changeset 3994:36e467e1e8b0

Merge
author alanb
date Mon, 11 Apr 2011 12:52:39 +0100
parents dc74b14a8753 c8f22fc4aa00
children a12f142410f2
files
diffstat 15 files changed, 2246 insertions(+), 410 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/java/lang/Character.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/java/lang/Character.java	Mon Apr 11 12:52:39 2011 +0100
@@ -4184,9 +4184,11 @@
             aliases.put("AVST", AVESTAN);
             aliases.put("BALI", BALINESE);
             aliases.put("BAMU", BAMUM);
+            aliases.put("BATK", BATAK);
             aliases.put("BENG", BENGALI);
             aliases.put("BOPO", BOPOMOFO);
             aliases.put("BRAI", BRAILLE);
+            aliases.put("BRAH", BRAHMI);
             aliases.put("BUGI", BUGINESE);
             aliases.put("BUHD", BUHID);
             aliases.put("CANS", CANADIAN_ABORIGINAL);
@@ -4230,6 +4232,7 @@
             aliases.put("LISU", LISU);
             aliases.put("LYCI", LYCIAN);
             aliases.put("LYDI", LYDIAN);
+            aliases.put("MAND", MANDAIC);
             aliases.put("MLYM", MALAYALAM);
             aliases.put("MONG", MONGOLIAN);
             aliases.put("MTEI", MEETEI_MAYEK);
--- a/src/share/classes/java/util/concurrent/ForkJoinPool.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/java/util/concurrent/ForkJoinPool.java	Mon Apr 11 12:52:39 2011 +0100
@@ -791,18 +791,19 @@
 
     /**
      * Tries to enqueue worker w in wait queue and await change in
-     * worker's eventCount.  If the pool is quiescent, possibly
-     * terminates worker upon exit.  Otherwise, before blocking,
-     * rescans queues to avoid missed signals.  Upon finding work,
-     * releases at least one worker (which may be the current
-     * worker). Rescans restart upon detected staleness or failure to
-     * release due to contention. Note the unusual conventions about
-     * Thread.interrupt here and elsewhere: Because interrupts are
-     * used solely to alert threads to check termination, which is
-     * checked here anyway, we clear status (using Thread.interrupted)
-     * before any call to park, so that park does not immediately
-     * return due to status being set via some other unrelated call to
-     * interrupt in user code.
+     * worker's eventCount.  If the pool is quiescent and there is
+     * more than one worker, possibly terminates worker upon exit.
+     * Otherwise, before blocking, rescans queues to avoid missed
+     * signals.  Upon finding work, releases at least one worker
+     * (which may be the current worker). Rescans restart upon
+     * detected staleness or failure to release due to
+     * contention. Note the unusual conventions about Thread.interrupt
+     * here and elsewhere: Because interrupts are used solely to alert
+     * threads to check termination, which is checked here anyway, we
+     * clear status (using Thread.interrupted) before any call to
+     * park, so that park does not immediately return due to status
+     * being set via some other unrelated call to interrupt in user
+     * code.
      *
      * @param w the calling worker
      * @param c the ctl value on entry
@@ -823,7 +824,7 @@
             else if (w.eventCount != v)
                 return true;                      // update next time
         }
-        if (parallelism + (int)(nc >> AC_SHIFT) == 0 &&
+        if ((int)c != 0 && parallelism + (int)(nc >> AC_SHIFT) == 0 &&
             blockedCount == 0 && quiescerCount == 0)
             idleAwaitWork(w, nc, c, v);           // quiescent
         for (boolean rescanned = false;;) {
@@ -893,7 +894,8 @@
                 w.parked = false;
                 if (w.eventCount != v)
                     break;
-                else if (System.nanoTime() - startTime < SHRINK_RATE)
+                else if (System.nanoTime() - startTime <
+                         SHRINK_RATE - (SHRINK_RATE / 10)) // timing slop
                     Thread.interrupted();          // spurious wakeup
                 else if (UNSAFE.compareAndSwapLong(this, ctlOffset,
                                                    currentCtl, prevCtl)) {
@@ -1175,7 +1177,7 @@
                         ws[k] = w;
                         nextWorkerIndex = k + 1;
                         int m = g & SMASK;
-                        g = k >= m? ((m << 1) + 1) & SMASK : g + (SG_UNIT<<1);
+                        g = k > m? ((m << 1) + 1) & SMASK : g + (SG_UNIT<<1);
                     }
                 } finally {
                     scanGuard = g;
--- a/src/share/classes/java/util/jar/JarFile.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/java/util/jar/JarFile.java	Mon Apr 11 12:52:39 2011 +0100
@@ -37,6 +37,7 @@
 import sun.security.action.GetPropertyAction;
 import sun.security.util.ManifestEntryVerifier;
 import sun.misc.SharedSecrets;
+import sun.security.util.SignatureFileVerifier;
 
 /**
  * The <code>JarFile</code> class is used to read the contents of a jar file
@@ -178,7 +179,7 @@
                     byte[] b = getBytes(manEntry);
                     man = new Manifest(new ByteArrayInputStream(b));
                     if (!jvInitialized) {
-                        jv = new JarVerifier(b);
+                        jv = new JarVerifier(b, man);
                     }
                 } else {
                     man = new Manifest(super.getInputStream(manEntry));
@@ -297,10 +298,7 @@
             if (names != null) {
                 for (int i = 0; i < names.length; i++) {
                     String name = names[i].toUpperCase(Locale.ENGLISH);
-                    if (name.endsWith(".DSA") ||
-                        name.endsWith(".RSA") ||
-                        name.endsWith(".EC") ||
-                        name.endsWith(".SF")) {
+                    if (SignatureFileVerifier.isBlockOrSF(name)) {
                         // Assume since we found a signature-related file
                         // that the jar is signed and that we therefore
                         // need a JarVerifier and Manifest
@@ -329,17 +327,17 @@
             if (names != null) {
                 for (int i = 0; i < names.length; i++) {
                     JarEntry e = getJarEntry(names[i]);
-                    if (!e.isDirectory()) {
+                    if (!e.isDirectory() &&
+                            SignatureFileVerifier.isBlock(names[i])) {
                         if (mev == null) {
                             mev = new ManifestEntryVerifier
                                 (getManifestFromReference());
                         }
-                        byte[] b = getBytes(e);
-                        if (b != null && b.length > 0) {
-                            jv.beginEntry(e, mev);
-                            jv.update(b.length, b, 0, b.length, mev);
-                            jv.update(-1, null, 0, 0, mev);
-                        }
+                        String key = names[i].substring(
+                                0, names[i].lastIndexOf("."));
+                        jv.verifyBlock(names[i],
+                                getBytes(e),
+                                super.getInputStream(getJarEntry(key + ".SF")));
                     }
                 }
             }
--- a/src/share/classes/java/util/jar/JarInputStream.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/java/util/jar/JarInputStream.java	Mon Apr 11 12:52:39 2011 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -95,7 +95,7 @@
             man.read(new ByteArrayInputStream(bytes));
             closeEntry();
             if (doVerify) {
-                jv = new JarVerifier(bytes);
+                jv = new JarVerifier(bytes, man);
                 mev = new ManifestEntryVerifier(man);
             }
             return (JarEntry)super.getNextEntry();
--- a/src/share/classes/java/util/jar/JarVerifier.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/java/util/jar/JarVerifier.java	Mon Apr 11 12:52:39 2011 +0100
@@ -48,35 +48,18 @@
 
     /* a table mapping names to code signers, for jar entries that have
        had their actual hashes verified */
-    private Hashtable verifiedSigners;
+    private Map verifiedSigners;
 
     /* a table mapping names to code signers, for jar entries that have
        passed the .SF/.DSA/.EC -> MANIFEST check */
-    private Hashtable sigFileSigners;
-
-    /* a hash table to hold .SF bytes */
-    private Hashtable sigFileData;
-
-    /** "queue" of pending PKCS7 blocks that we couldn't parse
-     *  until we parsed the .SF file */
-    private ArrayList pendingBlocks;
+    private Map sigFileSigners;
 
     /* cache of CodeSigner objects */
     private ArrayList signerCache;
 
-    /* Are we parsing a block? */
-    private boolean parsingBlockOrSF = false;
-
-    /* Are we done parsing META-INF entries? */
-    private boolean parsingMeta = true;
-
     /* Are there are files to verify? */
     private boolean anyToVerify = true;
 
-    /* The output stream to use when keeping track of files we are interested
-       in */
-    private ByteArrayOutputStream baos;
-
     /** The ManifestDigester object */
     private volatile ManifestDigester manDig;
 
@@ -92,20 +75,20 @@
     /** collect -DIGEST-MANIFEST values for blacklist */
     private List manifestDigests;
 
-    public JarVerifier(byte rawBytes[]) {
+    /** The manifest object */
+    Manifest man = null;
+
+    public JarVerifier(byte rawBytes[], Manifest man) {
+        this.man = man;
         manifestRawBytes = rawBytes;
-        sigFileSigners = new Hashtable();
-        verifiedSigners = new Hashtable();
-        sigFileData = new Hashtable(11);
-        pendingBlocks = new ArrayList();
-        baos = new ByteArrayOutputStream();
+        sigFileSigners = new HashMap();
+        verifiedSigners = new HashMap();
         manifestDigests = new ArrayList();
     }
 
     /**
-     * This method scans to see which entry we're parsing and
-     * keeps various state information depending on what type of
-     * file is being parsed.
+     * This method scans to see which entry we're parsing and keeps
+     * various state information depending on the file being parsed.
      */
     public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
         throws IOException
@@ -129,30 +112,6 @@
          *    b. digest mismatch between the actual jar entry and the manifest
          */
 
-        if (parsingMeta) {
-            String uname = name.toUpperCase(Locale.ENGLISH);
-            if ((uname.startsWith("META-INF/") ||
-                 uname.startsWith("/META-INF/"))) {
-
-                if (je.isDirectory()) {
-                    mev.setEntry(null, je);
-                    return;
-                }
-
-                if (SignatureFileVerifier.isBlockOrSF(uname)) {
-                    /* We parse only DSA, RSA or EC PKCS7 blocks. */
-                    parsingBlockOrSF = true;
-                    baos.reset();
-                    mev.setEntry(null, je);
-                }
-                return;
-            }
-        }
-
-        if (parsingMeta) {
-            doneWithMeta();
-        }
-
         if (je.isDirectory()) {
             mev.setEntry(null, je);
             return;
@@ -188,11 +147,7 @@
         throws IOException
     {
         if (b != -1) {
-            if (parsingBlockOrSF) {
-                baos.write(b);
-            } else {
-                mev.update((byte)b);
-            }
+            mev.update((byte)b);
         } else {
             processEntry(mev);
         }
@@ -207,11 +162,7 @@
         throws IOException
     {
         if (n != -1) {
-            if (parsingBlockOrSF) {
-                baos.write(b, off, n);
-            } else {
-                mev.update(b, off, n);
-            }
+            mev.update(b, off, n);
         } else {
             processEntry(mev);
         }
@@ -223,101 +174,10 @@
     private void processEntry(ManifestEntryVerifier mev)
         throws IOException
     {
-        if (!parsingBlockOrSF) {
-            JarEntry je = mev.getEntry();
-            if ((je != null) && (je.signers == null)) {
-                je.signers = mev.verify(verifiedSigners, sigFileSigners);
-                je.certs = mapSignersToCertArray(je.signers);
-            }
-        } else {
-
-            try {
-                parsingBlockOrSF = false;
-
-                if (debug != null) {
-                    debug.println("processEntry: processing block");
-                }
-
-                String uname = mev.getEntry().getName()
-                                             .toUpperCase(Locale.ENGLISH);
-
-                if (uname.endsWith(".SF")) {
-                    String key = uname.substring(0, uname.length()-3);
-                    byte bytes[] = baos.toByteArray();
-                    // add to sigFileData in case future blocks need it
-                    sigFileData.put(key, bytes);
-                    // check pending blocks, we can now process
-                    // anyone waiting for this .SF file
-                    Iterator it = pendingBlocks.iterator();
-                    while (it.hasNext()) {
-                        SignatureFileVerifier sfv =
-                            (SignatureFileVerifier) it.next();
-                        if (sfv.needSignatureFile(key)) {
-                            if (debug != null) {
-                                debug.println(
-                                 "processEntry: processing pending block");
-                            }
-
-                            sfv.setSignatureFile(bytes);
-                            sfv.process(sigFileSigners, manifestDigests);
-                        }
-                    }
-                    return;
-                }
-
-                // now we are parsing a signature block file
-
-                String key = uname.substring(0, uname.lastIndexOf("."));
-
-                if (signerCache == null)
-                    signerCache = new ArrayList();
-
-                if (manDig == null) {
-                    synchronized(manifestRawBytes) {
-                        if (manDig == null) {
-                            manDig = new ManifestDigester(manifestRawBytes);
-                            manifestRawBytes = null;
-                        }
-                    }
-                }
-
-                SignatureFileVerifier sfv =
-                  new SignatureFileVerifier(signerCache,
-                                            manDig, uname, baos.toByteArray());
-
-                if (sfv.needSignatureFileBytes()) {
-                    // see if we have already parsed an external .SF file
-                    byte[] bytes = (byte[]) sigFileData.get(key);
-
-                    if (bytes == null) {
-                        // put this block on queue for later processing
-                        // since we don't have the .SF bytes yet
-                        // (uname, block);
-                        if (debug != null) {
-                            debug.println("adding pending block");
-                        }
-                        pendingBlocks.add(sfv);
-                        return;
-                    } else {
-                        sfv.setSignatureFile(bytes);
-                    }
-                }
-                sfv.process(sigFileSigners, manifestDigests);
-
-            } catch (IOException ioe) {
-                // e.g. sun.security.pkcs.ParsingException
-                if (debug != null) debug.println("processEntry caught: "+ioe);
-                // ignore and treat as unsigned
-            } catch (SignatureException se) {
-                if (debug != null) debug.println("processEntry caught: "+se);
-                // ignore and treat as unsigned
-            } catch (NoSuchAlgorithmException nsae) {
-                if (debug != null) debug.println("processEntry caught: "+nsae);
-                // ignore and treat as unsigned
-            } catch (CertificateException ce) {
-                if (debug != null) debug.println("processEntry caught: "+ce);
-                // ignore and treat as unsigned
-            }
+        JarEntry je = mev.getEntry();
+        if ((je != null) && (je.signers == null)) {
+            je.signers = mev.verify(verifiedSigners, sigFileSigners);
+            je.certs = mapSignersToCertArray(je.signers);
         }
     }
 
@@ -354,15 +214,15 @@
              * Force a read of the entry data to generate the
              * verification hash.
              */
-            try {
-                InputStream s = jar.getInputStream(entry);
+            try (InputStream s = jar.getInputStream(entry)) {
                 byte[] buffer = new byte[1024];
                 int n = buffer.length;
                 while (n != -1) {
                     n = s.read(buffer, 0, buffer.length);
                 }
-                s.close();
             } catch (IOException e) {
+                // Ignore. When an exception is thrown, code signer
+                // will not be assigned.
             }
         }
         return getCodeSigners(name);
@@ -408,11 +268,7 @@
      */
     void doneWithMeta()
     {
-        parsingMeta = false;
         anyToVerify = !sigFileSigners.isEmpty();
-        baos = null;
-        sigFileData = null;
-        pendingBlocks = null;
         signerCache = null;
         manDig = null;
         // MANIFEST.MF is always treated as signed and verified,
@@ -423,6 +279,41 @@
         }
     }
 
