--- a/jdk/src/java.base/share/classes/java/security/AlgorithmParameterGenerator.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/AlgorithmParameterGenerator.java	Mon Oct 31 14:09:42 2016 -0700
@@ -26,6 +26,7 @@
 package java.security;
 
 import java.security.spec.AlgorithmParameterSpec;
+import java.util.Objects;
 
 /**
  * The {@code AlgorithmParameterGenerator} class is used to generate a
@@ -153,16 +154,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @return the new AlgorithmParameterGenerator object.
+     * @return the new {@code AlgorithmParameterGenerator} object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports an
-     *          AlgorithmParameterGeneratorSpi implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports an
+     *         {@code AlgorithmParameterGeneratorSpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
     public static AlgorithmParameterGenerator getInstance(String algorithm)
         throws NoSuchAlgorithmException {
+            Objects.requireNonNull(algorithm, "null algorithm name");
             try {
                 Object[] objs = Security.getImpl(algorithm,
                                                  "AlgorithmParameterGenerator",
@@ -197,17 +201,20 @@
      *
      * @param provider the string name of the Provider.
      *
-     * @return the new AlgorithmParameterGenerator object.
+     * @return the new {@code AlgorithmParameterGenerator} object
      *
-     * @exception NoSuchAlgorithmException if an AlgorithmParameterGeneratorSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchAlgorithmException if an
+     *         {@code AlgorithmParameterGeneratorSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception IllegalArgumentException if the provider name is null
-     *          or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
@@ -215,6 +222,7 @@
                                                           String provider)
         throws NoSuchAlgorithmException, NoSuchProviderException
     {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (provider == null || provider.length() == 0)
             throw new IllegalArgumentException("missing provider");
         Object[] objs = Security.getImpl(algorithm,
@@ -241,15 +249,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @param provider the Provider object.
+     * @param provider the {@code Provider} object.
      *
-     * @return the new AlgorithmParameterGenerator object.
+     * @return the new {@code AlgorithmParameterGenerator} object
+     *
+     * @throws IllegalArgumentException if the specified provider is
+     *         {@code null}
      *
-     * @exception NoSuchAlgorithmException if an AlgorithmParameterGeneratorSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if an
+     *         {@code AlgorithmParameterGeneratorSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the specified provider is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -259,6 +271,7 @@
                                                           Provider provider)
         throws NoSuchAlgorithmException
     {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (provider == null)
             throw new IllegalArgumentException("missing provider");
         Object[] objs = Security.getImpl(algorithm,

--- a/jdk/src/java.base/share/classes/java/security/AlgorithmParameters.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/AlgorithmParameters.java	Mon Oct 31 14:09:42 2016 -0700
@@ -28,6 +28,7 @@
 import java.io.*;
 import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.InvalidParameterSpecException;
+import java.util.Objects;
 
 /**
  * This class is used as an opaque representation of cryptographic parameters.
@@ -140,16 +141,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @return the new parameter object.
+     * @return the new parameter object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports an
-     *          AlgorithmParametersSpi implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports an
+     *         {@code AlgorithmParametersSpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
     public static AlgorithmParameters getInstance(String algorithm)
     throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         try {
             Object[] objs = Security.getImpl(algorithm, "AlgorithmParameters",
                                              (String)null);
@@ -184,17 +188,19 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new parameter object.
+     * @return the new parameter object
      *
-     * @exception NoSuchAlgorithmException if an AlgorithmParametersSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchAlgorithmException if an {@code AlgorithmParametersSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception IllegalArgumentException if the provider name is null
-     *          or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
@@ -202,6 +208,7 @@
                                                   String provider)
         throws NoSuchAlgorithmException, NoSuchProviderException
     {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (provider == null || provider.length() == 0)
             throw new IllegalArgumentException("missing provider");
         Object[] objs = Security.getImpl(algorithm, "AlgorithmParameters",
@@ -231,13 +238,16 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new parameter object.
+     * @return the new parameter object
+     *
+     * @throws IllegalArgumentException if the provider is {@code null}
      *
-     * @exception NoSuchAlgorithmException if an AlgorithmParameterGeneratorSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if an
+     *         {@code AlgorithmParameterGeneratorSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the provider is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -247,6 +257,7 @@
                                                   Provider provider)
         throws NoSuchAlgorithmException
     {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (provider == null)
             throw new IllegalArgumentException("missing provider");
         Object[] objs = Security.getImpl(algorithm, "AlgorithmParameters",

--- a/jdk/src/java.base/share/classes/java/security/KeyFactory.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/KeyFactory.java	Mon Oct 31 14:09:42 2016 -0700
@@ -167,16 +167,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @return the new KeyFactory object.
+     * @return the new {@code KeyFactory} object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          KeyFactorySpi implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code KeyFactorySpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
     public static KeyFactory getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         return new KeyFactory(algorithm);
     }
 
@@ -200,22 +203,25 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new KeyFactory object.
+     * @return the new {@code KeyFactory} object
      *
-     * @exception NoSuchAlgorithmException if a KeyFactorySpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchAlgorithmException if a {@code KeyFactorySpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception IllegalArgumentException if the provider name is null
-     *          or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
     public static KeyFactory getInstance(String algorithm, String provider)
             throws NoSuchAlgorithmException, NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("KeyFactory",
             KeyFactorySpi.class, algorithm, provider);
         return new KeyFactory((KeyFactorySpi)instance.impl,
@@ -239,13 +245,16 @@
      *
      * @param provider the provider.
      *
-     * @return the new KeyFactory object.
+     * @return the new {@code KeyFactory} object
+     *
+     * @throws IllegalArgumentException if the specified provider is
+     *         {@code null}
      *
-     * @exception NoSuchAlgorithmException if a KeyFactorySpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code KeyFactorySpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the specified provider is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -253,6 +262,7 @@
      */
     public static KeyFactory getInstance(String algorithm, Provider provider)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("KeyFactory",
             KeyFactorySpi.class, algorithm, provider);
         return new KeyFactory((KeyFactorySpi)instance.impl,

--- a/jdk/src/java.base/share/classes/java/security/KeyPairGenerator.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/KeyPairGenerator.java	Mon Oct 31 14:09:42 2016 -0700
@@ -209,16 +209,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @return the new KeyPairGenerator object.
+     * @return the new {@code KeyPairGenerator} object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          KeyPairGeneratorSpi implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code KeyPairGeneratorSpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
     public static KeyPairGenerator getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         List<Service> list =
                 GetInstance.getServices("KeyPairGenerator", algorithm);
         Iterator<Service> t = list.iterator();
@@ -267,23 +270,26 @@
      *
      * @param provider the string name of the provider.
      *
-     * @return the new KeyPairGenerator object.
+     * @return the new {@code KeyPairGenerator} object
      *
-     * @exception NoSuchAlgorithmException if a KeyPairGeneratorSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchAlgorithmException if a {@code KeyPairGeneratorSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception IllegalArgumentException if the provider name is null
-     *          or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
     public static KeyPairGenerator getInstance(String algorithm,
             String provider)
             throws NoSuchAlgorithmException, NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("KeyPairGenerator",
                 KeyPairGeneratorSpi.class, algorithm, provider);
         return getInstance(instance, algorithm);
@@ -306,13 +312,16 @@
      *
      * @param provider the provider.
      *
-     * @return the new KeyPairGenerator object.
+     * @return the new {@code KeyPairGenerator} object
+     *
+     * @throws IllegalArgumentException if the specified provider is
+     *         {@code null}
      *
-     * @exception NoSuchAlgorithmException if a KeyPairGeneratorSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code KeyPairGeneratorSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the specified provider is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -320,6 +329,7 @@
      */
     public static KeyPairGenerator getInstance(String algorithm,
             Provider provider) throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("KeyPairGenerator",
                 KeyPairGeneratorSpi.class, algorithm, provider);
         return getInstance(instance, algorithm);

--- a/jdk/src/java.base/share/classes/java/security/KeyStore.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/KeyStore.java	Mon Oct 31 14:09:42 2016 -0700
@@ -26,7 +26,6 @@
 package java.security;
 
 import java.io.*;
-import java.net.URI;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
 import java.security.cert.CertificateException;
@@ -855,17 +854,20 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard keystore types.
      *
-     * @return a keystore object of the specified type.
+     * @return a keystore object of the specified type
      *
-     * @exception KeyStoreException if no Provider supports a
-     *          KeyStoreSpi implementation for the
-     *          specified type.
+     * @throws KeyStoreException if no {@code Provider} supports a
+     *         {@code KeyStoreSpi} implementation for the
+     *         specified type
+     *
+     * @throws NullPointerException if {@code type} is {@code null}
      *
      * @see Provider
      */
     public static KeyStore getInstance(String type)
         throws KeyStoreException
     {
+        Objects.requireNonNull(type, "null type name");
         try {
             Object[] objs = Security.getImpl(type, "KeyStore", (String)null);
             return new KeyStore((KeyStoreSpi)objs[0], (Provider)objs[1], type);
@@ -895,23 +897,26 @@
      *
      * @param provider the name of the provider.
      *
-     * @return a keystore object of the specified type.
+     * @return a keystore object of the specified type
      *
-     * @exception KeyStoreException if a KeyStoreSpi
-     *          implementation for the specified type is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws KeyStoreException if a {@code KeyStoreSpi}
+     *         implementation for the specified type is not
+     *         available from the specified provider
      *
-     * @exception IllegalArgumentException if the provider name is null
-     *          or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
+     *
+     * @throws NullPointerException if {@code type} is {@code null}
      *
      * @see Provider
      */
     public static KeyStore getInstance(String type, String provider)
         throws KeyStoreException, NoSuchProviderException
     {
+        Objects.requireNonNull(type, "null type name");
         if (provider == null || provider.length() == 0)
             throw new IllegalArgumentException("missing provider");
         try {
@@ -938,13 +943,16 @@
      *
      * @param provider the provider.
      *
-     * @return a keystore object of the specified type.
+     * @return a keystore object of the specified type
+     *
+     * @throws IllegalArgumentException if the specified provider is
+     *         {@code null}
      *
-     * @exception KeyStoreException if KeyStoreSpi
-     *          implementation for the specified type is not available
-     *          from the specified Provider object.
+     * @throws KeyStoreException if {@code KeyStoreSpi}
+     *         implementation for the specified type is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the specified provider is null.
+     * @throws NullPointerException if {@code type} is {@code null}
      *
      * @see Provider
      *
@@ -953,6 +961,7 @@
     public static KeyStore getInstance(String type, Provider provider)
         throws KeyStoreException
     {
+        Objects.requireNonNull(type, "null type name");
         if (provider == null)
             throw new IllegalArgumentException("missing provider");
         try {

