changeset 4743:6485e842d7f7 jdk7u4-b10

Merge
author lana
date Fri, 27 Jan 2012 16:48:41 -0800
parents 76b1a152c1d8 d3fa6e01d3dc
children 697ebf79bcd5 30225dea7a97
files test/java/io/File/BlockIsDirectory.java
diffstat 110 files changed, 7015 insertions(+), 620 deletions(-) [+]
line wrap: on
line diff
--- a/make/com/oracle/Makefile	Fri Jan 27 08:49:35 2012 -0800
+++ b/make/com/oracle/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -25,15 +25,30 @@
 
 BUILDDIR = ../..
 PRODUCT = oracle
+#SUBDIRS_MAKEFLAGS += JAVAC_MAX_WARNINGS=true
+#SUBDIRS_MAKEFLAGS += JAVAC_WARNINGS_FATAL=true
+#SUBDIRS_MAKEFLAGS += JAVAC_LINT_OPTIONS=-Xlint:all,-deprecation,-path
 include $(BUILDDIR)/common/Defs.gmk
 
-#
-# Files to compile
-#
-AUTO_FILES_JAVA_DIRS = com/oracle
+# build com/oracle/security/ucrypto on Solaris platform for non-OpenJDK builds
+UCRYPTO =
+ifndef OPENJDK
+  ifeq ($(PLATFORM), solaris)
+    UCRYPTO = security/ucrypto
+  endif
+endif
 
-#
-# Rules
-#
-include $(BUILDDIR)/common/Classes.gmk
+JFR =
+ifndef OPENJDK
+ifndef JAVASE_EMBEDDED
+	JFR = jfr
+endif
+endif
 
+SUBDIRS = $(JFR) net nio util $(UCRYPTO)
+
+include $(BUILDDIR)/common/Subdirs.gmk
+
+all build clean clobber::
+	$(SUBDIRS-loop)
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/com/oracle/jfr/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,73 @@
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+BUILDDIR = ../../..
+PACKAGE = oracle.jrockit.jfr
+LIBRARY = jfr
+PRODUCT = oracle
+include $(BUILDDIR)/common/Defs.gmk
+
+#
+# Use mapfile
+#
+FILES_m = $(CLOSED_SHARE_SRC)/native/oracle/jfr/mapfile-vers
+include $(BUILDDIR)/common/Mapfile-vers.gmk
+
+#
+# Files to compile
+#
+FILES_c = VMJFR.c
+
+AUTO_FILES_JAVA_DIRS = com/oracle/jrockit/jfr oracle/jrockit/jfr
+
+# Find C source files
+#
+vpath %.c $(CLOSED_SHARE_SRC)/native/oracle/jfr
+
+#
+# Library to compile.
+#
+include $(BUILDDIR)/common/Library.gmk
+
+JVMLIB =
+JAVALIB =
+OTHER_LDLIBS =
+
+clean clobber::
+	$(RM) -r $(CLASSDESTDIR)/com/oracle/jrockit/jfr
+	$(RM) -r $(CLASSDESTDIR)/oracle/jrockit/jfr
+
+
+# Copy pre-shipped .jfs files
+JFR_LIBDIR = $(LIBDIR)/jfr
+JFR_SRCDIR = $(CLOSED_SHARE_SRC)/lib/jfr
+
+$(JFR_LIBDIR)/%.jfs: $(JFR_SRCDIR)/%.jfs
+	$(install-file)
+
+JFS_FILES := $(subst $(JFR_SRCDIR),$(JFR_LIBDIR),$(wildcard $(JFR_SRCDIR)/*.jfs))
+
+all build : $(JFS_FILES)
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/com/oracle/net/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,40 @@
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+BUILDDIR = ../../..
+PACKAGE = com.oracle.net
+PRODUCT = oracle
+include $(BUILDDIR)/common/Defs.gmk
+
+#
+# Files
+#
+AUTO_FILES_JAVA_DIRS = com/oracle/net
+
+#
+# Rules
+#
+include $(BUILDDIR)/common/Classes.gmk
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/com/oracle/nio/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,40 @@
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+BUILDDIR = ../../..
+PACKAGE = com.oracle.nio
+PRODUCT = oracle
+include $(BUILDDIR)/common/Defs.gmk
+
+#
+# Files
+#
+AUTO_FILES_JAVA_DIRS = com/oracle/nio
+
+#
+# Rules
+#
+include $(BUILDDIR)/common/Classes.gmk
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/com/oracle/security/ucrypto/FILES_c.gmk	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,30 @@
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+ifndef OPENJDK
+FILES_c = \
+        nativeFunc.c \
+	nativeCrypto.c
+endif
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/com/oracle/security/ucrypto/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,270 @@
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+#
+# Makefile for building ucrypto.jar and its native libraries.
+#
+# This file was modified from make/sun/security/pkcs11/Makefile.
+#
+#
+# (The terms "OpenJDK" and "JDK" below refer to OpenJDK and Oracle
+# JDK builds respectively.)
+#
+# This Makefile does the "real" build of the Ucrypto provider files.
+# Since the sources are unavailable for OpenJDK, this Makefile is only
+# useful for JDK.
+#
+#
+# Main Targets (JDK on Solaris):
+#
+#     all                      The usual, ucrypto.jar plus the native libraries.
+#                                  builds and installs the prebuilt/signed jar.
+#
+#     clobber/clean            Cleans up the temp directory, ucrypto.jar, the
+#                              native libraries, and the config file from the
+#                              build area
+#
+#     jar                      Builds, signs and installs ucrypto.jar
+#                              (Can only be done on machines with access to
+#                               the signing keystore)
+#
+# Other lesser-used Targets (JDK on Solaris):
+#
+#     build-jar                Builds ucrypto.jar (no sign/install)
+#
+#     sign                     Builds/signs ucrypto.jar (no install)
+#
+#     release                  Builds all targets in preparation
+#                              for workspace integration.
+#                              (Can only be done on machines with access to
+#                               the signing keystore)
+#
+#     install-prebuilt         Installs the pre-built jar files
+#
+# NOTE: None of the above target will update the prebuilt provider binary
+# under the closed workspace. To update it, you must explicitly copy the
+# binary from either the tmp/signed or lib/ext directory.
+#
+# This makefile was written to support parallel target execution.
+#
+
+BUILDDIR = ../../../..
+
+include $(BUILDDIR)/common/Defs.gmk
+
+ifndef OPENJDK
+  ifneq ($(PLATFORM), solaris)
+    all:
+  else
+    PACKAGE = com.oracle.security.ucrypto
+  LIBRARY = j2ucrypto
+  PRODUCT = oracle
+
+  #
+  # The following is for when we need to do postprocessing
+  # (signing/obfuscation) against a read-only build.  If the OUTPUTDIR
+  # isn't writable, the build currently crashes out.
+  #
+  ifdef ALT_JCE_BUILD_DIR
+    # =====================================================
+    # Where to place the output, in case we're building from a read-only
+    # build area.  (e.g. a release engineering build.)
+    JCE_BUILD_DIR=${ALT_JCE_BUILD_DIR}
+    IGNORE_WRITABLE_OUTPUTDIR_TEST=true
+  else
+    JCE_BUILD_DIR=${TEMPDIR}
+  endif
+
+  JAVAC_MAX_WARNINGS=false
+  JAVAC_LINT_OPTIONS=-Xlint:all,-deprecation
+  JAVAC_WARNINGS_FATAL=true
+
+  #
+  # C and Java Files
+  #
+  include FILES_c.gmk
+
+  #
+  # Subdirectories of these are automatically included.
+  #
+  AUTO_FILES_JAVA_DIRS = com/oracle/security/ucrypto
+
+  #
+  # Java files that define native methods
+  #
+  FILES_export = \
+      com/oracle/security/ucrypto/UcryptoProvider.java \
+      com/oracle/security/ucrypto/NativeCipher.java \
+      com/oracle/security/ucrypto/NativeDigest.java \
+      com/oracle/security/ucrypto/NativeKey.java \
+      com/oracle/security/ucrypto/NativeRSASignature.java \
+      com/oracle/security/ucrypto/NativeRSACipher.java
+
+  #
+  # Find native code
+  #
+  vpath %.c \
+    $(CLOSED_PLATFORM_SRC)/native/com/oracle/security/ucrypto
+
+  #
+  # Find include files
+  #
+  OTHER_INCLUDES += \
+    -I$(CLOSED_PLATFORM_SRC)/native/com/oracle/security/ucrypto
+
+  #
+  # Rules
+  #
+  CLASSDESTDIR = $(TEMPDIR)/classes
+  JAVAHFLAGS = -bootclasspath \
+    "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)"
+
+  include $(BUILDDIR)/common/Mapfile-vers.gmk
+  include $(BUILDDIR)/common/Library.gmk
+
+  #
+  # Libraries to link
+  #
+  OTHER_LDLIBS = -ldl
+
+  # Default config file
+  UCRYPTO_CFG_SRC   = $(CLOSED_SRC)/share/lib/security/ucrypto-solaris.cfg
+  UCRYPTO_CFG_BUILD = $(LIBDIR)/security/ucrypto-solaris.cfg
+
+  #
+  # We use a variety of subdirectories in the $(TEMPDIR) depending on what
+  # part of the build we're doing.  Build is initially done in the unsigned
+  # area and when files are signed, they will be placed in the appropriate area.
+  #
+  UNSIGNED_DIR = $(TEMPDIR)/unsigned
+
+  #
+  # Rules
+  #
+  all: ucrypto-cfg build-jar install-prebuilt
+	$(build-warning)
+
+  ucrypto-cfg: $(UCRYPTO_CFG_BUILD)
+
+  $(UCRYPTO_CFG_BUILD): $(UCRYPTO_CFG_SRC)
+	$(install-file)
+
+  include $(BUILDDIR)/javax/crypto/Defs-jce.gmk
+
+
+  # =====================================================
+  # Build the unsigned ucrypto.jar file.
+  #
+
+  JAR_DESTFILE = $(EXTDIR)/ucrypto.jar
+
+  #
+  # The ucrypto.jar needs to be in the extension class directory,
+  # therefore none of its classes can appear in $(CLASSBINDIR).
+  # Currently no one is using any of the internals, so these files
+  # should not have been built.
+  #
+
+  #
+  # Since the -C option to jar is used below, each directory entry must be
+  # preceded with the appropriate directory to "cd" into.
+  #
+  JAR_DIRS = $(patsubst %, -C $(CLASSDESTDIR) %, $(AUTO_FILES_JAVA_DIRS))
+
+  build-jar: $(UNSIGNED_DIR)/ucrypto.jar
+
+  #
+  # Build ucrypto.jar.
+  #
+  $(UNSIGNED_DIR)/ucrypto.jar: build
+	$(prep-target)
+	$(BOOT_JAR_CMD) cf $@ $(JAR_DIRS) \
+	    $(BOOT_JAR_JFLAGS)
+	@$(java-vm-cleanup)
+
+  #
+  # Sign ucrypto.jar
+  #
+  SIGNED_DIR = $(JCE_BUILD_DIR)/signed
+
+  sign: $(SIGNED_DIR)/ucrypto.jar
+
+  ifndef ALT_JCE_BUILD_DIR
+    $(SIGNED_DIR)/ucrypto.jar: $(UNSIGNED_DIR)/ucrypto.jar
+  else
+    #
+    # We have to remove the build dependency, otherwise, we'll try to rebuild it
+    # which we can't do on a read-only filesystem.
+    #
+    $(SIGNED_DIR)/ucrypto.jar:
+	@if [ ! -r $(UNSIGNED_DIR)/ucrypto.jar ] ; then \
+            $(ECHO) "Couldn't find $(UNSIGNED_DIR)/ucrypto.jar"; \
+            exit 1; \
+        fi
+  endif
+	$(call sign-file, $(UNSIGNED_DIR)/ucrypto.jar)
+
+
+  # =====================================================
+  # Create the Release Engineering files.  Signed builds, etc.
+  #
+
+  release: $(SIGNED_DIR)/ucrypto.jar
+	$(RM) $(JCE_BUILD_DIR)/release/ucrypto.jar
+	$(MKDIR) -p $(JCE_BUILD_DIR)/release
+	$(CP) $(SIGNED_DIR)/ucrypto.jar $(JCE_BUILD_DIR)/release
+	$(release-warning)
+
+
+  # =====================================================
+  # Install routines.
+  #
+
+  #
+  # Install ucrypto.jar, depending on which type is requested.
+  #
+  jar: $(JAR_DESTFILE)
+	$(release-warning)
+
+  $(JAR_DESTFILE): $(SIGNED_DIR)/ucrypto.jar
+	$(install-file)
+
+  install-prebuilt:
+	@$(ECHO) "\n>>>Installing prebuilt OracleUcrypto provider..."
+	$(RM) $(JAR_DESTFILE)
+	$(CP) $(PREBUILT_DIR)/ucrypto/ucrypto.jar $(JAR_DESTFILE)
+
+
+  # =====================================================
+  # Support routines.
+  #
+  clobber clean::
+	$(RM) -r $(JAR_DESTFILE) $(TEMPDIR) $(JCE_BUILD_DIR)
+	$(RM) -r $(UCRYPTO_CFG_BUILD)
+
+  .PHONY: build-jar jar sign release install-prebuilt
+
+  endif #ifneq ($(PLATFORM), solaris)
+endif #ifndef OPENJDK
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/com/oracle/security/ucrypto/mapfile-vers	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,69 @@
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# Define public interface.
+
+SUNWprivate_1.1 {
+	global:
+                JNI_OnLoad;
+                Java_com_oracle_security_ucrypto_UcryptoProvider_loadLibraries;
+                Java_com_oracle_security_ucrypto_UcryptoProvider_getMechList;
+		Java_com_oracle_security_ucrypto_NativeDigest_nativeInit;
+                Java_com_oracle_security_ucrypto_NativeDigest_nativeUpdate;
+                Java_com_oracle_security_ucrypto_NativeDigest_nativeDigest;
+                Java_com_oracle_security_ucrypto_NativeDigest_nativeClone;
+                Java_com_oracle_security_ucrypto_NativeDigest_nativeFree;
+		Java_com_oracle_security_ucrypto_NativeCipher_nativeInit;
+		Java_com_oracle_security_ucrypto_NativeCipher_nativeUpdate;
+		Java_com_oracle_security_ucrypto_NativeCipher_nativeFinal;
+                Java_com_oracle_security_ucrypto_NativeKey_nativeFree;
+                Java_com_oracle_security_ucrypto_NativeKey_00024RSAPrivateCrt_nativeInit;
+                Java_com_oracle_security_ucrypto_NativeKey_00024RSAPublic_nativeInit;
+		Java_com_oracle_security_ucrypto_NativeRSASignature_nativeInit;
+		Java_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZ_3BII;
+		Java_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZJI;
+		Java_com_oracle_security_ucrypto_NativeRSASignature_nativeFinal;
+		Java_com_oracle_security_ucrypto_NativeRSACipher_nativeAtomic;
+
+                JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeInit;
+                JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeUpdate;
+                JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeDigest;
+                JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeClone;
+                JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeFree;
+                JavaCritical_com_oracle_security_ucrypto_NativeCipher_nativeInit;
+                JavaCritical_com_oracle_security_ucrypto_NativeCipher_nativeUpdate;
+                JavaCritical_com_oracle_security_ucrypto_NativeCipher_nativeFinal;
+                JavaCritical_com_oracle_security_ucrypto_NativeKey_nativeFree;
+                JavaCritical_com_oracle_security_ucrypto_NativeKey_00024RSAPrivateCrt_nativeInit;
+                JavaCritical_com_oracle_security_ucrypto_NativeKey_00024RSAPublic_nativeInit;
+		JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeInit;
+		JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZ_3BII;
+		JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZJI;
+		JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeFinal;
+                JavaCritical_com_oracle_security_ucrypto_NativeRSACipher_nativeAtomic;
+
+	local:
+		*;
+};
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/com/oracle/util/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,40 @@
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+BUILDDIR = ../../..
+PACKAGE = com.oracle.util
+PRODUCT = oracle
+include $(BUILDDIR)/common/Defs.gmk
+
+#
+# Files
+#
+AUTO_FILES_JAVA_DIRS = com/oracle/util
+
+#
+# Rules
+#
+include $(BUILDDIR)/common/Classes.gmk
+
--- a/make/common/Defs.gmk	Fri Jan 27 08:49:35 2012 -0800
+++ b/make/common/Defs.gmk	Fri Jan 27 16:48:41 2012 -0800
@@ -409,7 +409,12 @@
 # namely jni.h, jvm.h, and jni_utils.h, plus their platform-specific
 # relatives.
 #
-VPATH.h =   $(PLATFORM_SRC)/javavm/export$(CLASSPATH_SEPARATOR)$(SHARE_SRC)/javavm/export
+VPATH0.h =   $(PLATFORM_SRC)/javavm/export$(CLASSPATH_SEPARATOR)$(SHARE_SRC)/javavm/export
+ifdef OPENJDK
+  VPATH.h = $(VPATH0.h)
+else
+  VPATH.h = $(CLOSED_SHARE_SRC)/javavm/export$(CLASSPATH_SEPARATOR)$(VPATH0.h)
+endif
 vpath %.h   $(VPATH.h)
 
 #
--- a/make/common/Release.gmk	Fri Jan 27 08:49:35 2012 -0800
+++ b/make/common/Release.gmk	Fri Jan 27 16:48:41 2012 -0800
@@ -324,6 +324,7 @@
 	sun/tools/jar		\
 	sun/tools/java		\
 	sun/tools/javac		\
+	sun/tools/jcmd		\
 	sun/tools/jps		\
 	sun/tools/jstat		\
 	sun/tools/jstatd	\
@@ -381,6 +382,11 @@
 	sun/tools/jinfo         \
 	sun/tools/jmap
 
+# classes that go into jfr.jar
+JFR_CLASSES_DIRS= \
+	com/oracle/jrockit/jfr \
+	oracle/jrockit/jfr
+
 # classes that go into jsse.jar
 JSSE_CLASSES_DIRS = \
 	sun/security/provider/Sun.class \
@@ -436,6 +442,7 @@
 	apt$(EXE_SUFFIX) \
 	javah$(EXE_SUFFIX) \
 	javap$(EXE_SUFFIX) \
+	jcmd$(EXE_SUFFIX) \
 	jdb$(EXE_SUFFIX) \
 	jps$(EXE_SUFFIX) \
 	jrunscript$(EXE_SUFFIX) \
@@ -545,6 +552,7 @@
 	$(ECHO) "sun/tools/javac/" >> $@
 	$(ECHO) "com/sun/tools/classfile/" >> $@
 	$(ECHO) "com/sun/tools/javap/" >> $@
+	$(ECHO) "sun/tools/jcmd/" >> $@
 	$(ECHO) "sun/tools/jconsole/" >> $@
 	$(ECHO) "sun/tools/jps/" >> $@
 	$(ECHO) "sun/tools/jstat/" >> $@
@@ -581,6 +589,23 @@
 	$(ECHO) "sun/tools/jstack/" >> $@
 	$(ECHO) "sun/tools/jinfo/" >> $@
 	$(ECHO) "sun/tools/jmap/" >> $@
+ifndef OPENJDK
+ifndef JAVASE_EMBEDDED
+	$(ECHO) "com/oracle/jrockit/jfr/" >> $@
+	$(ECHO) "com/oracle/jrockit/jfr/client/" >> $@
+	$(ECHO) "com/oracle/jrockit/jfr/management/" >> $@
+	$(ECHO) "oracle/jrockit/jfr/" >> $@
+	$(ECHO) "oracle/jrockit/jfr/events/" >> $@
+	$(ECHO) "oracle/jrockit/jfr/openmbean/" >> $@
+	$(ECHO) "oracle/jrockit/jfr/parser/" >> $@
+	$(ECHO) "oracle/jrockit/jfr/settings/" >> $@
+	$(ECHO) "oracle/jrockit/jfr/tools/" >> $@
+	$(ECHO) "oracle/jrockit/jfr/util/" >> $@
+	$(ECHO) "oracle/jrockit/jfr/util/log/" >> $@
+	$(ECHO) "oracle/jrockit/jfr/util/os/" >> $@
+	$(ECHO) "oracle/jrockit/jfr/util/text/" >> $@
+endif
+endif
 
 
 # File order list for rt.jar
@@ -605,6 +630,20 @@
 	$(MV) $@.temp $@
 	@($(CD) $(CLASSBINDIR) && $(java-vm-cleanup))
 
+# Create the jfr.jar containing Java Flight Recorder implementation
+JFR_JAR=
+ifndef OPENJDK
+ifndef JAVASE_EMBEDDED
+JFR_JAR=$(ABS_TEMPDIR)/jfr-orig.jar
+$(JFR_JAR): $(OTHER_JAR_MANIFEST_FILE)
+	$(prep-target)
+	$(CD) $(CLASSBINDIR) && \
+	    $(BOOT_JAR_CMD) $(CREATE_JAR_OPTS) $(OTHER_JAR_MANIFEST_FILE) $@ \
+		$(JFR_CLASSES_DIRS) $(BOOT_JAR_JFLAGS)
+	@$(CD) $(CLASSBINDIR) && $(java-vm-cleanup)
+endif
+endif
+
 # Create the rt.jar file list & non-class files list
 
 JARSPLIT_JARFILE = $(BUILDTOOLJARDIR)/jarsplit.jar
@@ -739,7 +778,7 @@
 # drive names like C:
 initial-image-jre:: initial-image-jre-setup \
 		    $(JRE_DOCFILES) \
-		    $(RT_JAR) $(RESOURCES_JAR) $(JSSE_JAR) \
+		    $(RT_JAR) $(RESOURCES_JAR) $(JSSE_JAR) $(JFR_JAR) \
 		    $(BUILDMETAINDEX_JARFILE)
 	@# Copy in bin directory
 	$(CD) $(OUTPUTDIR) && $(FIND) bin -depth | $(CPIO) -pdum $(JRE_IMAGE_DIR)
@@ -767,6 +806,9 @@
 	$(CP) $(RT_JAR) $(JRE_IMAGE_DIR)/lib/rt.jar
 	$(CP) $(RESOURCES_JAR) $(JRE_IMAGE_DIR)/lib/resources.jar
 	$(CP) $(JSSE_JAR) $(JRE_IMAGE_DIR)/lib/jsse.jar
+ifneq ($(JFR_JAR),)
+	$(CP) $(JFR_JAR) $(JRE_IMAGE_DIR)/lib/jfr.jar
+endif
 	@# Generate meta-index to make boot and extension class loaders lazier
 	$(CD) $(JRE_IMAGE_DIR)/lib && \
 	    $(BOOT_JAVA_CMD) -jar $(BUILDMETAINDEX_JARFILE) \
--- a/make/java/management/mapfile-vers	Fri Jan 27 08:49:35 2012 -0800
+++ b/make/java/management/mapfile-vers	Fri Jan 27 16:48:41 2012 -0800
@@ -54,6 +54,9 @@
 	    Java_sun_management_GcInfoBuilder_getLastGcInfo0;
 	    Java_sun_management_GcInfoBuilder_getNumGcExtAttributes;
 	    Java_sun_management_HotSpotDiagnostic_dumpHeap;
+	    Java_sun_management_HotSpotDiagnostic_executeDiagnosticCommand0;
+	    Java_sun_management_HotSpotDiagnostic_getDiagnosticCommandInfo0;
+	    Java_sun_management_HotSpotDiagnostic_getDiagnosticCommands0;
 	    Java_sun_management_HotspotThread_getInternalThreadCount;
 	    Java_sun_management_HotspotThread_getInternalThreadTimes0;
 	    Java_sun_management_MemoryImpl_getMemoryManagers0;
--- a/make/launchers/Makefile	Fri Jan 27 08:49:35 2012 -0800
+++ b/make/launchers/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -64,6 +64,7 @@
 $(call make-launcher, javadoc, com.sun.tools.javadoc.Main, , )
 $(call make-launcher, javah, com.sun.tools.javah.Main, , )
 $(call make-launcher, javap, com.sun.tools.javap.Main, , )
+$(call make-launcher, jcmd, sun.tools.jcmd.JCmd, , )
 $(call make-launcher, jconsole, sun.tools.jconsole.JConsole, \
   -J-Djconsole.showOutputViewer, )
 $(call make-launcher, jdb, com.sun.tools.example.debug.tty.TTY, , )
--- a/make/sun/awt/Makefile	Fri Jan 27 08:49:35 2012 -0800
+++ b/make/sun/awt/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 1995, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 1995, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -367,7 +367,8 @@
 FONTCONFIGS_SRC	= $(CLOSED_SRC)/solaris/classes/sun/awt/fontconfigs
 _FONTCONFIGS	= \
 	fontconfig.properties				\
-	fontconfig.RedHat.5.5.properties		\
+	fontconfig.RedHat.5.properties			\
+	fontconfig.RedHat.6.properties			\
 	fontconfig.Turbo.properties			\
 	fontconfig.SuSE.10.properties                   \
 	fontconfig.SuSE.11.properties
--- a/make/sun/security/ec/Makefile	Fri Jan 27 08:49:35 2012 -0800
+++ b/make/sun/security/ec/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -156,7 +156,7 @@
       $(PKGDIR)/ECDSASignature.java \
       $(PKGDIR)/ECKeyPairGenerator.java
 
-  JAVAHFLAGS += -classpath $(CLASSDESTDIR)
+  JAVAHFLAGS = -bootclasspath "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)"
 
   #
   # C and C++ files
--- a/make/sun/security/mscapi/Makefile	Fri Jan 27 08:49:35 2012 -0800
+++ b/make/sun/security/mscapi/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -149,7 +149,7 @@
 # Rules
 #
 CLASSDESTDIR = $(TEMPDIR)/classes
-JAVAHFLAGS += -classpath $(CLASSDESTDIR)
+JAVAHFLAGS = -bootclasspath "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)"
 
 include $(BUILDDIR)/common/Mapfile-vers.gmk
 
--- a/make/sun/security/pkcs11/Makefile	Fri Jan 27 08:49:35 2012 -0800
+++ b/make/sun/security/pkcs11/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -147,7 +147,7 @@
 # Rules
 #
 CLASSDESTDIR = $(TEMPDIR)/classes
-JAVAHFLAGS += -Xbootclasspath/p:$(CLASSDESTDIR)
+JAVAHFLAGS = -bootclasspath "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)"
 
 include $(BUILDDIR)/common/Mapfile-vers.gmk
 
--- a/make/sun/tools/Makefile	Fri Jan 27 08:49:35 2012 -0800
+++ b/make/sun/tools/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -42,6 +42,7 @@
   sun/tools/jstack \
   sun/tools/jstat \
   sun/tools/jstatd \
+  sun/tools/jcmd \
   com/sun/tools/hat \
   com/sun/tools/script/shell \
   sun/jvmstat
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/linux/doc/man/jcmd.1	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,124 @@
+." Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+." DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+."
+." This code is free software; you can redistribute it and/or modify it
+." under the terms of the GNU General Public License version 2 only, as
+." published by the Free Software Foundation.
+."
+." This code is distributed in the hope that it will be useful, but WITHOUT
+." ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+." FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+." version 2 for more details (a copy is included in the LICENSE file that
+." accompanied this code).
+."
+." You should have received a copy of the GNU General Public License version
+." 2 along with this work; if not, write to the Free Software Foundation,
+." Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+."
+." Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+." or visit www.oracle.com if you need additional information or have any
+." questions.
+."
+.TH jcmd 1 "22 Novembre 2011"
+
+.LP
+.SH "Name"
+jcmd \- Diagnostic Command
+.br
+
+.LP
+.SH "SYNOPSIS"
+.LP
+.nf
+\f3
+.fl
+\fP\f3jcmd\fP [ option ]
+.fl
+\f3jcmd\fP <\fIpid\fR | \fImain class\fR> PerfCounter.print
+.fl
+\f3jcmd\fP <\fIpid\fR | \fImain class\fR> \fIcommand\fR [\fIarguments\fR]
+.fl
+\f3jcmd\fP <\fIpid\fR | \fImain class\fR> -f \fIfile\fR
+.fl
+.fl
+.fi
+
+.LP
+.SH "DESCRIPTION"
+.LP
+.LP
+\f3jcmd\fP is a utility to send diagnostic command requests to a Java 
+Virtual Machine supporting this feature. Used without arguments or with the \-l option, jcmd prints the list of running Java processes with their process id, their main class and their command line arguments. When a process id is specified on the command line, jcmd sends the diagnostic command request to the process with this id. When a main class is specified on the command line, jcmd sends the diagnostic command request to all Java processes with this main class. With the PerfCounter.print argument, jcmd prints the performance counters available on the targeted Java process(es). With the \-f option, jcmd sends to the targeted Java process(es) the diagnostic commands stored in the file \fIfile\fR.
+.LP
+\fP
+.fi
+
+.SH "OPTIONS"
+.LP
+.LP
+Options are mutually exclusive. Options, if used, should follow immediately after the command name.
+.LP
+.RS 3
+.TP 3
+\-l 
+prints the list of running Java processes with their process id, their
+main class and their command line arguments. 
+.TP 3
+\-h 
+prints a help message.
+.br
+.br
+.TP 3
+\-help 
+prints a help message
+.br
+.RE
+
+.LP
+.SH "PARAMETERS"
+.LP
+.RS 3
+.TP 3
+\fIpid\fR
+Identifies the process which will receive the diagnostic command requests. The process must be a Java process. To get a list of Java processes running on a machine, jps(1) or jcmd(1) may be used. 
+.RE
+.LP
+.RS 3
+.TP 3
+\fImain class\fR
+Main class of the process which will receive the diagnostic command requests. If several running Java processes share this main class, the diagnostic command request will be sent to all these processes. To get a list of Java processes running on a machine, jps(1) or jcmd(1) may be used. 
+.RE
+.RS 3
+.TP 3
+\fIcommand\fR [\fIarguments\fR]
+Invoke the diagnostic command called \fIcommand\fR on the targeted Java
+process(es). The list of available diagnostic commands for a given
+process can be obtained by invoking the 'help' command on this process.
+Each diagnostic command has its own set of \fIarguments\fR which can be 
+obtained by invoking the 'help' command followed by the command name.
+.RE
+.RS 3
+.TP 3
+\fIPerfCounter.print\fR
+Print the performance counters available on the targeted Java
+process(es). The list of performance counters may vary with the Java
+process.
+.RE
+.RS 3
+.TP 3
+\fI-f file\fR
+Read commands from \fIfile\fR and invoke them on the targeted Java
+process(es). In  \fIfile\fR, each command must be written on a single line. 
+Lines starting with # are ignored. Processing of \fIfile\fR ends when
+all lines have been invoked or when a line containing the 'stop' keyword
+is read.
+.LP
+.SH "SEE ALSO"
+.LP
+.RS 3
+.TP 2
+o
+jps(1) 
+.RE
+
+ 
--- a/src/share/bin/java.c	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/bin/java.c	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1995, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1224,14 +1224,7 @@
                 "checkAndLoadMain",
                 "(ZILjava/lang/String;)Ljava/lang/Class;"));
 
-    switch (mode) {
-        case LM_CLASS:
-            str = NewPlatformString(env, name);
-            break;
-        default:
-            str = (*env)->NewStringUTF(env, name);
-            break;
-    }
+    str = NewPlatformString(env, name);
     result = (*env)->CallStaticObjectMethod(env, cls, mid, USE_STDERR, mode, str);
 
     if (JLI_IsTraceLauncher()) {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/com/sun/management/DiagnosticCommandArgumentInfo.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,151 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.sun.management;
+
+import java.beans.ConstructorProperties;
+
+/**
+ * Diagnostic Command Argument information. It contains the description
+ * of one parameter of the diagnostic command. A parameter can either be an
+ * option or an argument. Options are identified by the option name while
+ * arguments are identified by their position in the command line. The generic
+ * syntax of a diagnostic command is:
+ *  <blockquote>
+ *    &lt;command name&gt; [&lt;option&gt;=&lt;value&gt;] [&lt;argument_value&gt;]
+ * </blockquote>
+ * Example:
+ * <blockquote>
+ * command_name option1=value1 option2=value argumentA argumentB argumentC
+ * </blockquote>
+ * In this command line, the diagnostic command receives five parameters, two
+ * options named {@code option1} and {@code option2}, and three arguments.
+ * argumentA's position is 0, argumentB's position is 1 and argumentC's
+ * position is 2.
+ *
+ * @author  Frederic Parain
+ * @since   7u4
+ */
+
+public class DiagnosticCommandArgumentInfo {
+    private final String name;
+    private final String description;
+    private final String type;
+    private final String defaultValue;
+    private final boolean mandatory;
+    private final boolean option;
+    private final int position;
+
+    /**
+     * Returns the argument name
+     *
+     * @return the argument name
+     */
+    public String getName() {
+        return name;
+    }
+
+   /**
+     * Returns the argument description
+     *
+     * @return the argument description
+     */
+    public String getDescription() {
+        return description;
+    }
+
+    /**
+     * Returns the argument type
+     *
+     * @return the argument type
+     */
+    public String getType() {
+        return type;
+    }
+
+    /**
+     * Returns the default value as a String if a default value
+     * is defined, null otherwise.
+     *
+     * @return the default value as a String if a default value
+     * is defined, null otherwise.
+     */
+    public String getDefault() {
+        return defaultValue;
+    }
+
+    /**
+     * Returns {@code true} if the argument is mandatory,
+     *         {@code false} otherwise
+     *
+     * @return {@code true} if the argument is mandatory,
+     *         {@code false} otherwise
+     */
+    public boolean isMandatory() {
+        return mandatory;
+    }
+
+    /**
+     * Returns {@code true} if the argument is an option,
+     *         {@code false} otherwise. Options have to be specified using the
+     *         &lt;key&gt;=&lt;value&gt; syntax on the command line, while other
+     *         arguments are specified with a single &lt;value&gt; field and are
+     *         identified by their position on command line.
+     *
+     * @return {@code true} if the argument is an option,
+     *         {@code false} otherwise
+     */
+    public boolean isOption() {
+        return option;
+    }
+
+    /**
+     * Returns the expected position of this argument if it is not an option,
+     *         -1 otherwise. Argument position if defined from left to right,
+     *         starting at zero and ignoring the diagnostic command name and
+     *         options.
+     *
+     * @return the expected position of this argument if it is not an option,
+     *         -1 otherwise.
+     */
+    public int getPosition() {
+        return position;
+    }
+
+    @ConstructorProperties({"name","description","type","default",
+                "mandatory","option","position"})
+    public DiagnosticCommandArgumentInfo(String name, String description,
+                                         String type, String defaultValue,
+                                         boolean mandatory, boolean option,
+                                         int position) {
+        this.name = name;
+        this.description = description;
+        this.type = type;
+        this.defaultValue = defaultValue;
+        this.mandatory = mandatory;
+        this.option = option;
+        this.position = position;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/com/sun/management/DiagnosticCommandInfo.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,110 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.sun.management;
+
+import java.beans.ConstructorProperties;
+import java.util.List;
+
+/**
+ * Diagnostic command information. It contains the description of a
+ * diagnostic command.
+ *
+ * @author  Frederic Parain
+ * @since   7u4
+ */
+
+public class DiagnosticCommandInfo {
+    private final String name;
+    private final String description;
+    private final String impact;
+    private final boolean enabled;
+    private final List<DiagnosticCommandArgumentInfo> arguments;
+
+    /**
+     * Returns the diagnostic command name
+     *
+     * @return the diagnostic command name
+     */
+    public String getName() {
+        return name;
+    }
+
+   /**
+     * Returns the diagnostic command description
+     *
+     * @return the diagnostic command description
+     */
+    public String getDescription() {
+        return description;
+    }
+
+     /**
+     * Returns the potential impact of the diagnostic command execution
+     *         on the Java virtual machine behavior
+     *
+     * @return the potential impact of the diagnostic command execution
+     *         on the Java virtual machine behavior
+     */
+    public String getImpact() {
+        return impact;
+    }
+
+    /**
+     * Returns {@code true} if the diagnostic command is enabled,
+     *         {@code false} otherwise. The enabled/disabled
+     *         status of a diagnostic command can evolve during
+     *         the lifetime of the Java virtual machine.
+     *
+     * @return {@code true} if the diagnostic command is enabled,
+     *         {@code false} otherwise
+     */
+    public boolean isEnabled() {
+        return enabled;
+    }
+
+    /**
+     * Returns the list of the diagnostic command arguments description.
+     * If the diagnostic command has no arguments, it returns an empty list.
+     *
+     * @return a list of the diagnostic command arguments description
+     */
+    public List<DiagnosticCommandArgumentInfo> getArgumentsInfo() {
+        return arguments;
+    }
+
+    @ConstructorProperties({"name", "description","impact","enabled",
+                "argumentsInfo"})
+    public DiagnosticCommandInfo(String name, String description,
+                                 String impact, boolean enabled,
+                                 List<DiagnosticCommandArgumentInfo> arguments)
+    {
+        this.name = name;
+        this.description = description;
+        this.impact = impact;
+        this.enabled = enabled;
+        this.arguments = arguments;
+    }
+}
--- a/src/share/classes/com/sun/management/HotSpotDiagnosticMXBean.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/com/sun/management/HotSpotDiagnosticMXBean.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,11 +25,18 @@
 
 package com.sun.management;
 
