuilder trustAnchor_SHA1withRSA_512 0 true
+ * @run main/othervm CPBuilder intermediate_SHA1withRSA_1024_1024 1 true
+ * @run main/othervm CPBuilder intermediate_SHA1withRSA_1024_512 1 true
+ * @run main/othervm CPBuilder intermediate_SHA1withRSA_512_1024 1 true
+ * @run main/othervm CPBuilder intermediate_SHA1withRSA_512_512 1 true
+ * @run main/othervm CPBuilder intermediate_MD2withRSA_1024_1024 1 false
+ * @run main/othervm CPBuilder intermediate_MD2withRSA_1024_512 1 false
+ * @run main/othervm CPBuilder endentiry_SHA1withRSA_1024_1024 2 true
+ * @run main/othervm CPBuilder endentiry_SHA1withRSA_1024_512 2 true
+ * @run main/othervm CPBuilder endentiry_SHA1withRSA_512_1024 2 true
+ * @run main/othervm CPBuilder endentiry_SHA1withRSA_512_512 2 true
+ * @run main/othervm CPBuilder endentiry_MD2withRSA_1024_1024 2 false
+ * @run main/othervm CPBuilder endentiry_MD2withRSA_1024_512 2 false
+ *
+ * @author Xuelei Fan
+ */
+
+import java.io.*;
+import java.net.SocketException;
+import java.util.*;
+import java.security.Security;
+import java.security.cert.*;
+import sun.security.util.DerInputStream;
+
+public class CPBuilder {
+
+ // SHA1withRSA 1024
+ static String trustAnchor_SHA1withRSA_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
+ "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
+ "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
+ "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
+ "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
+ "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
+ "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
+ "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
+ "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
+ "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
+ "tas=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512
+ static String trustAnchor_SHA1withRSA_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
+ "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
+ "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
+ "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
+ "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
+ "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
+ "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
+ "U5r+8B9nzx+j2Zh3kw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 1024
+ static String intermediate_SHA1withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN\n" +
+ "P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb\n" +
+ "Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y\n" +
+ "e4q7TSwe6QevGOZaL5N/iy2XGEs=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 512
+ static String intermediate_SHA1withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze\n" +
+ "WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm\n" +
+ "w6Dd\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 1024
+ static String intermediate_SHA1withRSA_512_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY\n" +
+ "h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG\n" +
+ "LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 512
+ static String intermediate_SHA1withRSA_512_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx\n" +
+ "O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 1024
+ static String intermediate_MD2withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc\n" +
+ "Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB\n" +
+ "E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd\n" +
+ "m8omKDKeCgcw5dR4ITQYvyxe1as=\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 512
+ static String intermediate_MD2withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy\n" +
+ "0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx\n" +
+ "KQdp\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 1024
+ static String endentiry_SHA1withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
+ "9w0BAQUFAAOBgQAOfIeasDg91CR3jGfuAEVKwncM1OPFmniAUcdPm74cCAyJ90Me\n" +
+ "dhUElWPGoAuXGfiyZlOlGUYWqEroe/dnkmnotJjLWR+MA4ZyX3O1YI8T4W3deWcC\n" +
+ "J4WMCF7mp17SaYYKX9F0AxwNJFpUkbB41IkTxPr0MmzB1871/pbY8dLAvA==\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 512
+ static String endentiry_SHA1withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
+ "9w0BAQUFAANBADV6X+ea0ftEKXy7yKNAbdIp35893T6AVwbdclomPkeOs86OtoTG\n" +
+ "1BIzWSK9QE7W6Wbf63e2RdcqoLK+DxsuwUg=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 1024
+ static String endentiry_SHA1withRSA_512_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
+ "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
+ "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
+ "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
+ "31g/ZkU6aXFAJVKhrrv0ebfAgeYwDQYJKoZIhvcNAQEFBQADgYEAUyW8PrEdbzLu\n" +
+ "B+h6UemBOJ024rYq90hJE/5wUEKPvxZ9vPEUgl+io6cGhL3cLfxfh6z5xtEGp4Tb\n" +
+ "NB0Ye3Qi01FBiNDY8s3rQRrmel6VysU8u+0Oi2jmQY6vZXn/zXN5rrTLITCaSicG\n" +
+ "dOMv1xLM83Ee432WWlDwKOUxhzDGpWc=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 512
+ static String endentiry_SHA1withRSA_512_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
+ "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
+ "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
+ "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
+ "N0CHiTYPtjyvpP2a6y6mhsZ6U40wDQYJKoZIhvcNAQEFBQADQQBG4grtrVEHick0\n" +
+ "z/6Lcl/MGyHT0c8KTXE0AMVXG1NRjAicAmYno/yDaJ9OmfymObKZKV9fF7yCW/N/\n" +
+ "TMU6m7N0\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 1024
+ static String endentiry_MD2withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
+ "9w0BAQIFAAOBgQBxKsFf8NNQcXjDoKJJSG4Rk6ikcrhiGYuUI32+XHvs6hnav1Zc\n" +
+ "aJUpy7J4gMj/MnysMh/4AF9+m6zEEjuisXKUbYZhgtJxz+ukGSo163mJ8QJiAlRb\n" +
+ "Iwsy81r08mlSCR6jx2YhDAUxJIPC92R5Vb4CEutB7tWTwwz7vIHq330erA==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 512
+ static String endentiry_MD2withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
+ "9w0BAQIFAANBAIX63Ypi9P71RnC/pcMbhD+wekRFsTzU593X3MC7tyBJtEXwvAZG\n" +
+ "iMxXF5A+ohlr7/CrkV7ZTL8PLxnJdY5Y8rQ=\n" +
+ "-----END CERTIFICATE-----";
+
+ static HashMap<String, String> certmap = new HashMap<String, String>();
+ static {
+ certmap.put("trustAnchor_SHA1withRSA_1024",
+ trustAnchor_SHA1withRSA_1024);
+ certmap.put("trustAnchor_SHA1withRSA_512",
+ trustAnchor_SHA1withRSA_512);
+ certmap.put("intermediate_SHA1withRSA_1024_1024",
+ intermediate_SHA1withRSA_1024_1024);
+ certmap.put("intermediate_SHA1withRSA_1024_512",
+ intermediate_SHA1withRSA_1024_512);
+ certmap.put("intermediate_SHA1withRSA_512_1024",
+ intermediate_SHA1withRSA_512_1024);
+ certmap.put("intermediate_SHA1withRSA_512_512",
+ intermediate_SHA1withRSA_512_512);
+ certmap.put("intermediate_MD2withRSA_1024_1024",
+ intermediate_MD2withRSA_1024_1024);
+ certmap.put("intermediate_MD2withRSA_1024_512",
+ intermediate_MD2withRSA_1024_512);
+ certmap.put("endentiry_SHA1withRSA_1024_1024",
+ endentiry_SHA1withRSA_1024_1024);
+ certmap.put("endentiry_SHA1withRSA_1024_512",
+ endentiry_SHA1withRSA_1024_512);
+ certmap.put("endentiry_SHA1withRSA_512_1024",
+ endentiry_SHA1withRSA_512_1024);
+ certmap.put("endentiry_SHA1withRSA_512_512",
+ endentiry_SHA1withRSA_512_512);
+ certmap.put("endentiry_MD2withRSA_1024_1024",
+ endentiry_MD2withRSA_1024_1024);
+ certmap.put("endentiry_MD2withRSA_1024_512",
+ endentiry_MD2withRSA_1024_512);
+ }
+
+ private static Set<TrustAnchor> generateTrustAnchors()
+ throws CertificateException {
+ // generate certificate from cert string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ HashSet<TrustAnchor> anchors = new HashSet<TrustAnchor>();
+
+ ByteArrayInputStream is =
+ new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes());
+ Certificate cert = cf.generateCertificate(is);
+ TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes());
+ cert = cf.generateCertificate(is);
+ anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ return anchors;
+ }
+
+ private static CertStore generateCertificateStore() throws Exception {
+ Collection entries = new HashSet();
+
+ // generate certificate from certificate string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+ for (String key : certmap.keySet()) {
+ String certStr = certmap.get(key);
+ ByteArrayInputStream is =
+ new ByteArrayInputStream(certStr.getBytes());;
+ Certificate cert = cf.generateCertificate(is);
+ entries.add(cert);
+ }
+
+ return CertStore.getInstance("Collection",
+ new CollectionCertStoreParameters(entries));
+ }
+
+ private static X509CertSelector generateSelector(String name)
+ throws Exception {
+ X509CertSelector selector = new X509CertSelector();
+
+ String certStr = certmap.get(name);
+ if (certStr == null) {
+ return null;
+ }
+
+ // generate certificate from certificate string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
+ X509Certificate target = (X509Certificate)cf.generateCertificate(is);
+
+ selector.setCertificate(target);
+
+ return selector;
+ }
+
+ private static boolean match(String name, Certificate cert)
+ throws Exception {
+ X509CertSelector selector = new X509CertSelector();
+
+ String certStr = certmap.get(name);
+ if (certStr == null) {
+ return false;
+ }
+
+ // generate certificate from certificate string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
+ X509Certificate target = (X509Certificate)cf.generateCertificate(is);
+
+ return target.equals(cert);
+ }
+
+ public static void main(String args[]) throws Exception {
+
+ CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
+
+ X509CertSelector selector = generateSelector(args[0]);
+ if (selector == null) {
+ // no target certificate, ignore it
+ return;
+ }
+
+ Set<TrustAnchor> anchors = generateTrustAnchors();
+ CertStore certs = generateCertificateStore();
+
+ PKIXBuilderParameters params =
+ new PKIXBuilderParameters(anchors, selector);
+ params.addCertStore(certs);
+ params.setRevocationEnabled(false);
+ params.setDate(new Date(109, 9, 1)); // 2009-09-01
+
+ boolean success = Boolean.valueOf(args[2]);
+ try {
+ PKIXCertPathBuilderResult result =
+ (PKIXCertPathBuilderResult)builder.build(params);
+ if (!success) {
+ throw new Exception("expected algorithm disabled exception");
+ }
+
+ int length = Integer.parseInt(args[1]);
+ List<? extends Certificate> path =
+ result.getCertPath().getCertificates();
+ if (length != path.size()) {
+ throw new Exception("unexpected certification path length");
+ }
+
+ if (!path.isEmpty()) { // the target is not a trust anchor
+ if (!match(args[0], path.get(0))) {
+ throw new Exception("unexpected certificate");
+ }