--- a/jdk/src/java.base/share/classes/java/security/MessageDigest.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/MessageDigest.java	Mon Oct 31 14:09:42 2016 -0700
@@ -26,13 +26,8 @@
 package java.security;
 
 import java.util.*;
-import java.lang.*;
-import java.io.IOException;
 import java.io.ByteArrayOutputStream;
 import java.io.PrintStream;
-import java.io.InputStream;
-import java.io.ByteArrayInputStream;
-import java.security.InvalidKeyException;
 import java.nio.ByteBuffer;
 
 import sun.security.util.Debug;
@@ -163,16 +158,20 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @return a Message Digest object that implements the specified algorithm.
+     * @return a {@code MessageDigest} object that implements the
+     *         specified algorithm
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          MessageDigestSpi implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code MessageDigestSpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
     public static MessageDigest getInstance(String algorithm)
     throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         try {
             MessageDigest md;
             Object[] objs = Security.getImpl(algorithm, "MessageDigest",
@@ -216,23 +215,27 @@
      *
      * @param provider the name of the provider.
      *
-     * @return a MessageDigest object that implements the specified algorithm.
+     * @return a {@code MessageDigest} object that implements the
+     *         specified algorithm
      *
-     * @exception NoSuchAlgorithmException if a MessageDigestSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchAlgorithmException if a {@code MessageDigestSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception IllegalArgumentException if the provider name is null
-     *          or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
     public static MessageDigest getInstance(String algorithm, String provider)
         throws NoSuchAlgorithmException, NoSuchProviderException
     {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (provider == null || provider.length() == 0)
             throw new IllegalArgumentException("missing provider");
         Object[] objs = Security.getImpl(algorithm, "MessageDigest", provider);
@@ -265,13 +268,17 @@
      *
      * @param provider the provider.
      *
-     * @return a MessageDigest object that implements the specified algorithm.
+     * @return a {@code MessageDigest} object that implements the
+     *         specified algorithm
+     *
+     * @throws IllegalArgumentException if the specified provider is
+     *         {@code null}
      *
-     * @exception NoSuchAlgorithmException if a MessageDigestSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code MessageDigestSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the specified provider is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -281,6 +288,7 @@
                                             Provider provider)
         throws NoSuchAlgorithmException
     {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (provider == null)
             throw new IllegalArgumentException("missing provider");
         Object[] objs = Security.getImpl(algorithm, "MessageDigest", provider);

--- a/jdk/src/java.base/share/classes/java/security/Policy.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/Policy.java	Mon Oct 31 14:09:42 2016 -0700
@@ -29,6 +29,7 @@
 import java.util.Enumeration;
 import java.util.WeakHashMap;
 import java.util.concurrent.atomic.AtomicReference;
+import java.util.Objects;
 import sun.security.jca.GetInstance;
 import sun.security.util.Debug;
 import sun.security.util.SecurityConstants;
@@ -372,26 +373,26 @@
      *
      * @param params parameters for the Policy, which may be null.
      *
-     * @return the new Policy object.
+     * @return the new {@code Policy} object
      *
-     * @exception SecurityException if the caller does not have permission
-     *          to get a Policy instance for the specified type.
-     *
-     * @exception NullPointerException if the specified type is null.
+     * @throws IllegalArgumentException if the specified parameters
+     *         are not understood by the {@code PolicySpi} implementation
+     *         from the selected {@code Provider}
      *
-     * @exception IllegalArgumentException if the specified parameters
-     *          are not understood by the PolicySpi implementation
-     *          from the selected Provider.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports
+     *         a {@code PolicySpi} implementation for the specified type
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a PolicySpi
-     *          implementation for the specified type.
+     * @throws NullPointerException if {@code type} is {@code null}
+     *
+     * @throws SecurityException if the caller does not have permission
+     *         to get a {@code Policy} instance for the specified type.
      *
      * @see Provider
      * @since 1.6
      */
     public static Policy getInstance(String type, Policy.Parameters params)
                 throws NoSuchAlgorithmException {
-
+        Objects.requireNonNull(type, "null type name");
         checkPermission(type);
         try {
             GetInstance.Instance instance = GetInstance.getInstance("Policy",
@@ -428,23 +429,24 @@
      *
      * @param provider the provider.
      *
-     * @return the new Policy object.
+     * @return the new {@code Policy} object
      *
-     * @exception SecurityException if the caller does not have permission
-     *          to get a Policy instance for the specified type.
-     *
-     * @exception NullPointerException if the specified type is null.
+     * @throws IllegalArgumentException if the specified provider
+     *         is {@code null} or empty, or if the specified parameters are
+     *         not understood by the {@code PolicySpi} implementation from
+     *         the specified provider
      *
-     * @exception IllegalArgumentException if the specified provider
-     *          is null or empty,
-     *          or if the specified parameters are not understood by
-     *          the PolicySpi implementation from the specified provider.
+     * @throws NoSuchAlgorithmException if the specified provider does not
+     *         support a {@code PolicySpi} implementation for the specified
+     *         type
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
      *
-     * @exception NoSuchAlgorithmException if the specified provider does not
-     *          support a PolicySpi implementation for the specified type.
+     * @throws NullPointerException if {@code type} is {@code null}
+     *
+     * @throws SecurityException if the caller does not have permission
+     *         to get a {@code Policy} instance for the specified type
      *
      * @see Provider
      * @since 1.6
@@ -454,6 +456,7 @@
                                 String provider)
                 throws NoSuchProviderException, NoSuchAlgorithmException {
 
+        Objects.requireNonNull(type, "null type name");
         if (provider == null || provider.length() == 0) {
             throw new IllegalArgumentException("missing provider");
         }
@@ -492,19 +495,21 @@
      *
      * @param provider the Provider.
      *
-     * @return the new Policy object.
+     * @return the new {@code Policy} object
      *
-     * @exception SecurityException if the caller does not have permission
-     *          to get a Policy instance for the specified type.
-     *
-     * @exception NullPointerException if the specified type is null.
+     * @throws IllegalArgumentException if the specified {@code Provider}
+     *         is {@code null}, or if the specified parameters are not
+     *         understood by the {@code PolicySpi} implementation from the
+     *         specified {@code Provider}
      *
-     * @exception IllegalArgumentException if the specified Provider is null,
-     *          or if the specified parameters are not understood by
-     *          the PolicySpi implementation from the specified Provider.
+     * @throws NoSuchAlgorithmException if the specified {@code Provider}
+     *         does not support a {@code PolicySpi} implementation for
+     *         the specified type
      *
-     * @exception NoSuchAlgorithmException if the specified Provider does not
-     *          support a PolicySpi implementation for the specified type.
+     * @throws NullPointerException if {@code type} is {@code null}
+     *
+     * @throws SecurityException if the caller does not have permission
+     *         to get a {@code Policy} instance for the specified type
      *
      * @see Provider
      * @since 1.6
@@ -514,6 +519,7 @@
                                 Provider provider)
                 throws NoSuchAlgorithmException {
 
+        Objects.requireNonNull(type, "null type name");
         if (provider == null) {
             throw new IllegalArgumentException("missing provider");
         }