+    /**
+     * Verifies a PKCS7 SignedData block
+     * @param key name of block
+     * @param block the pkcs7 file
+     * @param ins the clear data
+     */
+    void verifyBlock(String key, byte[] block, InputStream ins) {
+        try {
+            if (signerCache == null)
+                signerCache = new ArrayList();
+
+            if (manDig == null) {
+                synchronized(manifestRawBytes) {
+                    if (manDig == null) {
+                        manDig = new ManifestDigester(manifestRawBytes);
+                        manifestRawBytes = null;
+                    }
+                }
+            }
+            SignatureFileVerifier sfv =
+                    new SignatureFileVerifier(signerCache, man,
+                                        manDig, key, block);
+
+            if (sfv.needSignatureFile()) {
+                // see if we have already parsed an external .SF file
+                sfv.setSignatureFile(ins);
+            }
+            sfv.process(sigFileSigners, manifestDigests);
+        } catch (Exception e) {
+            if (debug != null) {
+                e.printStackTrace();
+            }
+        }
+    }
+
     static class VerifierStream extends java.io.InputStream {
 
         private InputStream is;
@@ -553,10 +444,7 @@
          * but this handles a CodeSource of any type, just in case.
          */
         CodeSource[] sources = mapSignersToCodeSources(cs.getLocation(), getJarCodeSigners(), true);
-        List sourceList = new ArrayList();
-        for (int i = 0; i < sources.length; i++) {
-            sourceList.add(sources[i]);
-        }
+        List sourceList = Arrays.asList(sources);
         int j = sourceList.indexOf(cs);
         if (j != -1) {
             CodeSigner[] match;
--- a/src/share/classes/sun/security/jgss/krb5/InitSecContextToken.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/sun/security/jgss/krb5/InitSecContextToken.java	Mon Apr 11 12:52:39 2011 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -127,8 +127,8 @@
             //System.out.println("Sub-Session Key Missing in Authenticator.\n");
         }
 
-        OverloadedChecksum gssChecksum =
-            new OverloadedChecksum(context, apReq.getChecksum(), sessionKey);
+        OverloadedChecksum gssChecksum = new OverloadedChecksum(
+                context, apReq.getChecksum(), sessionKey, subKey);
         gssChecksum.setContextFlags(context);
         Credentials delegCred = gssChecksum.getDelegatedCreds();
         if (delegCred != null) {
--- a/src/share/classes/sun/security/jgss/krb5/InitialToken.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/sun/security/jgss/krb5/InitialToken.java	Mon Apr 11 12:52:39 2011 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -210,8 +210,8 @@
         // be passed in if this checksum type denotes a
         // raw_checksum. In that case, make Checksum class krb5
         // internal.
-        public OverloadedChecksum(Krb5Context context,
-                                  Checksum checksum, EncryptionKey key)
+        public OverloadedChecksum(Krb5Context context, Checksum checksum,
+                                  EncryptionKey key, EncryptionKey subKey)
             throws GSSException, KrbException, IOException {
 
             int pos = 0;
@@ -283,9 +283,17 @@
                         new KrbCred(credBytes, EncryptionKey.NULL_KEY).
                         getDelegatedCreds()[0];
                 } else {
-                    delegCreds =
-                        new KrbCred(credBytes, key).
-                        getDelegatedCreds()[0];
+                    KrbCred cred;
+                    try {
+                        cred = new KrbCred(credBytes, key);
+                    } catch (KrbException e) {
+                        if (subKey != null) {
+                            cred = new KrbCred(credBytes, subKey);
+                        } else {
+                            throw e;
+                        }
+                    }
+                    delegCreds = cred.getDelegatedCreds()[0];
                 }
             }
         }
--- a/src/share/classes/sun/security/pkcs/PKCS7.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/sun/security/pkcs/PKCS7.java	Mon Apr 11 12:52:39 2011 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -38,6 +38,7 @@
 import sun.security.util.*;
 import sun.security.x509.AlgorithmId;
 import sun.security.x509.CertificateIssuerName;
+import sun.security.x509.KeyUsageExtension;
 import sun.security.x509.X509CertImpl;
 import sun.security.x509.X509CertInfo;
 import sun.security.x509.X509CRLImpl;
@@ -492,7 +493,7 @@
         // CRLs (optional)
         if (crls != null && crls.length != 0) {
             // cast to X509CRLImpl[] since X509CRLImpl implements DerEncoder
-            Set<X509CRLImpl> implCRLs = new HashSet<X509CRLImpl>(crls.length);
+            Set<X509CRLImpl> implCRLs = new HashSet<>(crls.length);
             for (X509CRL crl: crls) {
                 if (crl instanceof X509CRLImpl)
                     implCRLs.add((X509CRLImpl) crl);
@@ -530,6 +531,168 @@
     }
 
     /**
+     * Verifying signed data using an external chunked data source.
+     */
+    public static class PKCS7Verifier {
+
+        private final SignerInfo si;          // Signer to verify
+        private final MessageDigest md;       // MessageDigest object for chunks
+        private final Signature sig;          // Signature object for chunks
+
+        private PKCS7Verifier(SignerInfo si, MessageDigest md, Signature sig) {
+            this.si = si;
+            this.md = md;
+            this.sig = sig;
+        }
+
+        public static PKCS7Verifier from(PKCS7 block, SignerInfo si) throws
+                SignatureException, NoSuchAlgorithmException {
+
+            try {
+                MessageDigest md = null;
+                Signature sig;
+
+                ContentInfo content = block.getContentInfo();
+                String digestAlgname = si.getDigestAlgorithmId().getName();
+
+                // if there are authenticate attributes, feed data chunks to
+                // the message digest. In this case, pv.md is not null
+                if (si.authenticatedAttributes != null) {
+                    // first, check content type
+                    ObjectIdentifier contentType = (ObjectIdentifier)
+                           si.authenticatedAttributes.getAttributeValue(
+                             PKCS9Attribute.CONTENT_TYPE_OID);
+                    if (contentType == null ||
+                        !contentType.equals(content.contentType))
+                        return null;  // contentType does not match, bad SignerInfo
+
+                    // now, check message digest
+                    byte[] messageDigest = (byte[])
+                        si.authenticatedAttributes.getAttributeValue(
+                             PKCS9Attribute.MESSAGE_DIGEST_OID);
+
+                    if (messageDigest == null) // fail if there is no message digest
+                        return null;
+
+                    md = MessageDigest.getInstance(digestAlgname);
+                }
+
+                // put together digest algorithm and encryption algorithm
+                // to form signing algorithm
+                String encryptionAlgname =
+                    si.getDigestEncryptionAlgorithmId().getName();
+
+                // Workaround: sometimes the encryptionAlgname is actually
+                // a signature name
+                String tmp = AlgorithmId.getEncAlgFromSigAlg(encryptionAlgname);
+                if (tmp != null) encryptionAlgname = tmp;
+                String algname = AlgorithmId.makeSigAlg(
+                        digestAlgname, encryptionAlgname);
+
+                sig = Signature.getInstance(algname);
+                X509Certificate cert = si.getCertificate(block);
+
+                if (cert == null) {
+                    return null;
+                }
+                if (cert.hasUnsupportedCriticalExtension()) {
+                    throw new SignatureException("Certificate has unsupported "
+                                                 + "critical extension(s)");
+                }
+
+                // Make sure that if the usage of the key in the certificate is
+                // restricted, it can be used for digital signatures.
+                // XXX We may want to check for additional extensions in the
+                // future.
+                boolean[] keyUsageBits = cert.getKeyUsage();
+                if (keyUsageBits != null) {
+                    KeyUsageExtension keyUsage;
+                    try {
+                        // We don't care whether or not this extension was marked
+                        // critical in the certificate.
+                        // We're interested only in its value (i.e., the bits set)
+                        // and treat the extension as critical.
+                        keyUsage = new KeyUsageExtension(keyUsageBits);
+                    } catch (IOException ioe) {
+                        throw new SignatureException("Failed to parse keyUsage "
+                                                     + "extension");
+                    }
+
+                    boolean digSigAllowed = ((Boolean)keyUsage.get(
+                            KeyUsageExtension.DIGITAL_SIGNATURE)).booleanValue();
+
+                    boolean nonRepuAllowed = ((Boolean)keyUsage.get(
+                            KeyUsageExtension.NON_REPUDIATION)).booleanValue();
+
+                    if (!digSigAllowed && !nonRepuAllowed) {
+                        throw new SignatureException("Key usage restricted: "
+                                                     + "cannot be used for "
+                                                     + "digital signatures");
+                    }
+                }
+
+                PublicKey key = cert.getPublicKey();
+                sig.initVerify(key);
+                return new PKCS7Verifier(si, md, sig);
+            } catch (IOException e) {
+                throw new SignatureException("IO error verifying signature:\n" +
+                                             e.getMessage());
+
+            } catch (InvalidKeyException e) {
+                throw new SignatureException("InvalidKey: " + e.getMessage());
+
+            }
+        }
+
+        public void update(byte[] data, int off, int end)
+                throws SignatureException {
+            if (md != null) {
+                md.update(data, off, end-off);
+            } else {
+                sig.update(data, off, end-off);
+            }
+        }
+
+        public SignerInfo verify() throws SignatureException {
+            try {
+                // if there are authenticate attributes, get the message
+                // digest and compare it with the digest of data
+                if (md != null) {
+                    // now, check message digest
+                    byte[] messageDigest = (byte[])
+                        si.authenticatedAttributes.getAttributeValue(
+                             PKCS9Attribute.MESSAGE_DIGEST_OID);
+
+                    byte[] computedMessageDigest = md.digest();
+
+                    if (!MessageDigest.isEqual(
+                            messageDigest, computedMessageDigest)) {
+                        return null;
+                    }
+
+                    // message digest attribute matched
+                    // digest of original data
+
+                    // the data actually signed is the DER encoding of
+                    // the authenticated attributes (tagged with
+                    // the "SET OF" tag, not 0xA0).
+                    byte[] dataSigned = si.authenticatedAttributes.getDerEncoding();
+                    sig.update(dataSigned);
+                }
+
+                if (sig.verify(si.getEncryptedDigest())) {
+                    return si;
+                }
+
+            } catch (IOException e) {
+                throw new SignatureException("IO error verifying signature:\n" +
+                                             e.getMessage());
+            }
+            return null;
+        }
+    }
+
+    /**
      * This verifies a given SignerInfo.
      *
      * @param info the signer information.
@@ -554,19 +717,16 @@
     public SignerInfo[] verify(byte[] bytes)
     throws NoSuchAlgorithmException, SignatureException {
 
-        Vector<SignerInfo> intResult = new Vector<SignerInfo>();
+        List<SignerInfo> intResult = new ArrayList<>();
         for (int i = 0; i < signerInfos.length; i++) {
 
             SignerInfo signerInfo = verify(signerInfos[i], bytes);
             if (signerInfo != null) {
-                intResult.addElement(signerInfo);
+                intResult.add(signerInfo);
             }
         }
-        if (intResult.size() != 0) {
-
-            SignerInfo[] result = new SignerInfo[intResult.size()];
-            intResult.copyInto(result);
-            return result;
+        if (!intResult.isEmpty()) {
+            return intResult.toArray(new SignerInfo[intResult.size()]);
         }
         return null;
     }
--- a/src/share/classes/sun/security/pkcs/SignerInfo.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/sun/security/pkcs/SignerInfo.java	Mon Apr 11 12:52:39 2011 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -230,7 +230,7 @@
         if (userCert == null)
             return null;
 
-        ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>();
+        ArrayList<X509Certificate> certList = new ArrayList<>();
         certList.add(userCert);
 
         X509Certificate[] pkcsCerts = block.getCertificates();
@@ -276,132 +276,20 @@
     /* Returns null if verify fails, this signerInfo if
        verify succeeds. */
     SignerInfo verify(PKCS7 block, byte[] data)
-    throws NoSuchAlgorithmException, SignatureException {
+            throws NoSuchAlgorithmException, SignatureException {
 
-        try {
-
-            ContentInfo content = block.getContentInfo();
-            if (data == null) {
-                data = content.getContentBytes();
+        PKCS7.PKCS7Verifier p7v = PKCS7.PKCS7Verifier.from(block, this);
+        if (p7v == null) return null;
+        if (data == null) {
+            try {
+                data = block.getContentInfo().getContentBytes();
+            } catch (IOException e) {
+                throw new SignatureException("IO error verifying signature:\n" +
+                                             e.getMessage());
             }
-
-            String digestAlgname = getDigestAlgorithmId().getName();
-
-            byte[] dataSigned;
-
-            // if there are authenticate attributes, get the message
-            // digest and compare it with the digest of data
-            if (authenticatedAttributes == null) {
-                dataSigned = data;
-            } else {
-
-                // first, check content type
-                ObjectIdentifier contentType = (ObjectIdentifier)
-                       authenticatedAttributes.getAttributeValue(
-                         PKCS9Attribute.CONTENT_TYPE_OID);
-                if (contentType == null ||
-                    !contentType.equals(content.contentType))
-                    return null;  // contentType does not match, bad SignerInfo
-
-                // now, check message digest
-                byte[] messageDigest = (byte[])
-                    authenticatedAttributes.getAttributeValue(
-                         PKCS9Attribute.MESSAGE_DIGEST_OID);
-
-                if (messageDigest == null) // fail if there is no message digest
-                    return null;
-
-                MessageDigest md = MessageDigest.getInstance(digestAlgname);
-                byte[] computedMessageDigest = md.digest(data);
-
-                if (messageDigest.length != computedMessageDigest.length)
-                    return null;
-                for (int i = 0; i < messageDigest.length; i++) {
-                    if (messageDigest[i] != computedMessageDigest[i])
-                        return null;
-                }
-
-                // message digest attribute matched
-                // digest of original data
-
-                // the data actually signed is the DER encoding of
-                // the authenticated attributes (tagged with
-                // the "SET OF" tag, not 0xA0).
-                dataSigned = authenticatedAttributes.getDerEncoding();
-            }
-
-            // put together digest algorithm and encryption algorithm
-            // to form signing algorithm
-            String encryptionAlgname =
-                getDigestEncryptionAlgorithmId().getName();
-
-            // Workaround: sometimes the encryptionAlgname is actually
-            // a signature name
-            String tmp = AlgorithmId.getEncAlgFromSigAlg(encryptionAlgname);
-            if (tmp != null) encryptionAlgname = tmp;
-            String algname = AlgorithmId.makeSigAlg(
-                    digestAlgname, encryptionAlgname);
-
-            Signature sig = Signature.getInstance(algname);
-            X509Certificate cert = getCertificate(block);
-
-            if (cert == null) {
-                return null;
-            }
-            if (cert.hasUnsupportedCriticalExtension()) {
-                throw new SignatureException("Certificate has unsupported "
-                                             + "critical extension(s)");
-            }
-
-            // Make sure that if the usage of the key in the certificate is
-            // restricted, it can be used for digital signatures.
-            // XXX We may want to check for additional extensions in the
-            // future.
-            boolean[] keyUsageBits = cert.getKeyUsage();
-            if (keyUsageBits != null) {
-                KeyUsageExtension keyUsage;
-                try {
-                    // We don't care whether or not this extension was marked
-                    // critical in the certificate.
-                    // We're interested only in its value (i.e., the bits set)
-                    // and treat the extension as critical.
-                    keyUsage = new KeyUsageExtension(keyUsageBits);
-                } catch (IOException ioe) {
-                    throw new SignatureException("Failed to parse keyUsage "
-                                                 + "extension");
-                }
-
-                boolean digSigAllowed = ((Boolean)keyUsage.get(
-                        KeyUsageExtension.DIGITAL_SIGNATURE)).booleanValue();
-
-                boolean nonRepuAllowed = ((Boolean)keyUsage.get(
-                        KeyUsageExtension.NON_REPUDIATION)).booleanValue();
-
-                if (!digSigAllowed && !nonRepuAllowed) {
-                    throw new SignatureException("Key usage restricted: "
-                                                 + "cannot be used for "
-                                                 + "digital signatures");
-                }
-            }
-
-            PublicKey key = cert.getPublicKey();
-            sig.initVerify(key);
-
-            sig.update(dataSigned);
-
-            if (sig.verify(encryptedDigest)) {
-                return this;
-            }
-
-        } catch (IOException e) {
-            throw new SignatureException("IO error verifying signature:\n" +
-                                         e.getMessage());
-
-        } catch (InvalidKeyException e) {
-            throw new SignatureException("InvalidKey: " + e.getMessage());
-
         }
-        return null;
+        p7v.update(data, 0, data.length);
+        return p7v.verify();
     }
 