+ }
+ } catch (CertPathBuilderException cpbe) {
+ if (success) {
+ throw new Exception("unexpected exception");
+ } else {
+ System.out.println("Get the expected exception " + cpbe);
+ }
+ }
+ }
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorEndEntity.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,363 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * @test
+ *
+ * @bug 6861062
+ * @summary Disable MD2 support
+ *
+ * @author Xuelei Fan
+ */
+
+import java.io.*;
+import java.net.SocketException;
+import java.util.*;
+import java.security.Security;
+import java.security.cert.*;
+
+public class CPValidatorEndEntity {
+
+ // SHA1withRSA 1024
+ static String trustAnchor_SHA1withRSA_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
+ "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
+ "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
+ "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
+ "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
+ "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
+ "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
+ "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
+ "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
+ "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
+ "tas=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512
+ static String trustAnchor_SHA1withRSA_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
+ "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
+ "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
+ "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
+ "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
+ "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
+ "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
+ "U5r+8B9nzx+j2Zh3kw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 1024
+ static String intermediate_SHA1withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN\n" +
+ "P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb\n" +
+ "Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y\n" +
+ "e4q7TSwe6QevGOZaL5N/iy2XGEs=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 512
+ static String intermediate_SHA1withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze\n" +
+ "WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm\n" +
+ "w6Dd\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 1024
+ static String intermediate_SHA1withRSA_512_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY\n" +
+ "h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG\n" +
+ "LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 512
+ static String intermediate_SHA1withRSA_512_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx\n" +
+ "O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 1024
+ static String intermediate_MD2withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc\n" +
+ "Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB\n" +
+ "E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd\n" +
+ "m8omKDKeCgcw5dR4ITQYvyxe1as=\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 512
+ static String intermediate_MD2withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy\n" +
+ "0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx\n" +
+ "KQdp\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 1024
+ static String endentiry_SHA1withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
+ "9w0BAQUFAAOBgQAOfIeasDg91CR3jGfuAEVKwncM1OPFmniAUcdPm74cCAyJ90Me\n" +
+ "dhUElWPGoAuXGfiyZlOlGUYWqEroe/dnkmnotJjLWR+MA4ZyX3O1YI8T4W3deWcC\n" +
+ "J4WMCF7mp17SaYYKX9F0AxwNJFpUkbB41IkTxPr0MmzB1871/pbY8dLAvA==\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 512
+ static String endentiry_SHA1withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
+ "9w0BAQUFAANBADV6X+ea0ftEKXy7yKNAbdIp35893T6AVwbdclomPkeOs86OtoTG\n" +
+ "1BIzWSK9QE7W6Wbf63e2RdcqoLK+DxsuwUg=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 1024
+ static String endentiry_SHA1withRSA_512_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
+ "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
+ "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
+ "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
+ "31g/ZkU6aXFAJVKhrrv0ebfAgeYwDQYJKoZIhvcNAQEFBQADgYEAUyW8PrEdbzLu\n" +
+ "B+h6UemBOJ024rYq90hJE/5wUEKPvxZ9vPEUgl+io6cGhL3cLfxfh6z5xtEGp4Tb\n" +
+ "NB0Ye3Qi01FBiNDY8s3rQRrmel6VysU8u+0Oi2jmQY6vZXn/zXN5rrTLITCaSicG\n" +
+ "dOMv1xLM83Ee432WWlDwKOUxhzDGpWc=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 512
+ static String endentiry_SHA1withRSA_512_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
+ "DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo\n" +
+ "uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE\n" +
+ "AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU\n" +
+ "N0CHiTYPtjyvpP2a6y6mhsZ6U40wDQYJKoZIhvcNAQEFBQADQQBG4grtrVEHick0\n" +
+ "z/6Lcl/MGyHT0c8KTXE0AMVXG1NRjAicAmYno/yDaJ9OmfymObKZKV9fF7yCW/N/\n" +
+ "TMU6m7N0\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 1024
+ static String endentiry_MD2withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG\n" +
+ "9w0BAQIFAAOBgQBxKsFf8NNQcXjDoKJJSG4Rk6ikcrhiGYuUI32+XHvs6hnav1Zc\n" +
+ "aJUpy7J4gMj/MnysMh/4AF9+m6zEEjuisXKUbYZhgtJxz+ukGSo163mJ8QJiAlRb\n" +
+ "Iwsy81r08mlSCR6jx2YhDAUxJIPC92R5Vb4CEutB7tWTwwz7vIHq330erA==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 512
+ static String endentiry_MD2withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx\n" +
+ "NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
+ "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
+ "9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt\n" +
+ "vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v\n" +
+ "z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6\n" +
+ "c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07\n" +
+ "OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG\n" +
+ "9w0BAQIFAANBAIX63Ypi9P71RnC/pcMbhD+wekRFsTzU593X3MC7tyBJtEXwvAZG\n" +
+ "iMxXF5A+ohlr7/CrkV7ZTL8PLxnJdY5Y8rQ=\n" +
+ "-----END CERTIFICATE-----";
+
+ private static CertPath generateCertificatePath(String castr,
+ String eestr) throws CertificateException {
+ // generate certificate from cert strings
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+ ByteArrayInputStream is;
+
+ is = new ByteArrayInputStream(castr.getBytes());
+ Certificate cacert = cf.generateCertificate(is);
+
+ is = new ByteArrayInputStream(eestr.getBytes());
+ Certificate eecert = cf.generateCertificate(is);
+
+ // generate certification path
+ List<Certificate> list = Arrays.asList(new Certificate[] {
+ eecert, cacert});
+
+ return cf.generateCertPath(list);
+ }
+
+ private static Set<TrustAnchor> generateTrustAnchors()
+ throws CertificateException {
+ // generate certificate from cert string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ HashSet<TrustAnchor> anchors = new HashSet<TrustAnchor>();
+
+ ByteArrayInputStream is =
+ new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes());
+ Certificate cert = cf.generateCertificate(is);
+ TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes());
+ cert = cf.generateCertificate(is);
+ anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ return anchors;
+ }
+
+ public static void main(String args[]) throws Exception {
+ try {
+ validate(endentiry_SHA1withRSA_1024_1024,
+ intermediate_SHA1withRSA_1024_1024);
+ validate(endentiry_SHA1withRSA_1024_512,
+ intermediate_SHA1withRSA_512_1024);
+ validate(endentiry_SHA1withRSA_512_1024,
+ intermediate_SHA1withRSA_1024_1024);
+ validate(endentiry_SHA1withRSA_512_512,
+ intermediate_SHA1withRSA_512_1024);
+ } catch (CertPathValidatorException cpve) {
+ throw new Exception(
+ "unexpect exception, it is valid cert", cpve);
+ }
+
+ try {
+ validate(endentiry_MD2withRSA_1024_1024,
+ intermediate_SHA1withRSA_1024_1024);
+ throw new Exception("expected algorithm disabled exception");
+ } catch (CertPathValidatorException cpve) {
+ System.out.println("Get the expected exception " + cpve);
+ }
+
+ try {
+ validate(endentiry_MD2withRSA_1024_512,
+ intermediate_SHA1withRSA_512_1024);
+ throw new Exception("expected algorithm disabled exception");
+ } catch (CertPathValidatorException cpve) {
+ System.out.println("Get the expected exception " + cpve);
+ }
+ }
+
+ private static void validate(String eecert, String cacert)
+ throws CertPathValidatorException, Exception {
+
+ CertPath path = generateCertificatePath(cacert, eecert);
+ Set<TrustAnchor> anchors = generateTrustAnchors();
+
+ PKIXParameters params = new PKIXParameters(anchors);
+
+ // disable certificate revocation checking
+ params.setRevocationEnabled(false);
+
+ // set the validation time
+ params.setDate(new Date(109, 9, 1)); // 2009-09-01
+
+ CertPathValidator validator = CertPathValidator.getInstance("PKIX");
+
+ validator.validate(path, params);
+ }
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorIntermediate.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,256 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * @test
+ *
+ * @bug 6861062
+ * @summary Disable MD2 support
+ *
+ * @author Xuelei Fan
+ */
+
+import java.io.*;
+import java.net.SocketException;
+import java.util.*;
+import java.security.Security;
+import java.security.cert.*;
+
+public class CPValidatorIntermediate {
+
+ // SHA1withRSA 1024
+ static String trustAnchor_SHA1withRSA_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
+ "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
+ "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
+ "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
+ "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
+ "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
+ "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
+ "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
+ "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
+ "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
+ "tas=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512
+ static String trustAnchor_SHA1withRSA_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
+ "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
+ "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
+ "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
+ "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
+ "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
+ "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
+ "U5r+8B9nzx+j2Zh3kw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 1024