+import java.util.List;
 import java.lang.management.PlatformManagedObject;
 
 /**
  * Diagnostic management interface for the HotSpot Virtual Machine.
- * The diagnostic MBean is registered to the platform MBeanServer
+ *
+ * <p>{@linkplain #getDiagnosticCommands Diagnostic commands}
+ * are actions that can be invoked dynamically and
+ * executed in a target Java virtual machine, mainly for troubleshooting
+ * and diagnosis.
+ *
+ * <p>The diagnostic MBean is registered to the platform MBeanServer
  * as are other platform MBeans.
  *
  * <p>The <tt>ObjectName</tt> for uniquely identifying the diagnostic
@@ -41,6 +48,9 @@
  * It can be obtained by calling the
  * {@link PlatformManagedObject#getObjectName} method.
  *
+ * All methods throw a {@code NullPointerException} if any input argument is
+ * {@code null} unless it's stated otherwise.
+ *
  * @see ManagementFactory#getPlatformMXBeans(Class)
  */
 public interface HotSpotDiagnosticMXBean extends PlatformManagedObject {
@@ -101,9 +111,113 @@
      * @throws IllegalArgumentException if the VM option is not writeable.
      * @throws NullPointerException if name or value is <tt>null</tt>.
      *
-     * @throws  java.security.SecurityException
+     * @throws  java.lang.SecurityException
      *     if a security manager exists and the caller does not have
      *     ManagementPermission("control").
      */
     public void setVMOption(String name, String value);
+
+    /**
+     * Returns the {@linkplain DiagnosticCommandInfo#getName() names}
+     * of all diagnostic commands.
+     * A diagnostic command is an action that can be invoked dynamically
+     * mainly for troubleshooting and diagnosis.  The list of diagnostic
+     * commands may change at runtime.  A diagnostic command may be
+     * {@linkplain DiagnosticCommandInfo#isEnabled disabled} but will
+     * not be removed from a previously returned list.
+     *
+     * @return the names of all diagnostic commands.
+     *
+     * @since 7u4
+     */
+    public List<String> getDiagnosticCommands();
+
+    /**
+     * Returns a {@code DiagnosticCommandInfo} object describing the
+     * diagnostic command of the specified name {@code command}
+     *
+     * @param command a diagnostic command name
+     * @return a {@code DiagnosticCommandInfo} object
+     * @throws java.lang.IllegalArgumentException if the {@code command}
+     *         doesn't match any diagnostic command registered in the
+     *         targeted Java virtual machine.
+     *
+     * @since 7u4
+     */
+    public DiagnosticCommandInfo getDiagnosticCommandInfo(String command);
+
+    /**
+     * Returns a list of {@code DiagnosticCommandInfo} object describing
+     * all diagnostic commands available on the targeted Java virtual machine
+     *
+     * @return a list of {@code DiagnosticCommandInfo} objects
+     *
+     * @since 7u4
+     */
+    public List<DiagnosticCommandInfo> getDiagnosticCommandInfo();
+
+    /**
+     * Returns a list of {@code DiagnosticCommandInfo} object describing
+     * all diagnostic commands specified in the {@code commands} list.
+     *
+     * @param commands {@code List} of {@code String} containing diagnostic
+     *        command names
+     * @return a {@code List} of {@code DiagnosticCommandInfo} objects
+     *
+     * @throws java.lang.IllegalArgumentException if at least one
+     *         command specified in the {@code commands } list
+     *         doesn't match any diagnostic command registered in the
+     *         targeted Java virtual machine.
+     *
+     * @since 7u4
+     */
+    public List<DiagnosticCommandInfo> getDiagnosticCommandInfo(List<String> commands);
+
+    /**
+     * Executes the command line {@code commandLine}. The command line must
+     * start with a diagnostic command name, optionally followed by parameters.
+     * Each command has its own syntax but the generic syntax for a diagnostic
+     * command line is:
+     * <blockquote>
+     *    &lt;command name&gt; [&lt;option&gt;=&lt;value&gt;] [&lt;argument_value&gt;]
+     * </blockquote>
+     *
+     * @param commandLine command line to execute
+     * @return a {@code String} object containing the diagnostic command
+     *         output.
+     *
+     * @throws java.lang.IllegalArgumentException if the command line doesn't
+     *         match any diagnostic command registered in the virtual machine
+     *         of if the parameters don't match the diagnostic command syntax.
+     * @throws java.lang.SecurityException
+     *         if a security manager exists and the caller does not have
+     *         ManagementPermission("control").
+     *
+     * @since 7u4
+     */
+    public String execute(String commandLine);
+
+    /**
+     * Invokes the diagnostic command named {@code cmd} with the parameters
+     * specified in {@code args}. Each command has its own syntax but
+     * the generic syntax for parameters is:
+     * <blockquote>
+     *    [&lt;option&gt;=&lt;value&gt;] [&lt;argument_value&gt;]
+     * </blockquote>
+     *
+     * @param cmd a diagnostic command name
+     * @param args the command parameters
+     * @return a {@code String} object containing the diagnostic command
+     *         output.
+     *
+     * @throws java.lang.IllegalArgumentException if the command line doesn't
+     *         match any diagnostic command registered in the virtual machine
+     *         of if the parameters don't match the diagnostic command syntax.
+     * @throws java.lang.SecurityException
+     *         if a security manager exists and the caller does not have
+     *         ManagementPermission("control").
+     *
+     * @since 7u4
+     */
+    public String execute(String cmd, String... args);
 }
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/transforms/implementations/TransformXPath2Filter.java	Fri Jan 27 16:48:41 2012 -0800
@@ -148,8 +148,8 @@
          }
 
 
-         input.addNodeFilter(new XPath2NodeFilter(convertNodeListToSet(unionNodes),
-                         convertNodeListToSet(substractNodes),convertNodeListToSet(intersectNodes)));
+         input.addNodeFilter(new XPath2NodeFilter(unionNodes, substractNodes,
+                                                  intersectNodes));
          input.setNodeSet(true);
          return input;
       } catch (TransformerException ex) {
@@ -170,35 +170,20 @@
          throw new TransformationException("empty", ex);
       }
    }
-   static Set convertNodeListToSet(List l){
-           Set result=new HashSet();
-           for (int j=0;j<l.size();j++) {
-                   NodeList rootNodes=(NodeList) l.get(j);
-               int length = rootNodes.getLength();
-
-               for (int i = 0; i < length; i++) {
-                    Node rootNode = rootNodes.item(i);
-                    result.add(rootNode);
-
-                 }
-
-           }
-           return result;
-   }
 }
 
 class XPath2NodeFilter implements NodeFilter {
-        boolean hasUnionNodes;
-        boolean hasSubstractNodes;
-        boolean hasIntersectNodes;
-        XPath2NodeFilter(Set unionNodes, Set substractNodes,
-                        Set intersectNodes) {
-                this.unionNodes=unionNodes;
-                hasUnionNodes=!unionNodes.isEmpty();
-                this.substractNodes=substractNodes;
-                hasSubstractNodes=!substractNodes.isEmpty();
-                this.intersectNodes=intersectNodes;
-                hasIntersectNodes=!intersectNodes.isEmpty();
+        boolean hasUnionFilter;
+        boolean hasSubstractFilter;
+        boolean hasIntersectFilter;
+        XPath2NodeFilter(List unionNodes, List substractNodes,
+                        List intersectNodes) {
+                hasUnionFilter=!unionNodes.isEmpty();
+                this.unionNodes=convertNodeListToSet(unionNodes);
+                hasSubstractFilter=!substractNodes.isEmpty();
+                this.substractNodes=convertNodeListToSet(substractNodes);
+                hasIntersectFilter=!intersectNodes.isEmpty();
+                this.intersectNodes=convertNodeListToSet(intersectNodes);
         }
         Set unionNodes;
         Set substractNodes;
@@ -211,16 +196,16 @@
    public int isNodeInclude(Node currentNode) {
            int result=1;
 
-           if (hasSubstractNodes && rooted(currentNode, substractNodes)) {
+           if (hasSubstractFilter && rooted(currentNode, substractNodes)) {
                       result = -1;
-           } else if (hasIntersectNodes && !rooted(currentNode, intersectNodes)) {
+           } else if (hasIntersectFilter && !rooted(currentNode, intersectNodes)) {
                    result = 0;
            }
 
           //TODO OPTIMIZE
       if (result==1)
           return 1;
-      if (hasUnionNodes) {
+      if (hasUnionFilter) {
           if (rooted(currentNode, unionNodes)) {
                    return 1;
           }
@@ -234,7 +219,7 @@
    int inUnion=-1;
    public int isNodeIncludeDO(Node n, int level) {
            int result=1;
-           if (hasSubstractNodes) {
+           if (hasSubstractFilter) {
                    if ((inSubstract==-1) || (level<=inSubstract)) {
                            if (inList(n,  substractNodes)) {
                                    inSubstract=level;
@@ -247,7 +232,7 @@
                    }
            }
            if (result!=-1){
-                   if (hasIntersectNodes) {
+                   if (hasIntersectFilter) {
                    if ((inIntersect==-1) || (level<=inIntersect)) {
                            if (!inList(n,  intersectNodes)) {
                                    inIntersect=-1;
@@ -263,7 +248,7 @@
                    inUnion=-1;
       if (result==1)
           return 1;
-      if (hasUnionNodes) {
+      if (hasUnionFilter) {
           if ((inUnion==-1) && inList(n,  unionNodes)) {
                   inUnion=level;
           }
@@ -283,6 +268,9 @@
     * @return if rooted bye the rootnodes
     */
    static boolean  rooted(Node currentNode, Set nodeList ) {
+           if (nodeList.isEmpty()) {
+               return false;
+           }
            if (nodeList.contains(currentNode)) {
                    return true;
            }
@@ -306,4 +294,17 @@
       static boolean  inList(Node currentNode, Set nodeList ) {
               return nodeList.contains(currentNode);
       }
+
+    private static Set convertNodeListToSet(List l){
+        Set result=new HashSet();
+        for (int j=0;j<l.size();j++) {
+             NodeList rootNodes=(NodeList) l.get(j);
+             int length = rootNodes.getLength();
+             for (int i = 0; i < length; i++) {
+                 Node rootNode = rootNodes.item(i);
+                 result.add(rootNode);
+             }
+        }
+        return result;
+    }
 }
--- a/src/share/classes/java/lang/Class.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/java/lang/Class.java	Fri Jan 27 16:48:41 2012 -0800
@@ -3114,4 +3114,9 @@
     AnnotationType getAnnotationType() {
         return annotationType;
     }
+
+    /* Backing store of user-defined values pertaining to this class.
+     * Maintained by the ClassValue class.
+     */
+    transient ClassValue.ClassValueMap classValueMap;
 }
--- a/src/share/classes/java/lang/ClassValue.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/java/lang/ClassValue.java	Fri Jan 27 16:48:41 2012 -0800
@@ -25,9 +25,14 @@
 
 package java.lang;
 
+import java.lang.ClassValue.ClassValueMap;
 import java.util.WeakHashMap;
+import java.lang.ref.WeakReference;
 import java.util.concurrent.atomic.AtomicInteger;
 
+import static java.lang.ClassValue.ClassValueMap.probeHomeLocation;
+import static java.lang.ClassValue.ClassValueMap.probeBackupLocations;
+
 /**
  * Lazily associate a computed value with (potentially) every type.
  * For example, if a dynamic language needs to construct a message dispatch
@@ -92,14 +97,22 @@
      * @see #computeValue
      */
     public T get(Class<?> type) {
-        ClassValueMap map = getMap(type);
-        if (map != null) {
-            Object x = map.get(this);
-            if (x != null) {
-                return (T) map.unmaskNull(x);
-            }
-        }
-        return setComputedValue(type);
+        // non-racing this.hashCodeForCache : final int
+        Entry<?>[] cache;
+        Entry<T> e = probeHomeLocation(cache = getCacheCarefully(type), this);
+        // racing e : current value <=> stale value from current cache or from stale cache
+        // invariant:  e is null or an Entry with readable Entry.version and Entry.value
+        if (match(e))
+            // invariant:  No false positive matches.  False negatives are OK if rare.
+            // The key fact that makes this work: if this.version == e.version,
+            // then this thread has a right to observe (final) e.value.
+            return e.value();
+        // The fast path can fail for any of these reasons:
+        // 1. no entry has been computed yet
+        // 2. hash code collision (before or after reduction mod cache.length)
+        // 3. an entry has been removed (either on this type or another)
+        // 4. the GC has somehow managed to delete e.version and clear the reference
+        return getFromBackup(cache, type);
     }
 
     /**
@@ -157,83 +170,582 @@
      */
     public void remove(Class<?> type) {
         ClassValueMap map = getMap(type);
-        if (map != null) {
-            synchronized (map) {
-                map.remove(this);
+        map.removeEntry(this);
+    }
+
+    // Possible functionality for JSR 292 MR 1
+    /*public*/ void put(Class<?> type, T value) {
+        ClassValueMap map = getMap(type);
+        map.changeEntry(this, value);
+    }
+
+    /// --------
+    /// Implementation...
+    /// --------
+
+    /** Return the cache, if it exists, else a dummy empty cache. */
+    private static Entry<?>[] getCacheCarefully(Class<?> type) {
+        // racing type.classValueMap{.cacheArray} : null => new Entry[X] <=> new Entry[Y]
+        ClassValueMap map = type.classValueMap;
+        if (map == null)  return EMPTY_CACHE;
+        Entry<?>[] cache = map.getCache();
+        return cache;
+        // invariant:  returned value is safe to dereference and check for an Entry
+    }
+
+    /** Initial, one-element, empty cache used by all Class instances.  Must never be filled. */
+    private static final Entry<?>[] EMPTY_CACHE = { null };
+
+    /**
+     * Slow tail of ClassValue.get to retry at nearby locations in the cache,
+     * or take a slow lock and check the hash table.
+     * Called only if the first probe was empty or a collision.
+     * This is a separate method, so compilers can process it independently.
+     */
+    private T getFromBackup(Entry<?>[] cache, Class<?> type) {
+        Entry<T> e = probeBackupLocations(cache, this);
+        if (e != null)
+            return e.value();
+        return getFromHashMap(type);
+    }
+
+    // Hack to suppress warnings on the (T) cast, which is a no-op.
+    @SuppressWarnings("unchecked")
+    Entry<T> castEntry(Entry<?> e) { return (Entry<T>) e; }
+
+    /** Called when the fast path of get fails, and cache reprobe also fails.
+     */
+    private T getFromHashMap(Class<?> type) {
+        // The fail-safe recovery is to fall back to the underlying classValueMap.
+        ClassValueMap map = getMap(type);
+        for (;;) {
+            Entry<T> e = map.startEntry(this);
+            if (!e.isPromise())
+                return e.value();
+            try {
+                // Try to make a real entry for the promised version.
+                e = makeEntry(e.version(), computeValue(type));
+            } finally {
+                // Whether computeValue throws or returns normally,
+                // be sure to remove the empty entry.
+                e = map.finishEntry(this, e);
             }
+            if (e != null)
+                return e.value();
+            // else try again, in case a racing thread called remove (so e == null)
         }
     }
 
-    /// Implementation...
-    // FIXME: Use a data structure here similar that of ThreadLocal (7030453).
-
-    private static final AtomicInteger STORE_BARRIER = new AtomicInteger();
-
-    /** Slow path for {@link #get}. */
-    private T setComputedValue(Class<?> type) {
-        ClassValueMap map = getMap(type);
-        if (map == null) {
-            map = initializeMap(type);
-        }
-        T value = computeValue(type);
-        STORE_BARRIER.lazySet(0);
-        // All stores pending from computeValue are completed.
-        synchronized (map) {
-            // Warm up the table with a null entry.
-            map.preInitializeEntry(this);
-        }
-        STORE_BARRIER.lazySet(0);
-        // All stores pending from table expansion are completed.
-        synchronized (map) {
-            value = (T) map.initializeEntry(this, value);
-            // One might fear a possible race condition here
-            // if the code for map.put has flushed the write
-            // to map.table[*] before the writes to the Map.Entry
-            // are done.  This is not possible, since we have
-            // warmed up the table with an empty entry.
-        }
-        return value;
+    /** Check that e is non-null, matches this ClassValue, and is live. */
+    boolean match(Entry<?> e) {
+        // racing e.version : null (blank) => unique Version token => null (GC-ed version)
+        // non-racing this.version : v1 => v2 => ... (updates are read faithfully from volatile)
+        return (e != null && e.get() == this.version);
+        // invariant:  No false positives on version match.  Null is OK for false negative.
+        // invariant:  If version matches, then e.value is readable (final set in Entry.<init>)
     }
 
-    // Replace this map by a per-class slot.
-    private static final WeakHashMap<Class<?>, ClassValueMap> ROOT
-        = new WeakHashMap<Class<?>, ClassValueMap>();
+    /** Internal hash code for accessing Class.classValueMap.cacheArray. */
+    final int hashCodeForCache = nextHashCode.getAndAdd(HASH_INCREMENT) & HASH_MASK;
 
-    private static ClassValueMap getMap(Class<?> type) {
-        type.getClass();  // test for null
-        return ROOT.get(type);
+    /** Value stream for hashCodeForCache.  See similar structure in ThreadLocal. */
+    private static final AtomicInteger nextHashCode = new AtomicInteger();
+
+    /** Good for power-of-two tables.  See similar structure in ThreadLocal. */
+    private static final int HASH_INCREMENT = 0x61c88647;
+
+    /** Mask a hash code to be positive but not too large, to prevent wraparound. */
+    static final int HASH_MASK = (-1 >>> 2);
+
+    /**
+     * Private key for retrieval of this object from ClassValueMap.
+     */
+    static class Identity {
+    }
+    /**
+     * This ClassValue's identity, expressed as an opaque object.
+     * The main object {@code ClassValue.this} is incorrect since
+     * subclasses may override {@code ClassValue.equals}, which
+     * could confuse keys in the ClassValueMap.
+     */
+    final Identity identity = new Identity();
+
+    /**
+     * Current version for retrieving this class value from the cache.
+     * Any number of computeValue calls can be cached in association with one version.
+     * But the version changes when a remove (on any type) is executed.
+     * A version change invalidates all cache entries for the affected ClassValue,
+     * by marking them as stale.  Stale cache entries do not force another call
+     * to computeValue, but they do require a synchronized visit to a backing map.
+     * <p>
+     * All user-visible state changes on the ClassValue take place under
+     * a lock inside the synchronized methods of ClassValueMap.
+     * Readers (of ClassValue.get) are notified of such state changes
+     * when this.version is bumped to a new token.
+     * This variable must be volatile so that an unsynchronized reader
+     * will receive the notification without delay.
+     * <p>
+     * If version were not volatile, one thread T1 could persistently hold onto
+     * a stale value this.value == V1, while while another thread T2 advances
+     * (under a lock) to this.value == V2.  This will typically be harmless,
+     * but if T1 and T2 interact causally via some other channel, such that
+     * T1's further actions are constrained (in the JMM) to happen after
+     * the V2 event, then T1's observation of V1 will be an error.
+     * <p>
+     * The practical effect of making this.version be volatile is that it cannot
+     * be hoisted out of a loop (by an optimizing JIT) or otherwise cached.
+     * Some machines may also require a barrier instruction to execute
+     * before this.version.
+     */
+    private volatile Version<T> version = new Version<>(this);
+    Version<T> version() { return version; }
+    void bumpVersion() { version = new Version<>(this); }
+    static class Version<T> {
+        private final ClassValue<T> classValue;
+        private final Entry<T> promise = new Entry<>(this);
+        Version(ClassValue<T> classValue) { this.classValue = classValue; }
+        ClassValue<T> classValue() { return classValue; }
+        Entry<T> promise() { return promise; }
+        boolean isLive() { return classValue.version() == this; }
     }
 
+    /** One binding of a value to a class via a ClassValue.
+     *  States are:<ul>
+     *  <li> promise if value == Entry.this
+     *  <li> else dead if version == null
+     *  <li> else stale if version != classValue.version
+     *  <li> else live </ul>
+     *  Promises are never put into the cache; they only live in the
+     *  backing map while a computeValue call is in flight.
+     *  Once an entry goes stale, it can be reset at any time
+     *  into the dead state.
+     */
+    static class Entry<T> extends WeakReference<Version<T>> {
+        final Object value;  // usually of type T, but sometimes (Entry)this
+        Entry(Version<T> version, T value) {
+            super(version);
+            this.value = value;  // for a regular entry, value is of type T
+        }
+        private void assertNotPromise() { assert(!isPromise()); }
+        /** For creating a promise. */
+        Entry(Version<T> version) {
+            super(version);
+            this.value = this;  // for a promise, value is not of type T, but Entry!
+        }
+        /** Fetch the value.  This entry must not be a promise. */
+        @SuppressWarnings("unchecked")  // if !isPromise, type is T
+        T value() { assertNotPromise(); return (T) value; }
+        boolean isPromise() { return value == this; }
+        Version<T> version() { return get(); }
+        ClassValue<T> classValueOrNull() {
+            Version<T> v = version();
+            return (v == null) ? null : v.classValue();
+        }
+        boolean isLive() {
+            Version<T> v = version();
+            if (v == null)  return false;
+            if (v.isLive())  return true;
+            clear();
+            return false;
+        }
+        Entry<T> refreshVersion(Version<T> v2) {
+            assertNotPromise();
+            @SuppressWarnings("unchecked")  // if !isPromise, type is T
+            Entry<T> e2 = new Entry<>(v2, (T) value);
+            clear();
+            // value = null -- caller must drop
+            return e2;
+        }
+        static final Entry<?> DEAD_ENTRY = new Entry<>(null, null);
+    }
+
+    /** Return the backing map associated with this type. */
+    private static ClassValueMap getMap(Class<?> type) {
+        // racing type.classValueMap : null (blank) => unique ClassValueMap
+        // if a null is observed, a map is created (lazily, synchronously, uniquely)
+        // all further access to that map is synchronized
+        ClassValueMap map = type.classValueMap;
+        if (map != null)  return map;
+        return initializeMap(type);
+    }
+
+    private static final Object CRITICAL_SECTION = new Object();
     private static ClassValueMap initializeMap(Class<?> type) {
-        synchronized (ClassValue.class) {
-            ClassValueMap map = ROOT.get(type);
-            if (map == null)
-                ROOT.put(type, map = new ClassValueMap());
+        ClassValueMap map;
+        synchronized (CRITICAL_SECTION) {  // private object to avoid deadlocks
+            // happens about once per type
+            if ((map = type.classValueMap) == null)
+                type.classValueMap = map = new ClassValueMap(type);
+        }
             return map;
         }
+
+    static <T> Entry<T> makeEntry(Version<T> explicitVersion, T value) {
+        // Note that explicitVersion might be different from this.version.
+        return new Entry<>(explicitVersion, value);
+
+        // As soon as the Entry is put into the cache, the value will be
+        // reachable via a data race (as defined by the Java Memory Model).
+        // This race is benign, assuming the value object itself can be
+        // read safely by multiple threads.  This is up to the user.
+        //
+        // The entry and version fields themselves can be safely read via
+        // a race because they are either final or have controlled states.
+        // If the pointer from the entry to the version is still null,
+        // or if the version goes immediately dead and is nulled out,
+        // the reader will take the slow path and retry under a lock.
     }
 
-    static class ClassValueMap extends WeakHashMap<ClassValue, Object> {
-        /** Make sure this table contains an Entry for the given key, even if it is empty. */
-        void preInitializeEntry(ClassValue key) {
-            if (!this.containsKey(key))
-                this.put(key, null);
-        }
-        /** Make sure this table contains a non-empty Entry for the given key. */
-        Object initializeEntry(ClassValue key, Object value) {
-            Object prior = this.get(key);
-            if (prior != null) {
-                return unmaskNull(prior);
-            }
-            this.put(key, maskNull(value));
-            return value;
+    // The following class could also be top level and non-public:
+
+    /** A backing map for all ClassValues, relative a single given type.
+     *  Gives a fully serialized "true state" for each pair (ClassValue cv, Class type).
+     *  Also manages an unserialized fast-path cache.
+     */
+    static class ClassValueMap extends WeakHashMap<ClassValue.Identity, Entry<?>> {
+        private final Class<?> type;
+        private Entry<?>[] cacheArray;
+        private int cacheLoad, cacheLoadLimit;
+
+        /** Number of entries initially allocated to each type when first used with any ClassValue.
+         *  It would be pointless to make this much smaller than the Class and ClassValueMap objects themselves.
+         *  Must be a power of 2.
+         */
+        private static final int INITIAL_ENTRIES = 32;
+
+        /** Build a backing map for ClassValues, relative the given type.
+         *  Also, create an empty cache array and install it on the class.
+         */
+        ClassValueMap(Class<?> type) {
+            this.type = type;
+            sizeCache(INITIAL_ENTRIES);
         }
 
-        Object maskNull(Object x) {
-            return x == null ? this : x;
+        Entry<?>[] getCache() { return cacheArray; }
+
+        /** Initiate a query.  Store a promise (placeholder) if there is no value yet. */
+        synchronized
+        <T> Entry<T> startEntry(ClassValue<T> classValue) {
+            @SuppressWarnings("unchecked")  // one map has entries for all value types <T>
+            Entry<T> e = (Entry<T>) get(classValue.identity);
+            Version<T> v = classValue.version();
+            if (e == null) {
+                e = v.promise();
+                // The presence of a promise means that a value is pending for v.
+                // Eventually, finishEntry will overwrite the promise.
+                put(classValue.identity, e);
+                // Note that the promise is never entered into the cache!
+                return e;
+            } else if (e.isPromise()) {
+                // Somebody else has asked the same question.
+                // Let the races begin!
+                if (e.version() != v) {
+                    e = v.promise();
+                    put(classValue.identity, e);
+                }
+                return e;
+            } else {
+                // there is already a completed entry here; report it
+                if (e.version() != v) {
+                    // There is a stale but valid entry here; make it fresh again.
+                    // Once an entry is in the hash table, we don't care what its version is.
+                    e = e.refreshVersion(v);
+                    put(classValue.identity, e);
+                }
+                // Add to the cache, to enable the fast path, next time.
+                checkCacheLoad();
+                addToCache(classValue, e);
+                return e;
+            }
         }
-        Object unmaskNull(Object x) {
-            return x == this ? null : x;
+
+        /** Finish a query.  Overwrite a matching placeholder.  Drop stale incoming values. */
+        synchronized
+        <T> Entry<T> finishEntry(ClassValue<T> classValue, Entry<T> e) {
+            @SuppressWarnings("unchecked")  // one map has entries for all value types <T>
+            Entry<T> e0 = (Entry<T>) get(classValue.identity);
+            if (e == e0) {
+                // We can get here during exception processing, unwinding from computeValue.
+                assert(e.isPromise());
+                remove(classValue.identity);
+                return null;
+            } else if (e0 != null && e0.isPromise() && e0.version() == e.version()) {
+                // If e0 matches the intended entry, there has not been a remove call
+                // between the previous startEntry and now.  So now overwrite e0.
+                Version<T> v = classValue.version();
+                if (e.version() != v)
+                    e = e.refreshVersion(v);
+                put(classValue.identity, e);
+                // Add to the cache, to enable the fast path, next time.
+                checkCacheLoad();
+                addToCache(classValue, e);
+                return e;
+            } else {
+                // Some sort of mismatch; caller must try again.
+                return null;
+            }
         }
+
+        /** Remove an entry. */
+        synchronized
+        void removeEntry(ClassValue<?> classValue) {
+            // make all cache elements for this guy go stale:
+            if (remove(classValue.identity) != null) {
+                classValue.bumpVersion();
+                removeStaleEntries(classValue);
+            }
+        }
+
+        /** Change the value for an entry. */
+        synchronized
+        <T> void changeEntry(ClassValue<T> classValue, T value) {
+            @SuppressWarnings("unchecked")  // one map has entries for all value types <T>
+            Entry<T> e0 = (Entry<T>) get(classValue.identity);
+            Version<T> version = classValue.version();
+            if (e0 != null) {
+                if (e0.version() == version && e0.value() == value)
+                    // no value change => no version change needed
+                    return;
+                classValue.bumpVersion();
+                removeStaleEntries(classValue);
+            }
+            Entry<T> e = makeEntry(version, value);
+            put(classValue.identity, e);
+            // Add to the cache, to enable the fast path, next time.
+            checkCacheLoad();
+            addToCache(classValue, e);
+        }
+
+        /// --------
+        /// Cache management.
+        /// --------
+
+        // Statics do not need synchronization.
+
+        /** Load the cache entry at the given (hashed) location. */
+        static Entry<?> loadFromCache(Entry<?>[] cache, int i) {
+            // non-racing cache.length : constant
+            // racing cache[i & (mask)] : null <=> Entry
+            return cache[i & (cache.length-1)];
+            // invariant:  returned value is null or well-constructed (ready to match)
+        }
+
+        /** Look in the cache, at the home location for the given ClassValue. */
+        static <T> Entry<T> probeHomeLocation(Entry<?>[] cache, ClassValue<T> classValue) {
+            return classValue.castEntry(loadFromCache(cache, classValue.hashCodeForCache));
+        }
+
+        /** Given that first probe was a collision, retry at nearby locations. */
+        static <T> Entry<T> probeBackupLocations(Entry<?>[] cache, ClassValue<T> classValue) {
+            if (PROBE_LIMIT <= 0)  return null;
+            // Probe the cache carefully, in a range of slots.
+            int mask = (cache.length-1);
+            int home = (classValue.hashCodeForCache & mask);
+            Entry<?> e2 = cache[home];  // victim, if we find the real guy
+            if (e2 == null) {
+                return null;   // if nobody is at home, no need to search nearby
+            }
+            // assume !classValue.match(e2), but do not assert, because of races
+            int pos2 = -1;
+            for (int i = home + 1; i < home + PROBE_LIMIT; i++) {
+                Entry<?> e = cache[i & mask];
+                if (e == null) {
+                    break;   // only search within non-null runs
+                }
+                if (classValue.match(e)) {
+                    // relocate colliding entry e2 (from cache[home]) to first empty slot
+                    cache[home] = e;
+                    if (pos2 >= 0) {
+                        cache[i & mask] = Entry.DEAD_ENTRY;
+                    } else {
+                        pos2 = i;
+                    }
+                    cache[pos2 & mask] = ((entryDislocation(cache, pos2, e2) < PROBE_LIMIT)
+                                          ? e2                  // put e2 here if it fits
+                                          : Entry.DEAD_ENTRY);
+                    return classValue.castEntry(e);
+                }
+                // Remember first empty slot, if any:
+                if (!e.isLive() && pos2 < 0)  pos2 = i;
+            }
+            return null;
+        }
+
+        /** How far out of place is e? */
+        private static int entryDislocation(Entry<?>[] cache, int pos, Entry<?> e) {
+            ClassValue<?> cv = e.classValueOrNull();
+            if (cv == null)  return 0;  // entry is not live!
+            int mask = (cache.length-1);
+            return (pos - cv.hashCodeForCache) & mask;
+        }
+
+        /// --------
+        /// Below this line all functions are private, and assume synchronized access.
+        /// --------
+
+        private void sizeCache(int length) {
+            assert((length & (length-1)) == 0);  // must be power of 2
+            cacheLoad = 0;
+            cacheLoadLimit = (int) ((double) length * CACHE_LOAD_LIMIT / 100);
+            cacheArray = new Entry<?>[length];
+        }
+
+        /** Make sure the cache load stays below its limit, if possible. */
+        private void checkCacheLoad() {
+            if (cacheLoad >= cacheLoadLimit) {
+                reduceCacheLoad();
+            }
+        }
+        private void reduceCacheLoad() {
+            removeStaleEntries();
+            if (cacheLoad < cacheLoadLimit)
+                return;  // win
+            Entry<?>[] oldCache = getCache();
+            if (oldCache.length > HASH_MASK)
+                return;  // lose
+            sizeCache(oldCache.length * 2);
+            for (Entry<?> e : oldCache) {
+                if (e != null && e.isLive()) {
+                    addToCache(e);
+                }
+            }
+        }
+
+        /** Remove stale entries in the given range.
+         *  Should be executed under a Map lock.
+         */
+        private void removeStaleEntries(Entry<?>[] cache, int begin, int count) {
+            if (PROBE_LIMIT <= 0)  return;
+            int mask = (cache.length-1);
+            int removed = 0;
+            for (int i = begin; i < begin + count; i++) {
+                Entry<?> e = cache[i & mask];
+                if (e == null || e.isLive())
+                    continue;  // skip null and live entries
+                Entry<?> replacement = null;
+                if (PROBE_LIMIT > 1) {
+                    // avoid breaking up a non-null run
+                    replacement = findReplacement(cache, i);
+                }
+                cache[i & mask] = replacement;
+                if (replacement == null)  removed += 1;
+            }
+            cacheLoad = Math.max(0, cacheLoad - removed);
+        }
+
+        /** Clearing a cache slot risks disconnecting following entries
+         *  from the head of a non-null run, which would allow them
+         *  to be found via reprobes.  Find an entry after cache[begin]
+         *  to plug into the hole, or return null if none is needed.
+         */
+        private Entry<?> findReplacement(Entry<?>[] cache, int home1) {
+            Entry<?> replacement = null;
+            int haveReplacement = -1, replacementPos = 0;
+            int mask = (cache.length-1);
+            for (int i2 = home1 + 1; i2 < home1 + PROBE_LIMIT; i2++) {
+                Entry<?> e2 = cache[i2 & mask];
+                if (e2 == null)  break;  // End of non-null run.
+                if (!e2.isLive())  continue;  // Doomed anyway.
+                int dis2 = entryDislocation(cache, i2, e2);
+                if (dis2 == 0)  continue;  // e2 already optimally placed
+                int home2 = i2 - dis2;
+                if (home2 <= home1) {
+                    // e2 can replace entry at cache[home1]
+                    if (home2 == home1) {
+                        // Put e2 exactly where he belongs.
+                        haveReplacement = 1;
+                        replacementPos = i2;
+                        replacement = e2;
+                    } else if (haveReplacement <= 0) {
+                        haveReplacement = 0;
+                        replacementPos = i2;
+                        replacement = e2;
+                    }
+                    // And keep going, so we can favor larger dislocations.
+                }
+            }
+            if (haveReplacement >= 0) {
+                if (cache[(replacementPos+1) & mask] != null) {
+                    // Be conservative, to avoid breaking up a non-null run.
+                    cache[replacementPos & mask] = (Entry<?>) Entry.DEAD_ENTRY;
+                } else {
+                    cache[replacementPos & mask] = null;
+                    cacheLoad -= 1;
+                }
+            }
+            return replacement;
+        }
+
+        /** Remove stale entries in the range near classValue. */
+        private void removeStaleEntries(ClassValue<?> classValue) {
+            removeStaleEntries(getCache(), classValue.hashCodeForCache, PROBE_LIMIT);
+        }
+
+        /** Remove all stale entries, everywhere. */
+        private void removeStaleEntries() {
+            Entry[] cache = getCache();
+            removeStaleEntries(cache, 0, cache.length + PROBE_LIMIT - 1);
+        }
+
+        /** Add the given entry to the cache, in its home location, unless it is out of date. */
+        private <T> void addToCache(Entry<T> e) {
+            ClassValue<T> classValue = e.classValueOrNull();
+            if (classValue != null)
+                addToCache(classValue, e);
+        }
+
+        /** Add the given entry to the cache, in its home location. */
+        private <T> void addToCache(ClassValue<T> classValue, Entry<T> e) {
+            if (PROBE_LIMIT <= 0)  return;  // do not fill cache
+            // Add e to the cache.
+            Entry<?>[] cache = getCache();
+            int mask = (cache.length-1);
+            int home = classValue.hashCodeForCache & mask;
+            Entry<?> e2 = placeInCache(cache, home, e, false);
+            if (e2 == null)  return;  // done
+            if (PROBE_LIMIT > 1) {
+                // try to move e2 somewhere else in his probe range
+                int dis2 = entryDislocation(cache, home, e2);
+                int home2 = home - dis2;
+                for (int i2 = home2; i2 < home2 + PROBE_LIMIT; i2++) {
+                    if (placeInCache(cache, i2 & mask, e2, true) == null) {
+                        return;
+                    }
+                }
+            }
+            // Note:  At this point, e2 is just dropped from the cache.
+        }
+
+        /** Store the given entry.  Update cacheLoad, and return any live victim.
+         *  'Gently' means return self rather than dislocating a live victim.
+         */
+        private Entry<?> placeInCache(Entry<?>[] cache, int pos, Entry<?> e, boolean gently) {
+            Entry<?> e2 = overwrittenEntry(cache[pos]);
+            if (gently && e2 != null) {
+                // do not overwrite a live entry
+                return e;
+            } else {
+                cache[pos] = e;
+                return e2;
+            }
+        }
+
+        /** Note an entry that is about to be overwritten.
+         *  If it is not live, quietly replace it by null.
+         *  If it is an actual null, increment cacheLoad,
+         *  because the caller is going to store something
+         *  in its place.
+         */
+        private <T> Entry<T> overwrittenEntry(Entry<T> e2) {
+            if (e2 == null)  cacheLoad += 1;
+            else if (e2.isLive())  return e2;
+            return null;
+        }
+
+        /** Percent loading of cache before resize. */
+        private static final int CACHE_LOAD_LIMIT = 67;  // 0..100
+        /** Maximum number of probes to attempt. */
+        private static final int PROBE_LIMIT      =  6;       // 1..
+        // N.B.  Set PROBE_LIMIT=0 to disable all fast paths.
     }
 }
--- a/src/share/classes/java/lang/invoke/CallSite.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/java/lang/invoke/CallSite.java	Fri Jan 27 16:48:41 2012 -0800
@@ -267,7 +267,7 @@
 