     /* Verify the content of the pkcs7 block. */
--- a/src/share/classes/sun/security/util/ManifestEntryVerifier.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/sun/security/util/ManifestEntryVerifier.java	Mon Apr 11 12:52:39 2011 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -191,8 +191,8 @@
      *
      *
      */
-    public CodeSigner[] verify(Hashtable<String, CodeSigner[]> verifiedSigners,
-                Hashtable<String, CodeSigner[]> sigFileSigners)
+    public CodeSigner[] verify(Map<String, CodeSigner[]> verifiedSigners,
+                Map<String, CodeSigner[]> sigFileSigners)
         throws JarException
     {
         if (skip) {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/security/util/SignatureFileManifest.java	Mon Apr 11 12:52:39 2011 +0100
@@ -0,0 +1,251 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Arrays;
+import java.util.jar.Attributes;
+import java.util.jar.Manifest;
+
+/**
+ * This class provides streaming mode reading of manifest files.
+ * Used by {@link SignatureFileVerifier}.
+ */
+class SignatureFileManifest extends Manifest {
+
+    /*
+     * Reading a manifest into this object by calling update(byte[]) on chunks.
+     * During the reading, the bytes are saved in (@code current} until a line
+     * is complete and the key-value pair is saved in {@code currentAttr}. When
+     * a section is complete, {@code consumeAttr} is called to merge
+     * {@code currentAttr} into main attributes or a named entry.
+     */
+
+    // Internal state during update() style reading
+    // 0. not in update mode
+    // 1, in update mode but main attributes not completed yet
+    // 2. main attributes completed, still reading the entries
+    private int state = 0;
+
+    // The partial line read
+    private byte[] current;
+
+    // Number of bytes in current
+    private int currentPos = 0;
+
+    // The current Attribute
+    private Attributes currentAttr;
+
+    /**
+     * Reads a manifest in chunks.
+     * <p>
+     * This method must be called in a row, reading chunks from a single
+     * manifest file by order. After all chunks are read, caller must call
+     * {@code update(null)} to fully consume the manifest.
+     * <p>
+     * The entry names and attributes read will be merged in with the current
+     * manifest entries. The {@link #read} method cannot be called inside a
+     * row of update calls.
+     * <p>
+     * Along with the calls, caller can call {@link #getMainAttributes()},
+     * {@link #getAttributes(java.lang.String)} or {@link #getEntries()}
+     * to get already available contents. However, in order not to return
+     * partial result, when the main attributes in the new manifest is not
+     * consumed completely, {@link #getMainAttributes()} throws an
+     * {@code IllegalStateException}. When a certain named entry is not
+     * consumed completely, {@link #getAttributes(java.lang.String)}
+     * returns the old {@code Attributes} for the name (if it exists).
+     *
+     * @param data null for last call, otherwise, feeding chunks
+     * @param offset offset into data to begin read
+     * @param length length of data after offset to read
+     * @exception IOException if an I/O error has occurred
+     * @exception IllegalStateException if {@code update(null)} is called
+     * without any previous {@code update(non-null)} call
+     */
+    public void update(byte[] data, int offset, int length) throws IOException {
+
+        // The last call
+        if (data == null) {
+            if (state == 0) {
+                throw new IllegalStateException("No data to update");
+            }
+            // We accept manifest not ended with \n or \n\n
+            if (hasLastByte()) {
+                consumeCurrent();
+            }
+            // We accept empty lines at the end
+            if (!currentAttr.isEmpty()) {
+                consumeAttr();
+            }
+            state = 0;  // back to non-update state
+            current = null;
+            currentAttr = null;
+            return;
+        }
+
+        // The first call
+        if (state == 0) {
+            current = new byte[1024];
+            currentAttr = super.getMainAttributes(); // the main attribute
+            state = 1;
+        }
+
+        int end = offset + length;
+
+        while (offset < end) {
+            switch (data[offset]) {
+                case '\r':
+                    break;  // always skip
+                case '\n':
+                    if (hasLastByte() && lastByte() == '\n') {  // new section
+                        consumeCurrent();
+                        consumeAttr();
+                        if (state == 1) {
+                            state = 2;
+                        }
+                        currentAttr = new Attributes(2);
+                    } else {
+                        if (hasLastByte()) {
+                            // save \n into current but do not parse,
+                            // there might be a continuation later
+                            ensureCapacity();
+                            current[currentPos++] = data[offset];
+                        } else if (state == 1) {
+                            // there can be multiple empty lines between
+                            // sections, but cannot be at the beginning
+                            throw new IOException("invalid manifest format");
+                        }
+                    }
+                    break;
+                case ' ':
+                    if (!hasLastByte()) {
+                        throw new IOException("invalid manifest format");
+                    } else if (lastByte() == '\n') {
+                        currentPos--;   // continuation, remove last \n
+                    } else {    // a very normal ' '
+                        ensureCapacity();
+                        current[currentPos++] = data[offset];
+                    }
+                    break;
+                default:
+                    if (hasLastByte() && lastByte() == '\n') {
+                        // The start of a new pair, not continuation
+                        consumeCurrent();   // the last line read
+                    }
+                    ensureCapacity();
+                    current[currentPos++] = data[offset];
+                    break;
+            }
+            offset++;
+        }
+    }
+
+    /**
+     * Returns the main Attributes for the Manifest.
+     * @exception IllegalStateException the main attributes is being read
+     * @return the main Attributes for the Manifest
+     */
+    public Attributes getMainAttributes() {
+        if (state == 1) {
+            throw new IllegalStateException();
+        }
+        return super.getMainAttributes();
+    }
+
+    /**
+     * Reads the Manifest from the specified InputStream. The entry
+     * names and attributes read will be merged in with the current
+     * manifest entries.
+     *
+     * @param is the input stream
+     * @exception IOException if an I/O error has occurred
+     * @exception IllegalStateException if called between two {@link #update}
+     * calls
+     */
+    public void read(InputStream is) throws IOException {
+        if (state != 0) {
+            throw new IllegalStateException("Cannot call read between updates");
+        }
+        super.read(is);
+    }
+
+    /*
+     * ----------  Helper methods  -----------------
+     */
+
+    private void ensureCapacity() {
+        if (currentPos >= current.length-1) {
+            current = Arrays.copyOf(current, current.length*2);
+        }
+    }
+
+    private boolean hasLastByte() {
+        return currentPos > 0;
+    }
+
+    private byte lastByte() {
+        return current[currentPos-1];
+    }
+
+    // Parse current as key:value and save into currentAttr.
+    // There MUST be something inside current.
+    private void consumeCurrent() throws IOException {
+        // current normally has a \n end, except for the last line
+        if (current[currentPos-1] == '\n') currentPos--;
+        for (int i=0; i<currentPos; i++) {
+            if (current[i] == ':') {
+                String key = new String(current, 0, 0, i);
+                i++;
+                while (i < currentPos && current[i] == ' ') { i++; }
+                String value = new String(current, i, currentPos-i, "UTF-8");
+                currentAttr.putValue(key, value);
+                currentPos = 0;
+                return;
+            }
+        }
+        throw new IOException("invalid header field");
+    }
+
+    // Merge currentAttr into Manifest
+    private void consumeAttr() throws IOException {
+        // Only needed for named entries. For the main attribute, key/value
+        // is added into attr directly, but since getMainAttributes() throws
+        // an exception, the partial data is not leaked.
+        if (state != 1) {
+            String name = currentAttr.getValue("Name");
+            if (name != null) {
+                currentAttr.remove(new Attributes.Name("Name"));
+                Attributes old = getAttributes(name);
+                if (old != null) old.putAll(currentAttr);
+                else getEntries().put(name, currentAttr);
+            } else {
+                throw new IOException("invalid manifest format");
+            }
+        }
+    }
+}
--- a/src/share/classes/sun/security/util/SignatureFileVerifier.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/src/share/classes/sun/security/util/SignatureFileVerifier.java	Mon Apr 11 12:52:39 2011 +0100
@@ -55,8 +55,8 @@
     /** the PKCS7 block for this .DSA/.RSA/.EC file */
     private PKCS7 block;
 
-    /** the raw bytes of the .SF file */
-    private byte sfBytes[];
+    // the content of the raw .SF file as an InputStream
+    private InputStream sfStream;
 
     /** the name of the signature block file, uppercased and without
      *  the extension (.DSA/.RSA/.EC)
@@ -66,6 +66,9 @@
     /** the ManifestDigester */
     private ManifestDigester md;
 
+    /** The MANIFEST.MF */
+    private Manifest man;
+
     /** cache of created MessageDigest objects */
     private HashMap<String, MessageDigest> createdDigests;
 
@@ -83,6 +86,7 @@
      * @param rawBytes the raw bytes of the signature block file
      */
     public SignatureFileVerifier(ArrayList<CodeSigner[]> signerCache,
+                                 Manifest man,
                                  ManifestDigester md,
                                  String name,
                                  byte rawBytes[])
@@ -94,13 +98,18 @@
         try {
             obj = Providers.startJarVerification();
             block = new PKCS7(rawBytes);
-            sfBytes = block.getContentInfo().getData();
+            byte[] contentData = block.getContentInfo().getData();
+            if (contentData != null) {
+                sfStream = new ByteArrayInputStream(contentData);
+            }
             certificateFactory = CertificateFactory.getInstance("X509");
         } finally {
             Providers.stopJarVerification(obj);
         }
         this.name = name.substring(0, name.lastIndexOf("."))
                                                    .toUpperCase(Locale.ENGLISH);
+
+        this.man = man;
         this.md = md;
         this.signerCache = signerCache;
     }
@@ -108,31 +117,13 @@
     /**
      * returns true if we need the .SF file
      */
-    public boolean needSignatureFileBytes()
+    public boolean needSignatureFile()
     {
-
-        return sfBytes == null;
+        return sfStream == null;
     }
 
-
-    /**
-     * returns true if we need this .SF file.
-     *
-     * @param name the name of the .SF file without the extension
-     *
-     */
-    public boolean needSignatureFile(String name)
-    {
-        return this.name.equalsIgnoreCase(name);
-    }
-
-    /**
-     * used to set the raw bytes of the .SF file when it
-     * is external to the signature block file.
-     */
-    public void setSignatureFile(byte sfBytes[])
-    {
-        this.sfBytes = sfBytes;
+    public void setSignatureFile(InputStream ins) {
+        this.sfStream = ins;
     }
 
     /**
@@ -145,12 +136,18 @@
      *          Signature File or PKCS7 block file name
      */
     public static boolean isBlockOrSF(String s) {
-        // we currently only support DSA and RSA PKCS7 blocks
-        if (s.endsWith(".SF") || s.endsWith(".DSA") ||
-                s.endsWith(".RSA") || s.endsWith(".EC")) {
-            return true;
-        }
-        return false;
+        return s.endsWith(".SF") || isBlock(s);
+    }
+
+    /**
+     * Utility method used by JarVerifier to determine PKCS7 block
+     * files names that are supported
+     *
+     * @param s file name
+     * @return true if the input file name is a PKCS7 block file name
+     */
+    public static boolean isBlock(String s) {
+        return s.endsWith(".DSA") || s.endsWith(".RSA") || s.endsWith(".EC");
     }
 
     /** get digest from cache */
@@ -180,7 +177,7 @@
      *
      *
      */
-    public void process(Hashtable<String, CodeSigner[]> signers,
+    public void process(Map<String, CodeSigner[]> signers,
             List manifestDigests)
         throws IOException, SignatureException, NoSuchAlgorithmException,
             JarException, CertificateException
@@ -197,31 +194,86 @@
 
     }
 
-    private void processImpl(Hashtable<String, CodeSigner[]> signers,
+    private void processImpl(Map<String, CodeSigner[]> signers,
             List manifestDigests)
         throws IOException, SignatureException, NoSuchAlgorithmException,
             JarException, CertificateException
     {
-        Manifest sf = new Manifest();
-        sf.read(new ByteArrayInputStream(sfBytes));
+        SignatureFileManifest sf = new SignatureFileManifest();
+        InputStream ins = sfStream;
 
-        String version =
-            sf.getMainAttributes().getValue(Attributes.Name.SIGNATURE_VERSION);
+        byte[] buffer = new byte[4096];
+        int sLen = block.getSignerInfos().length;
+        boolean mainOK = false;         // main attributes of SF is available...
+        boolean manifestSigned = false; // and it matches MANIFEST.MF
+        BASE64Decoder decoder = new BASE64Decoder();
 
-        if ((version == null) || !(version.equalsIgnoreCase("1.0"))) {
-            // XXX: should this be an exception?
-            // for now we just ignore this signature file
-            return;
+        PKCS7.PKCS7Verifier[] pvs = new PKCS7.PKCS7Verifier[sLen];
+        for (int i=0; i<sLen; i++) {
+            pvs[i] = PKCS7.PKCS7Verifier.from(block, block.getSignerInfos()[i]);
         }
 
-        SignerInfo[] infos = block.verify(sfBytes);
+        /*
+         * Verify SF in streaming mode. The chunks of the file are fed into
+         * the Manifest object sf and all PKCS7Verifiers. As soon as the main
+         * attributes is available, we'll check if manifestSigned is true. If
+         * yes, there is no need to fill in sf's entries field, since it should
+         * be identical to entries in man.
+         */
+        while (true) {
+            int len = ins.read(buffer);
+            if (len < 0) {
+                if (!manifestSigned) {
+                    sf.update(null, 0, 0);
+                }
+                break;
+            } else {
+                for (int i=0; i<sLen; i++) {
+                    if (pvs[i] != null) pvs[i].update(buffer, 0, len);
+                }
+                // Continue reading if verifyManifestHash fails (or, the
+                // main attributes is not available yet)
+                if (!manifestSigned) {
+                    sf.update(buffer, 0, len);
+                    if (!mainOK) {
+                        try {
+                            Attributes attr = sf.getMainAttributes();
+                            String version = attr.getValue(
+                                    Attributes.Name.SIGNATURE_VERSION);
 
-        if (infos == null) {
+                            if ((version == null) ||
+                                    !(version.equalsIgnoreCase("1.0"))) {
+                                // XXX: should this be an exception?
+                                // for now we just ignore this signature file
+                                return;
+                            }
+
+                            mainOK = true;
+                            manifestSigned = verifyManifestHash(
+                                    sf, md, decoder, manifestDigests);
+                        } catch (IllegalStateException ise) {
+                            // main attributes not available yet
+                        }
+                    }
+                }
+            }
+        }
+        List<SignerInfo> intResult = new ArrayList<>(sLen);
+        for (int i = 0; i < sLen; i++) {
+            if (pvs[i] != null) {
+                SignerInfo signerInfo = pvs[i].verify();
+                if (signerInfo != null) {
+                    intResult.add(signerInfo);
+                }
+            }
+        }
+        if (intResult.isEmpty()) {
             throw new SecurityException("cannot verify signature block file " +
                                         name);
         }
 