+ static String intermediate_SHA1withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN\n" +
+ "P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb\n" +
+ "Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y\n" +
+ "e4q7TSwe6QevGOZaL5N/iy2XGEs=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 1024 signed with RSA 512
+ static String intermediate_SHA1withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze\n" +
+ "WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm\n" +
+ "w6Dd\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 1024
+ static String intermediate_SHA1withRSA_512_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY\n" +
+ "h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG\n" +
+ "LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512 signed with RSA 512
+ static String intermediate_SHA1withRSA_512_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV\n" +
+ "lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA\n" +
+ "AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw\n" +
+ "PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
+ "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
+ "CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx\n" +
+ "O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 1024
+ static String intermediate_MD2withRSA_1024_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc\n" +
+ "Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB\n" +
+ "E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd\n" +
+ "m8omKDKeCgcw5dR4ITQYvyxe1as=\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 1024 signed with RSA 512
+ static String intermediate_MD2withRSA_1024_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla\n" +
+ "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
+ "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8\n" +
+ "BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg\n" +
+ "bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82\n" +
+ "AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl\n" +
+ "UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw\n" +
+ "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
+ "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy\n" +
+ "0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx\n" +
+ "KQdp\n" +
+ "-----END CERTIFICATE-----";
+
+ private static CertPath generateCertificatePath(String certStr)
+ throws CertificateException {
+ // generate certificate from cert strings
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+ ByteArrayInputStream is;
+
+ is = new ByteArrayInputStream(certStr.getBytes());
+ Certificate cert = cf.generateCertificate(is);
+
+ // generate certification path
+ List<Certificate> list = Arrays.asList(new Certificate[] {cert});
+
+ return cf.generateCertPath(list);
+ }
+
+ private static Set<TrustAnchor> generateTrustAnchors()
+ throws CertificateException {
+ // generate certificate from cert string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ HashSet<TrustAnchor> anchors = new HashSet<TrustAnchor>();
+
+ ByteArrayInputStream is =
+ new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes());
+ Certificate cert = cf.generateCertificate(is);
+ TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes());
+ cert = cf.generateCertificate(is);
+ anchor = new TrustAnchor((X509Certificate)cert, null);
+ anchors.add(anchor);
+
+ return anchors;
+ }
+
+ public static void main(String args[]) throws Exception {
+ try {
+ validate(intermediate_SHA1withRSA_1024_1024);
+ validate(intermediate_SHA1withRSA_1024_512);
+ validate(intermediate_SHA1withRSA_512_1024);
+ validate(intermediate_SHA1withRSA_512_512);
+ } catch (CertPathValidatorException cpve) {
+ throw new Exception(
+ "unexpect exception, it is valid cert", cpve);
+ }
+
+ try {
+ validate(intermediate_MD2withRSA_1024_1024);
+ throw new Exception("expected algorithm disabled exception");
+ } catch (CertPathValidatorException cpve) {
+ System.out.println("Get the expected exception " + cpve);
+ }
+
+ try {
+ validate(intermediate_MD2withRSA_1024_512);
+ throw new Exception("expected algorithm disabled exception");
+ } catch (CertPathValidatorException cpve) {
+ System.out.println("Get the expected exception " + cpve);
+ }
+ }
+
+ private static void validate(String intermediate)
+ throws CertPathValidatorException, Exception {
+
+ CertPath path = generateCertificatePath(intermediate);
+ Set<TrustAnchor> anchors = generateTrustAnchors();
+
+ PKIXParameters params = new PKIXParameters(anchors);
+
+ // disable certificate revocation checking
+ params.setRevocationEnabled(false);
+
+ // set the validation time
+ params.setDate(new Date(109, 9, 1)); // 2009-09-01
+
+ CertPathValidator validator = CertPathValidator.getInstance("PKIX");
+
+ validator.validate(path, params);
+ }
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/CPValidatorTrustAnchor.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,169 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * @test
+ *
+ * @bug 6861062
+ * @summary Disable MD2 support
+ *
+ * @author Xuelei Fan
+ */
+
+import java.io.*;
+import java.net.SocketException;
+import java.util.*;
+import java.security.Security;
+import java.security.cert.*;
+
+public class CPValidatorTrustAnchor {
+
+ static String selfSignedCertStr = null;
+
+ // SHA1withRSA 1024
+ static String trustAnchor_SHA1withRSA_1024 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
+ "AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH\n" +
+ "E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd\n" +
+ "rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID\n" +
+ "AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME\n" +
+ "QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
+ "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
+ "DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z\n" +
+ "Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+\n" +
+ "UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc\n" +
+ "tas=\n" +
+ "-----END CERTIFICATE-----";
+
+ // SHA1withRSA 512
+ static String trustAnchor_SHA1withRSA_512 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
+ "BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv\n" +
+ "7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
+ "g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ\n" +
+ "5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
+ "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b\n" +
+ "FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia\n" +
+ "U5r+8B9nzx+j2Zh3kw==\n" +
+ "-----END CERTIFICATE-----";
+
+ // MD2withRSA 2048
+ static String trustAnchor_MD2withRSA_2048 =
+ "-----BEGIN CERTIFICATE-----\n" +
+ "MIIDQzCCAiugAwIBAgIBADANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ\n" +
+ "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDdaFw0zMDA3MTcwMTExNDda\n" +
+ "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIIBIjANBgkqhkiG9w0B\n" +
+ "AQEFAAOCAQ8AMIIBCgKCAQEArF5pINc5s+aUlmdYlxtAQ3V4TXFnP/XOYHxjfLuX\n" +
+ "eKO/kh78LMvbDisTPQ2yo9YEawwwbUU40xcuzgi0axXgKveHXYdUmTr0hEapq3rv\n" +
+ "g/q2EbOjyXvq4qK2RDoVCN8R3wXiytnY2OFALTx6zc2tW4imJ20svdNVtWhv2syj\n" +
+ "ZTmmRXAeFUbD4qKWAFij0I6pnSgVssvWzeyJUNemym+oiYyaSd7n5j1RNAqUKioo\n" +
+ "K/T0FOOiuPGMqottgx5YRHa6yapCP5QVWRQ+WBIYJY3Wyq7N+Es20LT6761Pk3to\n" +
+ "EFCzM7+zqT/c+pC079HOKXz+m2us+HKp5BKWNnbvgaYPOQIDAQABo4GJMIGGMB0G\n" +
+ "A1UdDgQWBBSrSukJf+mO5LTRasAGD9RRs7SASTBHBgNVHSMEQDA+gBSrSukJf+mO\n" +
+ "5LTRasAGD9RRs7SASaEjpCEwHzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1w\n" +
+ "bGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEC\n" +
+ "BQADggEBAHvsv+DqMJeIW/D+ltkhw37OdMzkMPp4E6Hbp03O3GZ5LfNGczHCb2uL\n" +
+ "sr5T7e/jaBFn6QfmqbOAYAHJSNq2bNNtTbatnHBLuVx13cfxmwk89Cg/tFeoUdcf\n" +
+ "m5hzurB6Ub6SsYMOxZHUYp/KxM9x9a7llC1bK3SKXwd4rVDlXh8DOBvdQNr5Q3yq\n" +
+ "JjY86bSXO14VzNxL/1rqHiszQdPyR/28SBsQVYSi0Zeyc4Yy1ui/cXu1+PWYw3YZ\n" +
+ "QUPHTnkVdPGwRiUqeZIcps+q+ePlQQmDu5qiLD6d8gsyGyY/RvCHWKO5Y9DuX9hs\n" +
+ "he/AhCWQx+TQYGLu0liQqLkGZydyRnA=\n" +
+ "-----END CERTIFICATE-----";
+
+ private static CertPath generateCertificatePath()
+ throws CertificateException {
+ // generate certificate from cert strings
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+ ByteArrayInputStream is;
+
+ is = new ByteArrayInputStream(selfSignedCertStr.getBytes());
+ Certificate selfSignedCert = cf.generateCertificate(is);
+
+ // generate certification path
+ List<Certificate> list = Arrays.asList(new Certificate[] {
+ selfSignedCert});
+
+ return cf.generateCertPath(list);
+ }
+
+ private static Set<TrustAnchor> generateTrustAnchors()
+ throws CertificateException {
+ // generate certificate from cert string
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+ ByteArrayInputStream is =
+ new ByteArrayInputStream(selfSignedCertStr.getBytes());
+ Certificate selfSignedCert = cf.generateCertificate(is);
+
+ // generate a trust anchor
+ TrustAnchor anchor =
+ new TrustAnchor((X509Certificate)selfSignedCert, null);
+
+ return Collections.singleton(anchor);
+ }
+
+ public static void main(String args[]) throws Exception {
+ try {
+ validate(trustAnchor_SHA1withRSA_1024);
+ validate(trustAnchor_SHA1withRSA_512);
+ } catch (CertPathValidatorException cpve) {
+ throw new Exception(
+ "unexpect exception, it is valid cert", cpve);
+ }
+
+ try {
+ validate(trustAnchor_MD2withRSA_2048);
+ throw new Exception("expected algorithm disabled exception");
+ } catch (CertPathValidatorException cpve) {
+ System.out.println("Get the expected exception " + cpve);
+ }
+ }
+
+ private static void validate(String trustAnchor)
+ throws CertPathValidatorException, Exception {
+ selfSignedCertStr = trustAnchor;
+
+ CertPath path = generateCertificatePath();
+ Set<TrustAnchor> anchors = generateTrustAnchors();
+
+ PKIXParameters params = new PKIXParameters(anchors);
+
+ // disable certificate revocation checking
+ params.setRevocationEnabled(false);
+
+ // set the validation time
+ params.setDate(new Date(109, 9, 1)); // 2009-09-01
+
+ CertPathValidator validator = CertPathValidator.getInstance("PKIX");
+
+ validator.validate(path, params);
+ }
+
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/README Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,640 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+ Certificates and CRLs
+
+Here lists the Certificates, which was generated by generate.sh, used in the
+test cases.
+
+The generate.sh depends on openssl, and it should be run under ksh. The
+script will create many directories and files, please run it in a
+directory outside of JDK workspace.