--- a/jdk/src/java.base/share/classes/java/security/SecureRandom.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/SecureRandom.java	Mon Oct 31 14:09:42 2016 -0700
@@ -303,11 +303,13 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard RNG algorithm names.
      *
-     * @return the new {@code SecureRandom} object.
+     * @return the new {@code SecureRandom} object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          {@code SecureRandomSpi} implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code SecureRandomSpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -315,6 +317,7 @@
      */
     public static SecureRandom getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("SecureRandom",
                 SecureRandomSpi.class, algorithm);
         return new SecureRandom((SecureRandomSpi)instance.impl,
@@ -341,17 +344,19 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new {@code SecureRandom} object.
+     * @return the new {@code SecureRandom} object
+     *
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty
      *
      * @throws NoSuchAlgorithmException if a {@code SecureRandomSpi}
      *         implementation for the specified algorithm is not
-     *         available from the specified provider.
+     *         available from the specified provider
      *
      * @throws NoSuchProviderException if the specified provider is not
-     *         registered in the security provider list.
+     *         registered in the security provider list
      *
-     * @throws IllegalArgumentException if the provider name is null
-     *         or empty.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -359,6 +364,7 @@
      */
     public static SecureRandom getInstance(String algorithm, String provider)
             throws NoSuchAlgorithmException, NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("SecureRandom",
             SecureRandomSpi.class, algorithm, provider);
         return new SecureRandom((SecureRandomSpi)instance.impl,
@@ -382,13 +388,16 @@
      *
      * @param provider the provider.
      *
-     * @return the new {@code SecureRandom} object.
+     * @return the new {@code SecureRandom} object
+     *
+     * @throws IllegalArgumentException if the specified provider is
+     *         {@code null}
      *
      * @throws NoSuchAlgorithmException if a {@code SecureRandomSpi}
      *         implementation for the specified algorithm is not available
-     *         from the specified {@code Provider} object.
+     *         from the specified {@code Provider} object
      *
-     * @throws IllegalArgumentException if the specified provider is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -396,6 +405,7 @@
      */
     public static SecureRandom getInstance(String algorithm,
             Provider provider) throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("SecureRandom",
             SecureRandomSpi.class, algorithm, provider);
         return new SecureRandom((SecureRandomSpi)instance.impl,
@@ -433,13 +443,16 @@
      * @param params the {@code SecureRandomParameters}
      *               the newly created {@code SecureRandom} object must support.
      *
-     * @return the new {@code SecureRandom} object.
+     * @return the new {@code SecureRandom} object
+     *
+     * @throws IllegalArgumentException if the specified params is
+     *         {@code null}
      *
      * @throws NoSuchAlgorithmException if no Provider supports a
      *         {@code SecureRandomSpi} implementation for the specified
-     *         algorithm and parameters.
+     *         algorithm and parameters
      *
-     * @throws IllegalArgumentException if the specified params is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -448,6 +461,7 @@
     public static SecureRandom getInstance(
             String algorithm, SecureRandomParameters params)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (params == null) {
             throw new IllegalArgumentException("params cannot be null");
         }
@@ -481,17 +495,19 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new {@code SecureRandom} object.
+     * @return the new {@code SecureRandom} object
+     *
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty, or params is {@code null}
      *
      * @throws NoSuchAlgorithmException if the specified provider does not
      *         support a {@code SecureRandomSpi} implementation for the
-     *         specified algorithm and parameters.
+     *         specified algorithm and parameters
      *
      * @throws NoSuchProviderException if the specified provider is not
-     *         registered in the security provider list.
+     *         registered in the security provider list
      *
-     * @throws IllegalArgumentException if the provider name is null
-     *         or empty, or params is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -500,6 +516,7 @@
     public static SecureRandom getInstance(String algorithm,
             SecureRandomParameters params, String provider)
             throws NoSuchAlgorithmException, NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (params == null) {
             throw new IllegalArgumentException("params cannot be null");
         }
@@ -531,14 +548,16 @@
      *
      * @param provider the provider.
      *
-     * @return the new {@code SecureRandom} object.
+     * @return the new {@code SecureRandom} object
+     *
+     * @throws IllegalArgumentException if the specified provider or params
+     *         is {@code null}
      *
      * @throws NoSuchAlgorithmException if the specified provider does not
      *         support a {@code SecureRandomSpi} implementation for the
-     *         specified algorithm and parameters.
+     *         specified algorithm and parameters
      *
-     * @throws IllegalArgumentException if the specified provider or params
-     *         is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -547,6 +566,7 @@
     public static SecureRandom getInstance(String algorithm,
             SecureRandomParameters params, Provider provider)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (params == null) {
             throw new IllegalArgumentException("params cannot be null");
         }

--- a/jdk/src/java.base/share/classes/java/security/Signature.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/Signature.java	Mon Oct 31 14:09:42 2016 -0700
@@ -213,16 +213,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @return the new Signature object.
+     * @return the new {@code Signature} object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          Signature implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code Signature} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
     public static Signature getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         List<Service> list;
         if (algorithm.equalsIgnoreCase(RSA_SIGNATURE)) {
             list = GetInstance.getServices(rsaIds);
@@ -335,22 +338,25 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new Signature object.
+     * @return the new {@code Signature} object
      *
-     * @exception NoSuchAlgorithmException if a SignatureSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchAlgorithmException if a {@code SignatureSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception IllegalArgumentException if the provider name is null
-     *          or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      */
     public static Signature getInstance(String algorithm, String provider)
             throws NoSuchAlgorithmException, NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (algorithm.equalsIgnoreCase(RSA_SIGNATURE)) {
             // exception compatibility with existing code
             if ((provider == null) || (provider.length() == 0)) {
@@ -385,13 +391,15 @@
      *
      * @param provider the provider.
      *
-     * @return the new Signature object.
+     * @return the new {@code Signature} object
+     *
+     * @throws IllegalArgumentException if the provider is {@code null}
      *
-     * @exception NoSuchAlgorithmException if a SignatureSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code SignatureSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the provider is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see Provider
      *
@@ -399,6 +407,7 @@
      */
     public static Signature getInstance(String algorithm, Provider provider)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         if (algorithm.equalsIgnoreCase(RSA_SIGNATURE)) {
             // exception compatibility with existing code
             if (provider == null) {

--- a/jdk/src/java.base/share/classes/java/security/cert/CertPathBuilder.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/cert/CertPathBuilder.java	Mon Oct 31 14:09:42 2016 -0700
@@ -32,7 +32,7 @@
 import java.security.PrivilegedAction;
 import java.security.Provider;
 import java.security.Security;
-import sun.security.util.Debug;
+import java.util.Objects;
 
 import sun.security.jca.*;
 import sun.security.jca.GetInstance.Instance;
@@ -157,16 +157,19 @@
      * for information about standard algorithm names.
      *
      * @return a {@code CertPathBuilder} object that implements the
-     *          specified algorithm.
+     *         specified algorithm
      *
-     * @throws NoSuchAlgorithmException if no Provider supports a
-     *          CertPathBuilderSpi implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code CertPathBuilderSpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static CertPathBuilder getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("CertPathBuilder",
             CertPathBuilderSpi.class, algorithm);
         return new CertPathBuilder((CertPathBuilderSpi)instance.impl,
@@ -194,22 +197,25 @@
      * @param provider the name of the provider.
      *
      * @return a {@code CertPathBuilder} object that implements the
-     *          specified algorithm.
+     *         specified algorithm
      *
-     * @throws NoSuchAlgorithmException if a CertPathBuilderSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the {@code provider} is
+     *         {@code null} or empty
+     *
+     * @throws NoSuchAlgorithmException if a {@code CertPathBuilderSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
      * @throws NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     *         registered in the security provider list
      *
-     * @exception IllegalArgumentException if the {@code provider} is
-     *          null or empty.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static CertPathBuilder getInstance(String algorithm, String provider)
            throws NoSuchAlgorithmException, NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("CertPathBuilder",
             CertPathBuilderSpi.class, algorithm, provider);
         return new CertPathBuilder((CertPathBuilderSpi)instance.impl,
@@ -234,19 +240,22 @@
      * @param provider the provider.
      *
      * @return a {@code CertPathBuilder} object that implements the
-     *          specified algorithm.
+     *         specified algorithm
+     *
+     * @throws IllegalArgumentException if the {@code provider} is
+     *         {@code null}
      *
-     * @exception NoSuchAlgorithmException if a CertPathBuilderSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code CertPathBuilderSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the {@code provider} is
-     *          null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static CertPathBuilder getInstance(String algorithm,
             Provider provider) throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("CertPathBuilder",
             CertPathBuilderSpi.class, algorithm, provider);
         return new CertPathBuilder((CertPathBuilderSpi)instance.impl,

--- a/jdk/src/java.base/share/classes/java/security/cert/CertPathValidator.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/cert/CertPathValidator.java	Mon Oct 31 14:09:42 2016 -0700
@@ -32,7 +32,7 @@
 import java.security.PrivilegedAction;
 import java.security.Provider;
 import java.security.Security;
-import sun.security.util.Debug;
+import java.util.Objects;
 
 import sun.security.jca.*;
 import sun.security.jca.GetInstance.Instance;
@@ -158,16 +158,19 @@
      * for information about standard algorithm names.
      *
      * @return a {@code CertPathValidator} object that implements the
-     *          specified algorithm.
+     *         specified algorithm
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          CertPathValidatorSpi implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code CertPathValidatorSpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static CertPathValidator getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("CertPathValidator",
             CertPathValidatorSpi.class, algorithm);
         return new CertPathValidator((CertPathValidatorSpi)instance.impl,
@@ -195,23 +198,26 @@
      * @param provider the name of the provider.
      *
      * @return a {@code CertPathValidator} object that implements the
-     *          specified algorithm.
+     *         specified algorithm
      *
-     * @exception NoSuchAlgorithmException if a CertPathValidatorSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the {@code provider} is
+     *         {@code null} or empty
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchAlgorithmException if a {@code CertPathValidatorSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception IllegalArgumentException if the {@code provider} is
-     *          null or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static CertPathValidator getInstance(String algorithm,
             String provider) throws NoSuchAlgorithmException,
             NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("CertPathValidator",
             CertPathValidatorSpi.class, algorithm, provider);
         return new CertPathValidator((CertPathValidatorSpi)instance.impl,
@@ -236,19 +242,22 @@
      * @param provider the provider.
      *
      * @return a {@code CertPathValidator} object that implements the
-     *          specified algorithm.
+     *          specified algorithm
+     *
+     * @throws IllegalArgumentException if the {@code provider} is
+     *         {@code null}
      *
-     * @exception NoSuchAlgorithmException if a CertPathValidatorSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code CertPathValidatorSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified Provider object
      *
-     * @exception IllegalArgumentException if the {@code provider} is
-     *          null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static CertPathValidator getInstance(String algorithm,
             Provider provider) throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = GetInstance.getInstance("CertPathValidator",
             CertPathValidatorSpi.class, algorithm, provider);
         return new CertPathValidator((CertPathValidatorSpi)instance.impl,