     /*package-private*/
     void setTargetNormal(MethodHandle newTarget) {
-        target = newTarget;
+        MethodHandleNatives.setCallSiteTargetNormal(this, newTarget);
     }
     /*package-private*/
     MethodHandle getTargetVolatile() {
@@ -275,7 +275,7 @@
     }
     /*package-private*/
     void setTargetVolatile(MethodHandle newTarget) {
-        unsafe.putObjectVolatile(this, TARGET_OFFSET, newTarget);
+        MethodHandleNatives.setCallSiteTargetVolatile(this, newTarget);
     }
 
     // this implements the upcall from the JVM, MethodHandleNatives.makeDynamicCallSite:
--- a/src/share/classes/java/lang/invoke/MethodHandleImpl.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/java/lang/invoke/MethodHandleImpl.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1258,12 +1258,4 @@
         return THROW_EXCEPTION;
     }
     static <T extends Throwable> Empty throwException(T t) throws T { throw t; }
-
-    // Linkage support:
-    static void registerBootstrap(Class<?> callerClass, MethodHandle bootstrapMethod) {
-        MethodHandleNatives.registerBootstrap(callerClass, bootstrapMethod);
-    }
-    static MethodHandle getBootstrap(Class<?> callerClass) {
-        return MethodHandleNatives.getBootstrap(callerClass);
-    }
 }
--- a/src/share/classes/java/lang/invoke/MethodHandleNatives.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/java/lang/invoke/MethodHandleNatives.java	Fri Jan 27 16:48:41 2012 -0800
@@ -61,15 +61,6 @@
     /** Initialize a method type, once per form. */
     static native void init(MethodType self);
 
-    /** Tell the JVM about a class's bootstrap method. */
-    static native void registerBootstrap(Class<?> caller, MethodHandle bootstrapMethod);
-
-    /** Ask the JVM about a class's bootstrap method. */
-    static native MethodHandle getBootstrap(Class<?> caller);
-
-    /** Tell the JVM that we need to change the target of an invokedynamic. */
-    static native void setCallSiteTarget(CallSite site, MethodHandle target);
-
     /** Fetch the vmtarget field.
      *  It will be sanitized as necessary to avoid exposing non-Java references.
      *  This routine is for debugging and reflection.
@@ -122,6 +113,12 @@
 
     static final boolean COUNT_GWT;
 
+    /// CallSite support
+
+    /** Tell the JVM that we need to change the target of a CallSite. */
+    static native void setCallSiteTargetNormal(CallSite site, MethodHandle target);
+    static native void setCallSiteTargetVolatile(CallSite site, MethodHandle target);
+
     private static native void registerNatives();
     static {
         registerNatives();
--- a/src/share/classes/java/lang/invoke/MethodHandleProxies.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/java/lang/invoke/MethodHandleProxies.java	Fri Jan 27 16:48:41 2012 -0800
@@ -27,6 +27,7 @@
 
 import java.lang.reflect.*;
 import sun.invoke.WrapperInstance;
+import java.util.ArrayList;
 
 /**
  * This class consists exclusively of static methods that help adapt
@@ -134,14 +135,19 @@
     //
     public static
     <T> T asInterfaceInstance(final Class<T> intfc, final MethodHandle target) {
-        // POC implementation only; violates the above contract several ways
-        final Method sm = getSingleMethod(intfc);
-        if (sm == null)
+        if (!intfc.isInterface() || !Modifier.isPublic(intfc.getModifiers()))
+            throw new IllegalArgumentException("not a public interface: "+intfc.getName());
+        final Method[] methods = getSingleNameMethods(intfc);
+        if (methods == null)
             throw new IllegalArgumentException("not a single-method interface: "+intfc.getName());
-        MethodType smMT = MethodType.methodType(sm.getReturnType(), sm.getParameterTypes());
-        MethodHandle checkTarget = target.asType(smMT);  // make throw WMT
-        checkTarget = checkTarget.asType(checkTarget.type().changeReturnType(Object.class));
-        final MethodHandle vaTarget = checkTarget.asSpreader(Object[].class, smMT.parameterCount());
+        final MethodHandle[] vaTargets = new MethodHandle[methods.length];
+        for (int i = 0; i < methods.length; i++) {
+            Method sm = methods[i];
+            MethodType smMT = MethodType.methodType(sm.getReturnType(), sm.getParameterTypes());
+            MethodHandle checkTarget = target.asType(smMT);  // make throw WMT
+            checkTarget = checkTarget.asType(checkTarget.type().changeReturnType(Object.class));
+            vaTargets[i] = checkTarget.asSpreader(Object[].class, smMT.parameterCount());
+        }
         return intfc.cast(Proxy.newProxyInstance(
                 intfc.getClassLoader(),
                 new Class[]{ intfc, WrapperInstance.class },
@@ -152,13 +158,15 @@
                         throw new AssertionError();
                     }
                     public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
+                        for (int i = 0; i < methods.length; i++) {
+                            if (method.equals(methods[i]))
+                                return vaTargets[i].invokeExact(args);
+                        }
                         if (method.getDeclaringClass() == WrapperInstance.class)
                             return getArg(method.getName());
-                        if (method.equals(sm))
-                            return vaTarget.invokeExact(args);
                         if (isObjectMethod(method))
                             return callObjectMethod(this, method, args);
-                        throw new InternalError();
+                        throw new InternalError("bad proxy method: "+method);
                     }
                 }));
     }
@@ -241,17 +249,20 @@
     }
 
     private static
-    Method getSingleMethod(Class<?> intfc) {
-        if (!intfc.isInterface())  return null;
-        Method sm = null;
+    Method[] getSingleNameMethods(Class<?> intfc) {
+        ArrayList<Method> methods = new ArrayList<Method>();
+        String uniqueName = null;
         for (Method m : intfc.getMethods()) {
-            int mod = m.getModifiers();
-            if (Modifier.isAbstract(mod)) {
-                if (sm != null && !isObjectMethod(sm))
-                    return null;  // too many abstract methods
-                sm = m;
-            }
+            if (isObjectMethod(m))  continue;
+            if (!Modifier.isAbstract(m.getModifiers()))  continue;
+            String mname = m.getName();
+            if (uniqueName == null)
+                uniqueName = mname;
+            else if (!uniqueName.equals(mname))
+                return null;  // too many abstract methods
+            methods.add(m);
         }
-        return sm;
+        if (uniqueName == null)  return null;
+        return methods.toArray(new Method[methods.size()]);
     }
 }
--- a/src/share/classes/java/lang/invoke/MethodHandles.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/java/lang/invoke/MethodHandles.java	Fri Jan 27 16:48:41 2012 -0800
@@ -948,10 +948,11 @@
         public MethodHandle unreflect(Method m) throws IllegalAccessException {
             MemberName method = new MemberName(m);
             assert(method.isMethod());
-            if (!m.isAccessible())  checkMethod(method.getDeclaringClass(), method, method.isStatic());
+            if (m.isAccessible())
+                return MethodHandleImpl.findMethod(method, true, /*no lookupClass*/ null);
+            checkMethod(method.getDeclaringClass(), method, method.isStatic());
             MethodHandle mh = MethodHandleImpl.findMethod(method, true, lookupClassOrNull());
-            if (!m.isAccessible())  mh = restrictProtectedReceiver(method, mh);
-            return mh;
+            return restrictProtectedReceiver(method, mh);
         }
 
         /**
@@ -1009,8 +1010,13 @@
         public MethodHandle unreflectConstructor(Constructor c) throws IllegalAccessException {
             MemberName ctor = new MemberName(c);
             assert(ctor.isConstructor());
-            if (!c.isAccessible())  checkAccess(c.getDeclaringClass(), ctor);
-            MethodHandle rawCtor = MethodHandleImpl.findMethod(ctor, false, lookupClassOrNull());
+            MethodHandle rawCtor;
+            if (c.isAccessible()) {
+                rawCtor = MethodHandleImpl.findMethod(ctor, false, /*no lookupClass*/ null);
+            } else {
+                checkAccess(c.getDeclaringClass(), ctor);
+                rawCtor = MethodHandleImpl.findMethod(ctor, false, lookupClassOrNull());
+            }
             MethodHandle allocator = MethodHandleImpl.makeAllocator(rawCtor);
             return fixVarargs(allocator, rawCtor);
         }
@@ -1225,7 +1231,7 @@
                                                 ? "expected a static field"
                                                 : "expected a non-static field", this);
             if (trusted)
-                return MethodHandleImpl.accessField(field, isSetter, lookupClassOrNull());
+                return MethodHandleImpl.accessField(field, isSetter, /*no lookupClass*/ null);
             checkAccess(refc, field);
             MethodHandle mh = MethodHandleImpl.accessField(field, isSetter, lookupClassOrNull());
             return restrictProtectedReceiver(field, mh);
--- a/src/share/classes/java/util/Calendar.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/java/util/Calendar.java	Fri Jan 27 16:48:41 2012 -0800
@@ -2705,7 +2705,7 @@
      * removed from the serialization stream; this will probably happen in the
      * near future.
      */
-    private void writeObject(ObjectOutputStream stream)
+    private synchronized void writeObject(ObjectOutputStream stream)
          throws IOException
     {
         // Try to compute the time correctly, for the future (stream
--- a/src/share/classes/javax/crypto/Cipher.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/javax/crypto/Cipher.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,8 @@
 package javax.crypto;
 
 import java.util.*;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
 import java.util.regex.*;
 
 import static java.util.Locale.ENGLISH;
@@ -390,16 +392,15 @@
             return matches(regexp, value) ? S_YES : S_NO;
         }
 
-        // Map<String,Pattern> for previously compiled patterns
-        // XXX use ConcurrentHashMap once available
-        private final static Map patternCache =
-            Collections.synchronizedMap(new HashMap());
+        // ConcurrentMap<String,Pattern> for previously compiled patterns
+        private final static ConcurrentMap<String, Pattern> patternCache =
+            new ConcurrentHashMap<String, Pattern>();
 
         private static boolean matches(String regexp, String str) {
             Pattern pattern = (Pattern)patternCache.get(regexp);
             if (pattern == null) {
                 pattern = Pattern.compile(regexp);
-                patternCache.put(regexp, pattern);
+                patternCache.putIfAbsent(regexp, pattern);
             }
             return pattern.matcher(str.toUpperCase(Locale.ENGLISH)).matches();
         }
--- a/src/share/classes/javax/swing/plaf/basic/BasicTabbedPaneUI.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/javax/swing/plaf/basic/BasicTabbedPaneUI.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1115,9 +1115,8 @@
 
     protected int getTabLabelShiftY(int tabPlacement, int tabIndex, boolean isSelected) {
         Rectangle tabRect = rects[tabIndex];
-        String propKey = (isSelected ? "selectedLabelShift" : "labelShift");
-        int nudge = DefaultLookup.getInt(
-                tabPane, this, "TabbedPane." + propKey, 1);
+        int nudge = (isSelected ? DefaultLookup.getInt(tabPane, this, "TabbedPane.selectedLabelShift", -1) :
+                DefaultLookup.getInt(tabPane, this, "TabbedPane.labelShift", 1));
 
         switch (tabPlacement) {
             case BOTTOM:
--- a/src/share/classes/sun/management/HotSpotDiagnostic.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/management/HotSpotDiagnostic.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,9 +27,13 @@
 
 import java.io.IOException;
 import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 import javax.management.ObjectName;
 
+import com.sun.management.DiagnosticCommandInfo;
+import com.sun.management.DiagnosticCommandArgumentInfo;
 import com.sun.management.HotSpotDiagnosticMXBean;
 import com.sun.management.VMOption;
 
@@ -116,7 +120,54 @@
         }
     }
 
+    public List<String> getDiagnosticCommands() {
+        String[] commands = getDiagnosticCommands0();
+        return commands == null ? Collections.<String>emptyList() :
+            Arrays.asList(commands);
+    }
+
+    public DiagnosticCommandInfo getDiagnosticCommandInfo(String command) {
+        String[] array = new String[] { command };
+        return getDiagnosticCommandInfo0(array)[0];
+    }
+
+    public List<DiagnosticCommandInfo> getDiagnosticCommandInfo() {
+        String[] commands = getDiagnosticCommands0();
+        return Arrays.asList(getDiagnosticCommandInfo0(commands));
+    }
+
+    public List<DiagnosticCommandInfo> getDiagnosticCommandInfo(
+        List<String> commands) {
+        return Arrays.asList(getDiagnosticCommandInfo0(
+            commands.toArray(new String[commands.size()])));
+    }
+
+    public String execute(String command) {
+        Util.checkControlAccess();
+        return executeDiagnosticCommand0(command);
+    }
+
+    public String execute(String cmd, String... arguments) {
+        if(cmd == null) {
+            throw new NullPointerException("Missing command name");
+        }
+        StringBuilder sb = new StringBuilder();
+        sb.append(cmd);
+        sb.append(" ");
+        for(String arg : arguments) {
+            sb.append(arg);
+            sb.append(" ");
+        }
+        return execute(sb.toString());
+    }
+
     public ObjectName getObjectName() {
         return Util.newObjectName("com.sun.management:type=HotSpotDiagnostic");
     }
+
+    private native String[] getDiagnosticCommands0();
+    private native DiagnosticCommandInfo[] getDiagnosticCommandInfo0(
+        String[] commands) throws IllegalArgumentException;
+    private native String executeDiagnosticCommand0(String command)
+        throws IllegalArgumentException;
 }
--- a/src/share/classes/sun/net/www/http/HttpClient.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/net/www/http/HttpClient.java	Fri Jan 27 16:48:41 2012 -0800
@@ -47,8 +47,6 @@
 
     private boolean inCache;
 
-    protected CookieHandler cookieHandler;
-
     // Http requests we send
     MessageHeader requests;
 
@@ -201,14 +199,6 @@
         }
         setConnectTimeout(to);
 
-        // get the cookieHandler if there is any
-        cookieHandler = java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<CookieHandler>() {
-                public CookieHandler run() {
-                    return CookieHandler.getDefault();
-                }
-            });
-
         capture = HttpCapture.getCapture(url);
         openServer();
     }
@@ -656,6 +646,7 @@
 
                 // we've finished parsing http headers
                 // check if there are any applicable cookies to set (in cache)
+                CookieHandler cookieHandler = httpuc.getCookieHandler();
                 if (cookieHandler != null) {
                     URI uri = ParseUtil.toURI(url);
                     // NOTE: That cast from Map shouldn't be necessary but
--- a/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java	Fri Jan 27 16:48:41 2012 -0800
@@ -2898,6 +2898,10 @@
         return readTimeout < 0 ? 0 : readTimeout;
     }
 
+    public CookieHandler getCookieHandler() {
+        return cookieHandler;
+    }
+
     String getMethod() {
         return method;
     }
--- a/src/share/classes/sun/net/www/protocol/https/HttpsClient.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/net/www/protocol/https/HttpsClient.java	Fri Jan 27 16:48:41 2012 -0800
@@ -36,7 +36,6 @@
 import java.net.UnknownHostException;
 import java.net.InetSocketAddress;
 import java.net.Proxy;
-import java.net.CookieHandler;
 import java.security.Principal;
 import java.security.cert.*;
 import java.util.StringTokenizer;
@@ -268,13 +267,6 @@
             port = getDefaultPort();
         }
         setConnectTimeout(connectTimeout);
-        // get the cookieHandler if there is any
-        cookieHandler = java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<CookieHandler>() {
-                public CookieHandler run() {
-                    return CookieHandler.getDefault();
-                }
-            });
         openServer();
     }
 
--- a/src/share/classes/sun/security/krb5/internal/rcache/ReplayCache.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/krb5/internal/rcache/ReplayCache.java	Fri Jan 27 16:48:41 2012 -0800
@@ -31,8 +31,6 @@
 
 package sun.security.krb5.internal.rcache;
 
-import sun.security.krb5.KrbException;
-import sun.security.krb5.Config;
 import sun.security.krb5.internal.Krb5;
 import java.util.LinkedList;
 import java.util.ListIterator;
@@ -48,10 +46,13 @@
 
     private static final long serialVersionUID = 2997933194993803994L;
 
+    // These 3 fields are now useless, keep for serialization compatibility
     private String principal;
     private CacheTable table;
     private int nap = 10 * 60 * 1000; //10 minutes break
+
     private boolean DEBUG = Krb5.DEBUG;
+
     /**
      * Constructs a ReplayCache for a client principal in specified <code>CacheTable</code>.
      * @param p client principal name.
@@ -125,20 +126,11 @@
         if (DEBUG) {
             printList();
         }
-
-        // if there are no entries in the replay cache,
-        // remove the replay cache from the table.
-        if (this.size() == 0) {
-            table.remove(principal);
-        }
-        if (DEBUG) {
-            printList();
-        }
     }
 
 
     /**
-     * Printes out the debug message.
+     * Prints out the debug message.
      */
     private void printList() {
         Object[] total = toArray();
--- a/src/share/classes/sun/security/pkcs11/P11Cipher.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/pkcs11/P11Cipher.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -870,7 +870,7 @@
     @Override
     protected int engineGetKeySize(Key key) throws InvalidKeyException {
         int n = P11SecretKeyFactory.convertKey
-                (token, key, keyAlgorithm).keyLength();
+                (token, key, keyAlgorithm).length();
         return n;
     }
 
--- a/src/share/classes/sun/security/pkcs11/P11Key.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/pkcs11/P11Key.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -46,6 +46,7 @@
 import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
 
 import sun.security.util.DerValue;
+import sun.security.util.Length;
 
 /**
  * Key implementation classes.
@@ -61,7 +62,7 @@
  * @author  Andreas Sterbenz
  * @since   1.5
  */
-abstract class P11Key implements Key {
+abstract class P11Key implements Key, Length {
 
     private final static String PUBLIC = "public";
     private final static String PRIVATE = "private";
@@ -212,7 +213,11 @@
         return s1;
     }
 
-    int keyLength() {
+    /**
+     * Return bit length of the key.
+     */
+    @Override
+    public int length() {
         return keyLength;
     }
 
--- a/src/share/classes/sun/security/pkcs11/P11RSACipher.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/pkcs11/P11RSACipher.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -216,7 +216,7 @@
         } else {
             throw new InvalidKeyException("Unknown key type: " + p11Key);
         }
-        int n = (p11Key.keyLength() + 7) >> 3;
+        int n = (p11Key.length() + 7) >> 3;
         outputSize = n;
         buffer = new byte[n];
         maxInputSize = ((padType == PAD_PKCS1 && encrypt) ?
@@ -495,7 +495,7 @@
 
     // see JCE spec
     protected int engineGetKeySize(Key key) throws InvalidKeyException {
-        int n = P11KeyFactory.convertKey(token, key, algorithm).keyLength();
+        int n = P11KeyFactory.convertKey(token, key, algorithm).length();
         return n;
     }
 }
--- a/src/share/classes/sun/security/pkcs11/P11Signature.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/pkcs11/P11Signature.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -272,7 +272,7 @@
                 if (keyAlgorithm.equals("DSA")) {
                     signature = new byte[40];
                 } else {
-                    signature = new byte[(p11Key.keyLength() + 7) >> 3];
+                    signature = new byte[(p11Key.length() + 7) >> 3];
                 }
                 if (type == T_UPDATE) {
                     token.p11.C_VerifyFinal(session.id(), signature);
@@ -357,7 +357,7 @@
         if (keyAlgorithm.equals("RSA") && publicKey != p11Key) {
             int keyLen;
             if (publicKey instanceof P11Key) {
-                keyLen = ((P11Key) publicKey).keyLength();
+                keyLen = ((P11Key) publicKey).length();
             } else {
                 keyLen = ((RSAKey) publicKey).getModulus().bitLength();
             }
@@ -618,7 +618,7 @@
 
     private byte[] pkcs1Pad(byte[] data) {
         try {
-            int len = (p11Key.keyLength() + 7) >> 3;
+            int len = (p11Key.length() + 7) >> 3;
             RSAPadding padding = RSAPadding.getInstance
                                         (RSAPadding.PAD_BLOCKTYPE_1, len);
             byte[] padded = padding.pad(data);
--- a/src/share/classes/sun/security/pkcs11/SunPKCS11.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/pkcs11/SunPKCS11.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -606,24 +606,31 @@
                 m(CKM_DES_CBC));
         d(CIP, "DES/CBC/PKCS5Padding",          P11Cipher,
                 m(CKM_DES_CBC_PAD, CKM_DES_CBC));
-        d(CIP, "DES/ECB",                       P11Cipher,      s("DES"),
+        d(CIP, "DES/ECB/NoPadding",             P11Cipher,
                 m(CKM_DES_ECB));
-
+        d(CIP, "DES/ECB/PKCS5Padding",          P11Cipher,      s("DES"),
+                m(CKM_DES_ECB));
         d(CIP, "DESede/CBC/NoPadding",          P11Cipher,
                 m(CKM_DES3_CBC));
         d(CIP, "DESede/CBC/PKCS5Padding",       P11Cipher,
                 m(CKM_DES3_CBC_PAD, CKM_DES3_CBC));
-        d(CIP, "DESede/ECB",                    P11Cipher,      s("DESede"),
+        d(CIP, "DESede/ECB/NoPadding",          P11Cipher,
+                m(CKM_DES3_ECB));
+        d(CIP, "DESede/ECB/PKCS5Padding",       P11Cipher,      s("DESede"),
                 m(CKM_DES3_ECB));
         d(CIP, "AES/CBC/NoPadding",             P11Cipher,
                 m(CKM_AES_CBC));
         d(CIP, "AES/CBC/PKCS5Padding",          P11Cipher,
                 m(CKM_AES_CBC_PAD, CKM_AES_CBC));
-        d(CIP, "AES/ECB",                       P11Cipher,      s("AES"),
+        d(CIP, "AES/ECB/NoPadding",             P11Cipher,
+                m(CKM_AES_ECB));
+        d(CIP, "AES/ECB/PKCS5Padding",          P11Cipher,      s("AES"),
                 m(CKM_AES_ECB));
         d(CIP, "AES/CTR/NoPadding",             P11Cipher,
                 m(CKM_AES_CTR));
-        d(CIP, "Blowfish/CBC",                  P11Cipher,
+        d(CIP, "Blowfish/CBC/NoPadding",        P11Cipher,
+                m(CKM_BLOWFISH_CBC));
+        d(CIP, "Blowfish/CBC/PKCS5Padding",     P11Cipher,
                 m(CKM_BLOWFISH_CBC));
 
         // XXX RSA_X_509, RSA_OAEP not yet supported
--- a/src/share/classes/sun/security/ssl/ClientHandshaker.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/ssl/ClientHandshaker.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -957,7 +957,8 @@
                 if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
                     preferableSignatureAlgorithm =
                         SignatureAndHashAlgorithm.getPreferableAlgorithm(
-                            peerSupportedSignAlgs, signingKey.getAlgorithm());
+                            peerSupportedSignAlgs, signingKey.getAlgorithm(),
+                            signingKey);
 
                     if (preferableSignatureAlgorithm == null) {
                         throw new SSLHandshakeException(
--- a/src/share/classes/sun/security/ssl/EngineArgs.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/ssl/EngineArgs.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,7 +25,6 @@
 
 package sun.security.ssl;
 
-import javax.net.ssl.*;
 import java.nio.*;
 
 /*
@@ -157,6 +156,7 @@
             int amount = Math.min(appData[i].remaining(), spaceLeft);
             appData[i].limit(appData[i].position() + amount);
             netData.put(appData[i]);
+            appRemaining -= amount;
             spaceLeft -= amount;
         }
     }
@@ -209,10 +209,16 @@
     /*
      * In the case of Exception, we want to reset the positions
      * to appear as though no data has been consumed or produced.
+     *
+     * Currently, this method is only called as we are preparing to
+     * fail out, and thus we don't need to actually recalculate
+     * appRemaining.  If that assumption changes, that variable should
+     * be updated here.
      */
     void resetPos() {
         netData.position(netPos);
         for (int i = offset; i < offset + len; i++) {
+            // See comment above about recalculating appRemaining.
             appData[i].position(appPoss[i]);
         }
     }
--- a/src/share/classes/sun/security/ssl/SSLEngineImpl.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/ssl/SSLEngineImpl.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1172,7 +1172,7 @@
             ea.resetPos();
 
             fatal(Alerts.alert_internal_error,
-                "problem unwrapping net record", e);
+                "problem wrapping app data", e);
             return null;  // make compiler happy
         } finally {
             /*
--- a/src/share/classes/sun/security/ssl/ServerHandshaker.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/ssl/ServerHandshaker.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1024,37 +1024,39 @@
             }
             break;
         case K_DHE_RSA:
+            // need RSA certs for authentication
+            if (setupPrivateKeyAndChain("RSA") == false) {
+                return false;
+            }
+
             // get preferable peer signature algorithm for server key exchange
             if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
                 preferableSignatureAlgorithm =
                     SignatureAndHashAlgorithm.getPreferableAlgorithm(
-                                                supportedSignAlgs, "RSA");
+                                        supportedSignAlgs, "RSA", privateKey);
                 if (preferableSignatureAlgorithm == null) {
                     return false;
                 }
             }
 
+            setupEphemeralDHKeys(suite.exportable);
+            break;
+        case K_ECDHE_RSA:
             // need RSA certs for authentication
             if (setupPrivateKeyAndChain("RSA") == false) {
                 return false;
             }
-            setupEphemeralDHKeys(suite.exportable);
-            break;
-        case K_ECDHE_RSA:
+
             // get preferable peer signature algorithm for server key exchange
             if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
                 preferableSignatureAlgorithm =
                     SignatureAndHashAlgorithm.getPreferableAlgorithm(
-                                                supportedSignAlgs, "RSA");
+                                        supportedSignAlgs, "RSA", privateKey);
                 if (preferableSignatureAlgorithm == null) {
                     return false;
                 }
             }
 
-            // need RSA certs for authentication
-            if (setupPrivateKeyAndChain("RSA") == false) {
-                return false;
-            }
             if (setupEphemeralECDHKeys() == false) {
                 return false;
             }
--- a/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,6 +27,7 @@
 
 import java.security.AlgorithmConstraints;
 import java.security.CryptoPrimitive;
+import java.security.PrivateKey;
 
 import java.util.Set;
 import java.util.HashSet;
@@ -37,6 +38,8 @@
 import java.util.Collections;
 import java.util.ArrayList;
 
+import sun.security.util.KeyLength;
+
 /**
  * Signature and hash algorithm.
  *
@@ -231,6 +234,14 @@
     static SignatureAndHashAlgorithm getPreferableAlgorithm(
         Collection<SignatureAndHashAlgorithm> algorithms, String expected) {
 
+        return SignatureAndHashAlgorithm.getPreferableAlgorithm(
+                algorithms, expected, null);
+    }
+
+    static SignatureAndHashAlgorithm getPreferableAlgorithm(
+        Collection<SignatureAndHashAlgorithm> algorithms,
+        String expected, PrivateKey signingKey) {
+
         if (expected == null && !algorithms.isEmpty()) {
             for (SignatureAndHashAlgorithm sigAlg : algorithms) {
                 if (sigAlg.priority <= SUPPORTED_ALG_PRIORITY_MAX_NUM) {
@@ -241,17 +252,58 @@
             return null;  // no supported algorithm
         }
 
+        if (expected == null ) {
+            return null;  // no expected algorithm, no supported algorithm
+        }
+
+        /*
+         * Need to check RSA key length to match the length of hash value
+         */
+        int maxDigestLength = Integer.MAX_VALUE;
+        if (signingKey != null &&
+                "rsa".equalsIgnoreCase(signingKey.getAlgorithm()) &&
+                expected.equalsIgnoreCase("rsa")) {
+            /*
+             * RSA keys of 512 bits have been shown to be practically
+             * breakable, it does not make much sense to use the strong
+             * hash algorithm for keys whose key size less than 512 bits.
+             * So it is not necessary to caculate the required max digest
+             * length exactly.
+             *
+             * If key size is greater than or equals to 768, there is no max
+             * digest length limitation in currect implementation.
+             *
+             * If key size is greater than or equals to 512, but less than
+             * 768, the digest length should be less than or equal to 32 bytes.
+             *
+             * If key size is less than 512, the  digest length should be
+             * less than or equal to 20 bytes.
+             */
+            int keySize = KeyLength.getKeySize(signingKey);
+            if (keySize >= 768) {
+                maxDigestLength = HashAlgorithm.SHA512.length;
+            } else if ((keySize >= 512) && (keySize < 768)) {
+                maxDigestLength = HashAlgorithm.SHA256.length;
+            } else if ((keySize > 0) && (keySize < 512)) {
+                maxDigestLength = HashAlgorithm.SHA1.length;
+            }   // Otherwise, cannot determine the key size, prefer the most
+                // perferable hash algorithm.
+        }
 
         for (SignatureAndHashAlgorithm algorithm : algorithms) {
             int signValue = algorithm.id & 0xFF;
-            if ((expected.equalsIgnoreCase("dsa") &&
-                    signValue == SignatureAlgorithm.DSA.value) ||
-                (expected.equalsIgnoreCase("rsa") &&
-                    signValue == SignatureAlgorithm.RSA.value) ||
-                (expected.equalsIgnoreCase("ecdsa") &&
-                    signValue == SignatureAlgorithm.ECDSA.value) ||
-                (expected.equalsIgnoreCase("ec") &&
-                    signValue == SignatureAlgorithm.ECDSA.value)) {
+            if (expected.equalsIgnoreCase("rsa") &&
+                    signValue == SignatureAlgorithm.RSA.value) {
+                if (algorithm.hash.length <= maxDigestLength) {
+                    return algorithm;
+                }
+            } else if (
+                    (expected.equalsIgnoreCase("dsa") &&
+                        signValue == SignatureAlgorithm.DSA.value) ||
+                    (expected.equalsIgnoreCase("ecdsa") &&
+                        signValue == SignatureAlgorithm.ECDSA.value) ||
+                    (expected.equalsIgnoreCase("ec") &&
+                        signValue == SignatureAlgorithm.ECDSA.value)) {
                 return algorithm;
             }
         }
@@ -260,25 +312,28 @@
     }
 
     static enum HashAlgorithm {
-        UNDEFINED("undefined",        "", -1),
-        NONE(          "none",    "NONE",  0),
-        MD5(            "md5",     "MD5",  1),
-        SHA1(          "sha1",   "SHA-1",  2),
-        SHA224(      "sha224", "SHA-224",  3),
-        SHA256(      "sha256", "SHA-256",  4),
-        SHA384(      "sha384", "SHA-384",  5),
-        SHA512(      "sha512", "SHA-512",  6);
+        UNDEFINED("undefined",        "", -1, -1),
+        NONE(          "none",    "NONE",  0, -1),
+        MD5(            "md5",     "MD5",  1, 16),
+        SHA1(          "sha1",   "SHA-1",  2, 20),
+        SHA224(      "sha224", "SHA-224",  3, 28),
+        SHA256(      "sha256", "SHA-256",  4, 32),
+        SHA384(      "sha384", "SHA-384",  5, 48),
+        SHA512(      "sha512", "SHA-512",  6, 64);
 
         final String name;  // not the standard signature algorithm name
                             // except the UNDEFINED, other names are defined
                             // by TLS 1.2 protocol
         final String standardName; // the standard MessageDigest algorithm name
         final int value;
+        final int length;   // digest length in bytes, -1 means not applicable
 
-        private HashAlgorithm(String name, String standardName, int value) {
+        private HashAlgorithm(String name, String standardName,
+                int value, int length) {
             this.name = name;
             this.standardName = standardName;
             this.value = value;
+            this.length = length;
         }
 
         static HashAlgorithm valueOf(int value) {
--- a/src/share/classes/sun/security/util/DisabledAlgorithmConstraints.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/security/util/DisabledAlgorithmConstraints.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,11 +33,6 @@
 import java.security.Security;
 import java.security.PrivilegedAction;
 import java.security.AccessController;
-import java.security.interfaces.ECKey;
-import java.security.interfaces.RSAKey;
-import java.security.interfaces.DSAKey;
-import javax.crypto.SecretKey;
-import javax.crypto.interfaces.DHKey;
 
 import java.util.Locale;
 import java.util.Set;
@@ -443,40 +438,15 @@
 
         // Does this key constraint disable the specified key?
         public boolean disables(Key key) {
-            int size = -1;
-
-            // it is a SecretKey
-            if (key instanceof SecretKey) {
-                SecretKey sk = (SecretKey)key;
-                if (sk.getFormat().equals("RAW") && sk.getEncoded() != null) {
-                    size = sk.getEncoded().length * 8;
-
-                }
-            }
-
-            // it is an asymmetric key
-            if (key instanceof RSAKey) {
-                RSAKey pubk = (RSAKey)key;
-                size = pubk.getModulus().bitLength();
-            } else if (key instanceof ECKey) {
-                ECKey pubk = (ECKey)key;
-                size = pubk.getParams().getOrder().bitLength();
-            } else if (key instanceof DSAKey) {
-                DSAKey pubk = (DSAKey)key;
-                size = pubk.getParams().getP().bitLength();
-            } else if (key instanceof DHKey) {
-                DHKey pubk = (DHKey)key;
-                size = pubk.getParams().getP().bitLength();
-            } // else, it is not a key we know.
+            int size = KeyLength.getKeySize(key);
 
             if (size == 0) {
                 return true;    // we don't allow any key of size 0.
-            }
-
-            if (size >= 0) {
+            } else if (size > 0) {
                 return ((size < minSize) || (size > maxSize) ||
                     (prohibitedSize == size));
-            }
+            }   // Otherwise, the key size is not accessible. Conservatively,
+                // please don't disable such keys.
 