+
+1. root certifiate and key (SHA1withRSA 1024, root_cert_sha1_1024.pem)
+-----BEGIN CERTIFICATE-----
+MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa
+MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQC8UdC863pFk1Rvd7xUYd60+e9KsLhb6SqOfU42ZA715FcH
+E1TRvQPmYzAnHcO04TrWZQtO6E+E2RCmeBnetBvIMVka688QkO14wnrIrf2tRodd
+rZNZEBzkX+zyXCRo9tKEUDFf9Qze7Ilbb+Zzm9CUfu4M1Oz6iQcXRx7aM0jEAQID
+AQABo4GJMIGGMB0GA1UdDgQWBBTn0C+xmZY/BTab4W9gBp3dGa7WgjBHBgNVHSME
+QDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEwHzELMAkGA1UEBhMCVVMxEDAO
+BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw
+DQYJKoZIhvcNAQEFBQADgYEAiCXL2Yp4ruyRXAIJ8zBEaPC9oV2agqgbSbly2z8z
+Ik5SeSRysP+GHBpb8uNyANJnQKv+T0GrJiTLMBjKCOiJl6xzk3EZ2wbQB6G/SQ9+
+UWcsXSC8oGSEPpkj5In/9/UbuUIfT9H8jmdyLNKQvlqgq6kyfnskME7ptGgT95Hc
+tas=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,DF5249E009A0FD79
+
+rc316yLipp/vH0i6rhEbEwZpZ+HfKIXnnp/bIIZv2+4lyGUDWrxN0Hk0TcSgWEKm
+dRGI2fsyWjTgaiHwwmusofXPAjB3s0I2rUUAHXk8/sEuiLLTICx2UAL8k6R33CSQ
+NKR8t+TluBW3Us71vibWauuMHa5860KiiLWdhkQVLin7m/JBGLtz0zQ0/lZ8CgEm
+p7eDupPi8FBClCyVewdpmKjgI2KPI4fVIZLMzLeGcWLaOQPN1ERcFWQ1CS/qjfMb
+F4rtpZ+AzCqP75XPhitT2CnZgaVDxHBtAZQVPuKONMdijKphjqiT/Sd86Gx6OEVE
+EwwmQya2Q/5aCuH96S00mj00oeIZ7ZtUcVQcch+saJy4vpuxK8pFcEDKmgsvL9+8
+Hho9RUXVUKRH67uA1NjQSK5+syEIj5sJCDcxOda4QGXeIq9ygaZswxF3nfvffrsa
+S6IVBXrx0G+Ascu29SHoI+zi3feQszQJIzijHoTTq6FacLHUWzfVuaYa47uaj5qa
+VYsMVCzi1eX486o7YKPKWiclNczQN86v5n9+c9uggXY12wSOmnf6BB1Ds+oL8JlU
+IZa67lAyg6G9joAb9rTXN2EE5OTArcFuImK8GHse/3wkIPMglBNnfwpvjC1U+vQm
+F7iXp+OxnZ5d9sBcrTBEZ9BDlTVlpiZI7EeS1oC8x6DDTdbJR/40Y3wJIDMI9q9T
+O5EnyXqbmQziO0Tgal43w6mMTUnhG34kqovwxy03mAOZb3yz/RgWlez9wQmPseiI
+2p2fQIjCPbGFNJt3rdyXOW/BRCii0970HEZeov/TVV/A0vUVajNAjA==
+-----END RSA PRIVATE KEY-----
+
+2. root certifiate and key (SHA1withRSA 512, root_cert_sha1_512.pem)
+-----BEGIN CERTIFICATE-----
+MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDRaFw0zMDA3MTcwMTExNDRa
+MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAM0Kn4ieCdCHsrm78ZMMN4jQEEEqACAMKB7O8j9g4gfz2oAfmHwv
+7JH/hZ0Xen1zUmBbwe+e2J5D/4Fisp9Bn98CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU
+g4Kwd47hdNQBp8grZsRJ5XvhvxAwRwYDVR0jBEAwPoAUg4Kwd47hdNQBp8grZsRJ
+5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G
+A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAn77b
+FJx+HvyRvjZYCzMjnUct3Ql4iLOkURYDh93J5TXi/l9ajvAMEuwzYj0qZ+Ktm/ia
+U5r+8B9nzx+j2Zh3kw==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,B8BDE38F08C6BB76
+
+eJzx2oZE0UXxWpzssSWtKBOCbm3ZXR6iBKX8iKoDUB5SzzmKr+XzxI7kyv92y0pe
+rNTuuCWpBsLdlz7h8Ipn4pBDYswGU5F9MQOEgIYx60OvGhZODHGRzJ05FXTeCmmu
+LLp6lGW4SWALcd8g/gJUn1/vp7f1VzQ7RwXWBn4/b34RRYtwr3E6nl4Hc2tEI1in
+OL+lCdAAyxjGK7KYFHJQK+1E8tYNrer3cejQDcNysGx4o0H123vfp3NtJ6U7LXyi
+D21y3zmPueJos8LluJiLRsONcrcI3mIfpPBsO+Yl2EJtzS9V6Aaq/YdPkwPHH6Y5
+lazGMPXq/nffb12fWLL7m5aFb3FNLwWi/qwEynWCEv7Vl/6kLk+aHhjTnYkLvLNH
+9maQFn6j0S3wqogRfW9BDbfC3fRHP6+8YjEEmQ0RTfE=
+-----END RSA PRIVATE KEY-----
+
+3. root certifiate and key (MD2withRSA 2048, root_cert_md2_2048.pem)
+-----BEGIN CERTIFICATE-----
+MIIDQzCCAiugAwIBAgIBADANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDdaFw0zMDA3MTcwMTExNDda
+MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEArF5pINc5s+aUlmdYlxtAQ3V4TXFnP/XOYHxjfLuX
+eKO/kh78LMvbDisTPQ2yo9YEawwwbUU40xcuzgi0axXgKveHXYdUmTr0hEapq3rv
+g/q2EbOjyXvq4qK2RDoVCN8R3wXiytnY2OFALTx6zc2tW4imJ20svdNVtWhv2syj
+ZTmmRXAeFUbD4qKWAFij0I6pnSgVssvWzeyJUNemym+oiYyaSd7n5j1RNAqUKioo
+K/T0FOOiuPGMqottgx5YRHa6yapCP5QVWRQ+WBIYJY3Wyq7N+Es20LT6761Pk3to
+EFCzM7+zqT/c+pC079HOKXz+m2us+HKp5BKWNnbvgaYPOQIDAQABo4GJMIGGMB0G
+A1UdDgQWBBSrSukJf+mO5LTRasAGD9RRs7SASTBHBgNVHSMEQDA+gBSrSukJf+mO
+5LTRasAGD9RRs7SASaEjpCEwHzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1w
+bGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEC
+BQADggEBAHvsv+DqMJeIW/D+ltkhw37OdMzkMPp4E6Hbp03O3GZ5LfNGczHCb2uL
+sr5T7e/jaBFn6QfmqbOAYAHJSNq2bNNtTbatnHBLuVx13cfxmwk89Cg/tFeoUdcf
+m5hzurB6Ub6SsYMOxZHUYp/KxM9x9a7llC1bK3SKXwd4rVDlXh8DOBvdQNr5Q3yq
+JjY86bSXO14VzNxL/1rqHiszQdPyR/28SBsQVYSi0Zeyc4Yy1ui/cXu1+PWYw3YZ
+QUPHTnkVdPGwRiUqeZIcps+q+ePlQQmDu5qiLD6d8gsyGyY/RvCHWKO5Y9DuX9hs
+he/AhCWQx+TQYGLu0liQqLkGZydyRnA=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,3910D329AD49ECFC
+
+6K0OU3Xrl2H6kz7x7EHXkM0/Wd6jXBBwWsaroUIGnbIMmljJXPfgcuDUu6f5Imk1
+ndoU0GWjxa1QNjteAQQtFoLDP8rienLs0b969OcAxB0EOffQFkEfsfXdyEIgdwkD
+ETczwDIyd8Wj62ClydJES3jKB9Nc9kMIlsoZ+h24TyJeeRsHAtMrz+mlOHsUWDQ5
+FyYZelnx+fQ5maD3bura7xLiNl8CvgWz0wt2Wt4djdMGhQ3OWd0/GWweP+2xnL6n
+5tDJ5On50+Z5T8Jhx62yg+wQiBKAYnYw6OX3skJwWknuAvYz3Z3e12DHFx6w5EAU
+K7lg7fHMqHNirUkJOlYzgJ21ybV4uQmFRNQJwI9h6GVfdZWPEU+Ni42AlNgNYskF
+K19dONNNt0Gwkcm2VOYzwYGDyaQW2YIGDk1fbZdVSu/h/lyOC/RmorGWroAbYsyB
+/GUIilcLtQHPGI8XuojTS2/UWcKactpceN3UOnQkus3/smViEqqB/NQ/lcozgs0o
+7ZG6H6to7w1yb5VR2d7B2bS7MNJt1AsOB5ydAMYIccdHDTI7CfRK6axQ70O/JPnJ
+WLY2e41ig2uAWk/3fRb8L6d3keVcN7y4WnkXPbHhulqtxQo78iSQQAf7tDMBxWKx
+C5LQW3CxLkHKp6g22SDxl2LjJyu5nDbtIh3Pq+BCoA25uqXC4rPoWwV7EWYv8Z+Y
+E6dS98SEa+cDhpllvGzbTKgcP1VqtQbb9VT92UT1mFrklqRuQIxROeCe4wjp5TKo
+D2losUDdzpqBHkBNo2I8qZkgybeCvWEq73my2+JG1AAIFFB1kzfBNaBDGiGSuUuS
+5peV8156aaLg5pxdieoRJ3Y7eaWN1wH5CnRnafoB+lxSUsQO1a7y2LbpedrKjs+2
+AryPHQw7HLd8IQevmvd7BhJLdvlt+kXzWID/pUsSAYvI7aP4daQJuAt/kwmU27Gd
+wqhV8Tjbb84vFGmqGHtb2YbKfUrsPUNOLBF+U4SDAgBhEyhINQZyRDcqqoywO5Dr
+sV46nTEfwAgt88KFt2CEhiyvoJbtCj1iMJeAzuljwF4z4RzB1i3TK0MaJYID2rxB
+E1vK9EZIssk/NeImN2YCbuqOhU58jtOwYh3ruS+mZQm1APvJF9N4tCCVQsjWC6zY
+4eqs7T6VDFH4AaT7b3J3rTsEpWIDUfagetZs5kR9SiWJC7dU7r53gGg4avVyIIHD
++MYCS+auD9/nmVf4iYstVgJFMUJXC2EUOLi0r8KmDkCILl/K3X/W7QwFTnC07gLh
+/9HjWFJ0R6cyODzvE8NGPMeuJGUT2F+mA1vaAC/PBGz+61AF0BjWTZ7x2sH+tSPP
+/GVEaCgyzrKRX5XX+7DulTcmFj1JNfMmtbDaJa9WnwOI4qszBGrAcYeYTHXR6Yov
+Ux/P6RStfa+UwSjo8i3nfdgLk+RXCpN0srMjSmiQx8d5R/kISqXKDtQfS5M6gsoh
+ROz+6zZP8Gh8yakr1p4C6JUSiLDYP5qXzxr8bp+oxvpY7anEDAqx21HyExEAu+gy
+IrNl75FWqV8BbKxoFfe9LqyDaryXXA8oy6F+4BT/zRrxp+dym9pbd+OZR423BIij
+-----END RSA PRIVATE KEY-----
+
+4. subca certificate and key (SHA1withRSA 1024, root_cert_sha1_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICUDCCAbmgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDhaFw0yOTA0MjMwMTExNDha
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
+BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
+bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
+AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
+UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw
+HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
+AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEAHze3wAcIe84zNOoN
+P8l9EmlVVoU30z3LB3hxq3m/dC/4gE5Z9Z8EG1wJw4qaxlTZ4dif12nbTTdofVhb
+Bd4syjo6fcUA4q7sfg9TFpoHQ+Ap7PgjK99moMKdMy50Xy8s6FPvaVkF89s66Z6y
+e4q7TSwe6QevGOZaL5N/iy2XGEs=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0480E76FD259323B
+
+npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
+LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
+yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
+5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
+FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
+W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
+4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
+Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
+UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
+mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
+eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
+6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
+GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
+-----END RSA PRIVATE KEY-----
+
+
+5. subca certificate and key (SHA1withRSA 1024, root_cert_sha1_512.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICDzCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
+BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
+bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
+AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
+UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw
+HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
+AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQCYNmdkONfuk07XjRze
+WQyq2cfdae4uIdyUfa2rpgYMtSXuQW3/XrQGiz4G6WBXA2wo7folOOpAKYgvHPrm
+w6Dd
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0480E76FD259323B