-        BASE64Decoder decoder = new BASE64Decoder();
+        SignerInfo[] infos =
+                intResult.toArray(new SignerInfo[intResult.size()]);
 
         CodeSigner[] newSigners = getSigners(infos, block);
 
@@ -229,26 +281,37 @@
         if (newSigners == null)
             return;
 
-        Iterator<Map.Entry<String,Attributes>> entries =
-                                sf.getEntries().entrySet().iterator();
-
-        // see if we can verify the whole manifest first
-        boolean manifestSigned = verifyManifestHash(sf, md, decoder, manifestDigests);
-
         // verify manifest main attributes
         if (!manifestSigned && !verifyManifestMainAttrs(sf, md, decoder)) {
             throw new SecurityException
                 ("Invalid signature file digest for Manifest main attributes");
         }
 
-        // go through each section in the signature file
+        Iterator<Map.Entry<String,Attributes>> entries;
+
+        if (manifestSigned) {
+            if (debug != null) {
+                debug.println("full manifest signature match, "
+                        + "update signer info from MANIFEST.MF");
+            }
+            entries = man.getEntries().entrySet().iterator();
+        } else {
+            if (debug != null) {
+                debug.println("full manifest signature unmatch, "
+                        + "update signer info from SF file");
+            }
+            entries = sf.getEntries().entrySet().iterator();
+        }
+
+        // go through each section
+
         while(entries.hasNext()) {
 
             Map.Entry<String,Attributes> e = entries.next();
             String name = e.getKey();
 
             if (manifestSigned ||
-                (verifySection(e.getValue(), name, md, decoder))) {
+                    (verifySection(e.getValue(), name, md, decoder))) {
 
                 if (name.startsWith("./"))
                     name = name.substring(2);
@@ -593,7 +656,6 @@
         if (set == subset)
             return true;
 
-        boolean match;
         for (int i = 0; i < subset.length; i++) {
             if (!contains(set, subset[i]))
                 return false;
@@ -613,8 +675,6 @@
         if ((oldSigners == null) && (signers == newSigners))
             return true;
 
-        boolean match;
-
         // make sure all oldSigners are in signers
         if ((oldSigners != null) && !isSubSet(oldSigners, signers))
             return false;
@@ -638,7 +698,7 @@
     }
 
     void updateSigners(CodeSigner[] newSigners,
-        Hashtable<String, CodeSigner[]> signers, String name) {
+        Map<String, CodeSigner[]> signers, String name) {
 
         CodeSigner[] oldSigners = signers.get(name);
 
--- a/test/java/lang/Character/CheckScript.java	Sun Apr 10 19:45:28 2011 +0100
+++ b/test/java/lang/Character/CheckScript.java	Mon Apr 11 12:52:39 2011 +0100
@@ -1,34 +1,58 @@
+
+/*
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
 /**
  * @test
- * @bug 6945564 6959267
+ * @bug 6945564 6959267 7033561
  * @summary  Check that the j.l.Character.UnicodeScript
  */
 
 import java.io.*;
-import java.lang.reflect.*;
 import java.util.*;
 import java.util.regex.*;
 import java.lang.Character.UnicodeScript;
 
 public class CheckScript {
 
-    static BufferedReader open(String[] args) throws FileNotFoundException {
+    public static void main(String[] args) throws Exception {
+        File fScripts;
+        File fAliases;
         if (args.length == 0) {
-            return new BufferedReader(new FileReader(new File(System.getProperty("test.src", "."), "Scripts.txt")));
-        } else if (args.length == 1) {
-            return new BufferedReader(new FileReader(args[0]));
+            fScripts = new File(System.getProperty("test.src", "."), "Scripts.txt");
+            fAliases = new File(System.getProperty("test.src", "."), "PropertyValueAliases.txt");
+        } else if (args.length == 2) {
+            fScripts = new File(args[0]);
+            fAliases = new File(args[1]);
         } else {
-            System.out.println("java CharacterScript Scripts.txt");
+            System.out.println("java CharacterScript Scripts.txt PropertyValueAliases.txt");
             throw new RuntimeException("Datafile name should be specified.");
         }
-    }
-
-    public static void main(String[] args) throws Exception {
 