--- a/jdk/src/java.base/share/classes/java/security/cert/CertStore.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/cert/CertStore.java	Mon Oct 31 14:09:42 2016 -0700
@@ -33,6 +33,7 @@
 import java.security.Provider;
 import java.security.Security;
 import java.util.Collection;
+import java.util.Objects;
 
 import sun.security.jca.*;
 import sun.security.jca.GetInstance.Instance;
@@ -218,20 +219,23 @@
      * @param params the initialization parameters (may be {@code null}).
      *
      * @return a {@code CertStore} object that implements the specified
-     *          {@code CertStore} type.
-     *
-     * @throws NoSuchAlgorithmException if no Provider supports a
-     *          CertStoreSpi implementation for the specified type.
+     *          {@code CertStore} type
      *
      * @throws InvalidAlgorithmParameterException if the specified
-     *          initialization parameters are inappropriate for this
-     *          {@code CertStore}.
+     *         initialization parameters are inappropriate for this
+     *         {@code CertStore}
+     *
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code CertStoreSpi} implementation for the specified type
+     *
+     * @throws NullPointerException if {@code type} is {@code null}
      *
      * @see java.security.Provider
      */
     public static CertStore getInstance(String type, CertStoreParameters params)
             throws InvalidAlgorithmParameterException,
             NoSuchAlgorithmException {
+        Objects.requireNonNull(type, "null type name");
         try {
             Instance instance = GetInstance.getInstance("CertStore",
                 CertStoreSpi.class, type, params);
@@ -243,7 +247,8 @@
     }
 
     private static CertStore handleException(NoSuchAlgorithmException e)
-            throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
+            throws NoSuchAlgorithmException,
+            InvalidAlgorithmParameterException {
         Throwable cause = e.getCause();
         if (cause instanceof InvalidAlgorithmParameterException) {
             throw (InvalidAlgorithmParameterException)cause;
@@ -280,21 +285,23 @@
      * @param provider the name of the provider.
      *
      * @return a {@code CertStore} object that implements the
-     *          specified type.
+     *          specified type
      *
-     * @throws NoSuchAlgorithmException if a CertStoreSpi
-     *          implementation for the specified type is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the {@code provider} is
+     *         {@code null} or empty
      *
      * @throws InvalidAlgorithmParameterException if the specified
-     *          initialization parameters are inappropriate for this
-     *          {@code CertStore}.
+     *         initialization parameters are inappropriate for this
+     *         {@code CertStore}
+     *
+     * @throws NoSuchAlgorithmException if a {@code CertStoreSpi}
+     *         implementation for the specified type is not
+     *         available from the specified provider
      *
      * @throws NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     *         registered in the security provider list
      *
-     * @exception IllegalArgumentException if the {@code provider} is
-     *          null or empty.
+     * @throws NullPointerException if {@code type} is {@code null}
      *
      * @see java.security.Provider
      */
@@ -302,6 +309,7 @@
             CertStoreParameters params, String provider)
             throws InvalidAlgorithmParameterException,
             NoSuchAlgorithmException, NoSuchProviderException {
+        Objects.requireNonNull(type, "null type name");
         try {
             Instance instance = GetInstance.getInstance("CertStore",
                 CertStoreSpi.class, type, params, provider);
@@ -338,24 +346,27 @@
      * @param provider the provider.
      *
      * @return a {@code CertStore} object that implements the
-     *          specified type.
+     *          specified type
      *
-     * @exception NoSuchAlgorithmException if a CertStoreSpi
-     *          implementation for the specified type is not available
-     *          from the specified Provider object.
+     * @throws IllegalArgumentException if the {@code provider} is
+     *         null
      *
      * @throws InvalidAlgorithmParameterException if the specified
-     *          initialization parameters are inappropriate for this
-     *          {@code CertStore}
+     *         initialization parameters are inappropriate for this
+     *         {@code CertStore}
      *
-     * @exception IllegalArgumentException if the {@code provider} is
-     *          null.
+     * @throws NoSuchAlgorithmException if a {@code CertStoreSpi}
+     *         implementation for the specified type is not available
+     *         from the specified Provider object
+     *
+     * @throws NullPointerException if {@code type} is {@code null}
      *
      * @see java.security.Provider
      */
     public static CertStore getInstance(String type, CertStoreParameters params,
             Provider provider) throws NoSuchAlgorithmException,
             InvalidAlgorithmParameterException {
+        Objects.requireNonNull(type, "null type name");
         try {
             Instance instance = GetInstance.getInstance("CertStore",
                 CertStoreSpi.class, type, params, provider);

--- a/jdk/src/java.base/share/classes/java/security/cert/CertificateFactory.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/java/security/cert/CertificateFactory.java	Mon Oct 31 14:09:42 2016 -0700
@@ -29,10 +29,9 @@
 import java.util.Collection;
 import java.util.Iterator;
 import java.util.List;
+import java.util.Objects;
 import java.security.Provider;
 import java.security.Security;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 
@@ -177,16 +176,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard certificate types.
      *
-     * @return a certificate factory object for the specified type.
+     * @return a certificate factory object for the specified type
      *
-     * @exception CertificateException if no Provider supports a
-     *          CertificateFactorySpi implementation for the
-     *          specified type.
+     * @throws CertificateException if no {@code Provider} supports a
+     *         {@code CertificateFactorySpi} implementation for the
+     *         specified type
+     *
+     * @throws NullPointerException if {@code type} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final CertificateFactory getInstance(String type)
             throws CertificateException {
+        Objects.requireNonNull(type, "null type name");
         try {
             Instance instance = GetInstance.getInstance("CertificateFactory",
                 CertificateFactorySpi.class, type);
@@ -217,23 +219,26 @@
      *
      * @param provider the name of the provider.
      *
-     * @return a certificate factory object for the specified type.
+     * @return a certificate factory object for the specified type
      *
-     * @exception CertificateException if a CertificateFactorySpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws CertificateException if a {@code CertificateFactorySpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty
      *
-     * @exception IllegalArgumentException if the provider name is null
-     *          or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
+     *
+     * @throws NullPointerException if {@code type} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final CertificateFactory getInstance(String type,
             String provider) throws CertificateException,
             NoSuchProviderException {
+        Objects.requireNonNull(type, "null type name");
         try {
             Instance instance = GetInstance.getInstance("CertificateFactory",
                 CertificateFactorySpi.class, type, provider);
@@ -260,14 +265,16 @@
      * for information about standard certificate types.
      * @param provider the provider.
      *
-     * @return a certificate factory object for the specified type.
+     * @return a certificate factory object for the specified type
      *
-     * @exception CertificateException if a CertificateFactorySpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws CertificateException if a {@code CertificateFactorySpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the {@code provider} is
-     *          null.
+     * @throws IllegalArgumentException if the {@code provider} is
+     *         {@code null}
+     *
+     * @throws NullPointerException if {@code type} is {@code null}
      *
      * @see java.security.Provider
      *
@@ -275,6 +282,7 @@
      */
     public static final CertificateFactory getInstance(String type,
             Provider provider) throws CertificateException {
+        Objects.requireNonNull(type, "null type name");
         try {
             Instance instance = GetInstance.getInstance("CertificateFactory",
                 CertificateFactorySpi.class, type, provider);