+
+npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
+LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
+yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
+5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
+FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
+W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
+4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
+Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
+UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
+mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
+eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
+6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
+GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
+-----END RSA PRIVATE KEY-----
+
+
+6. subca certificate and key (SHA1withRSA 512, root_cert_sha1_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICDDCCAXWgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV
+lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA
+AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw
+PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD
+VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G
+CSqGSIb3DQEBBQUAA4GBAE2VOlw5ySLT3gUzKCYEga4QPaSrf6lHHPi2g48LscEY
+h9qQXh4nuIVugReBIEf6N49RdT+M2cgRJo4sZ3ukYLGQzxNuttL5nPSuuvrAR1oG
+LUyzOWcUpKHbVHi6zlTt79RvTKZvLcduLutmtPtLJcM9PdiAI1wEooSgxTwZtB/Z
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0A94F7EA4C89CA33
+
+tfKdAZVSrpeS/hU4+mGYcGGx3nNqrE+CzDAfLadVuXz5ju5p9oFhLTZj99wK+uHn
+prrWmDNOdYKRBJn7h40WV6zi4lR3JgnuYNxH8fxO3PI+HQ9IuvdoTyqUeXTP4Zj1
+BCnr1k1D2WGDXvnh+saq9qRpMKThjK/OF0YmDa07PI5NOBdMA3EmkNYfwib2GfBV
+el4FVkfnPQkLGahTh3SC62TzPlnsAgirCeua7ZLPqN3fkZkYbXZd9op2D31n7cBP
+zztg0ah8WF4gPOd/BBZeR9XDog5qm/wzyBj0F6ClHRPjpGYhAm2Vw66xOBlGFYI9
+lVmFQzrPcDNlFTybzhl5C6Qy4cPQh+QErDWxljVI52oYYmY/KRmUGGL7hEG8ZGOn
+EUgFrEJyAY7w4wpBC5n9SotwyPXhwKQ1uCBq+1zElPw=
+-----END RSA PRIVATE KEY-----
+
+7. subca certificate and key (SHA1withRSA 512, root_cert_sha1_512.pem signed)
+-----BEGIN CERTIFICATE-----
+MIIByzCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKubXYoEHZpZkhzA9XX+NrpqJ4SV
+lOMBoL3aWExQpJIgrUaZfbGMBBozIHBJMMayokguHbJvq4QigEgLuhfJNqsCAwEA
+AaOBiTCBhjAdBgNVHQ4EFgQUN0CHiTYPtjyvpP2a6y6mhsZ6U40wRwYDVR0jBEAw
+PoAUg4Kwd47hdNQBp8grZsRJ5XvhvxChI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD
+VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G
+CSqGSIb3DQEBBQUAA0EAoCf0Zu559qcB4xPpzqkVsYiyW49S4Yc0mmQXb1yoQgLx
+O+DCkjG5d14+t1MsnkhB2izoQUMxQ3vDc1YnA/tEpw==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0A94F7EA4C89CA33
+
+tfKdAZVSrpeS/hU4+mGYcGGx3nNqrE+CzDAfLadVuXz5ju5p9oFhLTZj99wK+uHn
+prrWmDNOdYKRBJn7h40WV6zi4lR3JgnuYNxH8fxO3PI+HQ9IuvdoTyqUeXTP4Zj1
+BCnr1k1D2WGDXvnh+saq9qRpMKThjK/OF0YmDa07PI5NOBdMA3EmkNYfwib2GfBV
+el4FVkfnPQkLGahTh3SC62TzPlnsAgirCeua7ZLPqN3fkZkYbXZd9op2D31n7cBP
+zztg0ah8WF4gPOd/BBZeR9XDog5qm/wzyBj0F6ClHRPjpGYhAm2Vw66xOBlGFYI9
+lVmFQzrPcDNlFTybzhl5C6Qy4cPQh+QErDWxljVI52oYYmY/KRmUGGL7hEG8ZGOn
+EUgFrEJyAY7w4wpBC5n9SotwyPXhwKQ1uCBq+1zElPw=
+-----END RSA PRIVATE KEY-----
+
+8. subca certificate and key (MD2withRSA 1024, root_cert_sha1_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICUDCCAbmgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
+BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
+bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
+AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
+UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBTn0C+xmZY/BTab4W9gBp3dGa7WgqEjpCEw
+HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
+AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEAPtEjwbWuC5kc4DPc
+Ttf/wdbD8ZCdAWzcc3XF9q1TlvwVMNk6mbfM05y6ZVsztKTkwZ4EcvFu/yIqw1EB
+E1zlXQCaWXT3/ZMbqYZV4+mx+RUl8spUCb1tda25jnTg3mTOzB1iztm4gy903EMd
+m8omKDKeCgcw5dR4ITQYvyxe1as=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0480E76FD259323B
+
+npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
+LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
+yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
+5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
+FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
+W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
+4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
+Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
+UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
+mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
+eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
+6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
+GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
+-----END RSA PRIVATE KEY-----
+
+
+9. subca certificate and key (MD2withRSA 1024, root_cert_sha1_512.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICDzCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDYwMTExNDlaFw0yOTA0MjMwMTExNDla
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVOqnlZspyAEr90ELFaUo8
+BF0O2Kn0yTdUeyiLOth4RA3qxWrjxJq45VmEBjZpEzPHfnp3PhnfmLcLfhoPONFg
+bcHzlkj75ZaKCgHoyV456fMBmj348fcoUkH2WdSQ82pmxHOiHqquYNUSTimFIq82
+AayhbKqDmhfx5lJdYNqd5QIDAQABo4GJMIGGMB0GA1UdDgQWBBTfWD9mRTppcUAl
+UqGuu/R5t8CB5jBHBgNVHSMEQDA+gBSDgrB3juF01AGnyCtmxEnle+G/EKEjpCEw
+HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw
+AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQECBQADQQBHok1v6xymtpB7N9xy
+0OmDT27uhmzlP0eOzJvXVxj3Oi9TLQJgCUJ9122MzfRAs1E1uJTtvuu+UmI80NQx
+KQdp
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,0480E76FD259323B
+
+npiifBm1mHq1Z9QgAV5T35Xbnea9VnwqYQWNfRRKmpfYSdkQJ0few18YtnfZwh9e
+LKCWx+lq1V4yDG4SbxXDq71Dyvx1vZY+w4h+6M1+6KGFG1VDBfN3e5aLgK8EG9pZ
+yHZH7iB7HiQXH5q53jL6NUZn55C3XEk1sErpK7R1c0Y8Qp2TGiu+lck3K+zR9GiO
+5aJMKbShReB0Nfy3JJNKRFSd95QMTTjbq6iIvhN8O02bo4I4I3HTyD8qyR7ViiHl
+FmOukjwn4fjJvK0WYKYUjod8oEiMdR2nr73eOGZBAnEorDGQ8VnnCAleSv74is1k
+W7M07UP7EJJq9hSZfeMqk5QivtWrqvWG1SWxpTowKTEAyTn7u5U13k0DiRcsg0WT
+4mSMiLOhUNgIWcHElbTQPSVDcVznhNk0dWPDwKoUjp+orCuH+NvHKBAu+hnuip3e
+Ji7WGrHXI7QxAr5qr5ogl5x4yH4drIbq9fUea3NTuGPuPyu9fWjOSDmqPRKRMJFR
+UxxVFcyrW8iSBV5cvB7M1ADS40y6l4ryYmKjXbsOI4Ci8LJWJ4ZB61WQP7TvPQGS
+mNFmTTB2dwbpimr4KjV9j2bA9x0jAsjlcQZ5j1GOeyYCEDGKDJw0XD/zI+j0dpVc
+eu8YtuJGTyO1h+HiI3D9LrMuyUxxckvFHKe00+4xMz1hpqVo/kxe6gqf/9ES4M/h
+6/NeTzeqyJF2rgxK6KJJdmaKVYI+bvAQ3cKl+RZmgOjx4eig58N5uthqFgU7rQ+e
+GM9/y8C9WpPqITcJlY7I/7AkqvYDBwBsH/9mf4g9OUbC1Ah+MX8UIQ==
+-----END RSA PRIVATE KEY-----
+
+
+a. end entity certificate and key
+ (SHA1withRSA 1024, subca_cert_sha1_1024_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
+vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
+z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
+c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
+OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG
+9w0BAQUFAAOBgQAOfIeasDg91CR3jGfuAEVKwncM1OPFmniAUcdPm74cCAyJ90Me
+dhUElWPGoAuXGfiyZlOlGUYWqEroe/dnkmnotJjLWR+MA4ZyX3O1YI8T4W3deWcC
+J4WMCF7mp17SaYYKX9F0AxwNJFpUkbB41IkTxPr0MmzB1871/pbY8dLAvA==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
+
+042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
+Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
+8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
+NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
+pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
+XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
+ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
+HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
+4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
+CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
+DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
++Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
+eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
+-----END RSA PRIVATE KEY-----
+
+b. end entity certificate and key
+ (SHA1withRSA 1024, subca_cert_sha1_512_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTBaFw0yOTA0MjMwMTExNTBaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
+vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
+z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
+c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
+OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG
+9w0BAQUFAANBADV6X+ea0ftEKXy7yKNAbdIp35893T6AVwbdclomPkeOs86OtoTG