         Matcher m = Pattern.compile("(\\p{XDigit}+)(?:\\.{2}(\\p{XDigit}+))?\\s+;\\s+(\\w+)\\s+#.*").matcher("");
         String line = null;
         HashMap<String,ArrayList<Integer>> scripts = new HashMap<>();
-        try (BufferedReader sbfr = open(args)) {
+        try (BufferedReader sbfr = new BufferedReader(new FileReader(fScripts))) {
             while ((line = sbfr.readLine()) != null) {
                 if (line.length() <= 1 || line.charAt(0) == '#') {
                     continue;
@@ -107,5 +131,29 @@
                 }
             }
         }
+        // check all aliases
+        m = Pattern.compile("sc\\s*;\\s*(\\p{Alpha}{4})\\s*;\\s*([\\p{Alpha}|_]+)\\s*.*").matcher("");
+        line = null;
+        try (BufferedReader sbfr = new BufferedReader(new FileReader(fAliases))) {
+            while ((line = sbfr.readLine()) != null) {
+                if (line.length() <= 1 || line.charAt(0) == '#') {
+                    continue;
+                }
+                m.reset(line);
+                if (m.matches()) {
+                    String alias = m.group(1);
+                    String name = m.group(2);
+                    // HRKT -> Katakana_Or_Hiragana not supported
+                    if ("HRKT".equals(alias.toUpperCase(Locale.ENGLISH)))
+                        continue;
+                    if (Character.UnicodeScript.forName(alias) !=
+                        Character.UnicodeScript.forName(name)) {
+                        throw new RuntimeException(
+                            "UnicodeScript failed: alias<" + alias +
+                            "> does not map to <" + name + ">");
+                    }
+                }
+            }
+        }
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/lang/Character/PropertyValueAliases.txt	Mon Apr 11 12:52:39 2011 +0100
@@ -0,0 +1,1178 @@
+# PropertyValueAliases-6.0.0.txt
+# Date: 2010-07-17, 22:44:06 GMT [MD]
+#
+# Unicode Character Database
+# Copyright (c) 1991-2010 Unicode, Inc.
+# For terms of use, see http://www.unicode.org/terms_of_use.html
+# For documentation, see http://www.unicode.org/reports/tr44/
+#
+# This file contains aliases for property values used in the UCD.
+# These names can be used for XML formats of UCD data, for regular-expression
+# property tests, and other programmatic textual descriptions of Unicode data.
+# For information on which properties are normative, see UCD.html.
+#
+# The names may be translated in appropriate environments, and additional
+# aliases may be useful.
+#
+# FORMAT
+#
+# Each line describes a property value name.
+# This consists of three or more fields, separated by semicolons.
+#
+# First Field: The first field describes the property for which that
+# property value name is used.
+#
+# Second Field: The second field is an abbreviated name.
+# If there is no abbreviated name available, the field is marked with "n/a".
+#
+# Third Field: The third field is a long name.
+#
+# In the case of ccc, there are 4 fields. The second field is numeric, third
+# is abbreviated, and fourth is long.
+#
+# The above are the preferred aliases. Other aliases may be listed in additional fields.
+#
+# Loose matching should be applied to all property names and property values, with
+# the exception of String Property values. With loose matching of property names and
+# values, the case distinctions, whitespace, and '_' are ignored. For Numeric Property
+# values, numeric equivalencies are applied: thus "01.00" is equivalent to "1".
+#
+# NOTE: Property value names are NOT unique across properties. For example:
+#
+#   AL means Arabic Letter for the Bidi_Class property, and
+#   AL means Above_Left for the Combining_Class property, and
+#   AL means Alphabetic for the Line_Break property.
+#
+# In addition, some property names may be the same as some property value names.
+# For example:
+#
+#   sc means the Script property, and
+#   Sc means the General_Category property value Currency_Symbol (Sc)
+#
+# The combination of property value and property name is, however, unique.
+#
+# For more information, see UTS #18: Unicode Regular Expressions
+# ================================================
+
+
+# ASCII_Hex_Digit (AHex)
+
+AHex; N        ; No                               ; F                                ; False
+AHex; Y        ; Yes                              ; T                                ; True
+
+# Age (age)
+
+age; n/a       ; 1.1
+age; n/a       ; 2.0
+age; n/a       ; 2.1
+age; n/a       ; 3.0
+age; n/a       ; 3.1
+age; n/a       ; 3.2
+age; n/a       ; 4.0
+age; n/a       ; 4.1
+age; n/a       ; 5.0
+age; n/a       ; 5.1
+age; n/a       ; 5.2
+age; n/a       ; 6.0
+age; n/a       ; unassigned
+
+# Alphabetic (Alpha)
+
+Alpha; N       ; No                               ; F                                ; False
+Alpha; Y       ; Yes                              ; T                                ; True
+
+# Bidi_Class (bc)
+
+bc ; AL        ; Arabic_Letter
+bc ; AN        ; Arabic_Number
+bc ; B         ; Paragraph_Separator
+bc ; BN        ; Boundary_Neutral
+bc ; CS        ; Common_Separator
+bc ; EN        ; European_Number
+bc ; ES        ; European_Separator
+bc ; ET        ; European_Terminator
+bc ; L         ; Left_To_Right
+bc ; LRE       ; Left_To_Right_Embedding
+bc ; LRO       ; Left_To_Right_Override
+bc ; NSM       ; Nonspacing_Mark
+bc ; ON        ; Other_Neutral
+bc ; PDF       ; Pop_Directional_Format
+bc ; R         ; Right_To_Left
+bc ; RLE       ; Right_To_Left_Embedding
+bc ; RLO       ; Right_To_Left_Override
+bc ; S         ; Segment_Separator
+bc ; WS        ; White_Space
+
+# Bidi_Control (Bidi_C)
+
+Bidi_C; N      ; No                               ; F                                ; False
+Bidi_C; Y      ; Yes                              ; T                                ; True
+
+# Bidi_Mirrored (Bidi_M)
+
+Bidi_M; N      ; No                               ; F                                ; False
+Bidi_M; Y      ; Yes                              ; T                                ; True
+
+# Bidi_Mirroring_Glyph (bmg)
+
+# @missing: 0000..10FFFF; Bidi_Mirroring_Glyph; <none>
+
+# Block (blk)
+
+blk; n/a       ; Aegean_Numbers
+blk; n/a       ; Alchemical_Symbols
+blk; n/a       ; Alphabetic_Presentation_Forms
+blk; n/a       ; Ancient_Greek_Musical_Notation
+blk; n/a       ; Ancient_Greek_Numbers
+blk; n/a       ; Ancient_Symbols
+blk; n/a       ; Arabic
+blk; n/a       ; Arabic_Presentation_Forms_A      ; Arabic_Presentation_Forms-A
+blk; n/a       ; Arabic_Presentation_Forms_B
+blk; n/a       ; Arabic_Supplement
+blk; n/a       ; Armenian
+blk; n/a       ; Arrows
+blk; n/a       ; Avestan
+blk; n/a       ; Balinese
+blk; n/a       ; Bamum
+blk; n/a       ; Bamum_Supplement
+blk; n/a       ; Basic_Latin                      ; ASCII
+blk; n/a       ; Batak
+blk; n/a       ; Bengali
+blk; n/a       ; Block_Elements
+blk; n/a       ; Bopomofo
+blk; n/a       ; Bopomofo_Extended
+blk; n/a       ; Box_Drawing
+blk; n/a       ; Brahmi
+blk; n/a       ; Braille_Patterns
+blk; n/a       ; Buginese
+blk; n/a       ; Buhid
+blk; n/a       ; Byzantine_Musical_Symbols
+blk; n/a       ; Carian
+blk; n/a       ; Cham
+blk; n/a       ; Cherokee
+blk; n/a       ; CJK_Compatibility
+blk; n/a       ; CJK_Compatibility_Forms
+blk; n/a       ; CJK_Compatibility_Ideographs
+blk; n/a       ; CJK_Compatibility_Ideographs_Supplement
+blk; n/a       ; CJK_Radicals_Supplement
+blk; n/a       ; CJK_Strokes
+blk; n/a       ; CJK_Symbols_And_Punctuation
+blk; n/a       ; CJK_Unified_Ideographs
+blk; n/a       ; CJK_Unified_Ideographs_Extension_A
+blk; n/a       ; CJK_Unified_Ideographs_Extension_B
+blk; n/a       ; CJK_Unified_Ideographs_Extension_C
+blk; n/a       ; CJK_Unified_Ideographs_Extension_D
+blk; n/a       ; Combining_Diacritical_Marks
+blk; n/a       ; Combining_Diacritical_Marks_For_Symbols; Combining_Marks_For_Symbols
+blk; n/a       ; Combining_Diacritical_Marks_Supplement
+blk; n/a       ; Combining_Half_Marks
+blk; n/a       ; Common_Indic_Number_Forms
+blk; n/a       ; Control_Pictures
+blk; n/a       ; Coptic
+blk; n/a       ; Counting_Rod_Numerals
+blk; n/a       ; Cuneiform
+blk; n/a       ; Cuneiform_Numbers_And_Punctuation
+blk; n/a       ; Currency_Symbols
+blk; n/a       ; Cypriot_Syllabary
+blk; n/a       ; Cyrillic
+blk; n/a       ; Cyrillic_Extended_A
+blk; n/a       ; Cyrillic_Extended_B
+blk; n/a       ; Cyrillic_Supplement              ; Cyrillic_Supplementary
+blk; n/a       ; Deseret
+blk; n/a       ; Devanagari
+blk; n/a       ; Devanagari_Extended
+blk; n/a       ; Dingbats
+blk; n/a       ; Domino_Tiles
+blk; n/a       ; Egyptian_Hieroglyphs
+blk; n/a       ; Emoticons
+blk; n/a       ; Enclosed_Alphanumeric_Supplement
+blk; n/a       ; Enclosed_Alphanumerics
+blk; n/a       ; Enclosed_CJK_Letters_And_Months
+blk; n/a       ; Enclosed_Ideographic_Supplement
+blk; n/a       ; Ethiopic
+blk; n/a       ; Ethiopic_Extended
+blk; n/a       ; Ethiopic_Extended_A
+blk; n/a       ; Ethiopic_Supplement
+blk; n/a       ; General_Punctuation
+blk; n/a       ; Geometric_Shapes
+blk; n/a       ; Georgian
+blk; n/a       ; Georgian_Supplement
+blk; n/a       ; Glagolitic
+blk; n/a       ; Gothic
+blk; n/a       ; Greek_And_Coptic                 ; Greek
+blk; n/a       ; Greek_Extended
+blk; n/a       ; Gujarati
+blk; n/a       ; Gurmukhi
+blk; n/a       ; Halfwidth_And_Fullwidth_Forms
+blk; n/a       ; Hangul_Compatibility_Jamo
+blk; n/a       ; Hangul_Jamo
+blk; n/a       ; Hangul_Jamo_Extended_A
+blk; n/a       ; Hangul_Jamo_Extended_B
+blk; n/a       ; Hangul_Syllables
+blk; n/a       ; Hanunoo
+blk; n/a       ; Hebrew
+blk; n/a       ; High_Private_Use_Surrogates
+blk; n/a       ; High_Surrogates
+blk; n/a       ; Hiragana
+blk; n/a       ; Ideographic_Description_Characters
+blk; n/a       ; Imperial_Aramaic
+blk; n/a       ; Inscriptional_Pahlavi
+blk; n/a       ; Inscriptional_Parthian
+blk; n/a       ; IPA_Extensions
+blk; n/a       ; Javanese
+blk; n/a       ; Kaithi
+blk; n/a       ; Kana_Supplement
+blk; n/a       ; Kanbun
+blk; n/a       ; Kangxi_Radicals
+blk; n/a       ; Kannada
+blk; n/a       ; Katakana
+blk; n/a       ; Katakana_Phonetic_Extensions
+blk; n/a       ; Kayah_Li
+blk; n/a       ; Kharoshthi
+blk; n/a       ; Khmer
+blk; n/a       ; Khmer_Symbols
+blk; n/a       ; Lao
+blk; n/a       ; Latin_1_Supplement               ; Latin_1
+blk; n/a       ; Latin_Extended_A
+blk; n/a       ; Latin_Extended_Additional
+blk; n/a       ; Latin_Extended_B
+blk; n/a       ; Latin_Extended_C
+blk; n/a       ; Latin_Extended_D
+blk; n/a       ; Lepcha
+blk; n/a       ; Letterlike_Symbols
+blk; n/a       ; Limbu
+blk; n/a       ; Linear_B_Ideograms
+blk; n/a       ; Linear_B_Syllabary
+blk; n/a       ; Lisu
+blk; n/a       ; Low_Surrogates
+blk; n/a       ; Lycian
+blk; n/a       ; Lydian
+blk; n/a       ; Mahjong_Tiles
+blk; n/a       ; Malayalam
+blk; n/a       ; Mandaic
+blk; n/a       ; Mathematical_Alphanumeric_Symbols
+blk; n/a       ; Mathematical_Operators
+blk; n/a       ; Meetei_Mayek
+blk; n/a       ; Miscellaneous_Mathematical_Symbols_A
+blk; n/a       ; Miscellaneous_Mathematical_Symbols_B
+blk; n/a       ; Miscellaneous_Symbols
+blk; n/a       ; Miscellaneous_Symbols_And_Arrows
+blk; n/a       ; Miscellaneous_Symbols_And_Pictographs
+blk; n/a       ; Miscellaneous_Technical
+blk; n/a       ; Modifier_Tone_Letters
+blk; n/a       ; Mongolian
+blk; n/a       ; Musical_Symbols
+blk; n/a       ; Myanmar
+blk; n/a       ; Myanmar_Extended_A
+blk; n/a       ; New_Tai_Lue
+blk; n/a       ; NKo
+blk; n/a       ; No_Block
+blk; n/a       ; Number_Forms
+blk; n/a       ; Ogham
+blk; n/a       ; Ol_Chiki
+blk; n/a       ; Old_Italic
+blk; n/a       ; Old_Persian
+blk; n/a       ; Old_South_Arabian
+blk; n/a       ; Old_Turkic
+blk; n/a       ; Optical_Character_Recognition
+blk; n/a       ; Oriya
+blk; n/a       ; Osmanya
+blk; n/a       ; Phags_Pa
+blk; n/a       ; Phaistos_Disc
+blk; n/a       ; Phoenician
+blk; n/a       ; Phonetic_Extensions
+blk; n/a       ; Phonetic_Extensions_Supplement
+blk; n/a       ; Playing_Cards
+blk; n/a       ; Private_Use_Area                 ; Private_Use
+blk; n/a       ; Rejang
+blk; n/a       ; Rumi_Numeral_Symbols
+blk; n/a       ; Runic
+blk; n/a       ; Samaritan
+blk; n/a       ; Saurashtra
+blk; n/a       ; Shavian
+blk; n/a       ; Sinhala
+blk; n/a       ; Small_Form_Variants
+blk; n/a       ; Spacing_Modifier_Letters
+blk; n/a       ; Specials
+blk; n/a       ; Sundanese
+blk; n/a       ; Superscripts_And_Subscripts
+blk; n/a       ; Supplemental_Arrows_A
+blk; n/a       ; Supplemental_Arrows_B
+blk; n/a       ; Supplemental_Mathematical_Operators
+blk; n/a       ; Supplemental_Punctuation
+blk; n/a       ; Supplementary_Private_Use_Area_A
+blk; n/a       ; Supplementary_Private_Use_Area_B
+blk; n/a       ; Syloti_Nagri
+blk; n/a       ; Syriac
+blk; n/a       ; Tagalog
+blk; n/a       ; Tagbanwa
+blk; n/a       ; Tags
+blk; n/a       ; Tai_Le
+blk; n/a       ; Tai_Tham
+blk; n/a       ; Tai_Viet
+blk; n/a       ; Tai_Xuan_Jing_Symbols
+blk; n/a       ; Tamil
+blk; n/a       ; Telugu
+blk; n/a       ; Thaana
+blk; n/a       ; Thai
+blk; n/a       ; Tibetan
+blk; n/a       ; Tifinagh
+blk; n/a       ; Transport_And_Map_Symbols
+blk; n/a       ; Ugaritic
+blk; n/a       ; Unified_Canadian_Aboriginal_Syllabics; Canadian_Syllabics
+blk; n/a       ; Unified_Canadian_Aboriginal_Syllabics_Extended
+blk; n/a       ; Vai
+blk; n/a       ; Variation_Selectors
+blk; n/a       ; Variation_Selectors_Supplement
+blk; n/a       ; Vedic_Extensions
+blk; n/a       ; Vertical_Forms
+blk; n/a       ; Yi_Radicals
+blk; n/a       ; Yi_Syllables
+blk; n/a       ; Yijing_Hexagram_Symbols
+
+# Canonical_Combining_Class (ccc)
+
+ccc;   0; NR   ; Not_Reordered
+ccc;   1; OV   ; Overlay
+ccc;   7; NK   ; Nukta
+ccc;   8; KV   ; Kana_Voicing
+ccc;   9; VR   ; Virama
+ccc; 200; ATBL ; Attached_Below_Left
+ccc; 202; ATB  ; Attached_Below
+ccc; 214; ATA  ; Attached_Above
+ccc; 216; ATAR ; Attached_Above_Right
+ccc; 218; BL   ; Below_Left
+ccc; 220; B    ; Below
+ccc; 222; BR   ; Below_Right
+ccc; 224; L    ; Left
+ccc; 226; R    ; Right
+ccc; 228; AL   ; Above_Left
+ccc; 230; A    ; Above
+ccc; 232; AR   ; Above_Right
+ccc; 233; DB   ; Double_Below
+ccc; 234; DA   ; Double_Above
+ccc; 240; IS   ; Iota_Subscript
+
+# Case_Folding (cf)
+
+# @missing: 0000..10FFFF; Case_Folding; <code point>
+
+# Case_Ignorable (CI)
+
+CI ; N         ; No                               ; F                                ; False
+CI ; Y         ; Yes                              ; T                                ; True
+
+# Cased (Cased)
+
+Cased; N       ; No                               ; F                                ; False