             return false;
         }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/security/util/KeyLength.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.util;
+
+import java.security.Key;
+import java.security.PrivilegedAction;
+import java.security.AccessController;
+import java.security.interfaces.ECKey;
+import java.security.interfaces.RSAKey;
+import java.security.interfaces.DSAKey;
+import javax.crypto.SecretKey;
+import javax.crypto.interfaces.DHKey;
+
+/**
+ * A utility class to get key length
+ */
+public final class KeyLength {
+
+    /**
+     * Returns the key size of the given key object in bits.
+     *
+     * @param key the key object, cannot be null
+     * @return the key size of the given key object in bits, or -1 if the
+     *       key size is not accessible
+     */
+    final public static int getKeySize(Key key) {
+        int size = -1;
+
+        if (key instanceof Length) {
+            try {
+                Length ruler = (Length)key;
+                size = ruler.length();
+            } catch (UnsupportedOperationException usoe) {
+                // ignore the exception
+            }
+
+            if (size >= 0) {
+                return size;
+            }
+        }
+
+        // try to parse the length from key specification
+        if (key instanceof SecretKey) {
+            SecretKey sk = (SecretKey)key;
+            String format = sk.getFormat();
+            if ("RAW".equals(format) && sk.getEncoded() != null) {
+                size = (sk.getEncoded().length * 8);
+            }   // Otherwise, it may be a unextractable key of PKCS#11, or
+                // a key we are not able to handle.
+        } else if (key instanceof RSAKey) {
+            RSAKey pubk = (RSAKey)key;
+            size = pubk.getModulus().bitLength();
+        } else if (key instanceof ECKey) {
+            ECKey pubk = (ECKey)key;
+            size = pubk.getParams().getOrder().bitLength();
+        } else if (key instanceof DSAKey) {
+            DSAKey pubk = (DSAKey)key;
+            size = pubk.getParams().getP().bitLength();
+        } else if (key instanceof DHKey) {
+            DHKey pubk = (DHKey)key;
+            size = pubk.getParams().getP().bitLength();
+        }   // Otherwise, it may be a unextractable key of PKCS#11, or
+            // a key we are not able to handle.
+
+        return size;
+    }
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/security/util/Length.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.util;
+
+/**
+ * The Length interface defines the length of an object
+ */
+public interface Length {
+
+    /**
+     * Gets the length of this object
+     * <p>
+     * Note that if a class of java.security.Key implements this interfaces,
+     * the length should be measured in bits.
+     *
+     * @return the length of this object
+     * @throws UnsupportedOperationException if the operation is not supported
+     */
+    public int length();
+}
--- a/src/share/classes/sun/tools/attach/HotSpotVirtualMachine.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/classes/sun/tools/attach/HotSpotVirtualMachine.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -195,6 +195,10 @@
         return executeCommand("printflag", name);
     }
 
+    public InputStream executeJCmd(String command) throws IOException {
+        return executeCommand("jcmd", command);
+    }
+
     // -- Supporting methods
 
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/tools/jcmd/Arguments.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,129 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.tools.jcmd;
+
+import java.io.BufferedReader;
+import java.io.FileReader;
+import java.io.IOException;
+
+class Arguments {
+    private boolean listProcesses = false;
+    private boolean listCounters  = false;
+    private boolean showUsage     = false;
+    private int     pid           = -1;
+    private String  command       = null;
+    private String  processSubstring;
+
+    public boolean isListProcesses() { return listProcesses; }
+    public boolean isListCounters() { return listCounters; }
+    public boolean isShowUsage() { return showUsage; }
+    public int getPid() { return pid; }
+    public String getCommand() { return command; }
+    public String getProcessSubstring() { return processSubstring; }
+
+    public Arguments(String[] args) {
+        if (args.length == 0 || args[0].equals("-l")) {
+            listProcesses = true;
+            return;
+        }
+
+        if (args[0].equals("-h") || args[0].equals("-help") ) {
+            showUsage = true;
+            return;
+        }
+
+        try {
+            pid = Integer.parseInt(args[0]);
+        } catch (NumberFormatException ex) {
+            // use as a partial class-name instead
+            if (args[0].charAt(0) != '-') {
+                // unless it starts with a '-'
+                processSubstring = args[0];
+            }
+        }
+
+        StringBuilder sb = new StringBuilder();
+        for (int i = 1; i < args.length; i++) {
+            if (args[i].equals("-f")) {
+                if (args.length == i + 1) {
+                    throw new IllegalArgumentException(
+                        "No file specified for parameter -f");
+                } else if (args.length == i + 2) {
+                    try {
+                        readCommandFile(args[i + 1]);
+                    } catch(IOException e) {
+                        throw new IllegalArgumentException(
+                            "Could not read from file specified with -f option: "
+                            + args[i + 1]);
+                    }
+                    return;
+                } else {
+                    throw new IllegalArgumentException(
+                        "Options after -f are not allowed");
+                }
+            } else if (args[i].equals("PerfCounter.print")) {
+                listCounters = true;
+            } else {
+                sb.append(args[i]).append(" ");
+            }
+        }
+
+        if (listCounters != true && sb.length() == 0) {
+            throw new IllegalArgumentException("No command specified");
+        }
+
+        command = sb.toString().trim();
+    }
+
+    private void readCommandFile(String path) throws IOException {
+        try (BufferedReader bf = new BufferedReader(new FileReader(path));) {
+                StringBuilder sb = new StringBuilder();
+                String s;
+                while ((s = bf.readLine()) != null) {
+                    sb.append(s).append("\n");
+                }
+                command = sb.toString();
+            }
+    }
+
+    public static void usage() {
+        System.out.println("Usage: jcmd <pid | main class> <command ...|PerfCounter.print|-f file>");
+        System.out.println("   or: jcmd -l                                                    ");
+        System.out.println("   or: jcmd -h                                                    ");
+        System.out.println("                                                                  ");
+        System.out.println("  command must be a valid jcmd command for the selected jvm.      ");
+        System.out.println("  Use the command \"help\" to see which commands are available.   ");
+        System.out.println("  If the pid is 0, commands will be sent to all Java processes.   ");
+        System.out.println("  The main class argument will be used to match (either partially ");
+        System.out.println("  or fully) the class used to start Java.                         ");
+        System.out.println("  If no options are given, lists Java processes (same as -p).     ");
+        System.out.println("                                                                  ");
+        System.out.println("  PerfCounter.print display the counters exposed by this process  ");
+        System.out.println("  -f  read and execute commands from the file                     ");
+        System.out.println("  -l  list JVM processes on the local machine                     ");
+        System.out.println("  -h  this help                                                   ");
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/tools/jcmd/JCmd.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,226 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *com.sun.tools.attach.AttachNotSupportedException
+
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.tools.jcmd;
+
+import java.io.InputStream;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Comparator;
+import java.net.URISyntaxException;
+
+import com.sun.tools.attach.VirtualMachine;
+import com.sun.tools.attach.VirtualMachineDescriptor;
+import com.sun.tools.attach.AgentLoadException;
+import com.sun.tools.attach.AttachNotSupportedException;
+import sun.tools.attach.HotSpotVirtualMachine;
+import sun.tools.jstat.JStatLogger;
+import sun.jvmstat.monitor.Monitor;
+import sun.jvmstat.monitor.MonitoredHost;
+import sun.jvmstat.monitor.MonitoredVm;
+import sun.jvmstat.monitor.MonitoredVmUtil;
+import sun.jvmstat.monitor.MonitorException;
+import sun.jvmstat.monitor.VmIdentifier;
+
+public class JCmd {
+    public static void main(String[] args) {
+        Arguments arg = null;
+        try {
+            arg = new Arguments(args);
+        } catch (IllegalArgumentException ex) {
+            System.err.println("Error parsing arguments: " + ex.getMessage()
+                               + "\n");
+            Arguments.usage();
+            System.exit(1);
+        }
+
+        if (arg.isShowUsage()) {
+            Arguments.usage();
+            System.exit(1);
+        }
+
+        if (arg.isListProcesses()) {
+            List<VirtualMachineDescriptor> vmds = VirtualMachine.list();
+            for (VirtualMachineDescriptor vmd : vmds) {
+                System.out.println(vmd.id() + " " + vmd.displayName());
+            }
+            System.exit(0);
+        }
+
+        List<String> pids = new ArrayList<String>();
+        if (arg.getPid() == 0) {
+            // find all VMs
+            List<VirtualMachineDescriptor> vmds = VirtualMachine.list();
+            for (VirtualMachineDescriptor vmd : vmds) {
+                if (!isJCmdProcess(vmd)) {
+                    pids.add(vmd.id());
+                }
+            }
+        } else if (arg.getProcessSubstring() != null) {
+            // use the partial class-name match
+            List<VirtualMachineDescriptor> vmds = VirtualMachine.list();
+            for (VirtualMachineDescriptor vmd : vmds) {
+                if (isJCmdProcess(vmd)) {
+                    continue;
+                }
+                try {
+                    String mainClass = getMainClass(vmd);
+                    if (mainClass != null
+                        && mainClass.indexOf(arg.getProcessSubstring()) != -1) {
+                            pids.add(vmd.id());
+                    }
+                } catch (MonitorException|URISyntaxException e) {
+                    if (e.getMessage() != null) {
+                        System.err.println(e.getMessage());
+                    } else {
+                        Throwable cause = e.getCause();
+                        if ((cause != null) && (cause.getMessage() != null)) {
+                            System.err.println(cause.getMessage());
+                        } else {
+                            e.printStackTrace();
+                        }
+                    }
+                }
+            }
+            if (pids.isEmpty()) {
+                System.err.println("Could not find any processes matching : '"
+                                   + arg.getProcessSubstring() + "'");
+                System.exit(1);
+            }
+        } else if (arg.getPid() == -1) {
+            System.err.println("Invalid pid specified");
+            System.exit(1);
+        } else {
+            // Use the found pid
+            pids.add(arg.getPid() + "");
+        }
+
+        for (String pid : pids) {
+            System.out.println(pid + ":");
+            if (arg.isListCounters()) {
+                listCounters(pid);
+            } else {
+                try {
+                    executeCommandForPid(pid, arg.getCommand());
+                } catch(Exception ex) {
+                    ex.printStackTrace();
+                }
+            }
+        }
+    }
+
+    private static void executeCommandForPid(String pid, String command)
+        throws AttachNotSupportedException, IOException,
+               UnsupportedEncodingException {
+        VirtualMachine vm = VirtualMachine.attach(pid);
+
+        // Cast to HotSpotVirtualMachine as this is an
+        // implementation specific method.
+        HotSpotVirtualMachine hvm = (HotSpotVirtualMachine) vm;
+        try (InputStream in = hvm.executeJCmd(command);) {
+            // read to EOF and just print output
+            byte b[] = new byte[256];
+            int n;
+            do {
+                n = in.read(b);
+                if (n > 0) {
+                    String s = new String(b, 0, n, "UTF-8");
+                    System.out.print(s);
+                }
+            } while (n > 0);
+        }
+        vm.detach();
+    }
+
+    private static void listCounters(String pid) {
+        // Code from JStat (can't call it directly since it does System.exit)
+        VmIdentifier vmId = null;
+        try {
+            vmId = new VmIdentifier(pid);
+        } catch (URISyntaxException e) {
+            System.err.println("Malformed VM Identifier: " + pid);
+            return;
+        }
+        try {
+            MonitoredHost monitoredHost = MonitoredHost.getMonitoredHost(vmId);
+            MonitoredVm monitoredVm = monitoredHost.getMonitoredVm(vmId, -1);
+            JStatLogger logger = new JStatLogger(monitoredVm);
+            logger.printSnapShot("\\w*", // all names
+                    new AscendingMonitorComparator(), // comparator
+                    false, // not verbose
+                    true, // show unsupported
+                    System.out);
+            monitoredHost.detach(monitoredVm);
+        } catch (MonitorException ex) {
+            ex.printStackTrace();
+        }
+    }
+
+    private static boolean isJCmdProcess(VirtualMachineDescriptor vmd) {
+        try {
+            String mainClass = getMainClass(vmd);
+            return mainClass != null && mainClass.equals(JCmd.class.getName());
+        } catch (URISyntaxException|MonitorException ex) {
+            return false;
+        }
+    }
+
+    private static String getMainClass(VirtualMachineDescriptor vmd)
+            throws URISyntaxException, MonitorException {
+        try {
+            String mainClass = null;
+            VmIdentifier vmId = new VmIdentifier(vmd.id());
+            MonitoredHost monitoredHost = MonitoredHost.getMonitoredHost(vmId);
+            MonitoredVm monitoredVm = monitoredHost.getMonitoredVm(vmId, -1);
+            mainClass = MonitoredVmUtil.mainClass(monitoredVm, true);
+            monitoredHost.detach(monitoredVm);
+            return mainClass;
+        } catch(NullPointerException e) {
+            // There is a potential race, where a running java app is being
+            // queried, unfortunately the java app has shutdown after this
+            // method is started but before getMonitoredVM is called.
+            // If this is the case, then the /tmp/hsperfdata_xxx/pid file
+            // will have disappeared and we will get a NullPointerException.
+            // Handle this gracefully....
+            return null;
+        }
+    }
+
+    /**
+     * Class to compare two Monitor objects by name in ascending order.
+     * (from jstat)
+     */
+    static class AscendingMonitorComparator implements Comparator<Monitor> {
+
+        public int compare(Monitor m1, Monitor m2) {
+            String name1 = m1.getName();
+            String name2 = m2.getName();
+            return name1.compareTo(name2);
+        }
+    }
+}
--- a/src/share/javavm/export/jmm.h	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/javavm/export/jmm.h	Fri Jan 27 16:48:41 2012 -0800
@@ -48,7 +48,8 @@
   JMM_VERSION_1_0 = 0x20010000,
   JMM_VERSION_1_1 = 0x20010100, // JDK 6
   JMM_VERSION_1_2 = 0x20010200, // JDK 7
-  JMM_VERSION     = 0x20010201
+  JMM_VERSION_1_2_1 = 0x20010201, // JDK 7 GA
+  JMM_VERSION     = 0x20010202
 };
 
 typedef struct {
@@ -188,6 +189,24 @@
                                                /* -1 indicates gc_ext_attribute_values is not big enough */
 } jmmGCStat;
 
+typedef struct {
+  const char* name;
+  const char* description;
+  const char* impact;
+  int         num_arguments;
+  jboolean    enabled;
+} dcmdInfo;
+
+typedef struct {
+  const char* name;
+  const char* description;
+  const char* type;
+  const char* default_string;
+  jboolean    mandatory;
+  jboolean    option;
+  int         position;
+} dcmdArgInfo;
+
 typedef struct jmmInterface_1_ {
   void*        reserved1;
   void*        reserved2;
@@ -293,9 +312,21 @@
                                                   jlongArray ids,
                                                   jboolean lockedMonitors,
                                                   jboolean lockedSynchronizers);
-   void         (JNICALL *SetGCNotificationEnabled) (JNIEnv *env,
-                                                  jobject mgr,
-                                                  jboolean enabled);
+  void         (JNICALL *SetGCNotificationEnabled) (JNIEnv *env,
+                                                    jobject mgr,
+                                                    jboolean enabled);
+  jobjectArray (JNICALL *GetDiagnosticCommands)  (JNIEnv *env);
+  void         (JNICALL *GetDiagnosticCommandInfo)
+                                                 (JNIEnv *env,
+                                                  jobjectArray cmds,
+                                                  dcmdInfo *infoArray);
+  void         (JNICALL *GetDiagnosticCommandArgumentsInfo)
+                                                 (JNIEnv *env,
+                                                  jstring commandName,
+                                                  dcmdArgInfo *infoArray);
+  jstring      (JNICALL *ExecuteDiagnosticCommand)
+                                                 (JNIEnv *env,
+                                                  jstring command);
 } JmmInterface;
 
 #ifdef __cplusplus
--- a/src/share/lib/security/java.security-solaris	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/lib/security/java.security-solaris	Fri Jan 27 16:48:41 2012 -0800
@@ -43,16 +43,17 @@
 #
 # List of providers and their preference orders (see above):
 #
-security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/sunpkcs11-solaris.cfg
-security.provider.2=sun.security.provider.Sun
-security.provider.3=sun.security.rsa.SunRsaSign
-security.provider.4=sun.security.ec.SunEC
-security.provider.5=com.sun.net.ssl.internal.ssl.Provider
-security.provider.6=com.sun.crypto.provider.SunJCE
-security.provider.7=sun.security.jgss.SunProvider
-security.provider.8=com.sun.security.sasl.Provider
-security.provider.9=org.jcp.xml.dsig.internal.dom.XMLDSigRI
-security.provider.10=sun.security.smartcardio.SunPCSC
+security.provider.1=com.oracle.security.ucrypto.UcryptoProvider ${java.home}/lib/security/ucrypto-solaris.cfg
+security.provider.2=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/sunpkcs11-solaris.cfg
+security.provider.3=sun.security.provider.Sun
+security.provider.4=sun.security.rsa.SunRsaSign
+security.provider.5=sun.security.ec.SunEC
+security.provider.6=com.sun.net.ssl.internal.ssl.Provider
+security.provider.7=com.sun.crypto.provider.SunJCE
+security.provider.8=sun.security.jgss.SunProvider
+security.provider.9=com.sun.security.sasl.Provider
+security.provider.10=org.jcp.xml.dsig.internal.dom.XMLDSigRI
+security.provider.11=sun.security.smartcardio.SunPCSC
 
 #
 # Select the source of seed data for SecureRandom. By default an
--- a/src/share/native/sun/management/HotSpotDiagnostic.c	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/share/native/sun/management/HotSpotDiagnostic.c	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,3 +34,141 @@
 {
     jmm_interface->DumpHeap0(env, outputfile, live);
 }
+
+JNIEXPORT jobjectArray JNICALL
+Java_sun_management_HotSpotDiagnostic_getDiagnosticCommands0
+  (JNIEnv *env, jobject dummy)
+{
+  if ((jmm_version > JMM_VERSION_1_2_1)
+      || (jmm_version == JMM_VERSION_1_2 && ((jmm_version&0xFF)>=2))) {
+    return jmm_interface->GetDiagnosticCommands(env);
+  }
+  JNU_ThrowByName(env, "java/lang/UnsupportedOperationException",
+                  "Diagnostic commands are not supported by this VM");
+}
+
+jobject getDiagnosticCommandArgumentInfoArray(JNIEnv *env, jstring command,
+                                              int num_arg) {
+  int i;
+  jobject obj;
+  jobjectArray result;
+  dcmdArgInfo* dcmd_arg_info_array;
+  jclass dcmdArgInfoCls;
+  jclass arraysCls;
+  jmethodID mid;
+  jobject resultList;
+
+  dcmd_arg_info_array = (dcmdArgInfo*) malloc(num_arg * sizeof(dcmdArgInfo));
+  if (dcmd_arg_info_array == NULL) {
+    return NULL;
+  }
+  jmm_interface->GetDiagnosticCommandArgumentsInfo(env, command,
+                                                   dcmd_arg_info_array);
+  dcmdArgInfoCls = (*env)->FindClass(env,
+                                     "com/sun/management/DiagnosticCommandArgumentInfo");
+  result = (*env)->NewObjectArray(env, num_arg, dcmdArgInfoCls, NULL);
+  if (result == NULL) {
+    free(dcmd_arg_info_array);
+    return NULL;
+  }
+  for (i=0; i<num_arg; i++) {
+    obj = JNU_NewObjectByName(env,
+                              "com/sun/management/DiagnosticCommandArgumentInfo",
+                              "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;ZZI)V",
+                              (*env)->NewStringUTF(env,dcmd_arg_info_array[i].name),
+                              (*env)->NewStringUTF(env,dcmd_arg_info_array[i].description),
+                              (*env)->NewStringUTF(env,dcmd_arg_info_array[i].type),
+                              dcmd_arg_info_array[i].default_string == NULL ? NULL:
+                              (*env)->NewStringUTF(env, dcmd_arg_info_array[i].default_string),
+                              dcmd_arg_info_array[i].mandatory,
+                              dcmd_arg_info_array[i].option,
+                              dcmd_arg_info_array[i].position);
+    if (obj == NULL) {
+      free(dcmd_arg_info_array);
+      return NULL;
+    }
+    (*env)->SetObjectArrayElement(env, result, i, obj);
+  }
+  free(dcmd_arg_info_array);
+  arraysCls = (*env)->FindClass(env, "java/util/Arrays");
+  mid = (*env)->GetStaticMethodID(env, arraysCls,
+                                  "asList", "([Ljava/lang/Object;)Ljava/util/List;");
+  resultList = (*env)->CallStaticObjectMethod(env, arraysCls, mid, result);
+  return resultList;
+}
+
+/* Throws IllegalArgumentException if at least one the diagnostic command
+ * passed in argument is not supported by the JVM
+ */
+JNIEXPORT jobjectArray JNICALL
+Java_sun_management_HotSpotDiagnostic_getDiagnosticCommandInfo0
+(JNIEnv *env, jobject dummy, jobjectArray commands)
+{
+  int i;
+  jclass dcmdInfoCls;
+  jobject result;
+  jobjectArray args;
+  jobject obj;
+
+  if (commands == NULL) {
+    JNU_ThrowNullPointerException(env, "Invalid String Array");
+    return NULL;
+  }
+  if ((jmm_version > JMM_VERSION_1_2_1)
+      || (jmm_version == JMM_VERSION_1_2 && ((jmm_version&0xFF)>=2))) {
+    jsize num_commands = (*env)->GetArrayLength(env, commands);
+    dcmdInfo* dcmd_info_array = (dcmdInfo*) malloc(num_commands *
+                                                   sizeof(dcmdInfo));
+    if (dcmd_info_array == NULL) {
+      JNU_ThrowOutOfMemoryError(env, NULL);
+    }
+    jmm_interface->GetDiagnosticCommandInfo(env, commands, dcmd_info_array);
+    dcmdInfoCls = (*env)->FindClass(env,
+                                    "com/sun/management/DiagnosticCommandInfo");
+    result = (*env)->NewObjectArray(env, num_commands, dcmdInfoCls, NULL);
+    if (result == NULL) {
+      free(dcmd_info_array);
+      JNU_ThrowOutOfMemoryError(env, 0);
+    }
+    for (i=0; i<num_commands; i++) {
+      args = getDiagnosticCommandArgumentInfoArray(env,
+                                                   (*env)->GetObjectArrayElement(env,commands,i),
+                                                   dcmd_info_array[i].num_arguments);
+      if (args == NULL) {
+        free(dcmd_info_array);
+        JNU_ThrowOutOfMemoryError(env, 0);
+      }
+      obj = JNU_NewObjectByName(env,
+                                "com/sun/management/DiagnosticCommandInfo",
+                                "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;ZLjava/util/List;)V",
+                                (*env)->NewStringUTF(env,dcmd_info_array[i].name),
+                                (*env)->NewStringUTF(env,dcmd_info_array[i].description),
+                                (*env)->NewStringUTF(env,dcmd_info_array[i].impact),
+                                dcmd_info_array[i].enabled,
+                                args);
+      if (obj == NULL) {
+        free(dcmd_info_array);
+        JNU_ThrowOutOfMemoryError(env, 0);
+      }
+      (*env)->SetObjectArrayElement(env, result, i, obj);
+    }
+    free(dcmd_info_array);
+    return result;
+  }
+  JNU_ThrowByName(env, "java/lang/UnsupportedOperationException",
+                  "Diagnostic commands are not supported by this VM");
+}
+
+/* Throws IllegalArgumentException if the diagnostic command
+ * passed in argument is not supported by the JVM
+ */
+JNIEXPORT jstring JNICALL
+Java_sun_management_HotSpotDiagnostic_executeDiagnosticCommand0
+(JNIEnv *env, jobject dummy, jstring command) {
+  if((jmm_version > JMM_VERSION_1_2_1 )
+     || (jmm_version == JMM_VERSION_1_2 && ((jmm_version&0xFF)>=2))) {
+    return jmm_interface->ExecuteDiagnosticCommand(env, command);
+  }
+  JNU_ThrowByName(env, "java/lang/UnsupportedOperationException",
+                  "Diagnostic commands are not supported by this VM");
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/solaris/doc/sun/man/man1/jcmd.1	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,124 @@
+." Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+." DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+."
+." This code is free software; you can redistribute it and/or modify it
+." under the terms of the GNU General Public License version 2 only, as
+." published by the Free Software Foundation.
+."
+." This code is distributed in the hope that it will be useful, but WITHOUT
+." ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+." FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+." version 2 for more details (a copy is included in the LICENSE file that
+." accompanied this code).
+."
+." You should have received a copy of the GNU General Public License version
+." 2 along with this work; if not, write to the Free Software Foundation,
+." Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+."
+." Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+." or visit www.oracle.com if you need additional information or have any
+." questions.
+."
+.TH jcmd 1 "22 Novembre 2011"
+
+.LP
+.SH "Name"
+jcmd \- Diagnostic Command
+.br
+
+.LP
+.SH "SYNOPSIS"
+.LP
+.nf
+\f3
+.fl
+\fP\f3jcmd\fP [ option ]
+.fl
+\f3jcmd\fP <\fIpid\fR | \fImain class\fR> PerfCounter.print
+.fl
+\f3jcmd\fP <\fIpid\fR | \fImain class\fR> \fIcommand\fR [\fIarguments\fR]
+.fl
+\f3jcmd\fP <\fIpid\fR | \fImain class\fR> -f \fIfile\fR
+.fl
+.fl
+.fi
+
+.LP
+.SH "DESCRIPTION"
+.LP
+.LP
+\f3jcmd\fP is a utility to send diagnostic command requests to a Java 
+Virtual Machine supporting this feature. Used without arguments or with the \-l option, jcmd prints the list of running Java processes with their process id, their main class and their command line arguments. When a process id is specified on the command line, jcmd sends the diagnostic command request to the process with this id. When a main class is specified on the command line, jcmd sends the diagnostic command request to all Java processes with this main class. With the PerfCounter.print argument, jcmd prints the performance counters available on the targeted Java process(es). With the \-f option, jcmd sends to the targeted Java process(es) the diagnostic commands stored in the file \fIfile\fR.
+.LP
+\fP
+.fi
+
+.SH "OPTIONS"
+.LP
+.LP
+Options are mutually exclusive. Options, if used, should follow immediately after the command name.
+.LP
+.RS 3
+.TP 3
+\-l 
+prints the list of running Java processes with their process id, their
+main class and their command line arguments. 
+.TP 3
+\-h 
+prints a help message.
+.br
+.br
+.TP 3
+\-help 
+prints a help message
+.br
+.RE
+
+.LP
+.SH "PARAMETERS"
+.LP
+.RS 3
+.TP 3
+\fIpid\fR
+Identifies the process which will receive the diagnostic command requests. The process must be a Java process. To get a list of Java processes running on a machine, jps(1) or jcmd(1) may be used. 
+.RE
+.LP
+.RS 3
+.TP 3
+\fImain class\fR
+Main class of the process which will receive the diagnostic command requests. If several running Java processes share this main class, the diagnostic command request will be sent to all these processes. To get a list of Java processes running on a machine, jps(1) or jcmd(1) may be used. 
+.RE
+.RS 3
+.TP 3
+\fIcommand\fR [\fIarguments\fR]
+Invoke the diagnostic command called \fIcommand\fR on the targeted Java
+process(es). The list of available diagnostic commands for a given
+process can be obtained by invoking the 'help' command on this process.
+Each diagnostic command has its own set of \fIarguments\fR which can be 
+obtained by invoking the 'help' command followed by the command name.
+.RE
+.RS 3
+.TP 3
+\fIPerfCounter.print\fR
+Print the performance counters available on the targeted Java
+process(es). The list of performance counters may vary with the Java
+process.
+.RE
+.RS 3
+.TP 3
+\fI-f file\fR
+Read commands from \fIfile\fR and invoke them on the targeted Java
+process(es). In  \fIfile\fR, each command must be written on a single line. 
+Lines starting with # are ignored. Processing of \fIfile\fR ends when
+all lines have been invoked or when a line containing the 'stop' keyword
+is read.
+.LP
+.SH "SEE ALSO"
+.LP
+.RS 3
+.TP 2
+o
+jps(1) 
+.RE
+
+ 
--- a/src/windows/classes/sun/security/mscapi/Key.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/windows/classes/sun/security/mscapi/Key.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,8 @@
 
 package sun.security.mscapi;
 
+import sun.security.util.Length;
+
 /**
  * The handle for an RSA or DSA key using the Microsoft Crypto API.
  *
@@ -35,7 +37,7 @@
  * @since 1.6
  * @author  Stanley Man-Kit Ho
  */
-abstract class Key implements java.security.Key
+abstract class Key implements java.security.Key, Length
 {
 
     // Native handle
@@ -81,7 +83,8 @@
     /**
      * Return bit length of the key.
      */
-    public int bitLength()
+    @Override
+    public int length()
     {
         return keyLength;
     }
--- a/src/windows/classes/sun/security/mscapi/RSACipher.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/windows/classes/sun/security/mscapi/RSACipher.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -235,12 +235,12 @@
             mode = encrypt ? MODE_ENCRYPT : MODE_VERIFY;
             publicKey = (sun.security.mscapi.Key)key;
             privateKey = null;
-            outputSize = publicKey.bitLength() / 8;
+            outputSize = publicKey.length() / 8;
         } else if (key instanceof PrivateKey) {
             mode = encrypt ? MODE_SIGN : MODE_DECRYPT;
             privateKey = (sun.security.mscapi.Key)key;
             publicKey = null;
-            outputSize = privateKey.bitLength() / 8;
+            outputSize = privateKey.length() / 8;
         } else {
             throw new InvalidKeyException("Unknown key type: " + key);
         }
@@ -395,7 +395,7 @@
     protected int engineGetKeySize(Key key) throws InvalidKeyException {
 
         if (key instanceof sun.security.mscapi.Key) {
-            return ((sun.security.mscapi.Key) key).bitLength();
+            return ((sun.security.mscapi.Key) key).length();
 
         } else if (key instanceof RSAKey) {
             return ((RSAKey) key).getModulus().bitLength();
--- a/src/windows/classes/sun/security/mscapi/RSASignature.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/src/windows/classes/sun/security/mscapi/RSASignature.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -294,7 +294,7 @@
 
         // Check against the local and global values to make sure
         // the sizes are ok.  Round up to nearest byte.
-        RSAKeyFactory.checkKeyLengths(((privateKey.bitLength() + 7) & ~7),
+        RSAKeyFactory.checkKeyLengths(((privateKey.length() + 7) & ~7),
             null, RSAKeyPairGenerator.KEY_SIZE_MIN,
             RSAKeyPairGenerator.KEY_SIZE_MAX);
 
--- a/test/Makefile	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/Makefile	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 1995, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 1995, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -542,7 +542,8 @@
 #   Using samevm has serious problems with these tests
 JDK_ALL_TARGETS += jdk_security3
 jdk_security3: $(call TestDirs, com/sun/security lib/security \
-               javax/security sun/security)
+               javax/security sun/security \
+               com/oracle/security/ucrypto)
 	$(call SharedLibraryPermissions,sun/security)
 	$(call RunOthervmBatch)
 
--- a/test/ProblemList.txt	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/ProblemList.txt	Fri Jan 27 16:48:41 2012 -0800
@@ -195,8 +195,8 @@
 
 # jdk_lang
 
-# requires junit
-java/lang/invoke/InvokeDynamicPrintArgs.java                    generic-all
+# 7123972
+java/lang/annotation/loaderLeak/Main.java                       generic-all
 