--- a/jdk/src/java.base/share/classes/javax/crypto/Cipher.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/javax/crypto/Cipher.java	Mon Oct 31 14:09:42 2016 -0700
@@ -493,21 +493,24 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard transformation names.
      *
-     * @return a cipher that implements the requested transformation.
+     * @return a cipher that implements the requested transformation
      *
-     * @exception NoSuchAlgorithmException if {@code transformation}
-     *          is null, empty, in an invalid format,
-     *          or if no Provider supports a CipherSpi implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if {@code transformation}
+     *         is {@code null}, empty, in an invalid format,
+     *         or if no {@code Provider} supports a {@code CipherSpi}
+     *         implementation for the specified algorithm
      *
-     * @exception NoSuchPaddingException if {@code transformation}
-     *          contains a padding scheme that is not available.
+     * @throws NoSuchPaddingException if {@code transformation}
+     *         contains a padding scheme that is not available
      *
      * @see java.security.Provider
      */
     public static final Cipher getInstance(String transformation)
             throws NoSuchAlgorithmException, NoSuchPaddingException
     {
+        if ((transformation == null) || transformation.equals("")) {
+            throw new NoSuchAlgorithmException("Null or empty transformation");
+        }
         List<Transform> transforms = getTransforms(transformation);
         List<ServiceId> cipherServices = new ArrayList<>(transforms.size());
         for (Transform transform : transforms) {
@@ -570,21 +573,22 @@
      *
      * @param provider the name of the provider.
      *
-     * @return a cipher that implements the requested transformation.
+     * @return a cipher that implements the requested transformation
      *
-     * @exception NoSuchAlgorithmException if {@code transformation}
-     *          is null, empty, in an invalid format,
-     *          or if a CipherSpi implementation for the specified algorithm
-     *          is not available from the specified provider.
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is {@code null} or empty
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchAlgorithmException if {@code transformation}
+     *         is {@code null}, empty, in an invalid format,
+     *         or if a {@code CipherSpi} implementation for the
+     *         specified algorithm is not available from the specified
+     *         provider
      *
-     * @exception NoSuchPaddingException if {@code transformation}
-     *          contains a padding scheme that is not available.
+     * @throws NoSuchPaddingException if {@code transformation}
+     *         contains a padding scheme that is not available
      *
-     * @exception IllegalArgumentException if the {@code provider}
-     *          is null or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
      *
      * @see java.security.Provider
      */
@@ -593,6 +597,9 @@
             throws NoSuchAlgorithmException, NoSuchProviderException,
             NoSuchPaddingException
     {
+        if ((transformation == null) || transformation.equals("")) {
+            throw new NoSuchAlgorithmException("Null or empty transformation");
+        }
         if ((provider == null) || (provider.length() == 0)) {
             throw new IllegalArgumentException("Missing provider");
         }
@@ -622,18 +629,19 @@
      *
      * @param provider the provider.
      *
-     * @return a cipher that implements the requested transformation.
+     * @return a cipher that implements the requested transformation
+     *
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is {@code null}
      *
-     * @exception NoSuchAlgorithmException if {@code transformation}
-     *          is null, empty, in an invalid format,
-     *          or if a CipherSpi implementation for the specified algorithm
-     *          is not available from the specified Provider object.
+     * @throws NoSuchAlgorithmException if {@code transformation}
+     *         is {@code null}, empty, in an invalid format,
+     *         or if a {@code CipherSpi} implementation for the
+     *         specified algorithm is not available from the specified
+     *         {@code Provider} object
      *
-     * @exception NoSuchPaddingException if {@code transformation}
-     *          contains a padding scheme that is not available.
-     *
-     * @exception IllegalArgumentException if the {@code provider}
-     *          is null.
+     * @throws NoSuchPaddingException if {@code transformation}
+     *         contains a padding scheme that is not available
      *
      * @see java.security.Provider
      */
@@ -641,6 +649,9 @@
                                            Provider provider)
             throws NoSuchAlgorithmException, NoSuchPaddingException
     {
+        if ((transformation == null) || transformation.equals("")) {
+            throw new NoSuchAlgorithmException("Null or empty transformation");
+        }
         if (provider == null) {
             throw new IllegalArgumentException("Missing provider");
         }

--- a/jdk/src/java.base/share/classes/javax/crypto/ExemptionMechanism.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/javax/crypto/ExemptionMechanism.java	Mon Oct 31 14:09:42 2016 -0700
@@ -34,6 +34,7 @@
 import java.security.InvalidKeyException;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.spec.AlgorithmParameterSpec;
+import java.util.Objects;
 
 import sun.security.jca.GetInstance.Instance;
 
@@ -128,19 +129,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard exemption mechanism names.
      *
-     * @return the new <code>ExemptionMechanism</code> object.
+     * @return the new {@code ExemptionMechanism} object
      *
-     * @exception NullPointerException if <code>algorithm</code>
-     *          is null.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports an
+     *         {@code ExemptionMechanismSpi} implementation for the
+     *         specified algorithm
      *
-     * @exception NoSuchAlgorithmException if no Provider supports an
-     *          ExemptionMechanismSpi implementation for the
-     *          specified algorithm.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final ExemptionMechanism getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance("ExemptionMechanism",
                 ExemptionMechanismSpi.class, algorithm);
         return new ExemptionMechanism((ExemptionMechanismSpi)instance.impl,
@@ -169,26 +170,26 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new <code>ExemptionMechanism</code> object.
+     * @return the new {@code ExemptionMechanism} object
      *
-     * @exception NullPointerException if <code>algorithm</code>
-     *          is null.
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is {@code null} or empty
      *
-     * @exception NoSuchAlgorithmException if an ExemptionMechanismSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws NoSuchAlgorithmException if an {@code ExemptionMechanismSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
      *
-     * @exception IllegalArgumentException if the <code>provider</code>
-     *          is null or empty.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final ExemptionMechanism getInstance(String algorithm,
             String provider) throws NoSuchAlgorithmException,
             NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance("ExemptionMechanism",
                 ExemptionMechanismSpi.class, algorithm, provider);
         return new ExemptionMechanism((ExemptionMechanismSpi)instance.impl,
@@ -213,22 +214,22 @@
      *
      * @param provider the provider.
      *
-     * @return the new <code>ExemptionMechanism</code> object.
+     * @return the new {@code ExemptionMechanism} object
      *
-     * @exception NullPointerException if <code>algorithm</code>
-     *          is null.
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is null
      *
-     * @exception NoSuchAlgorithmException if an ExemptionMechanismSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if an {@code ExemptionMechanismSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider object}
      *
-     * @exception IllegalArgumentException if the <code>provider</code>
-     *          is null.
+     * @exception NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final ExemptionMechanism getInstance(String algorithm,
             Provider provider) throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance("ExemptionMechanism",
                 ExemptionMechanismSpi.class, algorithm, provider);
         return new ExemptionMechanism((ExemptionMechanismSpi)instance.impl,

--- a/jdk/src/java.base/share/classes/javax/crypto/KeyAgreement.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/javax/crypto/KeyAgreement.java	Mon Oct 31 14:09:42 2016 -0700
@@ -165,19 +165,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @return the new {@code KeyAgreement} object.
+     * @return the new {@code KeyAgreement} object
      *
-     * @exception NullPointerException if the specified algorithm
-     *          is null.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code KeyAgreementSpi} implementation for the
+     *         specified algorithm
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          KeyAgreementSpi implementation for the
-     *          specified algorithm.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final KeyAgreement getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         List<Service> services =
                 GetInstance.getServices("KeyAgreement", algorithm);
         // make sure there is at least one service from a signed provider
@@ -214,26 +214,26 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new {@code KeyAgreement} object.
+     * @return the new {@code KeyAgreement} object
      *
-     * @exception NullPointerException if the specified algorithm
-     *          is null.
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is {@code null} or empty
      *
-     * @exception NoSuchAlgorithmException if a KeyAgreementSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws NoSuchAlgorithmException if a {@code KeyAgreementSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
      *
-     * @exception IllegalArgumentException if the {@code provider}
-     *          is null or empty.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final KeyAgreement getInstance(String algorithm,
             String provider) throws NoSuchAlgorithmException,
             NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance
                 ("KeyAgreement", KeyAgreementSpi.class, algorithm, provider);
         return new KeyAgreement((KeyAgreementSpi)instance.impl,
@@ -258,22 +258,22 @@
      *
      * @param provider the provider.
      *
-     * @return the new {@code KeyAgreement} object.
+     * @return the new {@code KeyAgreement} object
      *
-     * @exception NullPointerException if the specified algorithm
-     *          is null.
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is {@code null}
      *
-     * @exception NoSuchAlgorithmException if a KeyAgreementSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code KeyAgreementSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified Provider object
      *
-     * @exception IllegalArgumentException if the {@code provider}
-     *          is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final KeyAgreement getInstance(String algorithm,
             Provider provider) throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance
                 ("KeyAgreement", KeyAgreementSpi.class, algorithm, provider);
         return new KeyAgreement((KeyAgreementSpi)instance.impl,

--- a/jdk/src/java.base/share/classes/javax/crypto/KeyGenerator.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/javax/crypto/KeyGenerator.java	Mon Oct 31 14:09:42 2016 -0700
@@ -216,18 +216,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @return the new {@code KeyGenerator} object.
-     *
-     * @exception NullPointerException if the specified algorithm is null.
+     * @return the new {@code KeyGenerator} object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          KeyGeneratorSpi implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code KeyGeneratorSpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final KeyGenerator getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         return new KeyGenerator(algorithm);
     }
 
@@ -251,25 +252,26 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new {@code KeyGenerator} object.
+     * @return the new {@code KeyGenerator} object
      *
-     * @exception NullPointerException if the specified algorithm is null.
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is {@code null} or empty
      *
-     * @exception NoSuchAlgorithmException if a KeyGeneratorSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws NoSuchAlgorithmException if a {@code KeyGeneratorSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
      *
-     * @exception IllegalArgumentException if the {@code provider}
-     *          is null or empty.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final KeyGenerator getInstance(String algorithm,
             String provider) throws NoSuchAlgorithmException,
             NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance("KeyGenerator",
                 KeyGeneratorSpi.class, algorithm, provider);
         return new KeyGenerator((KeyGeneratorSpi)instance.impl,
@@ -293,21 +295,22 @@
      *
      * @param provider the provider.
      *
-     * @return the new {@code KeyGenerator} object.
+     * @return the new {@code KeyGenerator} object
      *
-     * @exception NullPointerException if the specified algorithm is null.
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is {@code null}
      *
-     * @exception NoSuchAlgorithmException if a KeyGeneratorSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code KeyGeneratorSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the {@code provider}
-     *          is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final KeyGenerator getInstance(String algorithm,
             Provider provider) throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance("KeyGenerator",
                 KeyGeneratorSpi.class, algorithm, provider);
         return new KeyGenerator((KeyGeneratorSpi)instance.impl,