+Cased; Y       ; Yes                              ; T                                ; True
+
+# Changes_When_Casefolded (CWCF)
+
+CWCF; N        ; No                               ; F                                ; False
+CWCF; Y        ; Yes                              ; T                                ; True
+
+# Changes_When_Casemapped (CWCM)
+
+CWCM; N        ; No                               ; F                                ; False
+CWCM; Y        ; Yes                              ; T                                ; True
+
+# Changes_When_Lowercased (CWL)
+
+CWL; N         ; No                               ; F                                ; False
+CWL; Y         ; Yes                              ; T                                ; True
+
+# Changes_When_NFKC_Casefolded (CWKCF)
+
+CWKCF; N       ; No                               ; F                                ; False
+CWKCF; Y       ; Yes                              ; T                                ; True
+
+# Changes_When_Titlecased (CWT)
+
+CWT; N         ; No                               ; F                                ; False
+CWT; Y         ; Yes                              ; T                                ; True
+
+# Changes_When_Uppercased (CWU)
+
+CWU; N         ; No                               ; F                                ; False
+CWU; Y         ; Yes                              ; T                                ; True
+
+# Composition_Exclusion (CE)
+
+CE ; N         ; No                               ; F                                ; False
+CE ; Y         ; Yes                              ; T                                ; True
+
+# Dash (Dash)
+
+Dash; N        ; No                               ; F                                ; False
+Dash; Y        ; Yes                              ; T                                ; True
+
+# Decomposition_Mapping (dm)
+
+# @missing: 0000..10FFFF; Decomposition_Mapping; <code point>
+
+# Decomposition_Type (dt)
+
+dt ; Can       ; Canonical                        ; can
+dt ; Com       ; Compat                           ; com
+dt ; Enc       ; Circle                           ; enc
+dt ; Fin       ; Final                            ; fin
+dt ; Font      ; font
+dt ; Fra       ; Fraction                         ; fra
+dt ; Init      ; Initial                          ; init
+dt ; Iso       ; Isolated                         ; iso
+dt ; Med       ; Medial                           ; med
+dt ; Nar       ; Narrow                           ; nar
+dt ; Nb        ; Nobreak                          ; nb
+dt ; None      ; none
+dt ; Sml       ; Small                            ; sml
+dt ; Sqr       ; Square                           ; sqr
+dt ; Sub       ; sub
+dt ; Sup       ; Super                            ; sup
+dt ; Vert      ; Vertical                         ; vert
+dt ; Wide      ; wide
+
+# Default_Ignorable_Code_Point (DI)
+
+DI ; N         ; No                               ; F                                ; False
+DI ; Y         ; Yes                              ; T                                ; True
+
+# Deprecated (Dep)
+
+Dep; N         ; No                               ; F                                ; False
+Dep; Y         ; Yes                              ; T                                ; True
+
+# Diacritic (Dia)
+
+Dia; N         ; No                               ; F                                ; False
+Dia; Y         ; Yes                              ; T                                ; True
+
+# East_Asian_Width (ea)
+
+ea ; A         ; Ambiguous
+ea ; F         ; Fullwidth
+ea ; H         ; Halfwidth
+ea ; N         ; Neutral
+ea ; Na        ; Narrow
+ea ; W         ; Wide
+
+# Expands_On_NFC (XO_NFC)
+
+XO_NFC; N      ; No                               ; F                                ; False
+XO_NFC; Y      ; Yes                              ; T                                ; True
+
+# Expands_On_NFD (XO_NFD)
+
+XO_NFD; N      ; No                               ; F                                ; False
+XO_NFD; Y      ; Yes                              ; T                                ; True
+
+# Expands_On_NFKC (XO_NFKC)
+
+XO_NFKC; N     ; No                               ; F                                ; False
+XO_NFKC; Y     ; Yes                              ; T                                ; True
+
+# Expands_On_NFKD (XO_NFKD)
+
+XO_NFKD; N     ; No                               ; F                                ; False
+XO_NFKD; Y     ; Yes                              ; T                                ; True
+
+# Extender (Ext)
+
+Ext; N         ; No                               ; F                                ; False
+Ext; Y         ; Yes                              ; T                                ; True
+
+# FC_NFKC_Closure (FC_NFKC)
+
+# @missing: 0000..10FFFF; FC_NFKC_Closure; <code point>
+
+# Full_Composition_Exclusion (Comp_Ex)
+
+Comp_Ex; N     ; No                               ; F                                ; False
+Comp_Ex; Y     ; Yes                              ; T                                ; True
+
+# General_Category (gc)
+
+gc ; C         ; Other                            # Cc | Cf | Cn | Co | Cs
+gc ; Cc        ; Control                          ; cntrl
+gc ; Cf        ; Format
+gc ; Cn        ; Unassigned
+gc ; Co        ; Private_Use
+gc ; Cs        ; Surrogate
+gc ; L         ; Letter                           # Ll | Lm | Lo | Lt | Lu
+gc ; LC        ; Cased_Letter                     # Ll | Lt | Lu
+gc ; Ll        ; Lowercase_Letter
+gc ; Lm        ; Modifier_Letter
+gc ; Lo        ; Other_Letter
+gc ; Lt        ; Titlecase_Letter
+gc ; Lu        ; Uppercase_Letter
+gc ; M         ; Mark                             # Mc | Me | Mn
+gc ; Mc        ; Spacing_Mark
+gc ; Me        ; Enclosing_Mark
+gc ; Mn        ; Nonspacing_Mark
+gc ; N         ; Number                           # Nd | Nl | No
+gc ; Nd        ; Decimal_Number                   ; digit
+gc ; Nl        ; Letter_Number
+gc ; No        ; Other_Number
+gc ; P         ; Punctuation                      ; punct                            # Pc | Pd | Pe | Pf | Pi | Po | Ps
+gc ; Pc        ; Connector_Punctuation
+gc ; Pd        ; Dash_Punctuation
+gc ; Pe        ; Close_Punctuation
+gc ; Pf        ; Final_Punctuation
+gc ; Pi        ; Initial_Punctuation
+gc ; Po        ; Other_Punctuation
+gc ; Ps        ; Open_Punctuation
+gc ; S         ; Symbol                           # Sc | Sk | Sm | So
+gc ; Sc        ; Currency_Symbol
+gc ; Sk        ; Modifier_Symbol
+gc ; Sm        ; Math_Symbol
+gc ; So        ; Other_Symbol
+gc ; Z         ; Separator                        # Zl | Zp | Zs
+gc ; Zl        ; Line_Separator
+gc ; Zp        ; Paragraph_Separator
+gc ; Zs        ; Space_Separator
+
+# Grapheme_Base (Gr_Base)
+
+Gr_Base; N     ; No                               ; F                                ; False
+Gr_Base; Y     ; Yes                              ; T                                ; True
+
+# Grapheme_Cluster_Break (GCB)
+
+GCB; CN        ; Control
+GCB; CR        ; CR
+GCB; EX        ; Extend
+GCB; L         ; L
+GCB; LF        ; LF
+GCB; LV        ; LV
+GCB; LVT       ; LVT
+GCB; PP        ; Prepend
+GCB; SM        ; SpacingMark
+GCB; T         ; T
+GCB; V         ; V
+GCB; XX        ; Other
+
+# Grapheme_Extend (Gr_Ext)
+
+Gr_Ext; N      ; No                               ; F                                ; False
+Gr_Ext; Y      ; Yes                              ; T                                ; True
+
+# Grapheme_Link (Gr_Link)
+
+Gr_Link; N     ; No                               ; F                                ; False
+Gr_Link; Y     ; Yes                              ; T                                ; True
+
+# Hangul_Syllable_Type (hst)
+
+hst; L         ; Leading_Jamo
+hst; LV        ; LV_Syllable
+hst; LVT       ; LVT_Syllable
+hst; NA        ; Not_Applicable
+hst; T         ; Trailing_Jamo
+hst; V         ; Vowel_Jamo
+
+# Hex_Digit (Hex)
+
+Hex; N         ; No                               ; F                                ; False
+Hex; Y         ; Yes                              ; T                                ; True
+
+# Hyphen (Hyphen)
+
+Hyphen; N      ; No                               ; F                                ; False
+Hyphen; Y      ; Yes                              ; T                                ; True
+
+# IDS_Binary_Operator (IDSB)
+
+IDSB; N        ; No                               ; F                                ; False
+IDSB; Y        ; Yes                              ; T                                ; True
+
+# IDS_Trinary_Operator (IDST)
+
+IDST; N        ; No                               ; F                                ; False
+IDST; Y        ; Yes                              ; T                                ; True
+
+# ID_Continue (IDC)
+
+IDC; N         ; No                               ; F                                ; False
+IDC; Y         ; Yes                              ; T                                ; True
+
+# ID_Start (IDS)
+
+IDS; N         ; No                               ; F                                ; False
+IDS; Y         ; Yes                              ; T                                ; True
+
+# ISO_Comment (isc)
+
+# @missing: 0000..10FFFF; ISO_Comment; <none>
+
+# Ideographic (Ideo)
+
+Ideo; N        ; No                               ; F                                ; False
+Ideo; Y        ; Yes                              ; T                                ; True
+
+# Jamo_Short_Name (JSN)
+
+# @missing: 0000..10FFFF; Jamo_Short_Name; <none>
+JSN; A         ; A
+JSN; AE        ; AE
+JSN; B         ; B
+JSN; BB        ; BB
+JSN; BS        ; BS
+JSN; C         ; C
+JSN; D         ; D
+JSN; DD        ; DD
+JSN; E         ; E
+JSN; EO        ; EO
+JSN; EU        ; EU
+JSN; G         ; G
+JSN; GG        ; GG
+JSN; GS        ; GS
+JSN; H         ; H
+JSN; I         ; I
+JSN; J         ; J
+JSN; JJ        ; JJ
+JSN; K         ; K
+JSN; L         ; L
+JSN; LB        ; LB
+JSN; LG        ; LG
+JSN; LH        ; LH
+JSN; LM        ; LM
+JSN; LP        ; LP
+JSN; LS        ; LS
+JSN; LT        ; LT
+JSN; M         ; M
+JSN; N         ; N
+JSN; NG        ; NG
+JSN; NH        ; NH
+JSN; NJ        ; NJ
+JSN; O         ; O
+JSN; OE        ; OE
+JSN; P         ; P
+JSN; R         ; R
+JSN; S         ; S
+JSN; SS        ; SS
+JSN; T         ; T
+JSN; U         ; U
+JSN; WA        ; WA
+JSN; WAE       ; WAE
+JSN; WE        ; WE
+JSN; WEO       ; WEO
+JSN; WI        ; WI
+JSN; YA        ; YA
+JSN; YAE       ; YAE
+JSN; YE        ; YE
+JSN; YEO       ; YEO
+JSN; YI        ; YI
+JSN; YO        ; YO
+JSN; YU        ; YU
+
+# Join_Control (Join_C)
+
+Join_C; N      ; No                               ; F                                ; False
+Join_C; Y      ; Yes                              ; T                                ; True
+
+# Joining_Group (jg)
+
+jg ; n/a       ; Ain
+jg ; n/a       ; Alaph
+jg ; n/a       ; Alef
+jg ; n/a       ; Beh
+jg ; n/a       ; Beth
+jg ; n/a       ; Burushaski_Yeh_Barree
+jg ; n/a       ; Dal
+jg ; n/a       ; Dalath_Rish
+jg ; n/a       ; E
+jg ; n/a       ; Farsi_Yeh
+jg ; n/a       ; Fe
+jg ; n/a       ; Feh
+jg ; n/a       ; Final_Semkath
+jg ; n/a       ; Gaf
+jg ; n/a       ; Gamal
+jg ; n/a       ; Hah
+jg ; n/a       ; He
+jg ; n/a       ; Heh
+jg ; n/a       ; Heh_Goal
+jg ; n/a       ; Heth
+jg ; n/a       ; Kaf
+jg ; n/a       ; Kaph
+jg ; n/a       ; Khaph
+jg ; n/a       ; Knotted_Heh
+jg ; n/a       ; Lam
+jg ; n/a       ; Lamadh
+jg ; n/a       ; Meem
+jg ; n/a       ; Mim
+jg ; n/a       ; No_Joining_Group
+jg ; n/a       ; Noon
+jg ; n/a       ; Nun
+jg ; n/a       ; Nya
+jg ; n/a       ; Pe
+jg ; n/a       ; Qaf
+jg ; n/a       ; Qaph
+jg ; n/a       ; Reh
+jg ; n/a       ; Reversed_Pe
+jg ; n/a       ; Sad
+jg ; n/a       ; Sadhe
+jg ; n/a       ; Seen
+jg ; n/a       ; Semkath
+jg ; n/a       ; Shin
+jg ; n/a       ; Swash_Kaf
+jg ; n/a       ; Syriac_Waw
+jg ; n/a       ; Tah
+jg ; n/a       ; Taw
+jg ; n/a       ; Teh_Marbuta
+jg ; n/a       ; Teh_Marbuta_Goal                 ; Hamza_On_Heh_Goal
+jg ; n/a       ; Teth
+jg ; n/a       ; Waw
+jg ; n/a       ; Yeh
+jg ; n/a       ; Yeh_Barree
+jg ; n/a       ; Yeh_With_Tail
+jg ; n/a       ; Yudh
+jg ; n/a       ; Yudh_He
+jg ; n/a       ; Zain
+jg ; n/a       ; Zhain
+
+# Joining_Type (jt)
+
+jt ; C         ; Join_Causing
+jt ; D         ; Dual_Joining
+jt ; L         ; Left_Joining
+jt ; R         ; Right_Joining
+jt ; T         ; Transparent
+jt ; U         ; Non_Joining
+
+# Line_Break (lb)
+
+lb ; AI        ; Ambiguous
+lb ; AL        ; Alphabetic
+lb ; B2        ; Break_Both
+lb ; BA        ; Break_After
+lb ; BB        ; Break_Before
+lb ; BK        ; Mandatory_Break
+lb ; CB        ; Contingent_Break
+lb ; CL        ; Close_Punctuation
+lb ; CM        ; Combining_Mark
+lb ; CP        ; Close_Parenthesis
+lb ; CR        ; Carriage_Return
+lb ; EX        ; Exclamation
+lb ; GL        ; Glue
+lb ; H2        ; H2
+lb ; H3        ; H3
+lb ; HY        ; Hyphen
+lb ; ID        ; Ideographic
+lb ; IN        ; Inseparable                      ; Inseperable
+lb ; IS        ; Infix_Numeric
+lb ; JL        ; JL
+lb ; JT        ; JT
+lb ; JV        ; JV
+lb ; LF        ; Line_Feed
+lb ; NL        ; Next_Line
+lb ; NS        ; Nonstarter
+lb ; NU        ; Numeric
+lb ; OP        ; Open_Punctuation
+lb ; PO        ; Postfix_Numeric
+lb ; PR        ; Prefix_Numeric
+lb ; QU        ; Quotation
+lb ; SA        ; Complex_Context
+lb ; SG        ; Surrogate
+lb ; SP        ; Space
+lb ; SY        ; Break_Symbols
+lb ; WJ        ; Word_Joiner
+lb ; XX        ; Unknown
+lb ; ZW        ; ZWSpace
+
+# Logical_Order_Exception (LOE)
+
+LOE; N         ; No                               ; F                                ; False
+LOE; Y         ; Yes                              ; T                                ; True
+
+# Lowercase (Lower)
+
+Lower; N       ; No                               ; F                                ; False
+Lower; Y       ; Yes                              ; T                                ; True
+
+# Lowercase_Mapping (lc)
+
+# @missing: 0000..10FFFF; Lowercase_Mapping; <code point>
+
+# Math (Math)
+
+Math; N        ; No                               ; F                                ; False
+Math; Y        ; Yes                              ; T                                ; True
+
+# NFC_Quick_Check (NFC_QC)
+
+NFC_QC; M      ; Maybe
+NFC_QC; N      ; No
+NFC_QC; Y      ; Yes
+
+# NFD_Quick_Check (NFD_QC)
+
+NFD_QC; N      ; No
+NFD_QC; Y      ; Yes
+
+# NFKC_Casefold (NFKC_CF)
+