 # Times out on solaris 10 sparc
 java/lang/ClassLoader/Assert.java				generic-all
@@ -295,6 +295,9 @@
 
 # jdk_misc
 
+# 6988950
+demo/jvmti/compiledMethodLoad/CompiledMethodLoadTest.java       generic-all
+
 # Need to be marked othervm, or changed to be samevm safe
 com/sun/jndi/ldap/ReadTimeoutTest.java				generic-all
 com/sun/jndi/rmi/registry/RegistryContext/UnbindIdempotent.java	generic-all
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/oracle/security/ucrypto/TestAES.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,339 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug     7088989
+ * @summary Ensure the AES ciphers of OracleUcrypto provider works correctly
+ */
+import java.io.*;
+import java.security.*;
+import java.security.spec.*;
+import java.util.*;
+import javax.crypto.*;
+import javax.crypto.spec.*;
+
+public class TestAES extends UcryptoTest {
+
+    private static final String[] PADDEDCIPHER_ALGOS = {
+        "AES/ECB/PKCS5Padding",
+        "AES/CBC/PKCS5Padding",
+        "AES/CFB128/PKCS5Padding"
+    };
+
+    private static final String[] CIPHER_ALGOS = {
+        "AES/ECB/NoPadding",
+        "AES/CBC/NoPadding",
+        "AES/CFB128/NoPadding",
+        "AES/CTR/NoPadding",
+    };
+
+    private static final SecretKey CIPHER_KEY =
+        new SecretKeySpec(new byte[16], "AES");
+
+    public static void main(String[] args) throws Exception {
+        main(new TestAES(), null);
+    }
+
+    public void doTest(Provider prov) throws Exception {
+        // Provider for testing Interoperability
+        Provider sunJCEProv = Security.getProvider("SunJCE");
+
+        testCipherInterop(CIPHER_ALGOS, CIPHER_KEY, prov, sunJCEProv);
+        testCipherInterop(PADDEDCIPHER_ALGOS, CIPHER_KEY, prov, sunJCEProv);
+
+        testCipherOffset(CIPHER_ALGOS, CIPHER_KEY, prov);
+        testCipherOffset(PADDEDCIPHER_ALGOS, CIPHER_KEY, prov);
+
+        testCipherKeyWrapping(PADDEDCIPHER_ALGOS, CIPHER_KEY, prov, sunJCEProv);
+        testCipherGCM(CIPHER_KEY, prov);
+    }
+
+    private static void testCipherInterop(String[] algos, SecretKey key,
+                                          Provider p,
+                                          Provider interopP) {
+        boolean testPassed = true;
+        byte[] in = new byte[32];
+        (new SecureRandom()).nextBytes(in);
+
+        for (String algo : algos) {
+            try {
+                // check ENC
+                Cipher c;
+                try {
+                    c = Cipher.getInstance(algo, p);
+                } catch (NoSuchAlgorithmException nsae) {
+                    System.out.println("Skipping Unsupported CIP algo: " + algo);
+                    continue;
+                }
+                c.init(Cipher.ENCRYPT_MODE, key, (AlgorithmParameters)null, null);
+                byte[] eout = c.doFinal(in, 0, in.length);
+
+                AlgorithmParameters params = c.getParameters();
+                Cipher c2 = Cipher.getInstance(algo, interopP);
+                c2.init(Cipher.ENCRYPT_MODE, key, params, null);
+                byte[] eout2 = c2.doFinal(in, 0, in.length);
+
+                if (!Arrays.equals(eout, eout2)) {
+                    System.out.println(algo + ": DIFF FAILED");
+                    testPassed = false;
+                } else {
+                    System.out.println(algo + ": ENC Passed");
+                }
+
+                // check DEC
+                c.init(Cipher.DECRYPT_MODE, key, params, null);
+                byte[] dout = c.doFinal(eout);
+                c2.init(Cipher.DECRYPT_MODE, key, params, null);
+                byte[] dout2 = c2.doFinal(eout2);
+
+                if (!Arrays.equals(dout, dout2)) {
+                    System.out.println(algo + ": DIFF FAILED");
+                    testPassed = false;
+                } else {
+                    System.out.println(algo + ": DEC Passed");
+                }
+            } catch(Exception ex) {
+                System.out.println("Unexpected Exception: " + algo);
+                ex.printStackTrace();
+                testPassed = false;
+            }
+        }
+
+        if (!testPassed) {
+            throw new RuntimeException("One or more CIPHER test failed!");
+        } else {
+            System.out.println("CIPHER Interop Tests Passed");
+        }
+    }
+
+    private static void testCipherOffset(String[] algos, SecretKey key,
+                                         Provider p) {
+        boolean testPassed = true;
+        byte[] in = new byte[16];
+        (new SecureRandom()).nextBytes(in);
+        int blockSize = 16;
+
+        for (int j = 1; j < (in.length - 1); j++) {
+            System.out.println("Input offset size: " + j);
+            for (int i = 0; i < algos.length; i++) {
+                try {
+                    // check ENC
+                    Cipher c;
+                    try {
+                        c = Cipher.getInstance(algos[i], p);
+                    } catch (NoSuchAlgorithmException nsae) {
+                        System.out.println("Skip Unsupported CIP algo: " + algos[i]);
+                        continue;
+                    }
+                    c.init(Cipher.ENCRYPT_MODE, key, (AlgorithmParameters)null, null);
+                    byte[] eout = new byte[c.getOutputSize(in.length)];
+                    int firstPartLen = in.length - j - 1;
+                    //System.out.print("1st UPDATE: " + firstPartLen);
+                    int k = c.update(in, 0, firstPartLen, eout, 0);
+                    k += c.update(in, firstPartLen, 1, eout, k);
+                    k += c.doFinal(in, firstPartLen+1, j, eout, k);
+
+                    AlgorithmParameters params = c.getParameters();
+
+                    Cipher c2 = Cipher.getInstance(algos[i], p);
+                    c2.init(Cipher.ENCRYPT_MODE, key, params, null);
+                    byte[] eout2 = new byte[c2.getOutputSize(in.length)];
+                    int k2 = c2.update(in, 0, j, eout2, 0);
+                    k2 += c2.update(in, j, 1, eout2, k2);
+                    k2 += c2.doFinal(in, j+1, firstPartLen, eout2, k2);
+
+                    if (!checkArrays(eout, k, eout2, k2)) testPassed = false;
+
+                    // check DEC
+                    c.init(Cipher.DECRYPT_MODE, key, params, null);
+                    byte[] dout = new byte[c.getOutputSize(eout.length)];
+                    k = c.update(eout, 0, firstPartLen, dout, 0);
+                    k += c.update(eout, firstPartLen, 1, dout, k);
+                    k += c.doFinal(eout, firstPartLen+1, eout.length - firstPartLen - 1, dout, k);
+                    if (!checkArrays(in, in.length, dout, k)) testPassed = false;
+                } catch(Exception ex) {
+                    System.out.println("Unexpected Exception: " + algos[i]);
+                    ex.printStackTrace();
+                    testPassed = false;
+                }
+            }
+        }
+        if (!testPassed) {
+            throw new RuntimeException("One or more CIPHER test failed!");
+        } else {
+            System.out.println("CIPHER Offset Tests Passed");
+        }
+    }
+
+    private static void testCipherKeyWrapping(String[] algos, SecretKey key,
+                                              Provider p, Provider interopP)
+        throws NoSuchAlgorithmException {
+        boolean testPassed = true;
+
+        // Test SecretKey, PrivateKey and PublicKey
+        Key[] tbwKeys = new Key[3];
+        int[] tbwKeyTypes = { Cipher.SECRET_KEY, Cipher.PRIVATE_KEY, Cipher.PUBLIC_KEY };
+        tbwKeys[0] = new SecretKeySpec(new byte[20], "Blowfish");
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+        kpg.initialize(1024);
+        KeyPair kp = kpg.generateKeyPair();
+        tbwKeys[1] = kp.getPrivate();
+        tbwKeys[2] = kp.getPublic();
+
+        for (int i = 0; i < algos.length; i++) {
+            try {
+                System.out.println(algos[i] + " - Native WRAP/Java UNWRAP");
+
+                Cipher c1;
+                try {
+                    c1 = Cipher.getInstance(algos[i], p);
+                } catch (NoSuchAlgorithmException nsae) {
+                    System.out.println("Skipping Unsupported CIP algo: " + algos[i]);
+                    continue;
+                }
+                c1.init(Cipher.WRAP_MODE, key, (AlgorithmParameters)null, null);
+                AlgorithmParameters params = c1.getParameters();
+                Cipher c2 = Cipher.getInstance(algos[i], interopP);
+                c2.init(Cipher.UNWRAP_MODE, key, params, null);
+
+                for (int j = 0; j < tbwKeys.length ; j++) {
+                    byte[] wrappedKey = c1.wrap(tbwKeys[j]);
+                    Key recovered = c2.unwrap(wrappedKey,
+                                              tbwKeys[j].getAlgorithm(), tbwKeyTypes[j]);
+                    if (!checkKeys(tbwKeys[j], recovered)) testPassed = false;
+                }
+
+                System.out.println(algos[i] + " - Java WRAP/Native UNWRAP");
+                c1 = Cipher.getInstance(algos[i], interopP);
+                c1.init(Cipher.WRAP_MODE, key, (AlgorithmParameters)null, null);
+                params = c1.getParameters();
+                c2 = Cipher.getInstance(algos[i], p);
+                c2.init(Cipher.UNWRAP_MODE, key, params, null);
+
+                for (int j = 0; j < tbwKeys.length ; j++) {
+                    byte[] wrappedKey = c1.wrap(tbwKeys[j]);
+                    Key recovered = c2.unwrap(wrappedKey,
+                                              tbwKeys[j].getAlgorithm(), tbwKeyTypes[j]);
+                    if (!checkKeys(tbwKeys[j], recovered)) testPassed = false;
+                }
+
+            } catch(Exception ex) {
+                System.out.println("Unexpected Exception: " + algos[i]);
+                ex.printStackTrace();
+                testPassed = false;
+            }
+        }
+        if (!testPassed) {
+            throw new RuntimeException("One or more CIPHER test failed!");
+        } else {
+            System.out.println("CIPHER KeyWrapping Tests Passed");
+        }
+    }
+
+
+    private static void testCipherGCM(SecretKey key,
+                                      Provider p) {
+        boolean testPassed = true;
+        byte[] in = new byte[16];
+        (new SecureRandom()).nextBytes(in);
+
+        byte[] iv = new byte[16];
+        (new SecureRandom()).nextBytes(iv);
+
+
+        String algo = "AES/GCM/NoPadding";
+        int tagLen[] = { 128, 120, 112, 104, 96, 64, 32 };
+
+        try {
+            Cipher c;
+            try {
+                c = Cipher.getInstance(algo, p);
+            } catch (NoSuchAlgorithmException nsae) {
+                System.out.println("Skipping Unsupported CIP algo: " + algo);
+                return;
+            }
+            for (int i = 0; i < tagLen.length; i++) {
+                AlgorithmParameterSpec paramSpec = new GCMParameterSpec(tagLen[i], iv);
+                // check ENC
+                c.init(Cipher.ENCRYPT_MODE, key, paramSpec, null);
+                c.updateAAD(iv);
+                byte[] eout = c.doFinal(in, 0, in.length);
+
+                AlgorithmParameters param = c.getParameters();
+                // check DEC
+                c.init(Cipher.DECRYPT_MODE, key, param, null);
+                c.updateAAD(iv);
+                byte[] dout = c.doFinal(eout, 0, eout.length);
+
+                if (!Arrays.equals(dout, in)) {
+                    System.out.println(algo + ": PT and RT DIFF FAILED");
+                    testPassed = false;
+                } else {
+                    System.out.println(algo + ": tagLen " + tagLen[i] + " done");
+                }
+            }
+        } catch(Exception ex) {
+            System.out.println("Unexpected Exception: " + algo);
+            ex.printStackTrace();
+            testPassed = false;
+        }
+        if (!testPassed) {
+            throw new RuntimeException("One or more CIPHER test failed!");
+        } else {
+            System.out.println("CIPHER GCM Tests Passed");
+        }
+    }
+
+    private static boolean checkArrays(byte[] a1, int a1Len, byte[] a2, int a2Len) {
+        boolean equal = true;
+        if (a1Len != a2Len) {
+            System.out.println("DIFFERENT OUT LENGTH");
+            equal = false;
+        } else {
+            for (int p = 0; p < a1Len; p++) {
+                if (a1[p] != a2[p]) {
+                    System.out.println("DIFF FAILED");
+                    equal = false;
+                    break;
+                }
+            }
+        }
+        return equal;
+    }
+
+    private static boolean checkKeys(Key k1, Key k2) {
+        boolean equal = true;
+        if (!k1.getAlgorithm().equalsIgnoreCase(k2.getAlgorithm())) {
+            System.out.println("DIFFERENT Key Algorithm");
+            equal = false;
+        } else if (!k1.getFormat().equalsIgnoreCase(k2.getFormat())) {
+            System.out.println("DIFFERENT Key Format");
+            equal = false;
+        } else if (!Arrays.equals(k1.getEncoded(), k2.getEncoded())) {
+            System.out.println("DIFFERENT Key Encoding");
+            equal = false;
+        }
+        return equal;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/oracle/security/ucrypto/TestDigest.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,127 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug     7088989
+ * @summary Ensure the various message digests works correctly
+ */
+import java.io.*;
+import java.security.*;
+import java.security.spec.*;
+import java.util.*;
+import javax.crypto.*;
+import javax.crypto.spec.*;
+
+public class TestDigest extends UcryptoTest {
+
+    private static final String[] MD_ALGOS = {
+        "MD5",
+        "SHA",
+        "SHA-256",
+        "SHA-384",
+        "SHA-512"
+    };
+
+    public static void main(String[] args) throws Exception {
+        main(new TestDigest(), null);
+    }
+
+    public void doTest(Provider p) {
+        boolean testPassed = true;
+        byte[] msg = new byte[200];
+        (new SecureRandom()).nextBytes(msg);
+        String interopProvName = "SUN";
+
+        for (String a : MD_ALGOS) {
+            try {
+                MessageDigest md, md2;
+                try {
+                    md = MessageDigest.getInstance(a, p);
+                } catch (NoSuchAlgorithmException nsae) {
+                    System.out.println("Skipping Unsupported MD algo: " + a);
+                    continue;
+                }
+                md2 = MessageDigest.getInstance(a, interopProvName);
+                // Test Interoperability for update+digest calls
+                for (int i = 0; i < 3; i++) {
+                    md.update(msg);
+                    byte[] digest = md.digest();
+                    md2.update(msg);
+                    byte[] digest2 = md2.digest();
+                    if (!Arrays.equals(digest, digest2)) {
+                        System.out.println("DIFF1 FAILED for: " + a + " at iter " + i);
+                        testPassed = false;
+                    }
+                }
+
+                // Test Interoperability for digest calls
+                md = MessageDigest.getInstance(a, p);
+                md2 = MessageDigest.getInstance(a, interopProvName);
+
+                for (int i = 0; i < 3; i++) {
+                    byte[] digest = md.digest();
+                    byte[] digest2 = md2.digest();
+                    if (!Arrays.equals(digest, digest2)) {
+                        System.out.println("DIFF2 FAILED for: " + a + " at iter " + i);
+                        testPassed = false;
+                    }
+                }
+
+                // Test Cloning functionality
+                md = MessageDigest.getInstance(a, p);
+                md2 = (MessageDigest) md.clone(); // clone right after construction
+                byte[] digest = md.digest();
+                byte[] digest2 = md2.digest();
+                if (!Arrays.equals(digest, digest2)) {
+                    System.out.println("DIFF-3.1 FAILED for: " + a);
+                    testPassed = false;
+                }
+                md.update(msg);
+                md2 = (MessageDigest) md.clone(); // clone again after update call
+                digest = md.digest();
+                digest2 = md2.digest();
+                if (!Arrays.equals(digest, digest2)) {
+                    System.out.println("DIFF-3.2 FAILED for: " + a);
+                    testPassed = false;
+                }
+                md2 = (MessageDigest) md.clone(); // clone after digest
+                digest = md.digest();
+                digest2 = md2.digest();
+                if (!Arrays.equals(digest, digest2)) {
+                    System.out.println("DIFF-3.3 FAILED for: " + a);
+                    testPassed = false;
+                }
+            } catch(Exception ex) {
+                System.out.println("Unexpected Exception: " + a);
+                ex.printStackTrace();
+                testPassed = false;
+            }
+        }
+        if (!testPassed) {
+            throw new RuntimeException("One or more MD test failed!");
+        } else {
+            System.out.println("MD Tests Passed");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/oracle/security/ucrypto/TestRSA.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,421 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug     7088989
+ * @summary Ensure the RSA ciphers and signatures works correctly
+ */
+import java.io.*;
+import java.security.*;
+import java.security.spec.*;
+import java.util.*;
+import java.math.*;
+import javax.crypto.*;
+
+public class TestRSA extends UcryptoTest {
+
+    // KAT
+    private static final byte PLAINTEXT[] = Arrays.copyOf
+        (new String("Known plaintext message utilized" +
+                    "for RSA Encryption &  Decryption" +
+                    "block, SHA1, SHA256, SHA384  and" +
+                    "SHA512 RSA Signature KAT tests.").getBytes(), 128);
+
+    private static final byte MOD[] = {
+        (byte)0xd5, (byte)0x84, (byte)0x95, (byte)0x07, (byte)0xf4, (byte)0xd0,
+        (byte)0x1f, (byte)0x82, (byte)0xf3, (byte)0x79, (byte)0xf4, (byte)0x99,
+        (byte)0x48, (byte)0x10, (byte)0xe1, (byte)0x71, (byte)0xa5, (byte)0x62,
+        (byte)0x22, (byte)0xa3, (byte)0x4b, (byte)0x00, (byte)0xe3, (byte)0x5b,
+        (byte)0x3a, (byte)0xcc, (byte)0x10, (byte)0x83, (byte)0xe0, (byte)0xaf,
+        (byte)0x61, (byte)0x13, (byte)0x54, (byte)0x6a, (byte)0xa2, (byte)0x6a,
+        (byte)0x2c, (byte)0x5e, (byte)0xb3, (byte)0xcc, (byte)0xa3, (byte)0x71,
+        (byte)0x9a, (byte)0xb2, (byte)0x3e, (byte)0x78, (byte)0xec, (byte)0xb5,
+        (byte)0x0e, (byte)0x6e, (byte)0x31, (byte)0x3b, (byte)0x77, (byte)0x1f,
+        (byte)0x6e, (byte)0x94, (byte)0x41, (byte)0x60, (byte)0xd5, (byte)0x6e,
+        (byte)0xd9, (byte)0xc6, (byte)0xf9, (byte)0x29, (byte)0xc3, (byte)0x40,
+        (byte)0x36, (byte)0x25, (byte)0xdb, (byte)0xea, (byte)0x0b, (byte)0x07,
+        (byte)0xae, (byte)0x76, (byte)0xfd, (byte)0x99, (byte)0x29, (byte)0xf4,
+        (byte)0x22, (byte)0xc1, (byte)0x1a, (byte)0x8f, (byte)0x05, (byte)0xfe,
+        (byte)0x98, (byte)0x09, (byte)0x07, (byte)0x05, (byte)0xc2, (byte)0x0f,
+        (byte)0x0b, (byte)0x11, (byte)0x83, (byte)0x39, (byte)0xca, (byte)0xc7,
+        (byte)0x43, (byte)0x63, (byte)0xff, (byte)0x33, (byte)0x80, (byte)0xe7,
+        (byte)0xc3, (byte)0x78, (byte)0xae, (byte)0xf1, (byte)0x73, (byte)0x52,
+        (byte)0x98, (byte)0x1d, (byte)0xde, (byte)0x5c, (byte)0x53, (byte)0x6e,
+        (byte)0x01, (byte)0x73, (byte)0x0d, (byte)0x12, (byte)0x7e, (byte)0x77,
+        (byte)0x03, (byte)0xf1, (byte)0xef, (byte)0x1b, (byte)0xc8, (byte)0xa8,
+        (byte)0x0f, (byte)0x97
+    };
+
+    private static final byte PUB_EXP[] = {(byte)0x01, (byte)0x00, (byte)0x01};
+
+    private static final byte PRIV_EXP[] = {
+        (byte)0x85, (byte)0x27, (byte)0x47, (byte)0x61, (byte)0x4c, (byte)0xd4,
+        (byte)0xb5, (byte)0xb2, (byte)0x0e, (byte)0x70, (byte)0x91, (byte)0x8f,
+        (byte)0x3d, (byte)0x97, (byte)0xf9, (byte)0x5f, (byte)0xcc, (byte)0x09,
+        (byte)0x65, (byte)0x1c, (byte)0x7c, (byte)0x5b, (byte)0xb3, (byte)0x6d,
+        (byte)0x63, (byte)0x3f, (byte)0x7b, (byte)0x55, (byte)0x22, (byte)0xbb,
+        (byte)0x7c, (byte)0x48, (byte)0x77, (byte)0xae, (byte)0x80, (byte)0x56,
+        (byte)0xc2, (byte)0x10, (byte)0xd5, (byte)0x03, (byte)0xdb, (byte)0x31,
+        (byte)0xaf, (byte)0x8d, (byte)0x54, (byte)0xd4, (byte)0x48, (byte)0x99,
+        (byte)0xa8, (byte)0xc4, (byte)0x23, (byte)0x43, (byte)0xb8, (byte)0x48,
+        (byte)0x0b, (byte)0xc7, (byte)0xbc, (byte)0xf5, (byte)0xcc, (byte)0x64,
+        (byte)0x72, (byte)0xbf, (byte)0x59, (byte)0x06, (byte)0x04, (byte)0x1c,
+        (byte)0x32, (byte)0xf5, (byte)0x14, (byte)0x2e, (byte)0x6e, (byte)0xe2,
+        (byte)0x0f, (byte)0x5c, (byte)0xde, (byte)0x36, (byte)0x3c, (byte)0x6e,
+        (byte)0x7c, (byte)0x4d, (byte)0xcc, (byte)0xd3, (byte)0x00, (byte)0x6e,
+        (byte)0xe5, (byte)0x45, (byte)0x46, (byte)0xef, (byte)0x4d, (byte)0x25,
+        (byte)0x46, (byte)0x6d, (byte)0x7f, (byte)0xed, (byte)0xbb, (byte)0x4f,
+        (byte)0x4d, (byte)0x9f, (byte)0xda, (byte)0x87, (byte)0x47, (byte)0x8f,
+        (byte)0x74, (byte)0x44, (byte)0xb7, (byte)0xbe, (byte)0x9d, (byte)0xf5,
+        (byte)0xdd, (byte)0xd2, (byte)0x4c, (byte)0xa5, (byte)0xab, (byte)0x74,
+        (byte)0xe5, (byte)0x29, (byte)0xa1, (byte)0xd2, (byte)0x45, (byte)0x3b,
+        (byte)0x33, (byte)0xde, (byte)0xd5, (byte)0xae, (byte)0xf7, (byte)0x03,
+        (byte)0x10, (byte)0x21
+    };
+
+    private static final byte PRIME_P[] = {
+        (byte)0xf9, (byte)0x74, (byte)0x8f, (byte)0x16, (byte)0x02, (byte)0x6b,
+        (byte)0xa0, (byte)0xee, (byte)0x7f, (byte)0x28, (byte)0x97, (byte)0x91,
+        (byte)0xdc, (byte)0xec, (byte)0xc0, (byte)0x7c, (byte)0x49, (byte)0xc2,
+        (byte)0x85, (byte)0x76, (byte)0xee, (byte)0x66, (byte)0x74, (byte)0x2d,
+        (byte)0x1a, (byte)0xb8, (byte)0xf7, (byte)0x2f, (byte)0x11, (byte)0x5b,
+        (byte)0x36, (byte)0xd8, (byte)0x46, (byte)0x33, (byte)0x3b, (byte)0xd8,
+        (byte)0xf3, (byte)0x2d, (byte)0xa1, (byte)0x03, (byte)0x83, (byte)0x2b,
+        (byte)0xec, (byte)0x35, (byte)0x43, (byte)0x32, (byte)0xff, (byte)0xdd,
+        (byte)0x81, (byte)0x7c, (byte)0xfd, (byte)0x65, (byte)0x13, (byte)0x04,
+        (byte)0x7c, (byte)0xfc, (byte)0x03, (byte)0x97, (byte)0xf0, (byte)0xd5,
+        (byte)0x62, (byte)0xdc, (byte)0x0d, (byte)0xbf
+    };
+
+    private static final byte PRIME_Q[] = {
+        (byte)0xdb, (byte)0x1e, (byte)0xa7, (byte)0x3d, (byte)0xe7, (byte)0xfa,
+        (byte)0x8b, (byte)0x04, (byte)0x83, (byte)0x48, (byte)0xf3, (byte)0xa5,
+        (byte)0x31, (byte)0x9d, (byte)0x35, (byte)0x5e, (byte)0x4d, (byte)0x54,
+        (byte)0x77, (byte)0xcc, (byte)0x84, (byte)0x09, (byte)0xf3, (byte)0x11,
+        (byte)0x0d, (byte)0x54, (byte)0xed, (byte)0x85, (byte)0x39, (byte)0xa9,
+        (byte)0xca, (byte)0xa8, (byte)0xea, (byte)0xae, (byte)0x19, (byte)0x9c,
+        (byte)0x75, (byte)0xdb, (byte)0x88, (byte)0xb8, (byte)0x04, (byte)0x8d,
+        (byte)0x54, (byte)0xc6, (byte)0xa4, (byte)0x80, (byte)0xf8, (byte)0x93,
+        (byte)0xf0, (byte)0xdb, (byte)0x19, (byte)0xef, (byte)0xd7, (byte)0x87,
+        (byte)0x8a, (byte)0x8f, (byte)0x5a, (byte)0x09, (byte)0x2e, (byte)0x54,
+        (byte)0xf3, (byte)0x45, (byte)0x24, (byte)0x29
+    };
+
+    private static final byte EXP_P[] = {
+        (byte)0x6a, (byte)0xd1, (byte)0x25, (byte)0x80, (byte)0x18, (byte)0x33,
+        (byte)0x3c, (byte)0x2b, (byte)0x44, (byte)0x19, (byte)0xfe, (byte)0xa5,
+        (byte)0x40, (byte)0x03, (byte)0xc4, (byte)0xfc, (byte)0xb3, (byte)0x9c,
+        (byte)0xef, (byte)0x07, (byte)0x99, (byte)0x58, (byte)0x17, (byte)0xc1,
+        (byte)0x44, (byte)0xa3, (byte)0x15, (byte)0x7d, (byte)0x7b, (byte)0x22,
+        (byte)0x22, (byte)0xdf, (byte)0x03, (byte)0x58, (byte)0x66, (byte)0xf5,
+        (byte)0x24, (byte)0x54, (byte)0x52, (byte)0x91, (byte)0x2d, (byte)0x76,
+        (byte)0xfe, (byte)0x63, (byte)0x64, (byte)0x4e, (byte)0x0f, (byte)0x50,
+        (byte)0x2b, (byte)0x65, (byte)0x79, (byte)0x1f, (byte)0xf1, (byte)0xbf,
+        (byte)0xc7, (byte)0x41, (byte)0x26, (byte)0xcc, (byte)0xc6, (byte)0x1c,
+        (byte)0xa9, (byte)0x83, (byte)0x6f, (byte)0x03
+    };
+
+    private static final byte EXP_Q[] = {
+        (byte)0x12, (byte)0x84, (byte)0x1a, (byte)0x99, (byte)0xce, (byte)0x9a,
+        (byte)0x8b, (byte)0x58, (byte)0xcc, (byte)0x47, (byte)0x43, (byte)0xdf,
+        (byte)0x77, (byte)0xbb, (byte)0xd3, (byte)0x20, (byte)0xae, (byte)0xe4,
+        (byte)0x2e, (byte)0x63, (byte)0x67, (byte)0xdc, (byte)0xf7, (byte)0x5f,
+        (byte)0x3f, (byte)0x83, (byte)0x27, (byte)0xb7, (byte)0x14, (byte)0x52,
+        (byte)0x56, (byte)0xbf, (byte)0xc3, (byte)0x65, (byte)0x06, (byte)0xe1,
+        (byte)0x03, (byte)0xcc, (byte)0x93, (byte)0x57, (byte)0x09, (byte)0x7b,
+        (byte)0x6f, (byte)0xe8, (byte)0x81, (byte)0x4a, (byte)0x2c, (byte)0xb7,
+        (byte)0x43, (byte)0xa9, (byte)0x20, (byte)0x1d, (byte)0xf6, (byte)0x56,
+        (byte)0x8b, (byte)0xcc, (byte)0xe5, (byte)0x4c, (byte)0xd5, (byte)0x4f,
+        (byte)0x74, (byte)0x67, (byte)0x29, (byte)0x51
+    };
+
+    private static final byte CRT_COEFF[] = {
+        (byte)0x23, (byte)0xab, (byte)0xf4, (byte)0x03, (byte)0x2f, (byte)0x29,
+        (byte)0x95, (byte)0x74, (byte)0xac, (byte)0x1a, (byte)0x33, (byte)0x96,
+        (byte)0x62, (byte)0xed, (byte)0xf7, (byte)0xf6, (byte)0xae, (byte)0x07,
+        (byte)0x2a, (byte)0x2e, (byte)0xe8, (byte)0xab, (byte)0xfb, (byte)0x1e,
+        (byte)0xb9, (byte)0xb2, (byte)0x88, (byte)0x1e, (byte)0x85, (byte)0x05,
+        (byte)0x42, (byte)0x64, (byte)0x03, (byte)0xb2, (byte)0x8b, (byte)0xc1,
+        (byte)0x81, (byte)0x75, (byte)0xd7, (byte)0xba, (byte)0xaa, (byte)0xd4,
+        (byte)0x31, (byte)0x3c, (byte)0x8a, (byte)0x96, (byte)0x23, (byte)0x9d,
+        (byte)0x3f, (byte)0x06, (byte)0x3e, (byte)0x44, (byte)0xa9, (byte)0x62,
+        (byte)0x2f, (byte)0x61, (byte)0x5a, (byte)0x51, (byte)0x82, (byte)0x2c,
+        (byte)0x04, (byte)0x85, (byte)0x73, (byte)0xd1
+    };
+
+    private static KeyPair genRSAKey(int keyLength) throws Exception {
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+        kpg.initialize(keyLength);
+        return kpg.generateKeyPair();
+    }
+
+    private static KeyPair genPredefinedRSAKeyPair() throws Exception {
+        KeyFactory kf = KeyFactory.getInstance("RSA");
+        BigInteger mod = new BigInteger(MOD);
+        BigInteger pub = new BigInteger(PUB_EXP);
+
+        PrivateKey privKey = kf.generatePrivate
+            (new RSAPrivateCrtKeySpec
+             (mod, pub, new BigInteger(PRIV_EXP),
+              new BigInteger(PRIME_P), new BigInteger(PRIME_Q),
+              new BigInteger(EXP_P), new BigInteger(EXP_Q),
+              new BigInteger(CRT_COEFF)));
+        PublicKey pubKey = kf.generatePublic(new RSAPublicKeySpec(mod, pub));
+        return new KeyPair(pubKey, privKey);
+    }
+
+    private static final String CIP_ALGOS[] = {
+        "RSA/ECB/NoPadding",
+        "RSA/ECB/PKCS1Padding"
+    };
+    private static final int INPUT_SIZE_REDUCTION[] = {
+        0,
+        11,
+    };
+    private static final String SIG_ALGOS[] = {
+        "MD5WithRSA",
+        "SHA1WithRSA",
+        "SHA256WithRSA",
+        "SHA384WithRSA",
+        "SHA512WithRSA"
+    };
+
+    private static KeyPair kp[] = null;
+
+    public static void main(String argv[]) throws Exception {
+        main(new TestRSA(), null);
+    }
+
+    public void doTest(Provider prov) throws Exception {
+        // first test w/ predefine KeyPair
+        KeyPair pkp = genPredefinedRSAKeyPair();
+        System.out.println("Test against Predefined RSA Key Pair");
+        testCipher(pkp, 128, true, prov);
+        testSignature(pkp, true, prov);
+
+        for (int i = 0; i < 10; i++) {
+            // then test w/ various key lengths
+            int keyLens[] = { 1024, 2048 };
+            kp = new KeyPair[keyLens.length];
+
+            testCipher(keyLens, false, prov);
+            testSignature(keyLens, false, prov);
+        }
+    }
+
+
+    private static void testCipher(KeyPair kp, int inputSizeInBytes,
+                                   boolean checkInterop, Provider prov)
+        throws Exception {
+        Cipher c1, c2;
+        for (int i = 0; i < CIP_ALGOS.length; i++) {
+            String algo = CIP_ALGOS[i];
+            try {
+                c1 = Cipher.getInstance(algo, prov);
+            } catch (NoSuchAlgorithmException nsae) {
+                System.out.println("Skip unsupported Cipher algo: " + algo);
+                continue;
+            }
+
+            if (checkInterop) {
+                c2 = Cipher.getInstance(algo, "SunJCE");
+            } else {
+                c2 = Cipher.getInstance(algo, prov);
+            }
+            byte[] data = Arrays.copyOf
+                 (PLAINTEXT, inputSizeInBytes - INPUT_SIZE_REDUCTION[i]);
+
+            testEncryption(c1, c2, kp, data);
+        }
+    }
+
+    private static void testCipher(int keyLens[], boolean checkInterop,
+                                   Provider prov)
+        throws Exception {
+        // RSA CipherText will always differ due to the random nonce in padding
+        // so we check whether both
+        // 1) Java Encrypt/C Decrypt
+        // 2) C Encrypt/Java Decrypt
+        // works
+        Cipher c1, c2;
+        for (int i = 0; i < CIP_ALGOS.length; i++) {
+            String algo = CIP_ALGOS[i];
+            try {
+                c1 = Cipher.getInstance(algo, prov);
+            } catch (NoSuchAlgorithmException nsae) {
+                System.out.println("Skip unsupported Cipher algo: " + algo);
+                continue;
+            }
+
+            if (checkInterop) {
+                c2 = Cipher.getInstance(algo, "SunJCE");
+            } else {
+                c2 = Cipher.getInstance(algo, prov);
+            }
+
+            for (int h = 0; h < keyLens.length; h++) {
+                // Defer key pair generation until now when it'll soon be used.
+                if (kp[h] == null) {
+                    kp[h] = genRSAKey(keyLens[h]);
+                }
+                System.out.println("\tTesting Cipher " + algo + " w/ KeySize " + keyLens[h]);
+                byte[] data = Arrays.copyOf
+                    (PLAINTEXT, keyLens[h]/8 - INPUT_SIZE_REDUCTION[i]);
+                testEncryption(c1, c2, kp[h], data);
+            }
+        }
+    }
+
+    private static void testEncryption(Cipher c1, Cipher c2, KeyPair kp, byte[] data)
+        throws Exception {
+        // C1 Encrypt + C2 Decrypt
+        byte[] out1 = null;
+        byte[] recoveredText = null;
+        try {
+            c1.init(Cipher.ENCRYPT_MODE, kp.getPublic());
+            out1 = c1.doFinal(data);
+            c2.init(Cipher.DECRYPT_MODE, kp.getPrivate());
+            recoveredText = c2.doFinal(out1);
+        } catch (Exception ex) {
+            System.out.println("\tDEC ERROR: unexpected exception");
+            ex.printStackTrace();
+            throw ex;
+        }
+        if(!Arrays.equals(recoveredText, data)) {
+            throw new RuntimeException("\tDEC ERROR: different PT bytes!");
+        }
+        // C2 Encrypt + C1 Decrypt
+        byte[] cipherText = null;
+        try {
+            c2.init(Cipher.ENCRYPT_MODE, kp.getPublic());
+            cipherText = c2.doFinal(data);
+            c1.init(Cipher.DECRYPT_MODE, kp.getPrivate());
+            try {
+                out1 = c1.doFinal(cipherText);
+            } catch (Exception ex) {
+                System.out.println("\tENC ERROR: invalid encrypted output");
+                ex.printStackTrace();
+                throw ex;
+            }
+        } catch (Exception ex) {
+            System.out.println("\tENC ERROR: unexpected exception");
+            ex.printStackTrace();
+            throw ex;
+        }
+        if (!Arrays.equals(out1, data)) {
+            throw new RuntimeException("\tENC ERROR: Decrypted result DIFF!");
+        }
+        System.out.println("\t=> PASS");
+    }
+
+    private static void testSignature(KeyPair kp, boolean checkInterop,
+                                      Provider prov) throws Exception {
+        byte[] data = PLAINTEXT;
+        Signature sig1, sig2;
+        for (int i = 0; i < SIG_ALGOS.length; i++) {
+            String algo = SIG_ALGOS[i];
+            try {
+                sig1 = Signature.getInstance(algo, prov);
+            } catch (NoSuchAlgorithmException nsae) {
+                System.out.println("Skip unsupported Signature algo: " + algo);
+                continue;
+            }
+
+            if (checkInterop) {
+                sig2 = Signature.getInstance(algo, "SunRsaSign");
+            } else {
+                sig2 = Signature.getInstance(algo, prov);
+            }
+            testSigning(sig1, sig2, kp, data);
+        }
+    }
+
+    private static void testSignature(int keyLens[], boolean checkInterop,
+                                      Provider prov) throws Exception {
+        byte[] data = PLAINTEXT;
+        Signature sig1, sig2;
+        for (int i = 0; i < SIG_ALGOS.length; i++) {
+            String algo = SIG_ALGOS[i];
+            try {
+                sig1 = Signature.getInstance(algo, prov);
+            } catch (NoSuchAlgorithmException nsae) {
+                System.out.println("Skip unsupported Signature algo: " + algo);
+                continue;
+            }
+
+            if (checkInterop) {
+                sig2 = Signature.getInstance(algo, "SunRsaSign");
+            } else {
+                sig2 = Signature.getInstance(algo, prov);
+            }
+
+            for (int h = 0; h < keyLens.length; h++) {
+                // Defer key pair generation until now when it'll soon be used.
+                if (kp[h] == null) {
+                    kp[h] = genRSAKey(keyLens[h]);
+                }
+                System.out.println("\tTesting Signature " + algo + " w/ KeySize " + keyLens[h]);
+
+                testSigning(sig1, sig2, kp[h], data);
+            }
+        }
+    }
+
+    private static void testSigning(Signature sig1, Signature sig2, KeyPair kp, byte[] data)
+            throws Exception {
+        boolean sameSig = false;
+        byte[] out = null;
+        try {
+            sig1.initSign(kp.getPrivate());
+            sig1.update(data);
+            out = sig1.sign();
+        } catch (Exception ex) {
+            System.out.println("\tSIGN ERROR: unexpected exception!");
+            ex.printStackTrace();
+        }
+
+        sig2.initSign(kp.getPrivate());
+        sig2.update(data);
+        byte[] out2 = sig2.sign();
+        if (!Arrays.equals(out2, out)) {
+            throw new RuntimeException("\tSIGN ERROR: Signature DIFF!");
+        }
+
+        boolean verify = false;
+        try {
+            System.out.println("\tVERIFY1 using native out");
+            sig1.initVerify(kp.getPublic());
+            sig1.update(data);
+            verify = sig1.verify(out);
+            if (!verify) {
+                throw new RuntimeException("VERIFY1 FAIL!");
+            }
+        } catch (Exception ex) {
+            System.out.println("\tVERIFY1 ERROR: unexpected exception!");
+            ex.printStackTrace();
+            throw ex;
+        }
+        System.out.println("\t=> PASS");
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/oracle/security/ucrypto/UcryptoTest.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+
+// common infrastructure for OracleUcrypto provider tests
+
+import java.io.*;
+import java.util.*;
+import java.lang.reflect.*;
+
+import java.security.*;
+
+public abstract class UcryptoTest {
+
+    protected static final boolean hasUcrypto;
+    static {
+        hasUcrypto = (Security.getProvider("OracleUcrypto") != null);
+    }
+
+    private static Provider getCustomizedUcrypto(String config) throws Exception {
+        Class clazz = Class.forName("com.oracle.security.ucrypto.OracleUcrypto");
+        Constructor cons = clazz.getConstructor(new Class[] {String.class});
+        Object obj = cons.newInstance(new Object[] {config});
+        return (Provider)obj;
+    }
+
+    public abstract void doTest(Provider p) throws Exception;
+
+    public static void main(UcryptoTest test, String config) throws Exception {
+        Provider prov = null;
+        if (hasUcrypto) {
+            if (config != null) {
+                prov = getCustomizedUcrypto(config);
+            } else {
+                prov = Security.getProvider("OracleUcrypto");
+            }
+        }
+        if (prov == null) {
+            // un-available, skip testing...
+            System.out.println("No OracleUcrypto provider found, skipping test");
+            return;
+        }
+        test.doTest(prov);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/management/HotSpotDiagnosticMXBean/ExecuteDiagnosticCommand.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug     7104647
+ * @summary Basic Test for HotSpotDiagnosticMXBean.execute()
+ * @author  Frederic Parain
+ *
+ * @run main ExecuteDiagnosticCommand
+ */
+
+import com.sun.management.HotSpotDiagnosticMXBean;
+import com.sun.management.VMOption;
+import java.lang.management.ManagementFactory;
+import java.util.List;
+import javax.management.MBeanServer;
+
+public class ExecuteDiagnosticCommand {
+    private static String HOTSPOT_DIAGNOSTIC_MXBEAN_NAME =
+        "com.sun.management:type=HotSpotDiagnostic";
+
+    public static void main(String[] args) throws Exception {
+        HotSpotDiagnosticMXBean mbean =
+            ManagementFactory.getPlatformMXBean(HotSpotDiagnosticMXBean.class);
+        executeDiagnosticCommand(mbean);
+
+        MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
+        mbean = ManagementFactory.newPlatformMXBeanProxy(mbs,
+                    HOTSPOT_DIAGNOSTIC_MXBEAN_NAME,
+                    HotSpotDiagnosticMXBean.class);
+        executeDiagnosticCommand(mbean);
+    }
+
+    private static void executeDiagnosticCommand(HotSpotDiagnosticMXBean mbean) {
+        String s = mbean.execute("help help");
+        System.out.println(s);
+        s = mbean.execute("help", "help");
+        System.out.println(s);
+        String tab[] = { "help"};
+        s = mbean.execute("help", tab);
+        System.out.println(s);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/management/HotSpotDiagnosticMXBean/GetDiagnosticCommandInfo.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,117 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug     7104647
+ * @summary Basic Test for HotSpotDiagnosticMXBean.getDiagnosticCommandInfo()
+ * @author  Frederic Parain
+ *
+ * @run main GetDiagnosticCommandInfo
+ */
+
+import com.sun.management.HotSpotDiagnosticMXBean;
+import com.sun.management.DiagnosticCommandInfo;
+import com.sun.management.DiagnosticCommandArgumentInfo;
+import com.sun.management.VMOption;
+import java.lang.management.ManagementFactory;
+import java.util.List;
+import javax.management.MBeanServer;
+
+public class GetDiagnosticCommandInfo {
+    private static String HOTSPOT_DIAGNOSTIC_MXBEAN_NAME =
+        "com.sun.management:type=HotSpotDiagnostic";
+
+    public static void main(String[] args) throws Exception {
+        HotSpotDiagnosticMXBean mbean =
+            ManagementFactory.getPlatformMXBean(HotSpotDiagnosticMXBean.class);
+        checkDiagnosticCommandArguments(mbean);
+
+        MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
+        mbean = ManagementFactory.newPlatformMXBeanProxy(mbs,
+                    HOTSPOT_DIAGNOSTIC_MXBEAN_NAME,
+                    HotSpotDiagnosticMXBean.class);
+        checkDiagnosticCommandArguments(mbean);
+    }
+
+    private static void checkDiagnosticCommandArguments(HotSpotDiagnosticMXBean mbean) {
+        // check getDiagnosticCommandInfo()
+        StringBuilder sb = new StringBuilder();
+        List<DiagnosticCommandInfo> infoList = mbean.getDiagnosticCommandInfo();
+        for(DiagnosticCommandInfo info : infoList) {
+            printCommandInfo(info,sb);
+        }
+        // check getDiagnosticCommandInfo(List<String>)
+        List<String> commands = mbean.getDiagnosticCommands();
+        List<DiagnosticCommandInfo> list2 =
+            mbean.getDiagnosticCommandInfo(commands);
+        for(DiagnosticCommandInfo info : list2) {
+            printCommandInfo(info,sb);
+        }
+        // check getDiagnosticCommandInfo(String)
+        for(String cmd : commands) {
+            DiagnosticCommandInfo info2 = mbean.getDiagnosticCommandInfo(cmd);
+            printCommandInfo(info2,sb);
+        }
+        System.out.println(sb.toString());
+    }
+
+    private static void printCommandInfo(DiagnosticCommandInfo info,
+                                         StringBuilder sb) {
+        sb.append("\t").append(info.getName()).append(":\n");
+        sb.append("\t\tDescription=").append(info.getDescription()).append("\n");
+        sb.append("\t\tImpact=").append(info.getImpact()).append("\n");
+        sb.append("\t\tStatus=");
+        if (info.isEnabled()) {
+            sb.append("Enabled\n");
+        } else {
+            sb.append("Disbled\n");
+        }
+        sb.append("\t\tArguments=");
+        for(DiagnosticCommandArgumentInfo arg : info.getArgumentsInfo()) {
+            printArgumentInfo(arg,sb);
+        }
+    }
+
+    private static void printArgumentInfo(DiagnosticCommandArgumentInfo info,
+                                          StringBuilder sb) {
+        sb.append("\t\t\t").append(info.getName()).append(":\n");
+        sb.append("\t\t\t\tType=").append(info.getType()).append("\n");
+        sb.append("\t\t\t\tDescription=").append(info.getDescription()).append("\n");
+        if(info.getDefault() != null) {
+            sb.append("\t\t\t\tDefault=").append(info.getDefault()).append("\n");
+        }
+        if(info.isMandatory()) {
+            sb.append("\t\t\t\tMandatory\n");
+        } else {
+            sb.append("\t\t\t\tOptional\n");
+        }
+        if(info.isOption()) {
+            sb.append("\t\t\t\tIs an option\n");
+        } else {
+            sb.append("\t\t\t\tIs an argument expected at position");
+            sb.append(info.getPosition());
+            sb.append("\n");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/com/sun/management/HotSpotDiagnosticMXBean/GetDiagnosticCommands.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug     7104647
+ * @summary Basic Test for HotSpotDiagnosticMXBean.getDiagnosticCommands()
+ * @author  Frederic Parain
+ *
+ * @run main GetDiagnosticCommands
+ */
+
+import com.sun.management.HotSpotDiagnosticMXBean;
+import com.sun.management.VMOption;
+import java.lang.management.ManagementFactory;
+import java.util.List;
+import javax.management.MBeanServer;
+
+public class GetDiagnosticCommands {
+    private static String HOTSPOT_DIAGNOSTIC_MXBEAN_NAME =
+        "com.sun.management:type=HotSpotDiagnostic";
+
+    public static void main(String[] args) throws Exception {
+        HotSpotDiagnosticMXBean mbean =
+            ManagementFactory.getPlatformMXBean(HotSpotDiagnosticMXBean.class);
+        checkDiagnosticCommands(mbean);
+
+        MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
+        mbean = ManagementFactory.newPlatformMXBeanProxy(mbs,
+                    HOTSPOT_DIAGNOSTIC_MXBEAN_NAME,
+                    HotSpotDiagnosticMXBean.class);
+        checkDiagnosticCommands(mbean);
+    }
+
+    private static void checkDiagnosticCommands(HotSpotDiagnosticMXBean mbean) {
+        List<String> commands = mbean.getDiagnosticCommands();
+        System.out.println("Commands:");
+        for (String cmd : commands) {
+            System.out.println(cmd);
+        }
+    }
+}
--- a/test/java/io/File/BlockIsDirectory.java	Fri Jan 27 08:49:35 2012 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,63 +0,0 @@
-/*
- * Copyright (c) 1998, 2001, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/* @test
-   @bug 4113217
-   @summary Test File.isDirectory on block device
- */
-
-import java.io.*;
-import java.util.*;
-
-public class BlockIsDirectory {
-    public static void main( String args[] ) throws Exception {
-        String osname = System.getProperty("os.name");
-        if (osname.equals("SunOS")) {
-            File dir = new File("/dev/dsk");
-            String dirList[] = dir.list();
-
-            File aFile = new File( "/dev/dsk/" + dirList[0] );
-
-            boolean result = aFile.isDirectory();
-            if (result == true)
-                throw new RuntimeException(
-                    "IsDirectory returns true for block device.");
-        }
-        if (osname.equals("Linux")) {
-            File dir = new File("/dev/ide0");
-            if (dir.exists()) {
-                boolean result = dir.isDirectory();
-                if (result == true)
-                    throw new RuntimeException(
-                        "IsDirectory returns true for block device.");
-            }
-            dir = new File("/dev/scd0");
-            if (dir.exists()) {
-                boolean result = dir.isDirectory();
-                if (result == true)
-                    throw new RuntimeException(
-                        "IsDirectory returns true for block device.");
-            }
-        }
-    }
-}
--- a/test/java/lang/invoke/ClassValueTest.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/java/lang/invoke/ClassValueTest.java	Fri Jan 27 16:48:41 2012 -0800
@@ -61,7 +61,7 @@
         }
     }
 