--- a/jdk/src/java.base/share/classes/javax/crypto/Mac.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/javax/crypto/Mac.java	Mon Oct 31 14:09:42 2016 -0700
@@ -166,16 +166,18 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @return the new {@code Mac} object.
+     * @return the new {@code Mac} object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          MacSpi implementation for the
-     *          specified algorithm.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code MacSpi} implementation for the specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final Mac getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         List<Service> services = GetInstance.getServices("Mac", algorithm);
         // make sure there is at least one service from a signed provider
         Iterator<Service> t = services.iterator();
@@ -210,22 +212,25 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new {@code Mac} object.
+     * @return the new {@code Mac} object
      *
-     * @exception NoSuchAlgorithmException if a MacSpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is {@code null} or empty
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchAlgorithmException if a {@code MacSpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
-     * @exception IllegalArgumentException if the {@code provider}
-     *          is null or empty.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final Mac getInstance(String algorithm, String provider)
             throws NoSuchAlgorithmException, NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance
                 ("Mac", MacSpi.class, algorithm, provider);
         return new Mac((MacSpi)instance.impl, instance.provider, algorithm);
@@ -248,19 +253,22 @@
      *
      * @param provider the provider.
      *
-     * @return the new {@code Mac} object.
+     * @return the new {@code Mac} object
+     *
+     * @throws IllegalArgumentException if the {@code provider} is
+     *         {@code null}
      *
-     * @exception NoSuchAlgorithmException if a MacSpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code MacSpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the {@code provider}
-     *          is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final Mac getInstance(String algorithm, Provider provider)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance
                 ("Mac", MacSpi.class, algorithm, provider);
         return new Mac((MacSpi)instance.impl, instance.provider, algorithm);

--- a/jdk/src/java.base/share/classes/javax/crypto/SecretKeyFactory.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/javax/crypto/SecretKeyFactory.java	Mon Oct 31 14:09:42 2016 -0700
@@ -152,19 +152,19 @@
      * Java Cryptography Architecture Standard Algorithm Name Documentation</a>
      * for information about standard algorithm names.
      *
-     * @return the new {@code SecretKeyFactory} object.
+     * @return the new {@code SecretKeyFactory} object
      *
-     * @exception NullPointerException if the specified algorithm
-     *          is null.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code SecretKeyFactorySpi} implementation for the
+     *         specified algorithm
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          SecretKeyFactorySpi implementation for the
-     *          specified algorithm.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final SecretKeyFactory getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         return new SecretKeyFactory(algorithm);
     }
 
@@ -189,26 +189,26 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new {@code SecretKeyFactory} object.
+     * @return the new {@code SecretKeyFactory} object
      *
-     * @exception NoSuchAlgorithmException if a SecretKeyFactorySpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is {@code null} or empty
      *
-     * @exception NullPointerException if the specified algorithm
-     *          is null.
+     * @throws NoSuchAlgorithmException if a {@code SecretKeyFactorySpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
      * @throws NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     *         registered in the security provider list
      *
-     * @exception IllegalArgumentException if the {@code provider}
-     *          is null or empty.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final SecretKeyFactory getInstance(String algorithm,
             String provider) throws NoSuchAlgorithmException,
             NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance("SecretKeyFactory",
                 SecretKeyFactorySpi.class, algorithm, provider);
         return new SecretKeyFactory((SecretKeyFactorySpi)instance.impl,
@@ -233,22 +233,22 @@
      *
      * @param provider the provider.
      *
-     * @return the new {@code SecretKeyFactory} object.
+     * @return the new {@code SecretKeyFactory} object
      *
-     * @exception NullPointerException if the specified algorithm
-     * is null.
+     * @throws IllegalArgumentException if the {@code provider}
+     *         is {@code null}
      *
-     * @exception NoSuchAlgorithmException if a SecretKeyFactorySpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code SecretKeyFactorySpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @exception IllegalArgumentException if the {@code provider}
-     *          is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final SecretKeyFactory getInstance(String algorithm,
             Provider provider) throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         Instance instance = JceSecurity.getInstance("SecretKeyFactory",
                 SecretKeyFactorySpi.class, algorithm, provider);
         return new SecretKeyFactory((SecretKeyFactorySpi)instance.impl,

--- a/jdk/src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java	Mon Oct 31 14:09:42 2016 -0700
@@ -27,6 +27,7 @@
 
 import java.security.Security;
 import java.security.*;
+import java.util.Objects;
 
 import sun.security.jca.GetInstance;
 
@@ -130,17 +131,19 @@
      *          Java Secure Socket Extension Reference Guide </a>
      *          for information about standard algorithm names.
      *
-     * @return the new <code>KeyManagerFactory</code> object.
+     * @return the new {@code KeyManagerFactory} object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          KeyManagerFactorySpi implementation for the
-     *          specified algorithm.
-     * @exception NullPointerException if <code>algorithm</code> is null.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code KeyManagerFactorySpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final KeyManagerFactory getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         GetInstance.Instance instance = GetInstance.getInstance
                 ("KeyManagerFactory", KeyManagerFactorySpi.class,
                 algorithm);
@@ -168,23 +171,26 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new <code>KeyManagerFactory</code> object.
+     * @return the new {@code KeyManagerFactory} object
      *
-     * @throws NoSuchAlgorithmException if a KeyManagerFactorySpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the provider name is {@code null}
+     *         or empty
+     *
+     * @throws NoSuchAlgorithmException if a {@code KeyManagerFactorySpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
      * @throws NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     *         registered in the security provider list
      *
-     * @throws IllegalArgumentException if the provider name is null or empty.
-     * @throws NullPointerException if <code>algorithm</code> is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final KeyManagerFactory getInstance(String algorithm,
             String provider) throws NoSuchAlgorithmException,
             NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         GetInstance.Instance instance = GetInstance.getInstance
                 ("KeyManagerFactory", KeyManagerFactorySpi.class,
                 algorithm, provider);
@@ -209,19 +215,21 @@
      *
      * @param provider an instance of the provider.
      *
-     * @return the new <code>KeyManagerFactory</code> object.
+     * @return the new {@code KeyManagerFactory} object
+     *
+     * @throws IllegalArgumentException if provider is {@code null}
      *
-     * @throws NoSuchAlgorithmException if a KeyManagerFactorySpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code @KeyManagerFactorySpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified Provider object
      *
-     * @throws IllegalArgumentException if provider is null.
-     * @throws NullPointerException if <code>algorithm</code> is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final KeyManagerFactory getInstance(String algorithm,
             Provider provider) throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         GetInstance.Instance instance = GetInstance.getInstance
                 ("KeyManagerFactory", KeyManagerFactorySpi.class,
                 algorithm, provider);

--- a/jdk/src/java.base/share/classes/javax/net/ssl/SSLContext.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/javax/net/ssl/SSLContext.java	Mon Oct 31 14:09:42 2016 -0700
@@ -26,6 +26,7 @@
 package javax.net.ssl;
 
 import java.security.*;
+import java.util.Objects;
 
 import sun.security.jca.GetInstance;
 
@@ -151,17 +152,19 @@
      *          Documentation</a>
      *          for information about standard protocol names.
      *
-     * @return the new {@code SSLContext} object.
+     * @return the new {@code SSLContext} object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          SSLContextSpi implementation for the
-     *          specified protocol.
-     * @exception NullPointerException if protocol is null.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code SSLContextSpi} implementation for the
+     *         specified protocol
+     *
+     * @throws NullPointerException if {@code protocol} is {@code null}
      *
      * @see java.security.Provider
      */
     public static SSLContext getInstance(String protocol)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(protocol, "null protocol name");
         GetInstance.Instance instance = GetInstance.getInstance
                 ("SSLContext", SSLContextSpi.class, protocol);
         return new SSLContext((SSLContextSpi)instance.impl, instance.provider,
@@ -189,22 +192,25 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new {@code SSLContext} object.
+     * @return the new {@code SSLContext} object
      *
-     * @throws NoSuchAlgorithmException if a SSLContextSpi
-     *          implementation for the specified protocol is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the provider name is
+     *         {@code null} or empty
+     *
+     * @throws NoSuchAlgorithmException if a {@code SSLContextSpi}
+     *         implementation for the specified protocol is not
+     *         available from the specified provider
      *
      * @throws NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     *         registered in the security provider list
      *
-     * @throws IllegalArgumentException if the provider name is null or empty.
-     * @throws NullPointerException if protocol is null.
+     * @throws NullPointerException if {@code protocol} is {@code null}
      *
      * @see java.security.Provider
      */
     public static SSLContext getInstance(String protocol, String provider)
             throws NoSuchAlgorithmException, NoSuchProviderException {
+        Objects.requireNonNull(protocol, "null protocol name");
         GetInstance.Instance instance = GetInstance.getInstance
                 ("SSLContext", SSLContextSpi.class, protocol, provider);
         return new SSLContext((SSLContextSpi)instance.impl, instance.provider,
@@ -229,19 +235,21 @@
      *
      * @param provider an instance of the provider.
      *
-     * @return the new {@code SSLContext} object.
+     * @return the new {@code SSLContext} object
+     *
+     * @throws IllegalArgumentException if the provider is {@code null}
      *
-     * @throws NoSuchAlgorithmException if a SSLContextSpi
-     *          implementation for the specified protocol is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code SSLContextSpi}
+     *         implementation for the specified protocol is not available
+     *         from the specified {@code Provider} object
      *
-     * @throws IllegalArgumentException if the provider is null.
-     * @throws NullPointerException if protocol is null.
+     * @throws NullPointerException if {@code protocol} is {@code null}
      *
      * @see java.security.Provider
      */
     public static SSLContext getInstance(String protocol, Provider provider)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(protocol, "null protocol name");
         GetInstance.Instance instance = GetInstance.getInstance
                 ("SSLContext", SSLContextSpi.class, protocol, provider);
         return new SSLContext((SSLContextSpi)instance.impl, instance.provider,