+# @missing: 0000..10FFFF; NFKC_Casefold; <code point>
+
+# NFKC_Quick_Check (NFKC_QC)
+
+NFKC_QC; M     ; Maybe
+NFKC_QC; N     ; No
+NFKC_QC; Y     ; Yes
+
+# NFKD_Quick_Check (NFKD_QC)
+
+NFKD_QC; N     ; No
+NFKD_QC; Y     ; Yes
+
+# Name (na)
+
+# @missing: 0000..10FFFF; Name; <none>
+
+# Name_Alias (Name_Alias)
+
+# @missing: 0000..10FFFF; Name_Alias; <none>
+
+# Noncharacter_Code_Point (NChar)
+
+NChar; N       ; No                               ; F                                ; False
+NChar; Y       ; Yes                              ; T                                ; True
+
+# Numeric_Type (nt)
+
+nt ; De        ; Decimal
+nt ; Di        ; Digit
+nt ; None      ; None
+nt ; Nu        ; Numeric
+
+# Numeric_Value (nv)
+
+# @missing: 0000..10FFFF; Numeric_Value; NaN
+
+# Other_Alphabetic (OAlpha)
+
+OAlpha; N      ; No                               ; F                                ; False
+OAlpha; Y      ; Yes                              ; T                                ; True
+
+# Other_Default_Ignorable_Code_Point (ODI)
+
+ODI; N         ; No                               ; F                                ; False
+ODI; Y         ; Yes                              ; T                                ; True
+
+# Other_Grapheme_Extend (OGr_Ext)
+
+OGr_Ext; N     ; No                               ; F                                ; False
+OGr_Ext; Y     ; Yes                              ; T                                ; True
+
+# Other_ID_Continue (OIDC)
+
+OIDC; N        ; No                               ; F                                ; False
+OIDC; Y        ; Yes                              ; T                                ; True
+
+# Other_ID_Start (OIDS)
+
+OIDS; N        ; No                               ; F                                ; False
+OIDS; Y        ; Yes                              ; T                                ; True
+
+# Other_Lowercase (OLower)
+
+OLower; N      ; No                               ; F                                ; False
+OLower; Y      ; Yes                              ; T                                ; True
+
+# Other_Math (OMath)
+
+OMath; N       ; No                               ; F                                ; False
+OMath; Y       ; Yes                              ; T                                ; True
+
+# Other_Uppercase (OUpper)
+
+OUpper; N      ; No                               ; F                                ; False
+OUpper; Y      ; Yes                              ; T                                ; True
+
+# Pattern_Syntax (Pat_Syn)
+
+Pat_Syn; N     ; No                               ; F                                ; False
+Pat_Syn; Y     ; Yes                              ; T                                ; True
+
+# Pattern_White_Space (Pat_WS)
+
+Pat_WS; N      ; No                               ; F                                ; False
+Pat_WS; Y      ; Yes                              ; T                                ; True
+
+# Quotation_Mark (QMark)
+
+QMark; N       ; No                               ; F                                ; False
+QMark; Y       ; Yes                              ; T                                ; True
+
+# Radical (Radical)
+
+Radical; N     ; No                               ; F                                ; False
+Radical; Y     ; Yes                              ; T                                ; True
+
+# STerm (STerm)
+
+STerm; N       ; No                               ; F                                ; False
+STerm; Y       ; Yes                              ; T                                ; True
+
+# Script (sc)
+
+sc ; Arab      ; Arabic
+sc ; Armi      ; Imperial_Aramaic
+sc ; Armn      ; Armenian
+sc ; Avst      ; Avestan
+sc ; Bali      ; Balinese
+sc ; Bamu      ; Bamum
+sc ; Batk      ; Batak
+sc ; Beng      ; Bengali
+sc ; Bopo      ; Bopomofo
+sc ; Brah      ; Brahmi
+sc ; Brai      ; Braille
+sc ; Bugi      ; Buginese
+sc ; Buhd      ; Buhid
+sc ; Cans      ; Canadian_Aboriginal
+sc ; Cari      ; Carian
+sc ; Cham      ; Cham
+sc ; Cher      ; Cherokee
+sc ; Copt      ; Coptic                           ; Qaac
+sc ; Cprt      ; Cypriot
+sc ; Cyrl      ; Cyrillic
+sc ; Deva      ; Devanagari
+sc ; Dsrt      ; Deseret
+sc ; Egyp      ; Egyptian_Hieroglyphs
+sc ; Ethi      ; Ethiopic
+sc ; Geor      ; Georgian
+sc ; Glag      ; Glagolitic
+sc ; Goth      ; Gothic
+sc ; Grek      ; Greek
+sc ; Gujr      ; Gujarati
+sc ; Guru      ; Gurmukhi
+sc ; Hang      ; Hangul
+sc ; Hani      ; Han
+sc ; Hano      ; Hanunoo
+sc ; Hebr      ; Hebrew
+sc ; Hira      ; Hiragana
+sc ; Hrkt      ; Katakana_Or_Hiragana
+sc ; Ital      ; Old_Italic
+sc ; Java      ; Javanese
+sc ; Kali      ; Kayah_Li
+sc ; Kana      ; Katakana
+sc ; Khar      ; Kharoshthi
+sc ; Khmr      ; Khmer
+sc ; Knda      ; Kannada
+sc ; Kthi      ; Kaithi
+sc ; Lana      ; Tai_Tham
+sc ; Laoo      ; Lao
+sc ; Latn      ; Latin
+sc ; Lepc      ; Lepcha
+sc ; Limb      ; Limbu
+sc ; Linb      ; Linear_B
+sc ; Lisu      ; Lisu
+sc ; Lyci      ; Lycian
+sc ; Lydi      ; Lydian
+sc ; Mand      ; Mandaic
+sc ; Mlym      ; Malayalam
+sc ; Mong      ; Mongolian
+sc ; Mtei      ; Meetei_Mayek
+sc ; Mymr      ; Myanmar
+sc ; Nkoo      ; Nko
+sc ; Ogam      ; Ogham
+sc ; Olck      ; Ol_Chiki
+sc ; Orkh      ; Old_Turkic
+sc ; Orya      ; Oriya
+sc ; Osma      ; Osmanya
+sc ; Phag      ; Phags_Pa
+sc ; Phli      ; Inscriptional_Pahlavi
+sc ; Phnx      ; Phoenician
+sc ; Prti      ; Inscriptional_Parthian
+sc ; Rjng      ; Rejang
+sc ; Runr      ; Runic
+sc ; Samr      ; Samaritan
+sc ; Sarb      ; Old_South_Arabian
+sc ; Saur      ; Saurashtra
+sc ; Shaw      ; Shavian
+sc ; Sinh      ; Sinhala
+sc ; Sund      ; Sundanese
+sc ; Sylo      ; Syloti_Nagri
+sc ; Syrc      ; Syriac
+sc ; Tagb      ; Tagbanwa
+sc ; Tale      ; Tai_Le
+sc ; Talu      ; New_Tai_Lue
+sc ; Taml      ; Tamil
+sc ; Tavt      ; Tai_Viet
+sc ; Telu      ; Telugu
+sc ; Tfng      ; Tifinagh
+sc ; Tglg      ; Tagalog
+sc ; Thaa      ; Thaana
+sc ; Thai      ; Thai
+sc ; Tibt      ; Tibetan
+sc ; Ugar      ; Ugaritic
+sc ; Vaii      ; Vai
+sc ; Xpeo      ; Old_Persian
+sc ; Xsux      ; Cuneiform
+sc ; Yiii      ; Yi
+sc ; Zinh      ; Inherited                        ; Qaai
+sc ; Zyyy      ; Common
+sc ; Zzzz      ; Unknown
+
+# Sentence_Break (SB)
+
+SB ; AT        ; ATerm
+SB ; CL        ; Close
+SB ; CR        ; CR
+SB ; EX        ; Extend
+SB ; FO        ; Format
+SB ; LE        ; OLetter
+SB ; LF        ; LF
+SB ; LO        ; Lower
+SB ; NU        ; Numeric
+SB ; SC        ; SContinue
+SB ; SE        ; Sep
+SB ; SP        ; Sp
+SB ; ST        ; STerm
+SB ; UP        ; Upper
+SB ; XX        ; Other
+
+# Simple_Case_Folding (scf)
+
+# @missing: 0000..10FFFF; Simple_Case_Folding; <code point>
+
+# Simple_Lowercase_Mapping (slc)
+
+# @missing: 0000..10FFFF; Simple_Lowercase_Mapping; <code point>
+
+# Simple_Titlecase_Mapping (stc)
+
+# @missing: 0000..10FFFF; Simple_Titlecase_Mapping; <code point>
+
+# Simple_Uppercase_Mapping (suc)
+
+# @missing: 0000..10FFFF; Simple_Uppercase_Mapping; <code point>
+
+# Soft_Dotted (SD)
+
+SD ; N         ; No                               ; F                                ; False
+SD ; Y         ; Yes                              ; T                                ; True
+
+# Terminal_Punctuation (Term)
+
+Term; N        ; No                               ; F                                ; False
+Term; Y        ; Yes                              ; T                                ; True
+
+# Titlecase_Mapping (tc)
+
+# @missing: 0000..10FFFF; Titlecase_Mapping; <code point>
+
+# Unicode_1_Name (na1)
+
+# @missing: 0000..10FFFF; Unicode_1_Name; <none>
+
+# Unified_Ideograph (UIdeo)
+
+UIdeo; N       ; No                               ; F                                ; False
+UIdeo; Y       ; Yes                              ; T                                ; True
+
+# Uppercase (Upper)
+
+Upper; N       ; No                               ; F                                ; False
+Upper; Y       ; Yes                              ; T                                ; True
+
+# Uppercase_Mapping (uc)
+
+# @missing: 0000..10FFFF; Uppercase_Mapping; <code point>
+
+# Variation_Selector (VS)
+
+VS ; N         ; No                               ; F                                ; False
+VS ; Y         ; Yes                              ; T                                ; True
+
+# White_Space (WSpace)
+
+WSpace; N      ; No                               ; F                                ; False
+WSpace; Y      ; Yes                              ; T                                ; True
+
+# Word_Break (WB)
+
+WB ; CR        ; CR
+WB ; EX        ; ExtendNumLet
+WB ; Extend    ; Extend
+WB ; FO        ; Format
+WB ; KA        ; Katakana
+WB ; LE        ; ALetter
+WB ; LF        ; LF
+WB ; MB        ; MidNumLet
+WB ; ML        ; MidLetter
+WB ; MN        ; MidNum
+WB ; NL        ; Newline
+WB ; NU        ; Numeric
+WB ; XX        ; Other
+
+# XID_Continue (XIDC)
+
+XIDC; N        ; No                               ; F                                ; False
+XIDC; Y        ; Yes                              ; T                                ; True
+
+# XID_Start (XIDS)
+
+XIDS; N        ; No                               ; F                                ; False
+XIDS; Y        ; Yes                              ; T                                ; True
+
+# cjkAccountingNumeric (cjkAccountingNumeric)
+
+# @missing: 0000..10FFFF; cjkAccountingNumeric; NaN
+
+# cjkCompatibilityVariant (cjkCompatibilityVariant)
+
+# @missing: 0000..10FFFF; cjkCompatibilityVariant; <code point>
+
+# cjkIICore (cjkIICore)
+
+# @missing: 0000..10FFFF; cjkIICore; <none>
+
+# cjkIRG_GSource (cjkIRG_GSource)
+
+# @missing: 0000..10FFFF; cjkIRG_GSource; <none>
+
+# cjkIRG_HSource (cjkIRG_HSource)
+
+# @missing: 0000..10FFFF; cjkIRG_HSource; <none>
+
+# cjkIRG_JSource (cjkIRG_JSource)
+
+# @missing: 0000..10FFFF; cjkIRG_JSource; <none>
+
+# cjkIRG_KPSource (cjkIRG_KPSource)
+
+# @missing: 0000..10FFFF; cjkIRG_KPSource; <none>
+
+# cjkIRG_KSource (cjkIRG_KSource)
+
+# @missing: 0000..10FFFF; cjkIRG_KSource; <none>
+
+# cjkIRG_MSource (cjkIRG_MSource)
+
+# @missing: 0000..10FFFF; cjkIRG_MSource; <none>
+
+# cjkIRG_TSource (cjkIRG_TSource)
+
+# @missing: 0000..10FFFF; cjkIRG_TSource; <none>
+
+# cjkIRG_USource (cjkIRG_USource)
+
+# @missing: 0000..10FFFF; cjkIRG_USource; <none>
+
+# cjkIRG_VSource (cjkIRG_VSource)
+
+# @missing: 0000..10FFFF; cjkIRG_VSource; <none>
+
+# cjkOtherNumeric (cjkOtherNumeric)
+
+# @missing: 0000..10FFFF; cjkOtherNumeric; NaN
+
+# cjkPrimaryNumeric (cjkPrimaryNumeric)
+
+# @missing: 0000..10FFFF; cjkPrimaryNumeric; NaN
+
+# cjkRSUnicode (cjkRSUnicode)
+
+# @missing: 0000..10FFFF; cjkRSUnicode; <none>
+
+# EOF
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/krb5/KrbCredSubKey.java	Mon Apr 11 12:52:39 2011 +0100
@@ -0,0 +1,352 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 7030180
+ * @run main/othervm KrbCredSubKey
+ * @summary AES 128/256 decrypt exception
+ */
+
+import java.io.FileOutputStream;
+import java.security.PrivilegedExceptionAction;
+import javax.security.auth.Subject;
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
+import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSCredential;
+import org.ietf.jgss.GSSManager;
+import sun.security.jgss.GSSUtil;
+import sun.security.krb5.Config;
+import sun.security.krb5.EncryptedData;
+
+public class KrbCredSubKey {
+
+    public static void main(String[] args) throws Exception {
+
+        // We don't care about clock difference
+        new FileOutputStream("krb5.conf").write(
+                "[libdefaults]\nclockskew=999999999".getBytes());
+        System.setProperty("java.security.krb5.conf", "krb5.conf");
+        Config.refresh();
+
+        Subject subj = new Subject();
+        KerberosPrincipal kp = new KerberosPrincipal(princ);
+        KerberosKey kk = new KerberosKey(
+                kp, key, EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96, 0);
+        subj.getPrincipals().add(kp);
+        subj.getPrivateCredentials().add(kk);
+
+        Subject.doAs(subj, new PrivilegedExceptionAction() {
+            public Object run() throws Exception {
+                GSSManager man = GSSManager.getInstance();
+                GSSContext ctxt = man.createContext(man.createCredential(
+                        null, GSSCredential.INDEFINITE_LIFETIME,
+                        GSSUtil.GSS_KRB5_MECH_OID, GSSCredential.ACCEPT_ONLY));
+                return ctxt.acceptSecContext(token, 0, token.length);
+            }
+        });
+    }
+
+    // All following data generated by myself on a test machine
+
+    private static String princ = "server/host.rabbit.hole@RABBIT.HOLE";
+
+    // A aes-128 key for princ
+    private static byte[] key = {
+            (byte)0x83, (byte)0xA1, (byte)0xD6, (byte)0xE2,
+            (byte)0xC7, (byte)0x76, (byte)0xD5, (byte)0x24,
+            (byte)0x63, (byte)0x9F, (byte)0xF9, (byte)0xFF,
+            (byte)0x76, (byte)0x6D, (byte)0x26, (byte)0x30,
+    };
+
+    // A JGSS token generated by the first call of an initiator's
+    // initSecContext, targetting princ, using the authenticator
+    // subkey to encrypt the KRB_CRED inside AP_REQ
+    private static byte[] token = {
+            (byte)0x60, (byte)0x82, (byte)0x04, (byte)0x1C,
+            (byte)0x06, (byte)0x09, (byte)0x2A, (byte)0x86,
+            (byte)0x48, (byte)0x86, (byte)0xF7, (byte)0x12,
+            (byte)0x01, (byte)0x02, (byte)0x02, (byte)0x01,
+            (byte)0x00, (byte)0x6E, (byte)0x82, (byte)0x04,
+            (byte)0x0B, (byte)0x30, (byte)0x82, (byte)0x04,
+            (byte)0x07, (byte)0xA0, (byte)0x03, (byte)0x02,
+            (byte)0x01, (byte)0x05, (byte)0xA1, (byte)0x03,
+            (byte)0x02, (byte)0x01, (byte)0x0E, (byte)0xA2,
+            (byte)0x07, (byte)0x03, (byte)0x05, (byte)0x00,
+            (byte)0x20, (byte)0x00, (byte)0x00, (byte)0x00,
+            (byte)0xA3, (byte)0x82, (byte)0x01, (byte)0x04,
+            (byte)0x61, (byte)0x82, (byte)0x01, (byte)0x00,
+            (byte)0x30, (byte)0x81, (byte)0xFD, (byte)0xA0,
+            (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x05,
+            (byte)0xA1, (byte)0x0D, (byte)0x1B, (byte)0x0B,
+            (byte)0x52, (byte)0x41, (byte)0x42, (byte)0x42,
+            (byte)0x49, (byte)0x54, (byte)0x2E, (byte)0x48,
+            (byte)0x4F, (byte)0x4C, (byte)0x45, (byte)0xA2,
+            (byte)0x25, (byte)0x30, (byte)0x23, (byte)0xA0,
+            (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x00,
+            (byte)0xA1, (byte)0x1C, (byte)0x30, (byte)0x1A,