-    static final Class[] CLASSES = {
+    static final Class<?>[] CLASSES = {
         String.class,
         Integer.class,
         int.class,
@@ -73,11 +73,11 @@
     @Test
     public void testGet() {
         countForCV1 = 0;
-        for (Class c : CLASSES) {
+        for (Class<?> c : CLASSES) {
             assertEquals(nameForCV1(c), CV1.get(c));
         }
         assertEquals(CLASSES.length, countForCV1);
-        for (Class c : CLASSES) {
+        for (Class<?> c : CLASSES) {
             assertEquals(nameForCV1(c), CV1.get(c));
         }
         assertEquals(CLASSES.length, countForCV1);
@@ -85,7 +85,7 @@
 
     @Test
     public void testRemove() {
-        for (Class c : CLASSES) {
+        for (Class<?> c : CLASSES) {
             CV1.get(c);
         }
         countForCV1 = 0;
@@ -94,7 +94,7 @@
             CV1.remove(CLASSES[i]);
         }
         assertEquals(0, countForCV1);  // no change
-        for (Class c : CLASSES) {
+        for (Class<?> c : CLASSES) {
             assertEquals(nameForCV1(c), CV1.get(c));
         }
         assertEquals(REMCOUNT, countForCV1);
@@ -124,7 +124,7 @@
         for (int pass = 0; pass <= 2; pass++) {
             for (int i1 = 0; i1 < CVN_COUNT1; i1++) {
                 eachClass:
-                for (Class c : CLASSES) {
+                for (Class<?> c : CLASSES) {
                     for (int i2 = 0; i2 < CVN_COUNT2; i2++) {
                         int n = i1*CVN_COUNT2 + i2;
                         assertEquals(0, countForCVN);
@@ -156,8 +156,10 @@
             }
         }
         assertEquals(countForCVN, 0);
-        for (int n = 0; n < cvns.length; n++) {
-            for (Class c : CLASSES) {
+        System.out.println("[rechecking values]");
+        for (int i = 0; i < cvns.length * 10; i++) {
+            int n = i % cvns.length;
+            for (Class<?> c : CLASSES) {
                 assertEquals(nameForCVN(c, n), cvns[n].get(c));
             }
         }
--- a/test/java/lang/invoke/InvokeDynamicPrintArgs.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/java/lang/invoke/InvokeDynamicPrintArgs.java	Fri Jan 27 16:48:41 2012 -0800
@@ -38,8 +38,6 @@
 
 package test.java.lang.invoke;
 
-import org.junit.Test;
-
 import java.util.*;
 import java.io.*;
 
@@ -99,21 +97,6 @@
         System.setSecurityManager(new SM());
     }
 
-    @Test
-    public void testInvokeDynamicPrintArgs() throws IOException {
-        System.err.println(System.getProperties());
-        String testClassPath = System.getProperty("build.test.classes.dir");
-        if (testClassPath == null)  throw new RuntimeException();
-        String[] args = new String[]{
-            "--verify-specifier-count=3",
-            "--verbose",
-            "--expand-properties", "--classpath", testClassPath,
-            "--java", "test.java.lang.invoke.InvokeDynamicPrintArgs", "--check-output"
-        };
-        System.err.println("Indify: "+Arrays.toString(args));
-        indify.Indify.main(args);
-    }
-
     private static PrintStream oldOut;
     private static ByteArrayOutputStream buf;
     private static void openBuf() {
--- a/test/java/lang/invoke/MethodHandlesTest.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/java/lang/invoke/MethodHandlesTest.java	Fri Jan 27 16:48:41 2012 -0800
@@ -2234,7 +2234,7 @@
     static void runForRunnable() {
         called("runForRunnable");
     }
-    private interface Fooable {
+    public interface Fooable {
         Object foo(Fooable x, Object y);
         // this is for randomArg:
         public class Impl implements Fooable {
@@ -2249,9 +2249,9 @@
     static Object fooForFooable(Fooable x, Object y) {
         return called("fooForFooable", x, y);
     }
-    private static class MyCheckedException extends Exception {
+    public static class MyCheckedException extends Exception {
     }
-    private interface WillThrow {
+    public interface WillThrow {
         void willThrow() throws MyCheckedException;
     }
 
@@ -2300,8 +2300,11 @@
                     assertSame("must pass declared exception out without wrapping", ex, ex1);
                 } else {
                     assertNotSame("must pass undeclared checked exception with wrapping", ex, ex1);
+                    if (!(ex1 instanceof UndeclaredThrowableException) || ex1.getCause() != ex) {
+                        ex1.printStackTrace();
+                    }
+                    assertSame(ex, ex1.getCause());
                     UndeclaredThrowableException utex = (UndeclaredThrowableException) ex1;
-                    assertSame(ex, utex.getCause());
                 }
             }
         }
@@ -2380,8 +2383,7 @@
     public static MethodHandle varargsArray(int nargs) {
         if (nargs < ARRAYS.length)
             return ARRAYS[nargs];
-        // else need to spin bytecode or do something else fancy
-        throw new UnsupportedOperationException("NYI: cannot form a varargs array of length "+nargs);
+        return MethodHandles.identity(Object[].class).asCollector(Object[].class, nargs);
     }
     public static MethodHandle varargsArray(Class<?> arrayType, int nargs) {
         Class<?> elemType = arrayType.getComponentType();
@@ -2463,6 +2465,12 @@
         return lists.toArray(new MethodHandle[0]);
     }
     static final MethodHandle[] LISTS = makeLists();
+    static final MethodHandle AS_LIST;
+    static {
+        try {
+            AS_LIST = IMPL_LOOKUP.findStatic(Arrays.class, "asList", MethodType.methodType(List.class, Object[].class));
+        } catch (Exception ex) { throw new RuntimeException(ex); }
+    }
 
     /** Return a method handle that takes the indicated number of Object
      *  arguments and returns List.
@@ -2470,8 +2478,7 @@
     public static MethodHandle varargsList(int nargs) {
         if (nargs < LISTS.length)
             return LISTS[nargs];
-        // else need to spin bytecode or do something else fancy
-        throw new UnsupportedOperationException("NYI");
+        return AS_LIST.asCollector(Object[].class, nargs);
     }
 }
 // This guy tests access from outside the same package member, but inside
--- a/test/java/security/Provider/DefaultPKCS11.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/java/security/Provider/DefaultPKCS11.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -57,7 +57,10 @@
             System.out.println("Test only applies to Solaris 10 and later, skipping");
             return;
         }
-        if (ps[0].getName().equals("SunPKCS11-Solaris") == false) {
+        // SunPKCS11-Solaris provider should be either the first one or
+        // the second one
+        if (ps[0].getName().equals("SunPKCS11-Solaris") == false &&
+            ps[1].getName().equals("SunPKCS11-Solaris") == false) {
             throw new Exception("SunPKCS11-Solaris provider not installed");
         }
         System.out.println("OK");
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/util/Calendar/Bug7017458.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,125 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7017458
+ * @summary Test of multithreaded serialization/deserialization of Calendar.
+ */
+
+import java.io.*;
+import java.util.Calendar;
+
+public class Bug7017458 {
+
+    static volatile boolean err = false;
+
+    public static void main(String[] args) {
+        try {
+            new Bug7017458().perform();
+        }
+        catch (Exception e) {
+            e.printStackTrace();
+            err = true;
+        }
+
+        if (err) {
+            throw new RuntimeException("Multithreaded serialization/deserialization test failed.");
+        } else {
+            System.out.println("Multithreaded serialization/deserialization test passed.");
+        }
+    }
+
+    public void perform() throws Exception {
+        int nbThreads = 8;
+        Calendar cal = Calendar.getInstance();
+        SerializationThread[] threads = new SerializationThread[nbThreads];
+        for (int i = 0; i < nbThreads; i++) {
+            threads[i] = new SerializationThread(cal);
+        }
+        for (int i = 0; i < nbThreads; i++) {
+            threads[i].start();
+        }
+        for (int i = 0; i < nbThreads; i++) {
+            threads[i].join();
+        }
+
+        DeserializationThread[] threads2 = new DeserializationThread[nbThreads];
+        for (int i = 0; i < nbThreads; i++) {
+            threads2[i] = new DeserializationThread(threads[i].data);
+        }
+        for (int i = 0; i < nbThreads; i++) {
+            threads2[i].start();
+        }
+        for (int i = 0; i < nbThreads; i++) {
+            threads2[i].join();
+        }
+    }
+
+    public class SerializationThread extends Thread {
+        private Calendar cal;
+        public byte[] data;
+
+        public SerializationThread(Calendar cal) {
+            this.cal = cal;
+        }
+
+        public void run() {
+            try {
+                ByteArrayOutputStream baos = new ByteArrayOutputStream();
+                ObjectOutputStream oos = new ObjectOutputStream(baos);
+                oos.writeObject(cal);
+                oos.flush();
+                oos.close();
+                data = baos.toByteArray();
+                }
+            catch (Exception e) {
+                e.printStackTrace();
+                err = true;
+            }
+        }
+    }
+
+    public class DeserializationThread extends Thread {
+        public Calendar cal;
+        public byte[] data;
+
+        public DeserializationThread(byte[] data) {
+            this.data = data;
+        }
+
+        public void run() {
+            try {
+                ByteArrayInputStream bais = new ByteArrayInputStream(data);
+                ObjectInputStream ois = new ObjectInputStream(bais);
+                cal = (Calendar) ois.readObject();
+                ois.close();
+            }
+            catch (Exception e) {
+                e.printStackTrace();
+                err = true;
+            }
+        }
+    }
+}
+
--- a/test/javax/crypto/Cipher/GetMaxAllowed.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/javax/crypto/Cipher/GetMaxAllowed.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 4807942
+ * @bug 4807942 7033170
  * @summary Test the Cipher.getMaxAllowedKeyLength(String) and
  * getMaxAllowedParameterSpec(String) methods
  * @author Valerie Peng
@@ -40,7 +40,7 @@
 
 public class GetMaxAllowed {
 
-    private static void runTest(boolean isUnlimited) throws Exception {
+    private static void runTest1(boolean isUnlimited) throws Exception {
         System.out.println("Testing " + (isUnlimited? "un":"") +
                            "limited policy...");
 
@@ -78,6 +78,20 @@
         System.out.println("All tests passed");
     }
 
+    private static void runTest2() throws Exception {
+        System.out.println("Testing against Security.getAlgorithms()");
+
+        Set<String> algorithms = Security.getAlgorithms("Cipher");
+
+        for (String algorithm: algorithms) {
+            int keylength = -1;
+
+            // if 7033170 is not fixed, NoSuchAlgorithmException is thrown
+            keylength = Cipher.getMaxAllowedKeyLength(algorithm);
+
+        }
+    }
+
     public static void main(String[] args) throws Exception {
         // decide if the installed jurisdiction policy file is the
         // unlimited version
@@ -88,6 +102,9 @@
         } catch (InvalidKeyException ike) {
             isUnlimited = false;
         }
-        runTest(isUnlimited);
+        runTest1(isUnlimited);
+
+        // test using the set of algorithms returned by Security.getAlgorithms()
+        runTest2();
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/swing/JTabbedPane/7010561/bug7010561.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import javax.swing.*;
+import javax.swing.plaf.basic.BasicTabbedPaneUI;
+import javax.swing.plaf.synth.SynthLookAndFeel;
+import java.lang.reflect.Method;
+
+/* @test
+   @bug 7010561
+   @summary Tab text position with Synth based LaF is different to Java 5/6
+   @author Pavel Porvatov
+*/
+public class bug7010561 {
+    private static int[] TAB_PLACEMENT = {
+            SwingConstants.BOTTOM,
+            SwingConstants.BOTTOM,
+            SwingConstants.TOP,
+            SwingConstants.TOP,
+
+    };
+
+    private static boolean[] IS_SELECTED = {
+            false,
+            true,
+            false,
+            true
+    };
+
+    private static int[] RETURN_VALUE = {
+            -1,
+            1,
+            1,
+            -1
+    };
+
+    public static void main(String[] args) throws Exception {
+        UIManager.setLookAndFeel(new SynthLookAndFeel());
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+            @Override
+            public void run() {
+                JTabbedPane tabbedPane = new JTabbedPane();
+
+                tabbedPane.addTab("Tab 1", new JLabel("Tab 1"));
+
+                // Ensure internal TabbedPane fields are initialized
+                tabbedPane.doLayout();
+
+                BasicTabbedPaneUI basicTabbedPaneUI = (BasicTabbedPaneUI) tabbedPane.getUI();
+
+                try {
+                    Method method = BasicTabbedPaneUI.class.getDeclaredMethod("getTabLabelShiftY", int.class,
+                            int.class, boolean.class);
+
+                    method.setAccessible(true);
+
+                    for (int i = 0; i < 4; i++) {
+                        int res = ((Integer) method.invoke(basicTabbedPaneUI, TAB_PLACEMENT[i], 0,
+                                IS_SELECTED[i])).intValue();
+
+                        if (res != RETURN_VALUE[i]) {
+                            throw new RuntimeException("Test bug7010561 failed on index " + i);
+                        }
+                    }
+                } catch (Exception e) {
+                    throw new RuntimeException(e);
+                }
+
+                System.out.println("Test bug7010561 passed");
+            }
+        });
+    }
+}
--- a/test/javax/xml/crypto/dsig/KeySelectors.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/javax/xml/crypto/dsig/KeySelectors.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -22,7 +22,9 @@
  */
 
 import java.io.*;
-import java.security.*;
+import java.security.Key;
+import java.security.KeyException;
+import java.security.PublicKey;
 import java.security.cert.*;
 import java.util.*;
 import javax.crypto.SecretKey;
@@ -76,7 +78,7 @@
                 }
 
                 public byte[] getEncoded() {
-                    return (byte[]) bytes.clone();
+                    return bytes.clone();
                 }
             };
         }
@@ -196,9 +198,9 @@
      * matching public key.
      */
     static class CollectionKeySelector extends KeySelector {
-        private CertificateFactory certFac;
+        private CertificateFactory cf;
         private File certDir;
-        private Vector certs;
+        private Vector<X509Certificate> certs;
         private static final int MATCH_SUBJECT = 0;
         private static final int MATCH_ISSUER = 1;
         private static final int MATCH_SERIAL = 2;
@@ -208,24 +210,24 @@
         CollectionKeySelector(File dir) {
             certDir = dir;
             try {
-                certFac = CertificateFactory.getInstance("X509");
+                cf = CertificateFactory.getInstance("X509");
             } catch (CertificateException ex) {
                 // not going to happen
             }
-            certs = new Vector();
+            certs = new Vector<X509Certificate>();
             File[] files = new File(certDir, "certs").listFiles();
             for (int i = 0; i < files.length; i++) {
-                try {
-                    certs.add(certFac.generateCertificate
-                              (new FileInputStream(files[i])));
+                try (FileInputStream fis = new FileInputStream(files[i])) {
+                    certs.add((X509Certificate)cf.generateCertificate(fis));
                 } catch (Exception ex) { }
             }
         }
 
-        Vector match(int matchType, Object value, Vector pool) {
-            Vector matchResult = new Vector();
+        Vector<X509Certificate> match(int matchType, Object value,
+                                      Vector<X509Certificate> pool) {
+            Vector<X509Certificate> matchResult = new Vector<>();
             for (int j=0; j < pool.size(); j++) {
-                X509Certificate c = (X509Certificate) pool.get(j);
+                X509Certificate c = pool.get(j);
                 switch (matchType) {
                 case MATCH_SUBJECT:
                     try {
@@ -286,19 +288,18 @@
                     if (xmlStructure instanceof KeyName) {
                         String name = ((KeyName)xmlStructure).getName();
                         PublicKey pk = null;
-                        try {
+                        File certFile = new File(new File(certDir, "certs"),
+                                                 name.toLowerCase() + ".crt");
+                        try (FileInputStream fis = new FileInputStream(certFile)) {
                             // Lookup the public key using the key name 'Xxx',
                             // i.e. the public key is in "certs/xxx.crt".
-                            File certFile = new File(new File(certDir, "certs"),
-                                name.toLowerCase()+".crt");
                             X509Certificate cert = (X509Certificate)
-                                certFac.generateCertificate
-                                (new FileInputStream(certFile));
+                                cf.generateCertificate(fis);
                             pk = cert.getPublicKey();
                         } catch (FileNotFoundException e) {
                             // assume KeyName contains subject DN and search
                             // collection of certs for match
-                            Vector result =
+                            Vector<X509Certificate> result =
                                 match(MATCH_SUBJECT, name, certs);
                             int numOfMatches = (result==null? 0:result.size());
                             if (numOfMatches != 1) {
@@ -306,7 +307,7 @@
                                     ((numOfMatches==0?"No":"More than one") +
                                      " match found");
                             }
-                            pk =((X509Certificate)result.get(0)).getPublicKey();
+                            pk = result.get(0).getPublicKey();
                         }
                         return new SimpleKSResult(pk);
                     } else if (xmlStructure instanceof RetrievalMethod) {
@@ -316,10 +317,12 @@
                         String type = rm.getType();
                         if (type.equals(X509Data.RAW_X509_CERTIFICATE_TYPE)) {
                             String uri = rm.getURI();
-                            X509Certificate cert = (X509Certificate)
-                                certFac.generateCertificate
-                                (new FileInputStream(new File(certDir, uri)));
-                            return new SimpleKSResult(cert.getPublicKey());
+                            try (FileInputStream fis =
+                                 new FileInputStream(new File(certDir, uri))) {
+                                X509Certificate cert = (X509Certificate)
+                                    cf.generateCertificate(fis);
+                                return new SimpleKSResult(cert.getPublicKey());
+                            }
                         } else {
                             throw new KeySelectorException
                                 ("Unsupported RetrievalMethod type");
@@ -327,7 +330,7 @@
                     } else if (xmlStructure instanceof X509Data) {
                         List content = ((X509Data)xmlStructure).getContent();
                         int size = content.size();
-                        Vector result = null;
+                        Vector<X509Certificate> result = null;
                         // Lookup the public key using the information
                         // specified in X509Data element, i.e. searching
                         // over the collection of certificate files under
@@ -357,8 +360,7 @@
                                 ((numOfMatches==0?"No":"More than one") +
                                  " match found");
                         }
-                        return new SimpleKSResult(((X509Certificate)
-                                          result.get(0)).getPublicKey());
+                        return new SimpleKSResult(result.get(0).getPublicKey());
                     }
                 } catch (Exception ex) {
                     throw new KeySelectorException(ex);
--- a/test/javax/xml/crypto/dsig/ValidationTests.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/javax/xml/crypto/dsig/ValidationTests.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 4635230 6365103 6366054 6824440
+ * @bug 4635230 6365103 6366054 6824440 7131084
  * @summary Basic unit tests for validating XML Signatures with JSR 105
  * @compile -XDignore.symbol.file KeySelectors.java SignatureValidator.java
  *     X509KeySelector.java ValidationTests.java
@@ -43,10 +43,6 @@
 import javax.xml.crypto.dsig.XMLSignatureException;
 import javax.xml.crypto.dsig.XMLSignatureFactory;
 
-/**
- * This is a testcase to validate all "merlin-xmldsig-twenty-three"
- * testcases from Baltimore
- */
 public class ValidationTests {
 
     private static SignatureValidator validator;
@@ -61,25 +57,14 @@
     private final static String STYLESHEET_B64 =
         "http://www.w3.org/Signature/2002/04/xml-stylesheet.b64";
 
-    private final static String[] FILES = {
-        "signature-enveloped-dsa.xml",
-        "signature-enveloping-b64-dsa.xml",
-        "signature-enveloping-dsa.xml",
-        "signature-enveloping-rsa.xml",
-        "signature-enveloping-hmac-sha1.xml",
-        "signature-external-dsa.xml",
-        "signature-external-b64-dsa.xml",
-        "signature-retrievalmethod-rawx509crt.xml",
-        "signature-keyname.xml",
-        "signature-x509-crt-crl.xml",
-        "signature-x509-crt.xml",
-        "signature-x509-is.xml",
-        "signature-x509-ski.xml",
-        "signature-x509-sn.xml",
-//      "signature.xml",
-        "exc-signature.xml",
-        "sign-spec.xml"
-    };
+    static class Test {
+        String file;
+        KeySelector ks;
+        Test(String file, KeySelector ks) {
+            this.file = file;
+            this.ks = ks;
+        }
+    }
 
     static KeySelector skks;
     static {
@@ -98,26 +83,34 @@
     private final static KeySelector RXKS =
         new KeySelectors.RawX509KeySelector();
     private final static KeySelector XKS = null;
-    private final static KeySelector[] KEY_SELECTORS = {
-        KVKS,
-        KVKS,
-        KVKS,
-        KVKS,
-        SKKS,
-        KVKS,
-        KVKS,
-        CKS,
-        CKS,
-        RXKS,
-        RXKS,
-        CKS,
-        CKS,
-        CKS,
-//        XKS,
-        KVKS,
-        RXKS
+    private static URIDereferencer httpUd = null;
+
+    private final static Test[] VALID_TESTS = {
+        new Test("signature-enveloped-dsa.xml", KVKS),
+        new Test("signature-enveloping-b64-dsa.xml", KVKS),
+        new Test("signature-enveloping-dsa.xml", KVKS),
+        new Test("signature-enveloping-rsa.xml", KVKS),
+        new Test("signature-enveloping-hmac-sha1.xml", SKKS),
+        new Test("signature-external-dsa.xml", KVKS),
+        new Test("signature-external-b64-dsa.xml", KVKS),
+        new Test("signature-retrievalmethod-rawx509crt.xml", CKS),
+        new Test("signature-keyname.xml", CKS),
+        new Test("signature-x509-crt-crl.xml", RXKS),
+        new Test("signature-x509-crt.xml", RXKS),
+        new Test("signature-x509-is.xml", CKS),
+        new Test("signature-x509-ski.xml", CKS),
+        new Test("signature-x509-sn.xml", CKS),
+        new Test("signature.xml", XKS),
+        new Test("exc-signature.xml", KVKS),
+        new Test("sign-spec.xml", RXKS),
+        new Test("xmldsig-xfilter2.xml", KVKS)
     };
-    private static URIDereferencer httpUd = null;
+
+    private final static Test[] INVALID_TESTS = {
+        new Test("signature-enveloping-hmac-sha1-40.xml", SKKS),
+        new Test("signature-enveloping-hmac-sha1-trunclen-0-attack.xml", SKKS),
+        new Test("signature-enveloping-hmac-sha1-trunclen-8-attack.xml", SKKS)
+    };
 
     public static void main(String args[]) throws Exception {
         httpUd = new HttpURIDereferencer();
@@ -125,9 +118,9 @@
         validator = new SignatureValidator(new File(DATA_DIR));
 
         boolean atLeastOneFailed = false;
-        for (int i=0; i < FILES.length; i++) {
-            System.out.println("Validating " + FILES[i]);
-            if (test_signature(FILES[i], KEY_SELECTORS[i])) {
+        for (Test test : VALID_TESTS) {
+            System.out.println("Validating " + test.file);
+            if (test_signature(test)) {
                 System.out.println("PASSED");
             } else {
                 System.out.println("FAILED");
@@ -136,41 +129,23 @@
         }
         // test with reference caching enabled
         System.out.println("Validating sign-spec.xml with caching enabled");
-        if (test_signature("sign-spec.xml", RXKS, true)) {
+        if (test_signature(new Test("sign-spec.xml", RXKS), true)) {
             System.out.println("PASSED");
         } else {
             System.out.println("FAILED");
             atLeastOneFailed = true;
         }
 
-        System.out.println("Validating signature-enveloping-hmac-sha1-40.xml");
-        try {
-            test_signature("signature-enveloping-hmac-sha1-40.xml", SKKS, false);
-            System.out.println("FAILED");
-            atLeastOneFailed = true;
-        } catch (XMLSignatureException xse) {
-            System.out.println(xse.getMessage());
-            System.out.println("PASSED");
-        }
-
-        System.out.println("Validating signature-enveloping-hmac-sha1-trunclen-0-attack.xml");
-        try {
-            test_signature("signature-enveloping-hmac-sha1-trunclen-0-attack.xml", SKKS, false);
-            System.out.println("FAILED");
-            atLeastOneFailed = true;
-        } catch (XMLSignatureException xse) {
-            System.out.println(xse.getMessage());
-            System.out.println("PASSED");
-        }
-
-        System.out.println("Validating signature-enveloping-hmac-sha1-trunclen-8-attack.xml");
-        try {
-            test_signature("signature-enveloping-hmac-sha1-trunclen-8-attack.xml", SKKS, false);
-            System.out.println("FAILED");
-            atLeastOneFailed = true;
-        } catch (XMLSignatureException xse) {
-            System.out.println(xse.getMessage());
-            System.out.println("PASSED");
+        for (Test test : INVALID_TESTS) {
+            System.out.println("Validating " + test.file);
+            try {
+                test_signature(test);
+                System.out.println("FAILED");
+                atLeastOneFailed = true;
+            } catch (XMLSignatureException xse) {
+                System.out.println(xse.getMessage());
+                System.out.println("PASSED");
+            }
         }
 
         if (atLeastOneFailed) {
@@ -179,20 +154,21 @@
         }
     }
 
-    public static boolean test_signature(String file, KeySelector ks)
-        throws Exception {
-        return test_signature(file, ks, false);
+    public static boolean test_signature(Test test) throws Exception {
+        return test_signature(test, false);
     }
 
-    public static boolean test_signature(String file, KeySelector ks,
-        boolean cache) throws Exception {
-        if (ks == null) {
+    public static boolean test_signature(Test test, boolean cache)
+        throws Exception
+    {
+        if (test.ks == null) {
             KeyStore keystore = KeyStore.getInstance("JKS");
-            keystore.load
-                (new FileInputStream(KEYSTORE), "changeit".toCharArray());
-            ks = new X509KeySelector(keystore, false);
+            try (FileInputStream fis = new FileInputStream(KEYSTORE)) {
+                keystore.load(fis, "changeit".toCharArray());
+                test.ks = new X509KeySelector(keystore, false);
+            }
         }
-        return validator.validate(file, ks, httpUd, cache);
+        return validator.validate(test.file, test.ks, httpUd, cache);
     }
 
     /**
--- a/test/javax/xml/crypto/dsig/X509KeySelector.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/javax/xml/crypto/dsig/X509KeySelector.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -205,9 +205,9 @@
      */
     private KeySelectorResult keyStoreSelect(CertSelector cs)
         throws KeyStoreException {
-        Enumeration aliases = ks.aliases();
+        Enumeration<String> aliases = ks.aliases();
         while (aliases.hasMoreElements()) {
-            String alias = (String) aliases.nextElement();
+            String alias = aliases.nextElement();
             Certificate cert = ks.getCertificate(alias);
             if (cert != null && cs.match(cert)) {
                 return new SimpleKeySelectorResult(cert.getPublicKey());
@@ -301,7 +301,7 @@
         } catch (IOException ioe) {
             throw new KeySelectorException(ioe);
         }
-        Collection certs = new ArrayList();
+        Collection<X509Certificate> certs = new ArrayList<>();
 
         Iterator xi = xd.getContent().iterator();
         while (xi.hasNext()) {
@@ -345,7 +345,7 @@
                 System.arraycopy(ski, 0, encodedSki, 2, ski.length);
                 subjectcs.setSubjectKeyIdentifier(encodedSki);
             } else if (o instanceof X509Certificate) {
-                certs.add((X509Certificate) o);
+                certs.add((X509Certificate)o);
             // check X509CRL
             // not supported: should use CertPath API
             } else {
@@ -359,9 +359,7 @@
         }
         if (!certs.isEmpty() && !trusted) {
             // try to find public key in certs in X509Data
-            Iterator i = certs.iterator();
-            while (i.hasNext()) {
-                X509Certificate cert = (X509Certificate) i.next();
+            for (X509Certificate cert : certs) {
                 if (subjectcs.match(cert)) {
                     return new SimpleKeySelectorResult(cert.getPublicKey());
                 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/xml/crypto/dsig/data/xmldsig-xfilter2.xml	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?><Document><ToBeSigned><!-- comment --><Data/><NotToBeSigned><ReallyToBeSigned><!-- comment --><Data/></ReallyToBeSigned></NotToBeSigned></ToBeSigned><ToBeSigned><Data/><NotToBeSigned><Data/></NotToBeSigned></ToBeSigned><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/><Reference URI=""><Transforms><Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><XPath xmlns="http://www.w3.org/2002/06/xmldsig-filter2" Filter="intersect"> //FooBar </XPath><XPath xmlns="http://www.w3.org/2002/06/xmldsig-filter2" Filter="subtract"> //NotToBeSigned </XPath><XPath xmlns="http://www.w3.org/2002/06/xmldsig-filter2" Filter="union"> //ReallyToBeSigned </XPath></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>6S7pEM13ZCDvVUbP9XB8iRWFbAI=</DigestValue></Reference><Reference URI="#signature-value"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><XPath xmlns="http://www.w3.org/2002/06/xmldsig-filter2" Filter="union"> / </XPath></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>2jmj7l5rSw0yVb/vlWAYkK/YBwk=</DigestValue></Reference></SignedInfo><SignatureValue Id="signature-value">cJBwfPGWSI9CiuFinTvWJLbF8bGVK5SRB/N/NjCM5IMxakBjra+KSg==</SignatureValue><KeyInfo><KeyValue><DSAKeyValue><P>/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuA
+HTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
+K2HXKu/yIgMZndFIAcc=</P><Q>l2BQjxUjC8yykrmCouuEC/BYHPU=</Q><G>9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3
+zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKL
+Zl6Ae1UlZAFMO/7PSSo=</G><Y>5LRac3QkDCDOPaeNF5dJQ2r0hgIWZomZV7Z9pHrRqMoepJD5xnJpJY7aA4eUSS+AHS1qOm5I6VTZ
+68hsOdPZCDFF/DiR38BzTxi4ZD0PhtmOjBh32lSNG1nhEq6e9RsyzhUw5FVYHAPnCx2bX4/8Rz8i
+EMuG0IcCiAbbzsCfGBw=</Y></DSAKeyValue></KeyValue></KeyInfo></Signature></Document>
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/net/www/http/HttpClient/CookieHttpClientTest.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,112 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7129083
+ * @summary Cookiemanager does not store cookies if url is read
+ *          before setting cookiemanager
+ */
+
+import java.net.CookieHandler;
+import java.net.CookieManager;
+import java.net.CookiePolicy;
+import java.net.ServerSocket;
+import java.net.Socket;
+import java.net.URL;
+import java.io.InputStream;
+import java.io.IOException;
+
+public class CookieHttpClientTest implements Runnable {
+    final ServerSocket ss;
+    static final int TIMEOUT = 10 * 1000;
+
+    static final String replyString = "HTTP/1.1 200 OK\r\n" +
+            "Set-Cookie: name=test\r\n" +
+            "Content-Length: 10\r\n\r\n" +
+            "1234567890";
+
+    // HTTP server, reply with Set-Cookie
+    @Override
+    public void run() {
+        Socket s = null;
+        try {
+            s = ss.accept();
+            s.setSoTimeout(TIMEOUT);
+            readOneRequest(s.getInputStream());
+            s.getOutputStream().write(replyString.getBytes());
+
+            readOneRequest(s.getInputStream());
+            s.getOutputStream().write(replyString.getBytes());
+        } catch (Exception e) {
+            e.printStackTrace();
+        } finally {
+            try { if (s != null) { s.close(); } ss.close(); }
+            catch (IOException unused) {  /* gulp!burp! */   }
+        }
+    }
+
+    static final byte[] requestEnd = new byte[] {'\r', '\n', '\r', '\n' };
+
+    // Read until the end of a HTTP request
+    static void readOneRequest(InputStream is) throws IOException {
+        int requestEndCount = 0, r;
+        while ((r = is.read()) != -1) {
+            if (r == requestEnd[requestEndCount]) {
+                requestEndCount++;
+                if (requestEndCount == 4) {
+                    break;
+                }
+            } else {
+                requestEndCount = 0;
+            }
+        }
+    }
+
+    CookieHttpClientTest() throws Exception {
+        /* start the server */
+        ss = new ServerSocket(0);
+        (new Thread(this)).start();
+
+        URL url = new URL("http://localhost:" + ss.getLocalPort() +"/");
+
+        // Run without a CookieHandler first
+        InputStream in = url.openConnection().getInputStream();
+        while (in.read() != -1);  // read response body so connection can be reused
+
+        // Set a CookeHandler and retest using the HttpClient from the KAC
+        CookieManager manager = new CookieManager(null, CookiePolicy.ACCEPT_ALL);
+        CookieHandler.setDefault(manager);
+
+        in = url.openConnection().getInputStream();
+        while (in.read() != -1);
+
+        if (manager.getCookieStore().getCookies().isEmpty()) {
+            throw new RuntimeException("Failed: No cookies in the cookie Handler.");
+        }
+    }
+
+    public static void main(String args[]) throws Exception {
+        new CookieHttpClientTest();
+    }
+}
--- a/test/sun/security/krb5/auto/Context.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/sun/security/krb5/auto/Context.java	Fri Jan 27 16:48:41 2012 -0800
@@ -76,7 +76,6 @@
 
     private Subject s;
     private ExtendedGSSContext x;
-    private boolean f;      // context established?
     private String name;
     private GSSCredential cred;     // see static method delegated().
 