--- a/jdk/src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java	Mon Oct 31 14:09:42 2016 -0700
@@ -27,6 +27,7 @@
 
 import java.security.Security;
 import java.security.*;
+import java.util.Objects;
 
 import sun.security.jca.GetInstance;
 
@@ -144,17 +145,19 @@
      *          Java Secure Socket Extension Reference Guide </a>
      *          for information about standard algorithm names.
      *
-     * @return the new <code>TrustManagerFactory</code> object.
+     * @return the new {@code TrustManagerFactory} object
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          TrustManagerFactorySpi implementation for the
-     *          specified algorithm.
-     * @exception NullPointerException if algorithm is null.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code TrustManagerFactorySpi} implementation for the
+     *         specified algorithm
+     *
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final TrustManagerFactory getInstance(String algorithm)
             throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         GetInstance.Instance instance = GetInstance.getInstance
                 ("TrustManagerFactory", TrustManagerFactorySpi.class,
                 algorithm);
@@ -182,23 +185,26 @@
      *
      * @param provider the name of the provider.
      *
-     * @return the new <code>TrustManagerFactory</code> object
+     * @return the new {@code TrustManagerFactory} object
      *
-     * @throws NoSuchAlgorithmException if a TrustManagerFactorySpi
-     *          implementation for the specified algorithm is not
-     *          available from the specified provider.
+     * @throws IllegalArgumentException if the provider name is
+     *         {@code null} or empty
+     *
+     * @throws NoSuchAlgorithmException if a {@code TrustManagerFactorySpi}
+     *         implementation for the specified algorithm is not
+     *         available from the specified provider
      *
      * @throws NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     *         registered in the security provider list
      *
-     * @throws IllegalArgumentException if the provider name is null or empty.
-     * @throws NullPointerException if algorithm is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final TrustManagerFactory getInstance(String algorithm,
             String provider) throws NoSuchAlgorithmException,
             NoSuchProviderException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         GetInstance.Instance instance = GetInstance.getInstance
                 ("TrustManagerFactory", TrustManagerFactorySpi.class,
                 algorithm, provider);
@@ -223,19 +229,21 @@
      *
      * @param provider an instance of the provider.
      *
-     * @return the new <code>TrustManagerFactory</code> object.
+     * @return the new {@code TrustManagerFactory} object
+     *
+     * @throws IllegalArgumentException if the provider is {@code null}
      *
-     * @throws NoSuchAlgorithmException if a TrustManagerFactorySpi
-     *          implementation for the specified algorithm is not available
-     *          from the specified Provider object.
+     * @throws NoSuchAlgorithmException if a {@code TrustManagerFactorySpi}
+     *         implementation for the specified algorithm is not available
+     *         from the specified {@code Provider} object
      *
-     * @throws IllegalArgumentException if the provider is null.
-     * @throws NullPointerException if algorithm is null.
+     * @throws NullPointerException if {@code algorithm} is {@code null}
      *
      * @see java.security.Provider
      */
     public static final TrustManagerFactory getInstance(String algorithm,
             Provider provider) throws NoSuchAlgorithmException {
+        Objects.requireNonNull(algorithm, "null algorithm name");
         GetInstance.Instance instance = GetInstance.getInstance
                 ("TrustManagerFactory", TrustManagerFactorySpi.class,
                 algorithm, provider);

--- a/jdk/src/java.base/share/classes/javax/security/auth/login/Configuration.java	Mon Oct 31 13:57:28 2016 -0400
+++ b/jdk/src/java.base/share/classes/javax/security/auth/login/Configuration.java	Mon Oct 31 14:09:42 2016 -0700
@@ -329,27 +329,29 @@
      *
      * @param params parameters for the Configuration, which may be null.
      *
-     * @return the new Configuration object.
+     * @return the new {@code Configuration} object
      *
-     * @exception SecurityException if the caller does not have permission
-     *          to get a Configuration instance for the specified type.
-     *
-     * @exception NullPointerException if the specified type is null.
+     * @throws IllegalArgumentException if the specified parameters
+     *         are not understood by the {@code ConfigurationSpi}
+     *         implementation from the selected {@code Provider}
      *
-     * @exception IllegalArgumentException if the specified parameters
-     *          are not understood by the ConfigurationSpi implementation
-     *          from the selected Provider.
+     * @throws NoSuchAlgorithmException if no {@code Provider} supports a
+     *         {@code ConfigurationSpi} implementation for the specified type
      *
-     * @exception NoSuchAlgorithmException if no Provider supports a
-     *          ConfigurationSpi implementation for the specified type.
+     * @throws NullPointerException if {@code type} is {@code null}
+     *
+     * @throws SecurityException if the caller does not have permission
+     *         to get a {@code Configuration} instance for the specified type
      *
      * @see Provider
+     *
      * @since 1.6
      */
     public static Configuration getInstance(String type,
                                 Configuration.Parameters params)
                 throws NoSuchAlgorithmException {
 
+        Objects.requireNonNull(type, "null type name");
         checkPermission(type);
         try {
             GetInstance.Instance instance = GetInstance.getInstance
@@ -387,24 +389,24 @@
      *
      * @param provider the provider.
      *
-     * @return the new Configuration object.
+     * @return the new {@code Configuration} object
      *
-     * @exception SecurityException if the caller does not have permission
-     *          to get a Configuration instance for the specified type.
-     *
-     * @exception NullPointerException if the specified type is null.
+     * @throws IllegalArgumentException if the specified provider
+     *         is {@code null} or empty, or if the specified parameters
+     *         are not understood by the {@code ConfigurationSpi}
+     *         implementation from the specified provider
      *
-     * @exception IllegalArgumentException if the specified provider
-     *          is null or empty,
-     *          or if the specified parameters are not understood by
-     *          the ConfigurationSpi implementation from the specified provider.
+     * @throws NoSuchProviderException if the specified provider is not
+     *         registered in the security provider list
      *
-     * @exception NoSuchProviderException if the specified provider is not
-     *          registered in the security provider list.
+     * @throws NoSuchAlgorithmException if the specified provider does not
+     *         support a {@code ConfigurationSpi} implementation for the
+     *         specified type
      *
-     * @exception NoSuchAlgorithmException if the specified provider does not
-     *          support a ConfigurationSpi implementation for the specified
-     *          type.
+     * @throws NullPointerException if {@code type} is {@code null}
+     *
+     * @throws SecurityException if the caller does not have permission
+     *         to get a {@code Configuration} instance for the specified type
      *
      * @see Provider
      * @since 1.6
@@ -414,6 +416,7 @@
                                 String provider)
                 throws NoSuchProviderException, NoSuchAlgorithmException {
 
+        Objects.requireNonNull(type, "null type name");
         if (provider == null || provider.length() == 0) {
             throw new IllegalArgumentException("missing provider");
         }
@@ -453,20 +456,21 @@
      *
      * @param provider the Provider.
      *
-     * @return the new Configuration object.
+     * @return the new {@code Configuration} object
      *
-     * @exception SecurityException if the caller does not have permission
-     *          to get a Configuration instance for the specified type.
-     *
-     * @exception NullPointerException if the specified type is null.
+     * @throws IllegalArgumentException if the specified {@code Provider}
+     *         is {@code null}, or if the specified parameters are not
+     *         understood by the {@code ConfigurationSpi} implementation
+     *         from the specified Provider
      *
-     * @exception IllegalArgumentException if the specified Provider is null,
-     *          or if the specified parameters are not understood by
-     *          the ConfigurationSpi implementation from the specified Provider.
+     * @throws NoSuchAlgorithmException if the specified {@code Provider}
+     *         does not support a {@code ConfigurationSpi} implementation
+     *         for the specified type
      *
-     * @exception NoSuchAlgorithmException if the specified Provider does not
-     *          support a ConfigurationSpi implementation for the specified
-     *          type.
+     * @throws NullPointerException if {@code type} is {@code null}
+     *
+     * @throws SecurityException if the caller does not have permission
+     *         to get a {@code Configuration} instance for the specified type
      *
      * @see Provider
      * @since 1.6
@@ -476,6 +480,7 @@
                                 Provider provider)
                 throws NoSuchAlgorithmException {
 
+        Objects.requireNonNull(type, "null type name");
         if (provider == null) {
             throw new IllegalArgumentException("missing provider");
         }