+1BIzWSK9QE7W6Wbf63e2RdcqoLK+DxsuwUg=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
+
+042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
+Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
+8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
+NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
+pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
+XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
+ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
+HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
+4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
+CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
+DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
++Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
+eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
+-----END RSA PRIVATE KEY-----
+
+c. end entity certificate and key
+ (SHA1withRSA 512, subca_cert_sha1_1024_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3
+DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo
+uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE
+AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU
+31g/ZkU6aXFAJVKhrrv0ebfAgeYwDQYJKoZIhvcNAQEFBQADgYEAUyW8PrEdbzLu
+B+h6UemBOJ024rYq90hJE/5wUEKPvxZ9vPEUgl+io6cGhL3cLfxfh6z5xtEGp4Tb
+NB0Ye3Qi01FBiNDY8s3rQRrmel6VysU8u+0Oi2jmQY6vZXn/zXN5rrTLITCaSicG
+dOMv1xLM83Ee432WWlDwKOUxhzDGpWc=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,153918982D82A26E
+
+5w5MNd16M1draSfIFAuWNfP3869l9y8vMI1kOcxqsxjeG6YfgKUyu6PEYlj1R7d1
+/+UwVs9RGm3V7AwV4G1Qpnd+jaMLpgPVMP12sHPnslBE4SQe9bAZ+X5i2/5uesHv
+bF7OBMqsYW8+Kgsy1Ac0pBx/8yoFYdD3KYFnIP20kV2Xxy4PtQQ6tHJ33dGslTNU
+qrcJsyUyYj6wORlb7huuP5Ua8f28Xs/KvnNJG0094kC1WHi3Raf4AoD/rvraVtCQ
+5jrK9se8D6su+S3SEW0YndxivbNx3xJu2O72e7lS6yb5ht3U7xNSSWTffIlW1okI
+zjscK0iv9S+x452mLIFUgkmriVJLFfjTMRCbhS1J6q9FXLDdre/2O18FO2TvwRIE
+6Bwt2utfOAGccRHLsdgcXkv+ngCTCkuCnmh2XZWqmvA=
+-----END RSA PRIVATE KEY-----
+
+d. end entity certificate and key
+ (SHA1withRSA 512, subca_cert_sha1_512_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3
+DQEBAQUAA0sAMEgCQQCpfQzhld7w2JhW/aRaLkmrLrc/QAsQE+J4DXioXaajsWPo
+uMmYmuiQolb6OIY/LcivSubKM3G5PkAWoovUPIWLAgMBAAGjTzBNMAsGA1UdDwQE
+AwID6DAdBgNVHQ4EFgQUFWuXLkf4Ji57H9ISycgWi982TUIwHwYDVR0jBBgwFoAU
+N0CHiTYPtjyvpP2a6y6mhsZ6U40wDQYJKoZIhvcNAQEFBQADQQBG4grtrVEHick0
+z/6Lcl/MGyHT0c8KTXE0AMVXG1NRjAicAmYno/yDaJ9OmfymObKZKV9fF7yCW/N/
+TMU6m7N0
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,153918982D82A26E
+
+5w5MNd16M1draSfIFAuWNfP3869l9y8vMI1kOcxqsxjeG6YfgKUyu6PEYlj1R7d1
+/+UwVs9RGm3V7AwV4G1Qpnd+jaMLpgPVMP12sHPnslBE4SQe9bAZ+X5i2/5uesHv
+bF7OBMqsYW8+Kgsy1Ac0pBx/8yoFYdD3KYFnIP20kV2Xxy4PtQQ6tHJ33dGslTNU
+qrcJsyUyYj6wORlb7huuP5Ua8f28Xs/KvnNJG0094kC1WHi3Raf4AoD/rvraVtCQ
+5jrK9se8D6su+S3SEW0YndxivbNx3xJu2O72e7lS6yb5ht3U7xNSSWTffIlW1okI
+zjscK0iv9S+x452mLIFUgkmriVJLFfjTMRCbhS1J6q9FXLDdre/2O18FO2TvwRIE
+6Bwt2utfOAGccRHLsdgcXkv+ngCTCkuCnmh2XZWqmvA=
+-----END RSA PRIVATE KEY-----
+
+e. end entity certificate and key
+ (MD2withRSA 1024, subca_cert_sha1_1024_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
+vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
+z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
+c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
+OorBleV92TAfBgNVHSMEGDAWgBTfWD9mRTppcUAlUqGuu/R5t8CB5jANBgkqhkiG
+9w0BAQIFAAOBgQBxKsFf8NNQcXjDoKJJSG4Rk6ikcrhiGYuUI32+XHvs6hnav1Zc
+aJUpy7J4gMj/MnysMh/4AF9+m6zEEjuisXKUbYZhgtJxz+ukGSo163mJ8QJiAlRb
+Iwsy81r08mlSCR6jx2YhDAUxJIPC92R5Vb4CEutB7tWTwwz7vIHq330erA==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
+
+042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
+Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
+8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
+NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
+pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
+XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
+ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
+HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
+4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
+CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
+DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
++Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
+eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
+-----END RSA PRIVATE KEY-----
+
+f. end entity certificate and key
+ (MD2withRSA 1024, subca_cert_sha1_512_1024.pem signed)
+-----BEGIN CERTIFICATE-----
+MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0wOTA4MDYwMTEx
+NTFaFw0yOTA0MjMwMTExNTFaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt
+cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAy6/2g3rxQzJEvTyOnBcEnZthmAD0AnP6LG8b35jt
+vh71LHbF1FhkOT42Rfg20aBfWTMRf+FeOJBXpD4gCNjQA40vy8FaQxgYNAf7ho5v
+z6yAEE6SG7YviE+XGcvpQo47w8c6QSQjpBzdw7JxwbVlzUT7pF8x3RnXlGhWnWv6
+c1ECAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBSaXXERsow2Wm/6uT07
+OorBleV92TAfBgNVHSMEGDAWgBQ3QIeJNg+2PK+k/ZrrLqaGxnpTjTANBgkqhkiG
+9w0BAQIFAANBAIX63Ypi9P71RnC/pcMbhD+wekRFsTzU593X3MC7tyBJtEXwvAZG
+iMxXF5A+ohlr7/CrkV7ZTL8PLxnJdY5Y8rQ=
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,1FE5A37B770AF83D
+
+042bWtt4q0cB8pRuPUlMVncTP/WAz+mmPw3jXI3LFOBZeK6zFEDpI5M9c2JO+rqp
+Za5UkYuIg69V7LngriqRynkRGGQp3xASMLr5NVbKHTE/Ol/iIuxKaCkumZmGXB/z
+8bxQF5XN4tbKT4s3sWWmmKMicg6MHvySi3QVRG11PHRu/q7CEFPzJKRQ3fpaNcKD
+NTBI5F6GP9ENa/eog4WGENjXS0v4Wa3IfaOhjKXrSxjLUqLH0C8g5WWg5IrXXtuI
+pgyJ2kkE3Y/ChU7p7R42we6tBZqF5SiL5kFDn86DmHgCslTiZkIoE5i644sp03Sd
+XkHyHu0VIeYp3nDwRA7S98837W4F6i1BnXA5f3EaE3rNGjsxK8zL2pvdCcDYbese
+ETfba16HMzLXe1b4RSI3gwhlQ2MNKBwvskkQESf/Ew1DskBY0MCYFxo6hIp6LqMo
+HAl5kvCwvuYL2jBdQhkKxU+Leu5Ei8Ie9XYNVy4yUeUAMnSUkVaEs/I8z+Mk8oYq
+4QWqOc66XLcI13coDoxmv54kye3RjqdmZI8mg/3LCFotwceDuXyD43/vVhoTPEnp
+CqXafV2pw4y95skMHmktI2qvSahaM4P6GGXl8HqmP3b+8V5mxMhNtVnuUha2kouw
+DLNFUTg1cCLahM5SRolyA/XTGh7JOkJMYWPeJwN7l3K+lBtHHfj6DHtKEjUcyZFd
++Z55pDoAERumB6+BCnt6X2/0kEDV219RmsgxkGTWdFs+M7Y6EYYRtlinH4nqL6UD
+eHWitYIatAHOvdHeNrbXN9L5P3tsUB4HzFa46WWtKqRtbCVTuPVZdw==
+-----END RSA PRIVATE KEY-----
+
+h. root CRL issuer
+-----BEGIN CERTIFICATE-----
+MIICKzCCAZSgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDgxNjMwNTdaFw0yOTA0MjUxNjMwNTda
+MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQCy6RoQ6nMdeGJ6ijfjqDu3tDmeGLgnvfBcUKvcsvz9Ji3m
+oGnTzECo1oLV+A4/TJxOlak+ZiQ5KVyvfMcXLJeT6dRpXQZ+uc6TT3SkBq94VFzX
+qkk08z42JNdk1s5uyW8nRfg7+xntajQVrysoPYNDhu21cPnjDkRiBsIdS7+75QID
+AQABo3cwdTAdBgNVHQ4EFgQUGcJU6xWo66kI1QBvlfTQKxxmx9IwRwYDVR0jBEAw
+PoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD
+VQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjANBgkqhkiG9w0BAQQFAAOBgQBx
+uKL59VInPdCi+8JL4B+S5YjlPL4ZOBHTjS0JlNxtjbGZdfs+3E9PUAdqhMJO4vq7
+XD+hGtgZtwSqGaSUYAtpLdoCr7vvPkcrxYTG2Ak+UiTbZhmJeSswKgFaCmjjdMCy
+y64UP2DQfn6Zi0wCfeao0m9s3zRLuJpgaQGiSHTQKA==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,41E4237825CE0148
+
+9nbfd7dsaS+fkFYrU1+wTcevjdRLF/j9DUVQh/2bsFlVEYgeL8A+XpvpbXHYBd7H
+oBreofDNseibHe4EgISGPK8RymjYutQqPpbHwXd25jlUuUapvvuCj8V6qnhgpqEo
+zXL1Nd2c6KZgdySosyWy8JfIBZJ3kwiSkXVwzs8R4bAGrg1VS80GuszvCv8Fzjoc
+LuesX6fViE9yFzLsyOvn/W12DKhTXwiXTQYLUupM8zI9Kpozbea52ZIPMJ9HEiaY
+JgwNj05w33VxTe/tq3R9vS2Ee6aM4odi6CQEheLsUAnyE0BTsITKzwwTI25WTv25
+W+gwSF3V49a34MojTdlORq5iH0b3rYl7OMdk+99elJSkyQIbVwwOCFrKuSXYXvV7
+s9iMPFUbi+bZ3oP6zM5kVUcH6KyVeYfkuLf2+k1vPlav8/W5v+WfnvUNOBx76Ira
+BzVPYmm2V+YFiFL1hugm5Wv+yyx8QcfgXbvhNHoIEj7hh6Ac48FhtqEcBHjuT/gy
+7atJJUdOH6hhmD34hkHGnhcDE15ZOczxTLRC9450h5HKsZ0FILRlCBZLmiedycs2
+zqhUpR4jzDG9jKrlDU4ErfMgPLjveZc3/VT3bc+TYfuC8szCaQ5XX1JVcabZ+HQw
+pwmA1ONZDVsFzwbJy9+5bgXX+wLD5kaez8EHNDS5PgqgL0UdrWjdRi6e1RwlTDEw
+g/d7TZm/iQeL1iUIfkPA1f0ByYIiyd3XQqiQ/Mf1C16lQkhTHDwofFJdL8otT2Ha
+dk6fa7lBOnrpbRKUdpJpYfyqHg80BYNPu6BacVXlYqtJtkFK04qHbA==
+-----END RSA PRIVATE KEY-----
+
+i. CRL issued by root CRL issuer
+-----BEGIN X509 CRL-----
+MIH2MGECAQEwDQYJKoZIhvcNAQEFBQAwHzELMAkGA1UEBhMCVVMxEDAOBgNVBAoT
+B0V4YW1wbGUXDTA5MDgwODE2MzU1MFoXDTI4MTAwNzE2MzU1MFqgDjAMMAoGA1Ud
+FAQDAgEAMA0GCSqGSIb3DQEBBQUAA4GBAJCd7e25MruuWJP/KmenGC6CR22pQuG+
+XhRaAtpHkNRls8+TfBxm2PtRrXCAcDb68kNLdwvlAlCUwmL6HOx4VB3r+8QRUlDa
+T48wVp1ojGU2b2XbPtXiYZBXW6hBsFHGDJM/IAGJPE2PbVYGlBc23A9V9WyPyThi
+9XXG1iOTIJ6u
+-----END X509 CRL-----
+
+j. subca CRL issuer