@@ -194,7 +193,6 @@
                 return null;
             }
         }, null);
-        f = false;
     }
 
     /**
@@ -228,7 +226,6 @@
                 return null;
             }
         }, null);
-        f = false;
     }
 
     /**
@@ -502,6 +499,29 @@
         return sb.toString();
     }
 
+    public byte[] take(final byte[] in) throws Exception {
+        return doAs(new Action() {
+            @Override
+            public byte[] run(Context me, byte[] input) throws Exception {
+                if (me.x.isEstablished()) {
+                    System.out.println(name + " side established");
+                    if (input != null) {
+                        throw new Exception("Context established but " +
+                                "still receive token at " + name);
+                    }
+                    return null;
+                } else {
+                    System.out.println(name + " call initSecContext");
+                    if (me.x.isInitiator()) {
+                        return me.x.initSecContext(input, 0, input.length);
+                    } else {
+                        return me.x.acceptSecContext(input, 0, input.length);
+                    }
+                }
+            }
+        }, in);
+    }
+
     /**
      * Handshake (security context establishment process) between two Contexts
      * @param c the initiator
@@ -510,54 +530,9 @@
      */
     static public void handshake(final Context c, final Context s) throws Exception {
         byte[] t = new byte[0];
-        while (!c.f || !s.f) {
-            t = c.doAs(new Action() {
-                @Override
-                public byte[] run(Context me, byte[] input) throws Exception {
-                    if (me.x.isEstablished()) {
-                        me.f = true;
-                        System.out.println(c.name + " side established");
-                        if (input != null) {
-                            throw new Exception("Context established but " +
-                                    "still receive token at " + c.name);
-                        }
-                        return null;
-                    } else {
-                        System.out.println(c.name + " call initSecContext");
-                        if (usingStream) {
-                            ByteArrayOutputStream os = new ByteArrayOutputStream();
-                            me.x.initSecContext(new ByteArrayInputStream(input), os);
-                            return os.size() == 0 ? null : os.toByteArray();
-                        } else {
-                            return me.x.initSecContext(input, 0, input.length);
-                        }
-                    }
-                }
-            }, t);
-
-            t = s.doAs(new Action() {
-                @Override
-                public byte[] run(Context me, byte[] input) throws Exception {
-                    if (me.x.isEstablished()) {
-                        me.f = true;
-                        System.out.println(s.name + " side established");
-                        if (input != null) {
-                            throw new Exception("Context established but " +
-                                    "still receive token at " + s.name);
-                        }
-                        return null;
-                    } else {
-                        System.out.println(s.name + " called acceptSecContext");
-                        if (usingStream) {
-                            ByteArrayOutputStream os = new ByteArrayOutputStream();
-                            me.x.acceptSecContext(new ByteArrayInputStream(input), os);
-                            return os.size() == 0 ? null : os.toByteArray();
-                        } else {
-                            return me.x.acceptSecContext(input, 0, input.length);
-                        }
-                    }
-                }
-            }, t);
+        while (!c.x.isEstablished() || !s.x.isEstablished()) {
+            t = c.take(t);
+            t = s.take(t);
         }
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/krb5/auto/ReplayCache.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2012 Sun Microsystems, Inc.  All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 7118809
+ * @run main/othervm ReplayCache
+ * @summary rcache deadlock
+ */
+
+import org.ietf.jgss.GSSException;
+import sun.security.jgss.GSSUtil;
+import sun.security.krb5.KrbException;
+import sun.security.krb5.internal.Krb5;
+
+public class ReplayCache {
+
+    public static void main(String[] args)
+            throws Exception {
+
+        new OneKDC(null).writeJAASConf();
+
+        Context c, s;
+        c = Context.fromJAAS("client");
+        s = Context.fromJAAS("server");
+
+        c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);
+        s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
+
+        byte[] first = c.take(new byte[0]);
+        s.take(first);
+
+        s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
+        try {
+            s.take(first);  // Replay the last token sent
+            throw new Exception("This method should fail");
+        } catch (GSSException gsse) {
+            KrbException ke = (KrbException)gsse.getCause();
+            if (ke.returnCode() != Krb5.KRB_AP_ERR_REPEAT) {
+                throw gsse;
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/ShortRSAKey1024.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+
+# @test
+# @bug 7106773
+# @summary 512 bits RSA key cannot work with SHA384 and SHA512
+# @run shell ShortRSAKey1024.sh
+
+# set a few environment variables so that the shell-script can run stand-alone
+# in the source directory
+if [ "${TESTSRC}" = "" ] ; then
+   TESTSRC="."
+fi
+
+if [ "${TESTCLASSES}" = "" ] ; then
+   TESTCLASSES="."
+fi
+
+if [ "${TESTJAVA}" = "" ] ; then
+   echo "TESTJAVA not set.  Test cannot execute."
+   echo "FAILED!!!"
+   exit 1
+fi
+
+OS=`uname -s`
+case "$OS" in
+    Windows* | CYGWIN* )
+
+        echo "Creating a temporary RSA keypair in the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -genkeypair \
+            -storetype Windows-My \
+            -keyalg RSA \
+            -alias 7106773.1024 \
+            -keysize 1024 \
+            -dname "cn=localhost,c=US" \
+            -noprompt
+
+        echo
+        echo "Running the test..."
+        ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\ShortRSAKeyWithinTLS.java
+        ${TESTJAVA}/bin/java ShortRSAKeyWithinTLS 7106773.1024 1024 \
+            TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+
+        rc=$?
+
+        echo
+        echo "Removing the temporary RSA keypair from the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -delete \
+            -storetype Windows-My \
+            -alias 7106773.1024
+
+        echo done.
+        exit $rc
+        ;;
+
+    * )
+        echo "This test is not intended for '$OS' - passing test"
+        exit 0
+        ;;
+esac
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/ShortRSAKey512.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,86 @@
+#!/bin/sh
+
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+
+# @test
+# @bug 7106773
+# @summary 512 bits RSA key cannot work with SHA384 and SHA512
+# @run shell ShortRSAKey512.sh
+
+# set a few environment variables so that the shell-script can run stand-alone
+# in the source directory
+if [ "${TESTSRC}" = "" ] ; then
+   TESTSRC="."
+fi
+
+if [ "${TESTCLASSES}" = "" ] ; then
+   TESTCLASSES="."
+fi
+
+if [ "${TESTJAVA}" = "" ] ; then
+   echo "TESTJAVA not set.  Test cannot execute."
+   echo "FAILED!!!"
+   exit 1
+fi
+
+OS=`uname -s`
+case "$OS" in
+    Windows* | CYGWIN* )
+
+        echo "Creating a temporary RSA keypair in the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -genkeypair \
+            -storetype Windows-My \
+            -keyalg RSA \
+            -alias 7106773.512 \
+            -keysize 512 \
+            -dname "cn=localhost,c=US" \
+            -noprompt
+
+        echo
+        echo "Running the test..."
+        ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\ShortRSAKeyWithinTLS.java
+        ${TESTJAVA}/bin/java ShortRSAKeyWithinTLS 7106773.512 512 \
+            TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+
+
+        rc=$?
+
+        echo
+        echo "Removing the temporary RSA keypair from the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -delete \
+            -storetype Windows-My \
+            -alias 7106773.512
+
+        echo done.
+        exit $rc
+        ;;
+
+    * )
+        echo "This test is not intended for '$OS' - passing test"
+        exit 0
+        ;;
+esac
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/ShortRSAKey768.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+
+# @test
+# @bug 7106773
+# @summary 512 bits RSA key cannot work with SHA384 and SHA512
+# @run shell ShortRSAKey768.sh
+
+# set a few environment variables so that the shell-script can run stand-alone
+# in the source directory
+if [ "${TESTSRC}" = "" ] ; then
+   TESTSRC="."
+fi
+
+if [ "${TESTCLASSES}" = "" ] ; then
+   TESTCLASSES="."
+fi
+
+if [ "${TESTJAVA}" = "" ] ; then
+   echo "TESTJAVA not set.  Test cannot execute."
+   echo "FAILED!!!"
+   exit 1
+fi
+
+OS=`uname -s`
+case "$OS" in
+    Windows* | CYGWIN* )
+
+        echo "Creating a temporary RSA keypair in the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -genkeypair \
+            -storetype Windows-My \
+            -keyalg RSA \
+            -alias 7106773.768 \
+            -keysize 768 \
+            -dname "cn=localhost,c=US" \
+            -noprompt
+
+        echo
+        echo "Running the test..."
+        ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\ShortRSAKeyWithinTLS.java
+        ${TESTJAVA}/bin/java ShortRSAKeyWithinTLS 7106773.768 768 \
+            TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+
+        rc=$?
+
+        echo
+        echo "Removing the temporary RSA keypair from the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -delete \
+            -storetype Windows-My \
+            -alias 7106773.768
+
+        echo done.
+        exit $rc
+        ;;
+
+    * )
+        echo "This test is not intended for '$OS' - passing test"
+        exit 0
+        ;;
+esac
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/ShortRSAKeyWithinTLS.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,355 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.*;
+import java.net.*;
+import java.util.*;
+import java.security.*;
+import javax.net.*;
+import javax.net.ssl.*;
+import java.lang.reflect.*;
+
+import sun.security.util.KeyLength;
+
+public class ShortRSAKeyWithinTLS {
+
+    /*
+     * =============================================================
+     * Set the various variables needed for the tests, then
+     * specify what tests to run on each side.
+     */
+
+    /*
+     * Should we run the client or server in a separate thread?
+     * Both sides can throw exceptions, but do you have a preference
+     * as to which side should be the main thread.
+     */
+    static boolean separateServerThread = false;
+
+    /*
+     * Is the server ready to serve?
+     */
+    volatile static boolean serverReady = false;
+
+    /*
+     * Turn on SSL debugging?
+     */
+    static boolean debug = false;
+
+    /*
+     * If the client or server is doing some kind of object creation
+     * that the other side depends on, and that thread prematurely
+     * exits, you may experience a hang.  The test harness will
+     * terminate all hung threads after its timeout has expired,
+     * currently 3 minutes by default, but you might try to be
+     * smart about it....
+     */
+
+    /*
+     * Define the server side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doServerSide() throws Exception {
+
+        // load the key store
+        KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
+        ks.load(null, null);
+        System.out.println("Loaded keystore: Windows-MY");
+
+        // check key size
+        checkKeySize(ks);
+
+        // initialize the SSLContext
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+        kmf.init(ks, null);
+
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+        tmf.init(ks);
+
+        SSLContext ctx = SSLContext.getInstance("TLS");
+        ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+
+        ServerSocketFactory ssf = ctx.getServerSocketFactory();
+        SSLServerSocket sslServerSocket = (SSLServerSocket)
+                                ssf.createServerSocket(serverPort);
+        sslServerSocket.setNeedClientAuth(true);
+        serverPort = sslServerSocket.getLocalPort();
+        System.out.println("serverPort = " + serverPort);
+
+        /*
+         * Signal Client, we're ready for his connect.
+         */
+        serverReady = true;
+
+        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
+        InputStream sslIS = sslSocket.getInputStream();
+        OutputStream sslOS = sslSocket.getOutputStream();
+
+        sslIS.read();
+        sslOS.write(85);
+        sslOS.flush();
+
+        sslSocket.close();
+    }
+
+    /*
+     * Define the client side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doClientSide() throws Exception {
+
+        /*
+         * Wait for server to get started.
+         */
+        while (!serverReady) {
+            Thread.sleep(50);
+        }
+
+        // load the key store
+        KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
+        ks.load(null, null);
+        System.out.println("Loaded keystore: Windows-MY");
+
+        // initialize the SSLContext
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+        kmf.init(ks, null);
+
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+        tmf.init(ks);
+
+        SSLContext ctx = SSLContext.getInstance("TLS");
+        ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+
+        SSLSocketFactory sslsf = ctx.getSocketFactory();
+        SSLSocket sslSocket = (SSLSocket)
+            sslsf.createSocket("localhost", serverPort);
+
+        if (clientProtocol != null) {
+            sslSocket.setEnabledProtocols(new String[] {clientProtocol});
+        }
+
+        if (clientCiperSuite != null) {
+            sslSocket.setEnabledCipherSuites(new String[] {clientCiperSuite});
+        }
+
+        InputStream sslIS = sslSocket.getInputStream();
+        OutputStream sslOS = sslSocket.getOutputStream();
+
+        sslOS.write(280);
+        sslOS.flush();
+        sslIS.read();
+
+        sslSocket.close();
+    }
+
+    private void checkKeySize(KeyStore ks) throws Exception {
+        PrivateKey privateKey = null;
+        PublicKey publicKey = null;
+
+        if (ks.containsAlias(keyAlias)) {
+            System.out.println("Loaded entry: " + keyAlias);
+            privateKey = (PrivateKey)ks.getKey(keyAlias, null);
+            publicKey = (PublicKey)ks.getCertificate(keyAlias).getPublicKey();
+
+            int privateKeySize = KeyLength.getKeySize(privateKey);
+            if (privateKeySize != keySize) {
+                throw new Exception("Expected key size is " + keySize +
+                        ", but the private key size is " + privateKeySize);
+            }
+
+            int publicKeySize = KeyLength.getKeySize(publicKey);
+            if (publicKeySize != keySize) {
+                throw new Exception("Expected key size is " + keySize +
+                        ", but the public key size is " + publicKeySize);
+            }
+        }
+    }
+
+    /*
+     * =============================================================
+     * The remainder is just support stuff
+     */
+
+    // use any free port by default
+    volatile int serverPort = 0;
+
+    volatile Exception serverException = null;
+    volatile Exception clientException = null;
+
+    private static String keyAlias;
+    private static int keySize;
+    private static String clientProtocol = null;
+    private static String clientCiperSuite = null;
+
+    private static void parseArguments(String[] args) {
+        keyAlias = args[0];
+        keySize = Integer.parseInt(args[1]);
+
+        if (args.length > 2) {
+            clientProtocol = args[2];
+        }
+
+        if (args.length > 3) {
+            clientCiperSuite = args[3];
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        if (debug) {
+            System.setProperty("javax.net.debug", "all");
+        }
+
+        // Get the customized arguments.
+        parseArguments(args);
+
+        new ShortRSAKeyWithinTLS();
+    }
+
+    Thread clientThread = null;
+    Thread serverThread = null;
+
+    /*
+     * Primary constructor, used to drive remainder of the test.
+     *
+     * Fork off the other side, then do your work.
+     */
+    ShortRSAKeyWithinTLS() throws Exception {
+        try {
+            if (separateServerThread) {
+                startServer(true);
+                startClient(false);
+            } else {
+                startClient(true);
+                startServer(false);
+            }
+        } catch (Exception e) {
+            // swallow for now.  Show later
+        }
+
+        /*
+         * Wait for other side to close down.
+         */
+        if (separateServerThread) {
+            serverThread.join();
+        } else {
+            clientThread.join();
+        }
+
+        /*
+         * When we get here, the test is pretty much over.
+         * Which side threw the error?
+         */
+        Exception local;
+        Exception remote;
+        String whichRemote;
+
+        if (separateServerThread) {
+            remote = serverException;
+            local = clientException;
+            whichRemote = "server";
+        } else {
+            remote = clientException;
+            local = serverException;
+            whichRemote = "client";
+        }
+
+        /*
+         * If both failed, return the curthread's exception, but also
+         * print the remote side Exception
+         */
+        if ((local != null) && (remote != null)) {
+            System.out.println(whichRemote + " also threw:");
+            remote.printStackTrace();
+            System.out.println();
+            throw local;
+        }
+
+        if (remote != null) {
+            throw remote;
+        }
+
+        if (local != null) {
+            throw local;
+        }
+    }
+
+    void startServer(boolean newThread) throws Exception {
+        if (newThread) {
+            serverThread = new Thread() {
+                public void run() {
+                    try {
+                        doServerSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our server thread just died.
+                         *
+                         * Release the client, if not active already...
+                         */
+                        System.err.println("Server died...");
+                        serverReady = true;
+                        serverException = e;
+                    }
+                }
+            };
+            serverThread.start();
+        } else {
+            try {
+                doServerSide();
+            } catch (Exception e) {
+                serverException = e;
+            } finally {
+                serverReady = true;
+            }
+        }
+    }
+
+    void startClient(boolean newThread) throws Exception {
+        if (newThread) {
+            clientThread = new Thread() {
+                public void run() {
+                    try {
+                        doClientSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our client thread just died.
+                         */
+                        System.err.println("Client died...");
+                        clientException = e;
+                    }
+                }
+            };
+            clientThread.start();
+        } else {
+            try {
+                doClientSide();
+            } catch (Exception e) {
+                clientException = e;
+            }
+        }
+    }
+}
+
--- a/test/sun/security/pkcs11/KeyStore/ClientAuth.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/sun/security/pkcs11/KeyStore/ClientAuth.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -155,6 +155,14 @@
         SSLSocket sslSocket = (SSLSocket)
             sslsf.createSocket("localhost", serverPort);
 
+        if (clientProtocol != null) {
+            sslSocket.setEnabledProtocols(new String[] {clientProtocol});
+        }
+
+        if (clientCiperSuite != null) {
+            sslSocket.setEnabledCipherSuites(new String[] {clientCiperSuite});
+        }
+
         InputStream sslIS = sslSocket.getInputStream();
         OutputStream sslOS = sslSocket.getOutputStream();
 
@@ -176,7 +184,22 @@
     volatile Exception serverException = null;
     volatile Exception clientException = null;
 
+    private static String clientProtocol = null;
+    private static String clientCiperSuite = null;
+
+    private static void parseArguments(String[] args) {
+        if (args.length > 0) {
+            clientProtocol = args[0];
+        }
+
+        if (args.length > 1) {
+            clientCiperSuite = args[1];
+        }
+    }
+
     public static void main(String[] args) throws Exception {
+        // Get the customized arguments.
+        parseArguments(args);
         main(new ClientAuth());
     }
 
--- a/test/sun/security/pkcs11/KeyStore/ClientAuth.sh	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/sun/security/pkcs11/KeyStore/ClientAuth.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -22,8 +22,9 @@
 #
 
 # @test
-# @bug 4938185
+# @bug 4938185 7106773
 # @summary KeyStore support for NSS cert/key databases
+#          512 bits RSA key cannot work with SHA384 and SHA512
 #
 # @run shell ClientAuth.sh
 
@@ -126,6 +127,7 @@
 	${TESTSRC}${FS}ClientAuth.java
 
 # run test
+echo "Run ClientAuth ..."
 ${TESTJAVA}${FS}bin${FS}java \
 	-classpath ${TESTCLASSES}${PS}${TESTSRC}${FS}loader.jar \
 	-DDIR=${TESTSRC}${FS}ClientAuthData${FS} \
@@ -140,5 +142,26 @@
 # save error status
 status=$?
 
+# return if failed
+if [ "${status}" != "0" ] ; then
+    exit $status
+fi
+
+# run test with specified TLS protocol and cipher suite
+echo "Run ClientAuth TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+${TESTJAVA}${FS}bin${FS}java \
+	-classpath ${TESTCLASSES}${PS}${TESTSRC}${FS}loader.jar \
+	-DDIR=${TESTSRC}${FS}ClientAuthData${FS} \
+	-DCUSTOM_DB_DIR=${TESTCLASSES} \
+	-DCUSTOM_P11_CONFIG=${TESTSRC}${FS}ClientAuthData${FS}p11-nss.txt \
+	-DNO_DEFAULT=true \
+	-DNO_DEIMOS=true \
+	-Dtest.src=${TESTSRC} \
+	-Dtest.classes=${TESTCLASSES} \
+	ClientAuth TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+
+# save error status
+status=$?
+
 # return
 exit $status
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/EngineArgs/DebugReportsOneExtraByte.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,401 @@
+/*
+ * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * test
+ * @bug 7126889
+ * @summary Incorrect SSLEngine debug output
+ *
+ * Debug output was reporting n+1 bytes of data was written when it was
+ * really was n.
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
+ */
+
+/**
+ * A SSLEngine usage example which simplifies the presentation
+ * by removing the I/O and multi-threading concerns.
+ *
+ * The test creates two SSLEngines, simulating a client and server.
+ * The "transport" layer consists two byte buffers:  think of them
+ * as directly connected pipes.
+ *
+ * Note, this is a *very* simple example: real code will be much more
+ * involved.  For example, different threading and I/O models could be
+ * used, transport mechanisms could close unexpectedly, and so on.
+ *
+ * When this application runs, notice that several messages
+ * (wrap/unwrap) pass before any application data is consumed or
+ * produced.  (For more information, please see the SSL/TLS
+ * specifications.)  There may several steps for a successful handshake,
+ * so it's typical to see the following series of operations:
+ *
+ *      client          server          message
+ *      ======          ======          =======
+ *      wrap()          ...             ClientHello
+ *      ...             unwrap()        ClientHello
+ *      ...             wrap()          ServerHello/Certificate
+ *      unwrap()        ...             ServerHello/Certificate
+ *      wrap()          ...             ClientKeyExchange
+ *      wrap()          ...             ChangeCipherSpec
+ *      wrap()          ...             Finished
+ *      ...             unwrap()        ClientKeyExchange
+ *      ...             unwrap()        ChangeCipherSpec
+ *      ...             unwrap()        Finished
+ *      ...             wrap()          ChangeCipherSpec
+ *      ...             wrap()          Finished
+ *      unwrap()        ...             ChangeCipherSpec
+ *      unwrap()        ...             Finished
+ */
+
+import javax.net.ssl.*;
+import javax.net.ssl.SSLEngineResult.*;
+import java.io.*;
+import java.security.*;
+import java.nio.*;
+
+public class DebugReportsOneExtraByte {
+
+    /*
+     * Enables logging of the SSLEngine operations.
+     */
+    private static boolean logging = true;
+
+    /*
+     * Enables the JSSE system debugging system property:
+     *
+     *     -Djavax.net.debug=all
+     *
+     * This gives a lot of low-level information about operations underway,
+     * including specific handshake messages, and might be best examined
+     * after gaining some familiarity with this application.
+     */
+    private static boolean debug = false;
+
+    private SSLContext sslc;
+
+    private SSLEngine clientEngine;     // client Engine
+    private ByteBuffer clientOut;       // write side of clientEngine
+    private ByteBuffer clientIn;        // read side of clientEngine
+
+    private SSLEngine serverEngine;     // server Engine
+    private ByteBuffer serverOut;       // write side of serverEngine
+    private ByteBuffer serverIn;        // read side of serverEngine
+
+    /*
+     * For data transport, this example uses local ByteBuffers.  This
+     * isn't really useful, but the purpose of this example is to show
+     * SSLEngine concepts, not how to do network transport.
+     */
+    private ByteBuffer cTOs;            // "reliable" transport client->server
+    private ByteBuffer sTOc;            // "reliable" transport server->client
+
+    /*
+     * The following is to set up the keystores.
+     */
+    private static String pathToStores = "../../../../../../../etc";
+    private static String keyStoreFile = "keystore";
+    private static String trustStoreFile = "truststore";
+    private static String passwd = "passphrase";
+
+    private static String keyFilename =
+            System.getProperty("test.src", ".") + "/" + pathToStores +
+                "/" + keyStoreFile;
+    private static String trustFilename =
+            System.getProperty("test.src", ".") + "/" + pathToStores +
+                "/" + trustStoreFile;
+
+    /*
+     * Main entry point for this test.
+     */
+    public static void main(String args[]) throws Exception {
+        if (debug) {
+            System.setProperty("javax.net.debug", "all");
+        }
+
+        DebugReportsOneExtraByte test = new DebugReportsOneExtraByte();
+        test.runTest();
+
+        System.out.println("Test Passed.");
+    }
+
+    /*
+     * Create an initialized SSLContext to use for these tests.
+     */
+    public DebugReportsOneExtraByte() throws Exception {
+
+        KeyStore ks = KeyStore.getInstance("JKS");
+        KeyStore ts = KeyStore.getInstance("JKS");
+
+        char[] passphrase = "passphrase".toCharArray();
+
+        ks.load(new FileInputStream(keyFilename), passphrase);
+        ts.load(new FileInputStream(trustFilename), passphrase);
+
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+        kmf.init(ks, passphrase);
+
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+        tmf.init(ts);
+
+        SSLContext sslCtx = SSLContext.getInstance("TLS");
+
+        sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+
+        sslc = sslCtx;
+    }
+
+    /*
+     * Run the test.
+     *
+     * Sit in a tight loop, both engines calling wrap/unwrap regardless
+     * of whether data is available or not.  We do this until both engines
+     * report back they are closed.
+     *
+     * The main loop handles all of the I/O phases of the SSLEngine's
+     * lifetime:
+     *
+     *     initial handshaking
+     *     application data transfer
+     *     engine closing
+     *
+     * One could easily separate these phases into separate
+     * sections of code.
+     */
+    private void runTest() throws Exception {
+        boolean dataDone = false;
+
+        createSSLEngines();
+        createBuffers();
+
+        SSLEngineResult clientResult;   // results from client's last operation
+        SSLEngineResult serverResult;   // results from server's last operation
+
+        /*
+         * Examining the SSLEngineResults could be much more involved,
+         * and may alter the overall flow of the application.
+         *
+         * For example, if we received a BUFFER_OVERFLOW when trying
+         * to write to the output pipe, we could reallocate a larger
+         * pipe, but instead we wait for the peer to drain it.
+         */
+
+        /*
+         * Write one byte in first application packet, the rest
+         * will come later.
+         */
+        serverOut.limit(1);
+
+        while (!isEngineClosed(clientEngine) ||
+                !isEngineClosed(serverEngine)) {
+
+            log("================");
+
+            clientResult = clientEngine.wrap(clientOut, cTOs);
+            log("client wrap: ", clientResult);
+            runDelegatedTasks(clientResult, clientEngine);
+
+            serverResult = serverEngine.wrap(serverOut, sTOc);
+            log("server wrap: ", serverResult);
+            runDelegatedTasks(serverResult, serverEngine);
+
+            // Next wrap will split.
+            if (serverOut.position() == 1) {
+                serverOut.limit(serverOut.capacity());
+            }
+
+            cTOs.flip();
+            sTOc.flip();
+
+            log("----");
+
+            clientResult = clientEngine.unwrap(sTOc, clientIn);
+            log("client unwrap: ", clientResult);
+            runDelegatedTasks(clientResult, clientEngine);
+
+            serverResult = serverEngine.unwrap(cTOs, serverIn);
+            log("server unwrap: ", serverResult);
+            runDelegatedTasks(serverResult, serverEngine);
+
+            cTOs.compact();
+            sTOc.compact();
+
+            /*
+             * After we've transfered all application data between the client
+             * and server, we close the clientEngine's outbound stream.
+             * This generates a close_notify handshake message, which the
+             * server engine receives and responds by closing itself.
+             */
+            if (!dataDone && (clientOut.limit() == serverIn.position()) &&
+                    (serverOut.limit() == clientIn.position())) {
+
+                /*
+                 * A sanity check to ensure we got what was sent.
+                 */
+                checkTransfer(serverOut, clientIn);
+                checkTransfer(clientOut, serverIn);
+
+                log("\tClosing clientEngine's *OUTBOUND*...");
+                clientEngine.closeOutbound();
+                dataDone = true;
+            }
+        }
+    }
+
+    /*
+     * Using the SSLContext created during object creation,
+     * create/configure the SSLEngines we'll use for this test.
+     */
+    private void createSSLEngines() throws Exception {
+        /*
+         * Configure the serverEngine to act as a server in the SSL/TLS
+         * handshake.  Also, require SSL client authentication.
+         */
+        serverEngine = sslc.createSSLEngine();
+        serverEngine.setUseClientMode(false);
+        serverEngine.setNeedClientAuth(true);
+
+        // Force a block-oriented ciphersuite.
+        serverEngine.setEnabledCipherSuites(
+            new String [] {"TLS_RSA_WITH_AES_128_CBC_SHA"});
+
+        /*
+         * Similar to above, but using client mode instead.
+         */
+        clientEngine = sslc.createSSLEngine("client", 80);
+        clientEngine.setUseClientMode(true);
+    }
+
+    /*
+     * Create and size the buffers appropriately.
+     */
+    private void createBuffers() {
+
+        /*
+         * We'll assume the buffer sizes are the same
+         * between client and server.
+         */
+        SSLSession session = clientEngine.getSession();
+        int appBufferMax = session.getApplicationBufferSize();
+        int netBufferMax = session.getPacketBufferSize();
+
+        /*
+         * We'll make the input buffers a bit bigger than the max needed
+         * size, so that unwrap()s following a successful data transfer
+         * won't generate BUFFER_OVERFLOWS.
+         *
+         * We'll use a mix of direct and indirect ByteBuffers for
+         * tutorial purposes only.  In reality, only use direct
+         * ByteBuffers when they give a clear performance enhancement.
+         */
+        clientIn = ByteBuffer.allocate(appBufferMax + 50);
+        serverIn = ByteBuffer.allocate(appBufferMax + 50);
+
+        cTOs = ByteBuffer.allocateDirect(netBufferMax);
+        sTOc = ByteBuffer.allocateDirect(netBufferMax);
+
+        // No need to write anything on the client side, it will
+        // just confuse the output.
+        clientOut = ByteBuffer.wrap("".getBytes());
+        // 10 bytes long
+        serverOut = ByteBuffer.wrap("Hi Client!".getBytes());
+    }
+
+    /*
+     * If the result indicates that we have outstanding tasks to do,
+     * go ahead and run them in this thread.
+     */
+    private static void runDelegatedTasks(SSLEngineResult result,
+            SSLEngine engine) throws Exception {
+
+        if (result.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
+            Runnable runnable;
+            while ((runnable = engine.getDelegatedTask()) != null) {
+                log("\trunning delegated task...");
+                runnable.run();
+            }
+            HandshakeStatus hsStatus = engine.getHandshakeStatus();
+            if (hsStatus == HandshakeStatus.NEED_TASK) {
+                throw new Exception(
+                    "handshake shouldn't need additional tasks");
+            }
+            log("\tnew HandshakeStatus: " + hsStatus);
+        }
+    }
+
+    private static boolean isEngineClosed(SSLEngine engine) {
+        return (engine.isOutboundDone() && engine.isInboundDone());
+    }
+
+    /*
+     * Simple check to make sure everything came across as expected.
+     */
+    private static void checkTransfer(ByteBuffer a, ByteBuffer b)
+            throws Exception {
+        a.flip();
+        b.flip();
+
+        if (!a.equals(b)) {
+            throw new Exception("Data didn't transfer cleanly");
+        } else {
+            log("\tData transferred cleanly");
+        }
+
+        a.position(a.limit());
+        b.position(b.limit());
+        a.limit(a.capacity());
+        b.limit(b.capacity());
+    }
+
+    /*
+     * Logging code
+     */
+    private static boolean resultOnce = true;
+
+    private static void log(String str, SSLEngineResult result) {
+        if (!logging) {
+            return;
+        }
+        if (resultOnce) {
+            resultOnce = false;
+            System.out.println("The format of the SSLEngineResult is: \n" +
+                "\t\"getStatus() / getHandshakeStatus()\" +\n" +
+                "\t\"bytesConsumed() / bytesProduced()\"\n");
+        }
+        HandshakeStatus hsStatus = result.getHandshakeStatus();
+        log(str +
+            result.getStatus() + "/" + hsStatus + ", " +
+            result.bytesConsumed() + "/" + result.bytesProduced() +
+            " bytes");
+        if (hsStatus == HandshakeStatus.FINISHED) {
+            log("\t...ready for application data");
+        }
+    }
+
+    private static void log(String str) {
+        if (logging) {
+            System.out.println(str);
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/EngineArgs/DebugReportsOneExtraByte.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,80 @@
+#! /bin/sh
+
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 7126889
+# @summary Incorrect SSLEngine debug output
+#
+# ${TESTJAVA} is pointing to the JDK under test.
+#
+# set platform-dependent variables
+
+OS=`uname -s`
+case "$OS" in
+  SunOS )
+    PS=":"
+    FS="/"
+    ;;
+  Linux )
+    PS=":"
+    FS="/"
+    ;;
+  CYGWIN* )
+    PS=";"
+    FS="/"
+    ;;
+  Windows* )
+    PS=";"
+    FS="\\"
+    ;;
+  * )
+    echo "Unrecognized system!"
+    exit 1;
+    ;;
+esac
+
+${TESTJAVA}${FS}bin${FS}javac -d . ${TESTSRC}${FS}DebugReportsOneExtraByte.java
+
+STRING='main, WRITE: TLSv1 Application Data, length = 8'
+
+echo "Examining debug output for the string:"
+echo "${STRING}"
+echo "========="
+
+${TESTJAVA}${FS}bin${FS}java -Djavax.net.debug=all \
+    -Dtest.src=${TESTSRC} \
+    DebugReportsOneExtraByte 2>&1 | \
+    grep "${STRING}"
+RETVAL=$?
+
+echo "========="
+
+if [ ${RETVAL} -ne 0 ]; then
+    echo "Did NOT see the expected debug output."
+    exit 1
+else
+    echo "Received the expected debug output."
+    exit 0
+fi
--- a/test/sun/security/ssl/javax/net/ssl/SSLContextVersion.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/sun/security/ssl/javax/net/ssl/SSLContextVersion.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -91,7 +91,7 @@
             ciphers = parameters.getCipherSuites();
 