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/security/misc/GetInstanceNullsEmpties.java	Mon Oct 31 14:09:42 2016 -0700
@@ -0,0 +1,696 @@
+/*
+ * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.*;
+import java.security.cert.*;
+import javax.crypto.*;
+import javax.net.ssl.*;
+import javax.security.auth.login.*;
+import java.lang.reflect.*;
+import java.util.Arrays;
+
+/*
+ * @test
+ * @bug 4985694
+ * @summary Incomplete spec for most of the getInstances
+ */
+/**
+ * A simple test to see what is being thrown when null Strings are passed
+ * to the various getInstance() methods.
+ *
+ * These tests use various algorithm names that don't exist (e.g. "FOO"
+ * Ciphers). Just need something non-null for testing, as the tests will throw
+ * exceptions before trying to instantiate a real object.
+ */
+public class GetInstanceNullsEmpties {
+
+    private static final Provider SUN = Security.getProvider("SUN");
+
+    /*
+     * See if there are more than "expected" number of getInstance() methods,
+     * which will indicate to developers that this test needs an update.
+     */
+    private static void checkNewMethods(Class<?> clazz, int expected)
+            throws Exception {
+
+        long found = Arrays.stream(clazz.getMethods())
+                .filter(name -> name.getName().equals("getInstance"))
+                .count();
+
+        if (found != expected) {
+            throw new Exception("Number of getInstance() mismatch: "
+                    + expected + " expected, " + found + " found");
+        }
+    }
+
+    /**
+     * Main loop.
+     */
+    public static void main(String[] args) throws Exception {
+
+        /*
+         * JCA
+         */
+        testAlgorithmParameterGenerator();
+        testAlgorithmParameters();
+        testCertificateFactory();
+        testCertPathBuilder();
+        testCertPathValidator();
+        testCertStore();
+        testKeyFactory();
+        testKeyPairGenerator();
+        testKeyStore();
+        testMessageDigest();
+        testPolicy();
+        testSecureRandom();
+        testSignature();
+
+        /*
+         * JCE
+         */
+        testCipher();
+        testExemptionMechanism();
+        testKeyAgreement();
+        testKeyGenerator();
+        testMac();
+        testSecretKeyFactory();
+
+        /*
+         * JSSE
+         */
+        testKeyManagerFactory();
+        testSSLContext();
+        testTrustManagerFactory();
+
+        /*
+         * JGSS
+         *
+         * KeyTab.getInstance doesn't take algorithm names, so we'll
+         * ignore this one.
+         */
+        testConfiguration();
+
+        System.out.println("\nTEST PASSED!");
+    }
+
+    private static Method getInstance(Class clazz, Class... args)
+            throws Exception {
+        boolean firstPrinted = false;
+
+        System.out.print("\n" + clazz.getName() + "(");
+        for (Class c : args) {
+            System.out.print(firstPrinted
+                    ? ", " + c.getName() : c.getName());
+            firstPrinted = true;
+        }
+        System.out.println("):");
+
+        return clazz.getMethod("getInstance", args);
+    }
+
+    private static void run(Method m, Class expectedException,
+            Object... args) throws Exception {
+
+        try {
+            m.invoke(null, args);
+            throw new Exception("Didn't throw exception");
+        } catch (InvocationTargetException ite) {
+            Throwable root = ite.getCause();
+            if (root instanceof Exception) {
+                Exception e = (Exception) root;
+                if (expectedException.isInstance(e)) {
+                    System.out.print("OK ");
+                    return;
+                } else {
+                    System.out.println(
+                        "Unexpected InvocationTargetException!");
+                    throw e;
+                }
+            }
+            throw ite;
+        }
+    }
+
+    /*
+     * Constants so lines aren't so long.
+     */
+    private static final Class STRING = String.class;
+    private static final Class PROVIDER = Provider.class;
+
+    private static void testAlgorithmParameterGenerator() throws Exception {
+        Class clazz = AlgorithmParameterGenerator.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testAlgorithmParameters() throws Exception {
+        Class clazz = AlgorithmParameters.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testCertPathBuilder() throws Exception {
+        Class clazz = CertPathBuilder.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testCertPathValidator() throws Exception {
+        Class clazz = CertPathValidator.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testCertStore() throws Exception {
+        Class clazz = CertStore.class;
+        Method m;
+        CertStoreParameters csp = () -> null;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING, CertStoreParameters.class);
+        run(m, NullPointerException.class, (Object) null, csp);
+        run(m, NoSuchAlgorithmException.class, "", csp);
+
+        m = getInstance(clazz, STRING, CertStoreParameters.class, STRING);
+        run(m, NullPointerException.class, null, csp, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", csp, "SUN");
+        run(m, IllegalArgumentException.class, "FOO", csp, null);
+        run(m, IllegalArgumentException.class, "FOO", csp, "");
+
+        m = getInstance(clazz, STRING, CertStoreParameters.class, PROVIDER);
+        run(m, NullPointerException.class, null, csp, SUN);
+        run(m, NoSuchAlgorithmException.class, "", csp, SUN);
+        run(m, IllegalArgumentException.class, "FOO", csp, null);
+    }
+
+    private static void testCertificateFactory() throws Exception {
+        Class clazz = CertificateFactory.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, CertificateException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, CertificateException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, CertificateException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testCipher() throws Exception {
+        Class clazz = Cipher.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        /*
+         * Note the Cipher API is spec'd to throw a NoSuchAlgorithmException
+         * for a null transformation.
+         */
+        m = getInstance(clazz, STRING);
+        run(m, NoSuchAlgorithmException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NoSuchAlgorithmException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NoSuchAlgorithmException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testConfiguration() throws Exception {
+        Class clazz = Configuration.class;
+        Method m;
+        Configuration.Parameters cp = new Configuration.Parameters() {
+        };
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING, Configuration.Parameters.class);
+        run(m, NullPointerException.class, (Object) null, cp);
+        run(m, NoSuchAlgorithmException.class, "", cp);
+
+        m = getInstance(clazz, STRING, Configuration.Parameters.class, STRING);
+        run(m, NullPointerException.class, null, cp, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", cp, "SUN");
+        run(m, IllegalArgumentException.class, "FOO", cp, null);
+        run(m, IllegalArgumentException.class, "FOO", cp, "");
+
+        m = getInstance(clazz, STRING, Configuration.Parameters.class,
+                PROVIDER);
+        run(m, NullPointerException.class, null, cp, SUN);
+        run(m, NoSuchAlgorithmException.class, "", cp, SUN);
+        run(m, IllegalArgumentException.class, "FOO", cp, null);
+    }
+
+    private static void testExemptionMechanism() throws Exception {
+        Class clazz = ExemptionMechanism.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testKeyAgreement() throws Exception {
+        Class clazz = KeyAgreement.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testKeyFactory() throws Exception {
+        Class clazz = KeyFactory.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testKeyGenerator() throws Exception {
+        Class clazz = KeyGenerator.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testKeyManagerFactory() throws Exception {
+        Class clazz = KeyManagerFactory.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testKeyPairGenerator() throws Exception {
+        Class clazz = KeyPairGenerator.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testKeyStore() throws Exception {
+        Class clazz = KeyStore.class;
+        Method m;
+
+        /*
+         * There are actually two additional getInstance() methods with File
+         * as the first parameter.
+         */
+        checkNewMethods(clazz, 5);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, KeyStoreException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, KeyStoreException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, KeyStoreException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testMac() throws Exception {
+        Class clazz = Mac.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testMessageDigest() throws Exception {
+        Class clazz = MessageDigest.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testPolicy() throws Exception {
+        Class clazz = Policy.class;
+        Method m;
+        Policy.Parameters pp = new Policy.Parameters() {
+        };
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING, Policy.Parameters.class);
+        run(m, NullPointerException.class, (Object) null, pp);
+        run(m, NoSuchAlgorithmException.class, "", pp);
+
+        m = getInstance(clazz, STRING, Policy.Parameters.class, STRING);
+        run(m, NullPointerException.class, null, pp, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", pp, "SUN");
+        run(m, IllegalArgumentException.class, "FOO", pp, null);
+        run(m, IllegalArgumentException.class, "FOO", pp, "");
+
+        m = getInstance(clazz, STRING, Policy.Parameters.class, PROVIDER);
+        run(m, NullPointerException.class, null, pp, SUN);
+        run(m, NoSuchAlgorithmException.class, "", pp, SUN);
+        run(m, IllegalArgumentException.class, "FOO", pp, null);
+    }
+
+    private static void testSSLContext() throws Exception {
+        Class clazz = SSLContext.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testSecretKeyFactory() throws Exception {
+        Class clazz = SecretKeyFactory.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testSecureRandom() throws Exception {
+        Class clazz = SecureRandom.class;
+        Method m;
+        SecureRandomParameters srp = new SecureRandomParameters() {
+        };
+
+        checkNewMethods(clazz, 6);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+
+        m = getInstance(clazz, STRING, SecureRandomParameters.class);
+        run(m, NullPointerException.class, (Object) null, srp);
+        run(m, NoSuchAlgorithmException.class, "", srp);
+
+        m = getInstance(clazz, STRING, SecureRandomParameters.class, STRING);
+        run(m, NullPointerException.class, null, srp, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", srp, "SUN");
+        run(m, IllegalArgumentException.class, "FOO", srp, null);
+        run(m, IllegalArgumentException.class, "FOO", srp, "");
+
+        m = getInstance(clazz, STRING, SecureRandomParameters.class, PROVIDER);
+        run(m, NullPointerException.class, null, srp, SUN);
+        run(m, NoSuchAlgorithmException.class, "", srp, SUN);
+        run(m, IllegalArgumentException.class, "FOO", srp, null);
+    }
+
+    private static void testSignature() throws Exception {
+        Class clazz = Signature.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+
+    private static void testTrustManagerFactory() throws Exception {
+        Class clazz = TrustManagerFactory.class;
+        Method m;
+
+        checkNewMethods(clazz, 3);
+
+        m = getInstance(clazz, STRING);
+        run(m, NullPointerException.class, (Object) null);
+        run(m, NoSuchAlgorithmException.class, "");
+
+        m = getInstance(clazz, STRING, STRING);
+        run(m, NullPointerException.class, null, "SUN");
+        run(m, NoSuchAlgorithmException.class, "", "SUN");
+        run(m, IllegalArgumentException.class, "FOO", null);
+        run(m, IllegalArgumentException.class, "FOO", "");
+
+        m = getInstance(clazz, STRING, PROVIDER);
+        run(m, NullPointerException.class, null, SUN);
+        run(m, NoSuchAlgorithmException.class, "", SUN);
+        run(m, IllegalArgumentException.class, "FOO", null);
+    }
+}