+-----BEGIN CERTIFICATE-----
+MIICPTCCAaagAwIBAgIBCzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ
+MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA4MDgxNjMwNThaFw0yOTA0MjUxNjMwNTha
+MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz
+cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8KICP0bdOZVlR9gZu7TgD
+znXgSMER1IQtompgr1mWeZjX4LmRck3/ogHoxwC4RbNPKI3KIihcVdFHw2jgvE0M
+mpf2lI50tmhnLitM8P0/q8xUU/KncipADo4hkM5TbpjPeGUBTGLKzGrq7yyT9Uli
+Z74rrp1mS59TxcEI2YQMIQIDAQABo3cwdTAdBgNVHQ4EFgQUDGgpD4L8V3aBJPLx
+C7diZ0M0wWMwRwYDVR0jBEAwPoAU59AvsZmWPwU2m+FvYAad3Rmu1oKhI6QhMB8x
+CzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjAN
+BgkqhkiG9w0BAQQFAAOBgQCcXqRge5UuW0duf/XnUWP4hrm4Q9EHJaiHZDYxI+WW
+Ca3OXdsrpgGi+RSgeMtQzlZ7YAwyYVV91U4BnX6s/97Vp5xbR3wr8Qbx67inM8Lp
+Tuo+e0nyTxwlwi9cSyy5MfJ8jfzaD+n8akhV+sx0Mmiv77YlrShP24lod55gJHKC
+vQ==
+-----END CERTIFICATE-----
+
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,16EC4E2C0855BD5C
+
+dJHcUsnACMhfESAalWrWrfARnUgGhpp3vupjePUiBJ86YmKaNNr6GAwDukg3EJvs
+tboO1QQziLSf9pP7gw82Vp5YctEkk7vJVvCcq3QkZAsjNUHf3m3ne2qg8HngufzY
+IS/C3EtKuMr3oqa7P8wvMcsBs1G1ga/YqCWoKzowXhybaYPe20fwUNRtgqgdS5Gy
+bAzQB9R+Ua2tCaXb3CBYnrczsYFPhjuULr4qbWgHVBWhnkS3OIz71WqcCoXmvD3s
+bsjoZRCJUM6Zavyzs0kVGZogiPdr+KUyzjNNsnxle5cEET6nqkYR16UT/Fvemz9Q
+szh/y0gCi1nZb6cw5e9BJyF1GlobzxWyMwwY9L4vZNaBNaVRun+6dRWy0svaPuEy
+fV/9Y0/la9scyA5yNHz8xud3Njhj2ghyG5Nqbs3N/pPXRVdh7WNFBnc+L/SIBhhB
+/Ha9+OZdqyuMf3G+I1+WVADQr8xQP8/yLEvybZYtssjnuCmQSLPDDQFnp2Z3spax
++AT+T4dRimMjf0mZK/NlRJU9PWqMHzsJGBY1A903oAiiHiRFD10z8vyPBigSDF2W
+ct6a8WI1prKho6HbMqeIlSPk+HkdCGZedNNbvRlKl4Y56IsHGAhb3wvQ+94049P9
+wu5thK69jNb7ie3YEefAZTb5kD0h+oB8BILOJ5B29C04JdDe6P6hjGKD7x3nRhHM
+nyCUMB/fhYpoXdDhz8CeJ77hFt2zFZRstlDctQsDqLkC0AdvlOFsEFqGM4AkBGcV
+f6Y+ykNQB3vEWPZsWqVXHB2vQvk00R55tgu+R5JJ45NLG2TqyOp/4A==
+-----END RSA PRIVATE KEY-----
+
+k. CRL issued by subca CRL issuer
+-----BEGIN X509 CRL-----
+MIIBLTCBlwIBATANBgkqhkiG9w0BAQIFADAxMQswCQYDVQQGEwJVUzEQMA4GA1UE
+ChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMRcNMDkwODA4MTYzNTUxWhcNMjgx
+MDA3MTYzNTUxWjAiMCACAQIXDTA5MDgwODE2MzU1MFowDDAKBgNVHRUEAwoBBKAO
+MAwwCgYDVR0UBAMCAQAwDQYJKoZIhvcNAQECBQADgYEAbIs7ws4/M24NYrIO0XY6
+UVxni0ZoQa+1R7NwU6unr4jFEVD+W/b+JEMfm0RUmpSa7HrUYsw+NycD3m5CD6VJ
+U4iuGGeJvHdrYJiPIYkEiFQnhAGOj8oS/nWtPvDKbuBMZI9atKkypby9At8h9URq
+1g/KSIM3rd1PYADdcPsok4I=
+-----END X509 CRL-----
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/generate.sh Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,255 @@
+#
+# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation. Sun designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Sun in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+# CA 95054 USA or visit www.sun.com if you need additional information or
+# have any questions.
+#
+
+#!/bin/ksh
+#
+# needs ksh to run the script.
+set -e
+
+OPENSSL=openssl
+
+# generate a self-signed root certificate
+if [ ! -f root/finished ]; then
+ if [ ! -d root ]; then
+ mkdir root
+ fi
+
+ # SHA1withRSA 1024
+ ${OPENSSL} req -x509 -newkey rsa:1024 -keyout root/root_key_1024.pem \
+ -out root/root_cert_sha1_1024.pem -subj "/C=US/O=Example" \
+ -config openssl.cnf -reqexts cert_issuer -days 7650 -sha1 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ # SHA1withRSA 512
+ ${OPENSSL} req -x509 -newkey rsa:512 -keyout root/root_key_512.pem \
+ -out root/root_cert_sha1_512.pem -subj "/C=US/O=Example" \
+ -config openssl.cnf -reqexts cert_issuer -days 7650 -sha1 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ # MD2withRSA 2048
+ ${OPENSSL} req -x509 -newkey rsa:2048 -keyout root/root_key_2048.pem \
+ -out root/root_cert_md2_2048.pem -subj "/C=US/O=Example" \
+ -config openssl.cnf -reqexts cert_issuer -days 7650 -md2 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ openssl req -newkey rsa:1024 -keyout root/root_crlissuer_key.pem \
+ -out root/root_crlissuer_req.pem -subj "/C=US/O=Example" -days 7650 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ openssl x509 -req -in root/root_crlissuer_req.pem -extfile openssl.cnf \
+ -extensions crl_issuer -CA root/root_cert_sha1_1024.pem \
+ -CAkey root/root_key_1024.pem -out root/root_crlissuer_cert.pem \
+ -CAcreateserial -CAserial root/root_cert.srl -days 7200 \
+ -passin pass:passphrase
+
+ touch root/finished
+fi
+
+
+# generate subca cert issuer
+if [ ! -f subca/finished ]; then
+ if [ ! -d subca ]; then
+ mkdir subca
+ fi
+
+ # RSA 1024
+ ${OPENSSL} req -newkey rsa:1024 -keyout subca/subca_key_1024.pem \
+ -out subca/subca_req_1024.pem -subj "/C=US/O=Example/OU=Class-1" \
+ -days 7650 -passin pass:passphrase -passout pass:passphrase
+
+ # RSA 512
+ ${OPENSSL} req -newkey rsa:512 -keyout subca/subca_key_512.pem \
+ -out subca/subca_req_512.pem -subj "/C=US/O=Example/OU=Class-1" \
+ -days 7650 -passin pass:passphrase -passout pass:passphrase
+
+ # SHA1withRSA 1024 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \
+ -CAkey root/root_key_1024.pem -out subca/subca_cert_sha1_1024_1024.pem \
+ -CAcreateserial -sha1 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 1024 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_512.pem \
+ -CAkey root/root_key_512.pem -out subca/subca_cert_sha1_1024_512.pem \
+ -CAcreateserial -sha1 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 512 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/subca_req_512.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \
+ -CAkey root/root_key_1024.pem -out subca/subca_cert_sha1_512_1024.pem \
+ -CAcreateserial -sha1 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 512 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/subca_req_512.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_512.pem \
+ -CAkey root/root_key_512.pem -out subca/subca_cert_sha1_512_512.pem \
+ -CAcreateserial -sha1 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ # MD2withRSA 1024 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_1024.pem \
+ -CAkey root/root_key_1024.pem -out subca/subca_cert_md2_1024_1024.pem \
+ -CAcreateserial -md2 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ # MD2withRSA 1024 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/subca_req_1024.pem -extfile openssl.cnf \
+ -extensions cert_issuer -CA root/root_cert_sha1_512.pem \
+ -CAkey root/root_key_512.pem -out subca/subca_cert_md2_1024_512.pem \
+ -CAcreateserial -md2 \
+ -CAserial root/root_cert.srl -days 7200 -passin pass:passphrase
+
+ openssl req -newkey rsa:1024 -keyout subca/subca_crlissuer_key.pem \
+ -out subca/subca_crlissuer_req.pem -subj "/C=US/O=Example/OU=Class-1" \
+ -days 7650 -passin pass:passphrase -passout pass:passphrase
+
+ openssl x509 -req -in subca/subca_crlissuer_req.pem -extfile openssl.cnf \
+ -extensions crl_issuer -CA root/root_cert_sha1_1024.pem \
+ -CAkey root/root_key_1024.pem -out subca/subca_crlissuer_cert.pem \
+ -CAcreateserial -CAserial root/root_cert.srl -days 7200 \
+ -passin pass:passphrase
+
+ touch subca/finished
+fi
+
+
+# generate certifiacte for Alice
+if [ ! -f subca/alice/finished ]; then
+ if [ ! -d subca/alice ]; then
+ mkdir -p subca/alice
+ fi
+
+ # RSA 1024
+ ${OPENSSL} req -newkey rsa:1024 -keyout subca/alice/alice_key_1024.pem \
+ -out subca/alice/alice_req_1024.pem \
+ -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ # RSA 512
+ ${OPENSSL} req -newkey rsa:512 -keyout subca/alice/alice_key_512.pem \
+ -out subca/alice/alice_req_512.pem \
+ -subj "/C=US/O=Example/OU=Class-1/CN=Alice" -days 7650 \
+ -passin pass:passphrase -passout pass:passphrase
+
+ # SHA1withRSA 1024 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_1024_1024.pem \
+ -CAkey subca/subca_key_1024.pem \
+ -out subca/alice/alice_cert_sha1_1024_1024.pem -CAcreateserial -sha1 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 1024 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_512_1024.pem \
+ -CAkey subca/subca_key_512.pem \
+ -out subca/alice/alice_cert_sha1_1024_512.pem -CAcreateserial -sha1 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 512 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_512.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_1024_1024.pem \
+ -CAkey subca/subca_key_1024.pem \