             if (protocols.length == 0 || ciphers.length == 0) {
-                throw new Exception("No default protocols or cipher suites");
+                throw new Exception("No supported protocols or cipher suites");
             }
 
             isMatch = false;
@@ -104,7 +104,7 @@
             }
 
             if (!isMatch) {
-                throw new Exception("No matched default protocol");
+                throw new Exception("No matched supported protocol");
             }
             System.out.println("\t... Success");
         }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ssl/javax/net/ssl/TLSv12/ShortRSAKey512.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,414 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7106773
+ * @summary 512 bits RSA key cannot work with SHA384 and SHA512
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
+ * @run main/othervm ShortRSAKey512 PKIX
+ * @run main/othervm ShortRSAKey512 SunX509
+ */
+
+import java.net.*;
+import java.util.*;
+import java.io.*;
+import javax.net.ssl.*;
+import java.security.KeyStore;
+import java.security.KeyFactory;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+import java.security.spec.*;
+import java.security.interfaces.*;
+import sun.misc.BASE64Decoder;
+
+
+public class ShortRSAKey512 {
+
+    /*
+     * =============================================================
+     * Set the various variables needed for the tests, then
+     * specify what tests to run on each side.
+     */
+
+    /*
+     * Should we run the client or server in a separate thread?
+     * Both sides can throw exceptions, but do you have a preference
+     * as to which side should be the main thread.
+     */
+    static boolean separateServerThread = false;
+
+    /*
+     * Where do we find the keystores?
+     */
+    // Certificates and key used in the test.
+    static String trustedCertStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICkjCCAfugAwIBAgIBADANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
+        "MTEwODE5MDE1MjE5WhcNMzIwNzI5MDE1MjE5WjA7MQswCQYDVQQGEwJVUzENMAsG\n" +
+        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwgZ8wDQYJ\n" +
+        "KoZIhvcNAQEBBQADgY0AMIGJAoGBAM8orG08DtF98TMSscjGsidd1ZoN4jiDpi8U\n" +
+        "ICz+9dMm1qM1d7O2T+KH3/mxyox7Rc2ZVSCaUD0a3CkhPMnlAx8V4u0H+E9sqso6\n" +
+        "iDW3JpOyzMExvZiRgRG/3nvp55RMIUV4vEHOZ1QbhuqG4ebN0Vz2DkRft7+flthf\n" +
+        "vDld6f5JAgMBAAGjgaUwgaIwHQYDVR0OBBYEFLl81dnfp0wDrv0OJ1sxlWzH83Xh\n" +
+        "MGMGA1UdIwRcMFqAFLl81dnfp0wDrv0OJ1sxlWzH83XhoT+kPTA7MQswCQYDVQQG\n" +
+        "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" +
+        "Y2WCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEE\n" +
+        "BQADgYEALlgaH1gWtoBZ84EW8Hu6YtGLQ/L9zIFmHonUPZwn3Pr//icR9Sqhc3/l\n" +
+        "pVTxOINuFHLRz4BBtEylzRIOPzK3tg8XwuLb1zd0db90x3KBCiAL6E6cklGEPwLe\n" +
+        "XYMHDn9eDsaq861Tzn6ZwzMgw04zotPMoZN0mVd/3Qca8UJFucE=\n" +
+        "-----END CERTIFICATE-----";
+
+    static String targetCertStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICNDCCAZ2gAwIBAgIBDDANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
+        "MTExMTA3MTM1NTUyWhcNMzEwNzI1MTM1NTUyWjBPMQswCQYDVQQGEwJVUzENMAsG\n" +
+        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxEjAQBgNV\n" +
+        "BAMTCWxvY2FsaG9zdDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3Pb49OSPfOD2G\n" +
+        "HSXFCFx1GJEZfqG9ZUf7xuIi/ra5dLjPGAaoY5QF2QOa8VnOriQCXDfyXHxsuRnE\n" +
+        "OomxL7EVAgMBAAGjeDB2MAsGA1UdDwQEAwID6DAdBgNVHQ4EFgQUXNCJK3/dtCIc\n" +
+        "xb+zlA/JINlvs/MwHwYDVR0jBBgwFoAUuXzV2d+nTAOu/Q4nWzGVbMfzdeEwJwYD\n" +
+        "VR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAzANBgkqhkiG9w0B\n" +
+        "AQQFAAOBgQB2qIDUxA2caMPpGtUACZAPRUtrGssCINIfItETXJZCx/cRuZ5sP4D9\n" +
+        "N1acoNDn0hCULe3lhXAeTC9NZ97680yJzregQMV5wATjo1FGsKY30Ma+sc/nfzQW\n" +
+        "+h/7RhYtoG0OTsiaDCvyhI6swkNJzSzrAccPY4+ZgU8HiDLzZTmM3Q==\n" +
+        "-----END CERTIFICATE-----";
+
+    // Private key in the format of PKCS#8, key size is 512 bits.
+    static String targetPrivateKey =
+        "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAtz2+PTkj3zg9hh0l\n" +
+        "xQhcdRiRGX6hvWVH+8biIv62uXS4zxgGqGOUBdkDmvFZzq4kAlw38lx8bLkZxDqJ\n" +
+        "sS+xFQIDAQABAkByx/5Oo2hQ/w2q4L8z+NTRlJ3vdl8iIDtC/4XPnfYfnGptnpG6\n" +
+        "ZThQRvbMZiai0xHQPQMszvAHjZVme1eDl3EBAiEA3aKJHynPVCEJhpfCLWuMwX5J\n" +
+        "1LntwJO7NTOyU5m8rPECIQDTpzn5X44r2rzWBDna/Sx7HW9IWCxNgUD2Eyi2nA7W\n" +
+        "ZQIgJerEorw4aCAuzQPxiGu57PB6GRamAihEAtoRTBQlH0ECIQDN08FgTtnesgCU\n" +
+        "DFYLLcw1CiHvc7fZw4neBDHCrC8NtQIgA8TOUkGnpCZlQ0KaI8KfKWI+vxFcgFnH\n" +
+        "3fnqsTgaUs4=";
+
+    static char passphrase[] = "passphrase".toCharArray();
+
+    /*
+     * Is the server ready to serve?
+     */
+    volatile static boolean serverReady = false;
+
+    /*
+     * Turn on SSL debugging?
+     */
+    static boolean debug = false;
+
+    /*
+     * Define the server side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doServerSide() throws Exception {
+        SSLContext context = generateSSLContext(null, targetCertStr,
+                                            targetPrivateKey);
+        SSLServerSocketFactory sslssf = context.getServerSocketFactory();
+        SSLServerSocket sslServerSocket =
+            (SSLServerSocket)sslssf.createServerSocket(serverPort);
+        serverPort = sslServerSocket.getLocalPort();
+
+        /*
+         * Signal Client, we're ready for his connect.
+         */
+        serverReady = true;
+
+        SSLSocket sslSocket = (SSLSocket)sslServerSocket.accept();
+        InputStream sslIS = sslSocket.getInputStream();
+        OutputStream sslOS = sslSocket.getOutputStream();
+
+        sslIS.read();
+        sslOS.write('A');
+        sslOS.flush();
+
+        sslSocket.close();
+    }
+
+    /*
+     * Define the client side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doClientSide() throws Exception {
+
+        /*
+         * Wait for server to get started.
+         */
+        while (!serverReady) {
+            Thread.sleep(50);
+        }
+
+        SSLContext context = generateSSLContext(trustedCertStr, null, null);
+        SSLSocketFactory sslsf = context.getSocketFactory();
+
+        SSLSocket sslSocket =
+            (SSLSocket)sslsf.createSocket("localhost", serverPort);
+
+        // enable TLSv1.2 only
+        sslSocket.setEnabledProtocols(new String[] {"TLSv1.2"});
+
+        // enable a block cipher
+        sslSocket.setEnabledCipherSuites(
+            new String[] {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA"});
+
+        InputStream sslIS = sslSocket.getInputStream();
+        OutputStream sslOS = sslSocket.getOutputStream();
+
+        sslOS.write('B');
+        sslOS.flush();
+        sslIS.read();
+
+        sslSocket.close();
+    }
+
+    /*
+     * =============================================================
+     * The remainder is just support stuff
+     */
+    private static String tmAlgorithm;        // trust manager
+
+    private static void parseArguments(String[] args) {
+        tmAlgorithm = args[0];
+    }
+
+    private static SSLContext generateSSLContext(String trustedCertStr,
+            String keyCertStr, String keySpecStr) throws Exception {
+
+        // generate certificate from cert string
+        CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+        // create a key store
+        KeyStore ks = KeyStore.getInstance("JKS");
+        ks.load(null, null);
+
+        // import the trused cert
+        Certificate trusedCert = null;
+        ByteArrayInputStream is = null;
+        if (trustedCertStr != null) {
+            is = new ByteArrayInputStream(trustedCertStr.getBytes());
+            trusedCert = cf.generateCertificate(is);
+            is.close();
+
+            ks.setCertificateEntry("RSA Export Signer", trusedCert);
+        }
+
+        if (keyCertStr != null) {
+            // generate the private key.
+            PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
+                                new BASE64Decoder().decodeBuffer(keySpecStr));
+            KeyFactory kf = KeyFactory.getInstance("RSA");
+            RSAPrivateKey priKey =
+                    (RSAPrivateKey)kf.generatePrivate(priKeySpec);
+
+            // generate certificate chain
+            is = new ByteArrayInputStream(keyCertStr.getBytes());
+            Certificate keyCert = cf.generateCertificate(is);
+            is.close();
+
+            Certificate[] chain = null;
+            if (trusedCert != null) {
+                chain = new Certificate[2];
+                chain[0] = keyCert;
+                chain[1] = trusedCert;
+            } else {
+                chain = new Certificate[1];
+                chain[0] = keyCert;
+            }
+
+            // import the key entry.
+            ks.setKeyEntry("Whatever", priKey, passphrase, chain);
+        }
+
+        // create SSL context
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm);
+        tmf.init(ks);
+
+        SSLContext ctx = SSLContext.getInstance("TLS");
+        if (keyCertStr != null && !keyCertStr.isEmpty()) {
+            KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");
+            kmf.init(ks, passphrase);
+
+            ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+            ks = null;
+        } else {
+            ctx.init(null, tmf.getTrustManagers(), null);
+        }
+
+        return ctx;
+    }
+
+
+    // use any free port by default
+    volatile int serverPort = 0;
+
+    volatile Exception serverException = null;
+    volatile Exception clientException = null;
+
+    public static void main(String[] args) throws Exception {
+        if (debug)
+            System.setProperty("javax.net.debug", "all");
+
+        /*
+         * Get the customized arguments.
+         */
+        parseArguments(args);
+
+        /*
+         * Start the tests.
+         */
+        new ShortRSAKey512();
+    }
+
+    Thread clientThread = null;
+    Thread serverThread = null;
+
+    /*
+     * Primary constructor, used to drive remainder of the test.
+     *
+     * Fork off the other side, then do your work.
+     */
+    ShortRSAKey512() throws Exception {
+        try {
+            if (separateServerThread) {
+                startServer(true);
+                startClient(false);
+            } else {
+                startClient(true);
+                startServer(false);
+            }
+        } catch (Exception e) {
+            // swallow for now.  Show later
+        }
+
+        /*
+         * Wait for other side to close down.
+         */
+        if (separateServerThread) {
+            serverThread.join();
+        } else {
+            clientThread.join();
+        }
+
+        /*
+         * When we get here, the test is pretty much over.
+         * Which side threw the error?
+         */
+        Exception local;
+        Exception remote;
+        String whichRemote;
+
+        if (separateServerThread) {
+            remote = serverException;
+            local = clientException;
+            whichRemote = "server";
+        } else {
+            remote = clientException;
+            local = serverException;
+            whichRemote = "client";
+        }
+
+        /*
+         * If both failed, return the curthread's exception, but also
+         * print the remote side Exception
+         */
+        if ((local != null) && (remote != null)) {
+            System.out.println(whichRemote + " also threw:");
+            remote.printStackTrace();
+            System.out.println();
+            throw local;
+        }
+
+        if (remote != null) {
+            throw remote;
+        }
+
+        if (local != null) {
+            throw local;
+        }
+    }
+
+    void startServer(boolean newThread) throws Exception {
+        if (newThread) {
+            serverThread = new Thread() {
+                public void run() {
+                    try {
+                        doServerSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our server thread just died.
+                         *
+                         * Release the client, if not active already...
+                         */
+                        System.err.println("Server died...");
+                        serverReady = true;
+                        serverException = e;
+                    }
+                }
+            };
+            serverThread.start();
+        } else {
+            try {
+                doServerSide();
+            } catch (Exception e) {
+                serverException = e;
+            } finally {
+                serverReady = true;
+            }
+        }
+    }
+
+    void startClient(boolean newThread) throws Exception {
+        if (newThread) {
+            clientThread = new Thread() {
+                public void run() {
+                    try {
+                        doClientSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our client thread just died.
+                         */
+                        System.err.println("Client died...");
+                        clientException = e;
+                    }
+                }
+            };
+            clientThread.start();
+        } else {
+            try {
+                doClientSide();
+            } catch (Exception e) {
+                clientException = e;
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/CookieHttpsClientTest.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,283 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7129083
+ * @summary Cookiemanager does not store cookies if url is read
+ *          before setting cookiemanager
+ */
+
+import java.net.CookieHandler;
+import java.net.CookieManager;
+import java.net.CookiePolicy;
+import java.net.URL;
+import java.io.InputStream;
+import java.io.IOException;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLServerSocket;
+import javax.net.ssl.SSLServerSocketFactory;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocket;
+
+public class CookieHttpsClientTest {
+    static final int TIMEOUT = 10 * 1000;
+
+    static final String replyString = "HTTP/1.1 200 OK\r\n" +
+            "Set-Cookie: name=test\r\n" +
+            "Content-Length: 10\r\n\r\n" +
+            "1234567890";
+
+    /*
+     * =============================================================
+     * Set the various variables needed for the tests, then
+     * specify what tests to run on each side.
+     */
+
+    /*
+     * Should we run the client or server in a separate thread?
+     * Both sides can throw exceptions, but do you have a preference
+     * as to which side should be the main thread.
+     */
+    static boolean separateServerThread = true;
+
+    /*
+     * Where do we find the keystores?
+     */
+    static String pathToStores = "../../../../../../etc";
+    static String keyStoreFile = "keystore";
+    static String trustStoreFile = "truststore";
+    static String passwd = "passphrase";
+
+    /*
+     * Is the server ready to serve?
+     */
+    volatile static boolean serverReady = false;
+
+    /*
+     * Turn on SSL debugging?
+     */
+    static boolean debug = false;
+
+    /*
+     * Define the server side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doServerSide() throws Exception {
+        SSLServerSocketFactory sslssf =
+            (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
+        SSLServerSocket sslServerSocket =
+            (SSLServerSocket) sslssf.createServerSocket(serverPort);
+        serverPort = sslServerSocket.getLocalPort();
+
+        /*
+         * Signal Client, we're ready for his connect.
+         */
+        serverReady = true;
+        SSLSocket sslSocket = null;
+        try {
+            sslSocket = (SSLSocket) sslServerSocket.accept();
+            sslSocket.setSoTimeout(TIMEOUT);
+            readOneRequest(sslSocket.getInputStream());
+            sslSocket.getOutputStream().write(replyString.getBytes());
+
+            readOneRequest(sslSocket.getInputStream());
+            sslSocket.getOutputStream().write(replyString.getBytes());
+        } catch (Exception e) {
+            e.printStackTrace();
+        } finally {
+            try {
+                if (sslSocket != null) { sslSocket.close(); }
+                sslServerSocket.close();
+            } catch (IOException unused)  {  /* gulp!burp! */   }
+        }
+    }
+
+    /*
+     * Define the client side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doClientSide() throws Exception {
+        // Wait for server to get started.
+        while (!serverReady) {
+            Thread.sleep(50);
+        }
+
+        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
+            public boolean verify(String hostname, SSLSession session) {
+                return true;
+            }});
+
+        URL url = new URL("https://localhost:" + serverPort +"/");
+
+        // Run without a CookieHandler first
+        InputStream in = url.openConnection().getInputStream();
+        while (in.read() != -1);  // read response body so connection can be reused
+
+        // Set a CookeHandler and retest using the HttpClient from the KAC
+        CookieManager manager = new CookieManager(null, CookiePolicy.ACCEPT_ALL);
+        CookieHandler.setDefault(manager);
+
+        in = url.openConnection().getInputStream();
+        while (in.read() != -1);
+
+        if (manager.getCookieStore().getCookies().isEmpty()) {
+            throw new RuntimeException("Failed: No cookies in the cookie Handler.");
+        }
+    }
+
+    static final byte[] requestEnd = new byte[] {'\r', '\n', '\r', '\n' };
+
+    // Read until the end of a HTTP request
+    static void readOneRequest(InputStream is) throws IOException {
+        int requestEndCount = 0, r;
+        while ((r = is.read()) != -1) {
+            if (r == requestEnd[requestEndCount]) {
+                requestEndCount++;
+                if (requestEndCount == 4) {
+                    break;
+                }
+            } else {
+                requestEndCount = 0;
+            }
+        }
+    }
+
+    /*
+     * =============================================================
+     * The remainder is just support stuff
+     */
+
+    // use any free port by default
+    volatile int serverPort = 0;
+
+    volatile Exception serverException = null;
+    volatile Exception clientException = null;
+
+    public static void main(String args[]) throws Exception {
+        String keyFilename =
+            System.getProperty("test.src", "./") + "/" + pathToStores +
+                "/" + keyStoreFile;
+        String trustFilename =
+            System.getProperty("test.src", "./") + "/" + pathToStores +
+                "/" + trustStoreFile;
+
+        System.setProperty("javax.net.ssl.keyStore", keyFilename);
+        System.setProperty("javax.net.ssl.keyStorePassword", passwd);
+        System.setProperty("javax.net.ssl.trustStore", trustFilename);
+        System.setProperty("javax.net.ssl.trustStorePassword", passwd);
+
+        if (debug)
+            System.setProperty("javax.net.debug", "all");
+
+        new CookieHttpsClientTest();
+    }
+
+    Thread clientThread = null;
+    Thread serverThread = null;
+    /*
+     * Primary constructor, used to drive remainder of the test.
+     *
+     * Fork off the other side, then do your work.
+     */
+    CookieHttpsClientTest() throws Exception {
+        if (separateServerThread) {
+            startServer(true);
+            startClient(false);
+        } else {
+            startClient(true);
+            startServer(false);
+        }
+
+        /*
+         * Wait for other side to close down.
+         */
+        if (separateServerThread) {
+            serverThread.join();
+        } else {
+            clientThread.join();
+        }
+
+        /*
+         * When we get here, the test is pretty much over.
+         *
+         * If the main thread excepted, that propagates back
+         * immediately.  If the other thread threw an exception, we
+         * should report back.
+         */
+        if (serverException != null)
+            throw serverException;
+        if (clientException != null)
+            throw clientException;
+    }
+
+    void startServer(boolean newThread) throws Exception {
+        if (newThread) {
+            serverThread = new Thread() {
+                public void run() {
+                    try {
+                        doServerSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our server thread just died.
+                         *
+                         * Release the client, if not active already...
+                         */
+                        System.err.println("Server died...");
+                        serverReady = true;
+                        serverException = e;
+                    }
+                }
+            };
+            serverThread.start();
+        } else {
+            doServerSide();
+        }
+    }
+
+    void startClient(boolean newThread) throws Exception {
+        if (newThread) {
+            clientThread = new Thread() {
+                public void run() {
+                    try {
+                        doClientSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our client thread just died.
+                         */
+                        System.err.println("Client died...");
+                        clientException = e;
+                   }
+                }
+            };
+            clientThread.start();
+        } else {
+            doClientSide();
+        }
+    }
+}
--- a/test/sun/tools/common/CommonSetup.sh	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/sun/tools/common/CommonSetup.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -34,6 +34,7 @@
 #   JMAP        - jmap utility
 #   JPS         - jps utility
 #   JSTACK      - jstack utility
+#   JCMD        - jcmd utility
 #   OS          - operating system name
 #   PATTERN_EOL - grep or sed end-of-line pattern
 #   PATTERN_WS  - grep or sed whitespace pattern
@@ -72,6 +73,7 @@
 JMAP="${TESTJAVA}/bin/jmap"
 JPS="${TESTJAVA}/bin/jps"
 JSTACK="${TESTJAVA}/bin/jstack"
+JCMD="${TESTJAVA}/bin/jcmd"
 
 isCygwin=false
 isMKS=false
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/dcmd-script.txt	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,2 @@
+help help
+stop
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/help_help.out	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,12 @@
+help
+For more information about a specific command use 'help <command>'. With no argument this will show a list of available commands. 'help all' will show help for all commands.
+
+Impact: Low: 
+
+Syntax : help [options] [<command name>]
+
+Arguments:
+	command name : [optional] The name of the command for which we want help (STRING, no default value)
+
+Options: (options must be specified using the <key> or <key>=<value> syntax)
+	-all : [optional] Show help for all commands (BOOLEAN, false)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/jcmd-Defaults.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,33 @@
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 7104647
+# @run shell jcmd-Defaults.sh
+# @summary Test that output of 'jcmd' and 'jcmd -l' match a specific pattern
+
+JCMD="${TESTJAVA}/bin/jcmd"
+
+${JCMD} 2>&1 | awk -f ${TESTSRC}/jcmd_Output1.awk
+
+${JCMD} -l 2>&1 | awk -f ${TESTSRC}/jcmd_Output1.awk
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/jcmd-f.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+
+# @test
+# @bug 7104647
+# @summary Unit test for jcmd utility
+#
+# @library ../common
+# @build SimpleApplication ShutdownSimpleApplication
+# @run shell jcmd-f.sh
+
+. ${TESTSRC}/../common/CommonSetup.sh
+. ${TESTSRC}/../common/ApplicationSetup.sh
+
+# Start application and use PORTFILE for coordination
+PORTFILE="${TESTCLASSES}"/shutdown.port
+startApplication SimpleApplication "${PORTFILE}"
+
+# all return statuses are checked in this test
+set +e
+
+failed=0
+
+# -f <script>
+rm -f jcmd.out 2>/dev/null
+${JCMD} $appJavaPid -f ${TESTSRC}/dcmd-script.txt | awk '{ if (NR>1) print $0;}' > jcmd.out 2>&1
+echo jcmd.out
+diff -w jcmd.out ${TESTSRC}/help_help.out
+if [ $? != 0 ]; then
+  echo "Output of jcmd [pid] -f dcmd-script.txt  differ from expected output. Failed."
+  rm -f jcmd.out 2>/dev/null
+  failed=1;
+fi
+
+set -e
+
+stopApplication "${PORTFILE}"
+waitForApplication
+
+exit $failed
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/jcmd-help-help.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+
+# @test
+# @bug 7104647
+# @summary Unit test for jcmd utility
+#
+# @library ../common
+# @build SimpleApplication ShutdownSimpleApplication
+# @run shell jcmd-help-help.sh
+
+. ${TESTSRC}/../common/CommonSetup.sh
+. ${TESTSRC}/../common/ApplicationSetup.sh
+
+# Start application and use PORTFILE for coordination
+PORTFILE="${TESTCLASSES}"/shutdown.port
+startApplication SimpleApplication "${PORTFILE}"
+
+# all return statuses are checked in this test
+set +e
+
+failed=0
+
+# help help
+rm -f jcmd.out 2>/dev/null
+${JCMD} $appJavaPid help help | awk '{ if (NR>1) print $0;}' > jcmd.out 2>&1
+echo jcmd.out
+diff -w jcmd.out ${TESTSRC}/help_help.out
+if [ $? != 0 ]; then
+  echo "Output of jcmd [pid] help help differ from expected output. Failed."
+  rm -f jcmd.out 2>/dev/null
+  failed=1;
+fi
+
+set -e
+
+stopApplication "${PORTFILE}"
+waitForApplication
+
+exit $failed
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/jcmd-help.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,54 @@
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 7104647
+# @run shell jcmd-help.sh
+# @summary Test that output of 'jcmd -h' matches the usage.out file
+
+JCMD="${TESTJAVA}/bin/jcmd"
+
+rm -f jcmd.out 2>/dev/null
+${JCMD} -h > jcmd.out 2>&1
+
+diff -w jcmd.out ${TESTSRC}/usage.out
+if [ $? != 0 ]
+then
+  echo "Output of jcmd -h differ from expected output. Failed."
+  rm -f jcmd.out 2>/dev/null
+  exit 1
+fi
+
+rm -f jcmd.out 2>/dev/null
+${JCMD} -help > jcmd.out 2>&1
+
+diff -w jcmd.out ${TESTSRC}/usage.out
+if [ $? != 0 ]
+then
+  echo "Output of jcmd -help differ from expected output. Failed."
+  rm -f jcmd.out 2>/dev/null
+  exit 1
+fi
+
+rm -f jcmd.out 2>/dev/null
+exit 0
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/jcmd-pid.sh	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+
+# @test
+# @bug 7104647
+# @summary Unit test for jcmd utility
+#
+# @library ../common
+# @build SimpleApplication ShutdownSimpleApplication
+# @run shell jcmd-pid.sh
+
+. ${TESTSRC}/../common/CommonSetup.sh
+. ${TESTSRC}/../common/ApplicationSetup.sh
+
+# Start application and use PORTFILE for coordination
+PORTFILE="${TESTCLASSES}"/shutdown.port
+startApplication SimpleApplication "${PORTFILE}"
+
+# all return statuses are checked in this test
+set +e
+
+failed=0
+
+# help command 
+${JCMD} $appJavaPid help 2>&1 | awk -f ${TESTSRC}/jcmd_pid_Output1.awk
+if [ $? != 0 ]; then failed=1; fi
+
+# PerfCounter.list option
+${JCMD} $appJavaPid PerfCounter.print 2>&1 | awk -f ${TESTSRC}/jcmd_pid_Output2.awk
+if [ $? != 0 ]; then failed=1; fi
+
+set -e
+
+stopApplication "${PORTFILE}"
+waitForApplication
+
+exit $failed
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/jcmd_Output1.awk	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,32 @@
+#
+BEGIN	{
+	    totallines=0; matched=0
+	}
+
+# match on a main class name followed by arbitrary arguments
+/^[0-9]+ [a-z|A-Z][a-z|A-Z|0-9|\.]*($| .*$)/	{
+	    matched++;
+	}
+
+# or match on a path name to a jar file followed by arbitraty arguments
+# - note, jar files ending with ".jar" is only a convention, not a requirement.
+#Theoretically, any valid file name could occur here.
+/^[0-9]+ .*\.jar($| .*$)/	{
+	    matched++;
+}
+
+# or match on the condition that the class name is not available
+/^[0-9]+ -- process information unavailable$/	{
+	    matched++;
+	}
+
+	{ totallines++; print $0 }
+
+END	{
+	    if ((totallines > 0) && (matched == totallines)) {
+	        exit 0
+	    }
+	    else {
+	        exit 1
+	    }
+	}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/jcmd_pid_Output1.awk	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,58 @@
+#
+
+# section 0 = [PID]:
+# section 1 = "The following commands are available:"
+# section 2 = <list of commands, one command per line>
+# section 3 = blank line
+# section 4 = "For more information about a specific command use 'help <command>'."
+
+BEGIN	{
+    totallines=0; matched=0; section=0;
+}
+
+# match the first line (PID of the JVM followed by ':')
+/^[0-9]+:/{
+    if(section==0) {
+	matched++;
+	section=1;
+    }
+}
+
+/^The following commands are available:$/{
+    if(section==1) {
+	matched++;
+	section=2;
+    }
+}
+
+# match a command name
+/^[a-z|A-Z][a-z|A-Z|0-9|\.|_]*$/{
+    if(section==2) {
+	matched++;
+    }
+}
+
+/^$/{
+    if(section==2) {
+	matched++;
+	section=4;
+    }
+}
+
+/^For more information about a specific command use 'help <command>'\.$/{
+    if(section==4) {
+	matched++;
+	section=5;
+    }
+}
+
+{ totallines++; print $0 }
+
+END {
+    if ((totallines > 0) && (matched == totallines)) {
+	exit 0
+    }
+    else {
+	exit 1
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/jcmd_pid_Output2.awk	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,25 @@
+#
+BEGIN	{
+	    totallines=0; matched=0
+	}
+
+# match on counter name followed '=' and an arbitrary value
+/^[a-z|A-Z][a-z|A-Z|0-9|\.|_]*=.*$/	{
+	    matched++;
+	}
+
+# or match the first line (PID of the JVM followed by ':')
+/^[0-9]+:/	{
+	    matched++;
+	}
+
+	{ totallines++; print $0 }
+
+END	{
+    if ((totallines > 0) && (matched == totallines)) {
+	exit 0
+    }
+    else {
+	exit 1
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/tools/jcmd/usage.out	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,15 @@
+Usage: jcmd <pid | main class> <command ...|PerfCounter.print|-f file>
+   or: jcmd -l                                                       
+   or: jcmd -h                                                       
+                                                                  
+  command must be a valid jcmd command for the selected jvm.    
+  Use the command "help" to see which commands are available.   
+  If the pid is 0, commands will be sent to all Java processes.   
+  The main class argument will be used to match (either partially 
+  or fully) the class used to start Java.                         
+  If no options are given, lists Java processes (same as -p).     
+                                                                  
+  PerfCounter.print display the counters exposed by this process   
+  -f  read and execute commands from the file                     
+  -l  list JVM processes on the local machine                     
+  -h  this help                                                   
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/tools/launcher/I18NJarTest.java	Fri Jan 27 16:48:41 2012 -0800
@@ -0,0 +1,110 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7125442
+ * @summary ensures a jar path as well as a class located in a path containing
+ *          unicode characters are launched.
+ * @compile -XDignore.symbol.file I18NJarTest.java TestHelper.java
+ * @run main/othervm I18NJarTest
+ */
+import java.io.File;
+import java.util.Locale;
+
+/*
+ * Note 1: the system must have the correct Locale, in order for the test to
+ * work correctly, on those systems that do not comply, the test will succeed.
+ * Here are some guidelines to set the locale correctly.
+ * On Windows: ControlPanel->Regional Settings,
+ *             ensure that "Japanese" is selected and checked, and in
+ *             "Code page conversion tables", the following must be checked,
+ *             932 (ANSI/OEM - Japanese Shift-JIS).
+ * On Unix: use "locale -a" verify one of these exist ja_JP.UTF-8 or
+ *          ja_JP.utf8 or ja_JP.ujis, and export one of them with LC_ALL.
+ *
+ *
+ * Note 2: since we need to set the locale, it is safest to execute this test
+ * in its own VM (othervm mode), such that the ensuing tests can run unperturbed,
+ * regardless of the outcome.
+ */
+public class I18NJarTest {
+    private static final File cwd = new File(".");
+    private static final File dir = new File("\uFF66\uFF67\uFF68\uFF69");
+    private static final String encoding = System.getProperty("sun.jnu.encoding", "");
+
+    public static void main(String... args) throws Exception {
+        boolean localeAvailable = false;
+        for (Locale l : Locale.getAvailableLocales()) {
+            if (l.toLanguageTag().equals(Locale.JAPAN.toLanguageTag())) {
+                localeAvailable = true;
+                break;
+            }
+        }
+        if (!localeAvailable) {
+            System.out.println("Warning: locale: " + Locale.JAPAN
+                    + " not found, test passes vacuosly");
+            return;
+        }
+        if (encoding.equals("MS932") || encoding.equals("UTF-8")) {
+            Locale.setDefault(Locale.JAPAN);
+            System.out.println("using locale " + Locale.JAPAN +
+                    ", encoding " + encoding);
+        } else {
+            System.out.println("Warning: current encoding is " + encoding +
+                    "this test requires MS932 <Ja> or UTF-8," +
+                    " test passes vacuosly");
+            return;
+        }
+        dir.mkdir();
+        File dirfile = new File(dir, "foo.jar");
+        TestHelper.createJar(dirfile,
+                "public static void main(String... args) {",
+                "System.out.println(\"Hello World\");",
+                "System.exit(0);",
+                "}");
+
+        // remove the class files, to ensure that the class is indeed picked up
+        // from the jar file and not from ambient classpath.
+        File[] classFiles = cwd.listFiles(TestHelper.createFilter(TestHelper.CLASS_FILE_EXT));
+        for (File f : classFiles) {
+            f.delete();
+        }
+
+        // test with a jar file
+        TestHelper.TestResult tr = TestHelper.doExec(TestHelper.javaCmd,
+                "-jar", dirfile.getAbsolutePath());
+        System.out.println(tr);
+        if (!tr.isOK()) {
+            throw new RuntimeException("TEST FAILED");
+        }
+
+        // test the same class but by specifying it as a classpath
+        tr = TestHelper.doExec(TestHelper.javaCmd, "-cp",
+                dirfile.getAbsolutePath(), "Foo");
+        System.out.println(tr);
+        if (!tr.isOK()) {
+            throw new RuntimeException("TEST FAILED");
+        }
+    }
+}
--- a/test/tools/launcher/TestHelper.java	Fri Jan 27 08:49:35 2012 -0800
+++ b/test/tools/launcher/TestHelper.java	Fri Jan 27 16:48:41 2012 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,23 +21,24 @@
  * questions.
  */
 
-import java.nio.file.attribute.BasicFileAttributes;
-import java.nio.file.FileVisitResult;
-import java.nio.file.SimpleFileVisitor;
-import javax.tools.ToolProvider;
 import java.io.BufferedReader;
 import java.io.File;
+import java.io.FileFilter;
 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStreamReader;
 import java.io.PrintStream;
+import java.nio.file.attribute.BasicFileAttributes;
 import java.nio.file.Files;
+import java.nio.file.FileVisitResult;
+import java.nio.file.SimpleFileVisitor;
 import java.nio.file.Path;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 import javax.tools.JavaCompiler;
+import javax.tools.ToolProvider;
 
 import static java.nio.file.StandardCopyOption.*;
 
@@ -67,6 +68,10 @@
     static final boolean isDualMode = isSolaris;
     static final boolean isSparc = System.getProperty("os.arch").startsWith("sparc");
 
+    static final String JAVA_FILE_EXT  = ".java";
+    static final String CLASS_FILE_EXT = ".class";
+    static final String JAR_FILE_EXT   = ".jar";
+
     static int testExitValue = 0;
 
     static {
@@ -288,6 +293,19 @@
         }
     }
 
+    static FileFilter createFilter(final String extension) {
+        return new FileFilter() {
+            @Override
+            public boolean accept(File pathname) {
+                String name = pathname.getName();
+                if (name.endsWith(extension)) {
+                    return true;
+                }
+                return false;
+            }
+        };
+    }
+
     /*
      * A class to encapsulate the test results and stuff, with some ease
      * of use methods to check the test results.