+            (byte)0x1B, (byte)0x06, (byte)0x73, (byte)0x65,
+            (byte)0x72, (byte)0x76, (byte)0x65, (byte)0x72,
+            (byte)0x1B, (byte)0x10, (byte)0x68, (byte)0x6F,
+            (byte)0x73, (byte)0x74, (byte)0x2E, (byte)0x72,
+            (byte)0x61, (byte)0x62, (byte)0x62, (byte)0x69,
+            (byte)0x74, (byte)0x2E, (byte)0x68, (byte)0x6F,
+            (byte)0x6C, (byte)0x65, (byte)0xA3, (byte)0x81,
+            (byte)0xBF, (byte)0x30, (byte)0x81, (byte)0xBC,
+            (byte)0xA0, (byte)0x03, (byte)0x02, (byte)0x01,
+            (byte)0x11, (byte)0xA2, (byte)0x81, (byte)0xB4,
+            (byte)0x04, (byte)0x81, (byte)0xB1, (byte)0xA7,
+            (byte)0xE8, (byte)0x58, (byte)0xBA, (byte)0x98,
+            (byte)0x69, (byte)0x45, (byte)0xB3, (byte)0x68,
+            (byte)0xBF, (byte)0xFD, (byte)0x25, (byte)0x74,
+            (byte)0xC4, (byte)0x2E, (byte)0x09, (byte)0x7B,
+            (byte)0x3C, (byte)0x7F, (byte)0xA5, (byte)0x6C,
+            (byte)0xC3, (byte)0x86, (byte)0xC9, (byte)0xEE,
+            (byte)0x58, (byte)0xD3, (byte)0x7C, (byte)0xD6,
+            (byte)0x19, (byte)0xA1, (byte)0x3B, (byte)0xF7,
+            (byte)0x17, (byte)0xD6, (byte)0x18, (byte)0xA9,
+            (byte)0x58, (byte)0x43, (byte)0x55, (byte)0xD6,
+            (byte)0xBA, (byte)0x85, (byte)0xF7, (byte)0x6B,
+            (byte)0x20, (byte)0x01, (byte)0xEF, (byte)0xB4,
+            (byte)0x74, (byte)0x0B, (byte)0x31, (byte)0x07,
+            (byte)0x55, (byte)0xD8, (byte)0x8C, (byte)0x85,
+            (byte)0x25, (byte)0x12, (byte)0x66, (byte)0x85,
+            (byte)0xA8, (byte)0x5A, (byte)0x84, (byte)0xB2,
+            (byte)0x6C, (byte)0xDE, (byte)0xEE, (byte)0xF9,
+            (byte)0x15, (byte)0xF2, (byte)0xBC, (byte)0xB0,
+            (byte)0x43, (byte)0xA5, (byte)0x21, (byte)0x31,
+            (byte)0xFA, (byte)0x2F, (byte)0x2C, (byte)0x37,
+            (byte)0x39, (byte)0xD8, (byte)0xAA, (byte)0xE0,
+            (byte)0x78, (byte)0x08, (byte)0x18, (byte)0xFB,
+            (byte)0x03, (byte)0x43, (byte)0x22, (byte)0xE6,
+            (byte)0x2C, (byte)0xF2, (byte)0x98, (byte)0xDC,
+            (byte)0x2A, (byte)0xDE, (byte)0x8C, (byte)0x95,
+            (byte)0x0B, (byte)0xB6, (byte)0xE6, (byte)0x0F,
+            (byte)0xB5, (byte)0x4E, (byte)0xAD, (byte)0xAC,
+            (byte)0xD1, (byte)0x4C, (byte)0xE8, (byte)0x22,
+            (byte)0x93, (byte)0x38, (byte)0xA2, (byte)0x44,
+            (byte)0x0E, (byte)0x83, (byte)0x9E, (byte)0x4D,
+            (byte)0xC0, (byte)0x1A, (byte)0x02, (byte)0xB2,
+            (byte)0xB8, (byte)0xCE, (byte)0xDF, (byte)0xB5,
+            (byte)0xFB, (byte)0xF2, (byte)0x75, (byte)0x5E,
+            (byte)0x74, (byte)0xC1, (byte)0x90, (byte)0x82,
+            (byte)0x60, (byte)0x00, (byte)0xA5, (byte)0xC3,
+            (byte)0xBF, (byte)0x66, (byte)0x97, (byte)0x0E,
+            (byte)0xF3, (byte)0x9F, (byte)0xB3, (byte)0xD9,
+            (byte)0x51, (byte)0x51, (byte)0x38, (byte)0xBC,
+            (byte)0xD9, (byte)0xC1, (byte)0xD0, (byte)0x1E,
+            (byte)0x90, (byte)0x9B, (byte)0x43, (byte)0xEE,
+            (byte)0xD9, (byte)0xD6, (byte)0x3E, (byte)0x31,
+            (byte)0xEA, (byte)0x8E, (byte)0xB1, (byte)0xDC,
+            (byte)0xDE, (byte)0xFD, (byte)0xA4, (byte)0x77,
+            (byte)0x6C, (byte)0x4A, (byte)0x81, (byte)0x1F,
+            (byte)0xA4, (byte)0x82, (byte)0x02, (byte)0xE8,
+            (byte)0x30, (byte)0x82, (byte)0x02, (byte)0xE4,
+            (byte)0xA0, (byte)0x03, (byte)0x02, (byte)0x01,
+            (byte)0x11, (byte)0xA2, (byte)0x82, (byte)0x02,
+            (byte)0xDB, (byte)0x04, (byte)0x82, (byte)0x02,
+            (byte)0xD7, (byte)0x81, (byte)0x78, (byte)0x25,
+            (byte)0x75, (byte)0x92, (byte)0x7A, (byte)0xEC,
+            (byte)0xBE, (byte)0x31, (byte)0xF1, (byte)0x50,
+            (byte)0xE7, (byte)0xC1, (byte)0x32, (byte)0xA5,
+            (byte)0xCB, (byte)0x34, (byte)0x46, (byte)0x95,
+            (byte)0x2B, (byte)0x84, (byte)0xB7, (byte)0x06,
+            (byte)0x0E, (byte)0x15, (byte)0x02, (byte)0x74,
+            (byte)0xCA, (byte)0x18, (byte)0x5D, (byte)0xE8,
+            (byte)0x0E, (byte)0x1B, (byte)0xB7, (byte)0x77,
+            (byte)0x5A, (byte)0x6C, (byte)0xFB, (byte)0x94,
+            (byte)0x82, (byte)0x2B, (byte)0xE6, (byte)0x14,
+            (byte)0x0C, (byte)0xDA, (byte)0x22, (byte)0xA2,
+            (byte)0x42, (byte)0xD7, (byte)0xB0, (byte)0xFC,
+            (byte)0xCA, (byte)0x4A, (byte)0xEA, (byte)0xB8,
+            (byte)0x92, (byte)0xB5, (byte)0x8C, (byte)0x71,
+            (byte)0xED, (byte)0x2B, (byte)0x46, (byte)0xC5,
+            (byte)0xE5, (byte)0x47, (byte)0x76, (byte)0x29,
+            (byte)0x27, (byte)0x0F, (byte)0xFF, (byte)0x03,
+            (byte)0x72, (byte)0x13, (byte)0xAA, (byte)0xDB,
+            (byte)0x4E, (byte)0xFF, (byte)0x48, (byte)0x36,
+            (byte)0xAB, (byte)0x73, (byte)0xD7, (byte)0xDA,
+            (byte)0xF1, (byte)0x80, (byte)0x1B, (byte)0x5B,
+            (byte)0x9A, (byte)0x88, (byte)0x07, (byte)0x47,
+            (byte)0x43, (byte)0x27, (byte)0xD5, (byte)0x00,
+            (byte)0x04, (byte)0xEE, (byte)0xAF, (byte)0x53,
+            (byte)0x5C, (byte)0xCC, (byte)0x2C, (byte)0xC7,
+            (byte)0x2F, (byte)0x94, (byte)0x12, (byte)0x86,
+            (byte)0xEF, (byte)0xAC, (byte)0xB1, (byte)0x6C,
+            (byte)0xB0, (byte)0xB5, (byte)0x3D, (byte)0x92,
+            (byte)0xBD, (byte)0xBE, (byte)0x7B, (byte)0x1A,
+            (byte)0x39, (byte)0x4A, (byte)0x1E, (byte)0x91,
+            (byte)0xA4, (byte)0xDF, (byte)0x82, (byte)0x12,
+            (byte)0x2E, (byte)0x67, (byte)0x17, (byte)0x92,
+            (byte)0xB3, (byte)0x93, (byte)0x38, (byte)0x32,
+            (byte)0x94, (byte)0xF5, (byte)0xF7, (byte)0x09,
+            (byte)0x07, (byte)0x5E, (byte)0x21, (byte)0x12,
+            (byte)0x70, (byte)0x37, (byte)0xAF, (byte)0x5A,
+            (byte)0x2D, (byte)0xAC, (byte)0xFF, (byte)0x22,
+            (byte)0x46, (byte)0xA0, (byte)0x12, (byte)0x74,
+            (byte)0x1C, (byte)0xA1, (byte)0x68, (byte)0xC3,
+            (byte)0x64, (byte)0xDB, (byte)0xC3, (byte)0x9F,
+            (byte)0xAB, (byte)0x0E, (byte)0x19, (byte)0xFE,
+            (byte)0xD9, (byte)0xA4, (byte)0xAA, (byte)0x7B,
+            (byte)0x73, (byte)0xAD, (byte)0xC8, (byte)0xA8,
+            (byte)0xD5, (byte)0x29, (byte)0xAD, (byte)0x1F,
+            (byte)0xEF, (byte)0x54, (byte)0xAE, (byte)0x72,
+            (byte)0x02, (byte)0xD9, (byte)0x06, (byte)0x0D,
+            (byte)0x1A, (byte)0x94, (byte)0x7B, (byte)0xBC,
+            (byte)0x32, (byte)0x9A, (byte)0xBC, (byte)0x4B,
+            (byte)0x33, (byte)0xC2, (byte)0x02, (byte)0xA3,
+            (byte)0xF4, (byte)0xB1, (byte)0xED, (byte)0x76,
+            (byte)0x0D, (byte)0x59, (byte)0xCD, (byte)0x56,
+            (byte)0xCB, (byte)0xDC, (byte)0xCE, (byte)0xED,
+            (byte)0xFF, (byte)0x25, (byte)0x84, (byte)0x5E,
+            (byte)0x41, (byte)0xF9, (byte)0x42, (byte)0xBE,
+            (byte)0x73, (byte)0xAC, (byte)0xA2, (byte)0x20,
+            (byte)0x97, (byte)0xB7, (byte)0x88, (byte)0x77,
+            (byte)0x65, (byte)0x43, (byte)0x9F, (byte)0xEE,
+            (byte)0xF4, (byte)0x3A, (byte)0x7E, (byte)0x9B,
+            (byte)0x5B, (byte)0x54, (byte)0xD3, (byte)0x0D,
+            (byte)0x50, (byte)0x6D, (byte)0xF6, (byte)0x14,
+            (byte)0xB7, (byte)0x5A, (byte)0x34, (byte)0x0F,
+            (byte)0x1F, (byte)0xC7, (byte)0x39, (byte)0x99,
+            (byte)0x9B, (byte)0x96, (byte)0xE3, (byte)0xAD,
+            (byte)0x86, (byte)0xE3, (byte)0x6A, (byte)0x71,
+            (byte)0x63, (byte)0x04, (byte)0xAD, (byte)0x9C,
+            (byte)0x17, (byte)0x68, (byte)0x44, (byte)0xFE,
+            (byte)0x21, (byte)0x62, (byte)0xD5, (byte)0x99,
+            (byte)0x4A, (byte)0xDF, (byte)0x48, (byte)0xDE,
+            (byte)0x9A, (byte)0xD4, (byte)0xBB, (byte)0xA1,
+            (byte)0x9B, (byte)0xE7, (byte)0x2A, (byte)0x08,
+            (byte)0x80, (byte)0x3A, (byte)0x08, (byte)0xA4,
+            (byte)0xBA, (byte)0xBE, (byte)0x1E, (byte)0x81,
+            (byte)0x63, (byte)0x20, (byte)0xAC, (byte)0x9C,
+            (byte)0x42, (byte)0x2F, (byte)0xCA, (byte)0x06,
+            (byte)0x95, (byte)0x92, (byte)0x97, (byte)0x09,
+            (byte)0x3C, (byte)0x0C, (byte)0x5A, (byte)0x99,
+            (byte)0xFB, (byte)0xAB, (byte)0xEB, (byte)0xDE,
+            (byte)0xC4, (byte)0x09, (byte)0xD3, (byte)0xA3,
+            (byte)0xF0, (byte)0x65, (byte)0xDC, (byte)0x5F,
+            (byte)0xAA, (byte)0xBB, (byte)0x28, (byte)0xC0,
+            (byte)0x3E, (byte)0xBF, (byte)0x77, (byte)0xAE,
+            (byte)0xCC, (byte)0x3A, (byte)0xD3, (byte)0x31,
+            (byte)0x0D, (byte)0x9B, (byte)0x96, (byte)0xEF,
+            (byte)0x2C, (byte)0xED, (byte)0x60, (byte)0x63,
+            (byte)0xC5, (byte)0x8F, (byte)0xCA, (byte)0xB0,
+            (byte)0xA2, (byte)0x0B, (byte)0x49, (byte)0x5A,
+            (byte)0xB2, (byte)0x8F, (byte)0xEF, (byte)0xE4,
+            (byte)0x19, (byte)0xC0, (byte)0xC6, (byte)0x2D,
+            (byte)0xD3, (byte)0x4F, (byte)0xB2, (byte)0xED,
+            (byte)0xA3, (byte)0xA4, (byte)0x6F, (byte)0xAE,
+            (byte)0xD4, (byte)0xE9, (byte)0xA2, (byte)0x5A,
+            (byte)0xFB, (byte)0xB0, (byte)0x14, (byte)0xBD,
+            (byte)0x06, (byte)0x12, (byte)0xD7, (byte)0x91,
+            (byte)0x15, (byte)0x46, (byte)0x78, (byte)0xE4,
+            (byte)0xD1, (byte)0x73, (byte)0xCA, (byte)0xA5,
+            (byte)0xA5, (byte)0x64, (byte)0xC8, (byte)0x6F,
+            (byte)0xD1, (byte)0xBD, (byte)0xEA, (byte)0x74,
+            (byte)0xE4, (byte)0xCA, (byte)0x40, (byte)0x16,
+            (byte)0x9E, (byte)0x46, (byte)0x7C, (byte)0x25,
+            (byte)0x6C, (byte)0x32, (byte)0xB4, (byte)0x14,
+            (byte)0xF9, (byte)0x26, (byte)0x8A, (byte)0x3A,
+            (byte)0xDD, (byte)0x51, (byte)0x26, (byte)0x79,
+            (byte)0x43, (byte)0x27, (byte)0x2E, (byte)0xED,
+            (byte)0xC7, (byte)0x82, (byte)0x7C, (byte)0xCE,
+            (byte)0x43, (byte)0x03, (byte)0x60, (byte)0x2A,
+            (byte)0x9C, (byte)0xB2, (byte)0x71, (byte)0x41,
+            (byte)0xAB, (byte)0x3D, (byte)0xA6, (byte)0xB5,
+            (byte)0x51, (byte)0xBC, (byte)0x80, (byte)0x1F,
+            (byte)0x96, (byte)0x73, (byte)0x23, (byte)0x11,
+            (byte)0xED, (byte)0xC0, (byte)0x1D, (byte)0x0B,
+            (byte)0xA0, (byte)0x13, (byte)0xB3, (byte)0x2F,
+            (byte)0x16, (byte)0x59, (byte)0x64, (byte)0x45,
+            (byte)0xE8, (byte)0x68, (byte)0xFB, (byte)0xF9,
+            (byte)0x6F, (byte)0xB0, (byte)0x2B, (byte)0xFB,
+            (byte)0x39, (byte)0xBB, (byte)0x53, (byte)0x8F,
+            (byte)0xD2, (byte)0xAF, (byte)0x38, (byte)0x5E,
+            (byte)0xEF, (byte)0x5B, (byte)0xE2, (byte)0x98,
+            (byte)0xE8, (byte)0x46, (byte)0x3C, (byte)0x03,
+            (byte)0x71, (byte)0x46, (byte)0x8D, (byte)0x41,
+            (byte)0x92, (byte)0x32, (byte)0x85, (byte)0x8D,
+            (byte)0xBA, (byte)0x33, (byte)0x05, (byte)0xB1,
+            (byte)0xE4, (byte)0x56, (byte)0x3E, (byte)0xF5,
+            (byte)0x20, (byte)0x35, (byte)0xA6, (byte)0x74,
+            (byte)0xA2, (byte)0xBE, (byte)0x54, (byte)0x08,
+            (byte)0xB4, (byte)0xFC, (byte)0x1D, (byte)0x13,
+            (byte)0x84, (byte)0xBE, (byte)0x1C, (byte)0xC5,
+            (byte)0x3E, (byte)0x43, (byte)0x14, (byte)0x6F,
+            (byte)0xC0, (byte)0x3D, (byte)0xF4, (byte)0xDC,
+            (byte)0x66, (byte)0x4E, (byte)0xF0, (byte)0x3E,
+            (byte)0xD4, (byte)0xC6, (byte)0xE9, (byte)0x8D,
+            (byte)0x7D, (byte)0xB9, (byte)0xDC, (byte)0x9F,
+            (byte)0xBE, (byte)0x54, (byte)0x63, (byte)0x93,
+            (byte)0x49, (byte)0x2F, (byte)0x6A, (byte)0xC3,
+            (byte)0x34, (byte)0xC5, (byte)0xF7, (byte)0x76,
+            (byte)0xE8, (byte)0xD5, (byte)0x5B, (byte)0xD9,
+            (byte)0x41, (byte)0xCA, (byte)0x74, (byte)0x25,
+            (byte)0x25, (byte)0x09, (byte)0xF4, (byte)0xD3,
+            (byte)0x00, (byte)0x9F, (byte)0x7D, (byte)0xFB,
+            (byte)0x3D, (byte)0xAB, (byte)0x87, (byte)0xF7,
+            (byte)0xCE, (byte)0x42, (byte)0x0F, (byte)0x60,
+            (byte)0xEB, (byte)0x03, (byte)0x47, (byte)0x98,
+            (byte)0x0F, (byte)0xEB, (byte)0xA4, (byte)0x05,
+            (byte)0xE2, (byte)0x58, (byte)0x8F, (byte)0x44,
+            (byte)0x09, (byte)0xD3, (byte)0x66, (byte)0x1E,
+            (byte)0x69, (byte)0x89, (byte)0xB7, (byte)0xEE,
+            (byte)0x8B, (byte)0xA4, (byte)0x8E, (byte)0x05,
+            (byte)0x2D, (byte)0x2E, (byte)0xB3, (byte)0x5A,
+            (byte)0xAE, (byte)0xAB, (byte)0x80, (byte)0xD6,
+            (byte)0x5C, (byte)0x93, (byte)0x40, (byte)0x91,
+            (byte)0x53, (byte)0xE6, (byte)0x13, (byte)0xD5,
+            (byte)0x2F, (byte)0x64, (byte)0xF0, (byte)0x68,
+            (byte)0xD2, (byte)0x85, (byte)0x94, (byte)0xE5,
+            (byte)0x2D, (byte)0x73, (byte)0x10, (byte)0x59,
+            (byte)0x18, (byte)0xCD, (byte)0xED, (byte)0xBC,
+            (byte)0x05, (byte)0x97, (byte)0xFD, (byte)0xE7,
+            (byte)0x6F, (byte)0x5D, (byte)0x7C, (byte)0x46,
+            (byte)0x28, (byte)0x5F, (byte)0xC2, (byte)0xB4,
+            (byte)0x31, (byte)0xA5, (byte)0x2B, (byte)0x82,
+            (byte)0xAB, (byte)0x32, (byte)0x49, (byte)0xA5,
+            (byte)0xCD, (byte)0x91, (byte)0x37, (byte)0x97,
+            (byte)0xA1, (byte)0x85, (byte)0x8F, (byte)0xBB,
+            (byte)0x6E, (byte)0x1E, (byte)0x9F, (byte)0xFC,
+            (byte)0x10, (byte)0x3B, (byte)0x8A, (byte)0xF6,
+            (byte)0x9A, (byte)0x66, (byte)0xBD, (byte)0x75,
+            (byte)0x4F, (byte)0x1D, (byte)0xBA, (byte)0x64,
+            (byte)0x15, (byte)0xDD, (byte)0x9F, (byte)0x00,
+            (byte)0x6C, (byte)0x2F, (byte)0x87, (byte)0x20,
+            (byte)0x25, (byte)0xA2, (byte)0x09, (byte)0x9F,
+            (byte)0x5D, (byte)0x64, (byte)0xC9, (byte)0xA8,
+            (byte)0x32, (byte)0x59, (byte)0x90, (byte)0x1D,
+            (byte)0x78, (byte)0xFE, (byte)0x5A, (byte)0xA2,
+            (byte)0x1F, (byte)0x9B, (byte)0x22, (byte)0xBE,
+            (byte)0x8F, (byte)0xEA, (byte)0x59, (byte)0x5B,
+            (byte)0x96, (byte)0xE3, (byte)0x4A, (byte)0xB2,
+            (byte)0x71, (byte)0x65, (byte)0xB7, (byte)0x3C,
+            (byte)0xC6, (byte)0x1B, (byte)0xD6, (byte)0x80,
+            (byte)0x90, (byte)0xD2, (byte)0xF2, (byte)0x6F,
+            (byte)0xA2, (byte)0x68, (byte)0x53, (byte)0xC0,
+            (byte)0x44, (byte)0xAF, (byte)0xD4, (byte)0x68,
+            (byte)0x12, (byte)0xFF, (byte)0xB4, (byte)0x36,
+            (byte)0x34, (byte)0x43, (byte)0xAC, (byte)0x1C,
+    };
+}