+ -out subca/alice/alice_cert_sha1_512_1024.pem -CAcreateserial -sha1 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ # SHA1withRSA 512 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_512.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_512_1024.pem \
+ -CAkey subca/subca_key_512.pem \
+ -out subca/alice/alice_cert_sha1_512_512.pem -CAcreateserial -sha1 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ # MD2withRSA 1024 signed with RSA 1024
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_1024_1024.pem \
+ -CAkey subca/subca_key_1024.pem \
+ -out subca/alice/alice_cert_md2_1024_1024.pem -CAcreateserial -md2 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ # MD2withRSA 1024 signed with RSA 512
+ ${OPENSSL} x509 -req -in subca/alice/alice_req_1024.pem \
+ -extfile openssl.cnf -extensions ee_of_subca \
+ -CA subca/subca_cert_sha1_512_1024.pem \
+ -CAkey subca/subca_key_512.pem \
+ -out subca/alice/alice_cert_md2_1024_512.pem -CAcreateserial -md2 \
+ -CAserial subca/subca_cert.srl -days 7200 -passin pass:passphrase
+
+ touch subca/alice/finished
+fi
+
+if [ ! -f root/revoked ]; then
+ if [ ! -d root ]; then
+ mkdir root
+ fi
+
+ if [ ! -f root/index.txt ]; then
+ touch root/index.txt
+ echo 00 > root/crlnumber
+ fi
+
+ openssl ca -gencrl -config openssl.cnf -name ca_top -crldays 7000 -md sha1 \
+ -crl_reason superseded -keyfile root/root_crlissuer_key.pem \
+ -cert root/root_crlissuer_cert.pem -out root/top_crl.pem \
+ -passin pass:passphrase
+
+ touch root/revoked
+fi
+
+if [ ! -f subca/revoked ]; then
+ if [ ! -d subca ]; then
+ mkdir subca
+ fi
+
+ if [ ! -f subca/index.txt ]; then
+ touch subca/index.txt
+ echo 00 > subca/crlnumber
+ fi
+
+ # revoke alice's SHA1withRSA 1024 signed with RSA 1024
+ openssl ca -revoke subca/alice/alice_cert_sha1_1024_1024.pem \
+ -config openssl.cnf \
+ -name ca_subca -crl_reason superseded \
+ -keyfile subca/subca_crlissuer_key.pem \
+ -cert subca/subca_crlissuer_cert.pem -passin pass:passphrase
+
+ openssl ca -gencrl -config openssl.cnf \
+ -name ca_subca -crldays 7000 -md md2 \
+ -crl_reason superseded -keyfile subca/subca_crlissuer_key.pem \
+ -cert subca/subca_crlissuer_cert.pem \
+ -out subca/subca_crl.pem \
+ -passin pass:passphrase
+
+ touch subca/revoked
+fi
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/provider/certpath/DisabledAlgorithms/openssl.cnf Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,206 @@
+#
+# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation. Sun designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Sun in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+# CA 95054 USA or visit www.sun.com if you need additional information or
+# have any questions.
+#
+
+#
+# OpenSSL configuration file.
+#
+
+HOME = .
+RANDFILE = $ENV::HOME/.rnd
+
+[ ca ]
+default_ca = CA_default
+
+[ CA_default ]
+dir = ./top
+certs = $dir/certs
+crl_dir = $dir/crl
+database = $dir/index.txt
+unique_subject = no
+new_certs_dir = $dir/newcerts
+certificate = $dir/cacert.pem
+serial = $dir/serial
+crlnumber = $dir/crlnumber
+crl = $dir/crl.pem
+private_key = $dir/private/cakey.pem
+RANDFILE = $dir/private/.rand
+x509_extensions = v3_ca
+
+name_opt = ca_default
+cert_opt = ca_default
+
+default_days = 7650
+default_crl_days = 30
+default_md = sha1
+preserve = no
+
+policy = policy_anything
+
+[ ca_top ]
+dir = ./root
+certs = $dir/certs
+crl_dir = $dir/crl
+database = $dir/index.txt
+unique_subject = no
+new_certs_dir = $dir/newcerts
+certificate = $dir/cacert.pem
+serial = $dir/serial
+crlnumber = $dir/crlnumber
+crl = $dir/crl.pem
+private_key = $dir/private/cakey.pem
+RANDFILE = $dir/private/.rand
+
+x509_extensions = v3_ca
+
+name_opt = ca_default
+cert_opt = ca_default
+
+default_days = 7650
+default_crl_days = 30
+default_md = sha1
+preserve = no
+
+policy = policy_anything
+
+[ ca_subca ]
+dir = ./subca
+certs = $dir/certs
+crl_dir = $dir/crl
+database = $dir/index.txt
+unique_subject = no
+new_certs_dir = $dir/newcerts
+
+certificate = $dir/cacert.pem
+serial = $dir/serial
+crlnumber = $dir/crlnumber
+crl = $dir/crl.pem
+private_key = $dir/private/cakey.pem
+RANDFILE = $dir/private/.rand
+
+x509_extensions = usr_cert
+
+name_opt = ca_default
+cert_opt = ca_default
+
+default_days = 7650
+default_crl_days = 30
+default_md = sha1
+preserve = no
+
+policy = policy_anything
+
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+[ req ]
+default_bits = 1024
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+x509_extensions = v3_ca
+
+string_mask = nombstr
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = NO
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = A-State
+
+localityName = Locality Name (eg, city)
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = Internet Widgits Pty Ltd
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+
+commonName = Common Name (eg, YOUR name)
+commonName_max = 64
+
+emailAddress = Email Address
+emailAddress_max = 64
+
+[ req_attributes ]
+challengePassword = A challenge password
+challengePassword_min = 4
+challengePassword_max = 20
+unstructuredName = An optional company name
+
+
+[ usr_cert ]
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
+
+[ v3_req ]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = email:example@openjdk.net, RID:1.2.3.4:true
+
+[ v3_ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+basicConstraints = critical,CA:true
+keyUsage = keyCertSign
+
+[ cert_issuer ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+basicConstraints = critical,CA:true
+keyUsage = keyCertSign
+
+
+[ crl_issuer ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+keyUsage = cRLSign
+
+
+[ crl_ext ]
+authorityKeyIdentifier = keyid:always,issuer:always
+
+[ ee_of_subca ]
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment, keyAgreement
+
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/util/DerValue/BadValue.java Wed Oct 07 08:38:43 2009 -0700
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6864911
+ * @summary ASN.1/DER input stream parser needs more work
+ */
+
+import java.io.*;
+import sun.security.util.*;
+import sun.misc.IOUtils;
+
+public class BadValue {
+
+ public static void main(String[] args) throws Exception {
+
+ // Test IOUtils.readFully
+
+ // We have 4 bytes
+ InputStream in = new ByteArrayInputStream(new byte[10]);
+ byte[] bs = IOUtils.readFully(in, 4, true);
+ if (bs.length != 4 || in.available() != 6) {
+ throw new Exception("First read error");
+ }
+ // But only 6 left
+ bs = IOUtils.readFully(in, 10, false);
+ if (bs.length != 6 || in.available() != 0) {
+ throw new Exception("Second read error");
+ }
+ // MAX read as much as it can
+ in = new ByteArrayInputStream(new byte[10]);
+ bs = IOUtils.readFully(in, Integer.MAX_VALUE, true);
+ if (bs.length != 10 || in.available() != 0) {
+ throw new Exception("Second read error");
+ }
+ // MAX ignore readAll
+ in = new ByteArrayInputStream(new byte[10]);
+ bs = IOUtils.readFully(in, Integer.MAX_VALUE, false);
+ if (bs.length != 10 || in.available() != 0) {
+ throw new Exception("Second read error");
+ }
+ // 20>10, readAll means failure
+ in = new ByteArrayInputStream(new byte[10]);
+ try {
+ bs = IOUtils.readFully(in, 20, true);
+ throw new Exception("Third read error");
+ } catch (EOFException e) {
+ // OK
+ }
+ int bignum = 10 * 1024 * 1024;
+ bs = IOUtils.readFully(new SuperSlowStream(bignum), -1, true);
+ if (bs.length != bignum) {
+ throw new Exception("Fourth read error");
+ }
+
+ // Test DerValue
+ byte[] input = {0x04, (byte)0x84, 0x40, 0x00, 0x42, 0x46, 0x4b};
+ try {
+ new DerValue(new ByteArrayInputStream(input));
+ } catch (IOException ioe) {
+ // This is OK
+ }
+ }
+}
+
+/**
+ * An InputStream contains a given number of bytes, but only returns one byte
+ * per read.
+ */
+class SuperSlowStream extends InputStream {
+ private int p;
+ /**
+ * @param Initial capacity
+ */
+ public SuperSlowStream(int capacity) {
+ p = capacity;
+ }
+ @Override
+ public int read() throws IOException {
+ if (p > 0) {
+ p--;
+ return 0;
+ } else {
+ return -1;
+ }
+ }
+ @Override
+ public int read(byte b[], int off, int len) throws IOException {
+ if (len == 0) return 0;
+ if (p > 0) {
+ p--;
+ b[off] = 0;
+ return 1;
+ } else {
+ return -1;
+ }
+ }
+}