changeset 4659:ffe93c01d5be

Merge
author michaelm
date Mon, 16 Jan 2012 14:26:51 +0000
parents 53427895abd7 40037f37550d
children 534f984e18bc
files make/common/shared/Platform.gmk test/ProblemList.txt
diffstat 51 files changed, 3144 insertions(+), 265 deletions(-) [+]
line wrap: on
line diff
--- a/make/common/shared/Platform.gmk	Mon Jan 16 15:49:14 2012 +0300
+++ b/make/common/shared/Platform.gmk	Mon Jan 16 14:26:51 2012 +0000
@@ -147,8 +147,8 @@
   endif
   # Suffix for file bundles used in previous release
   BUNDLE_FILE_SUFFIX=.tar
-  # How much RAM does this machine have:
-  MB_OF_MEMORY=$(shell /usr/sbin/prtconf | fgrep 'Memory size:' | expand | cut -d' ' -f3)
+  # How much RAM does this machine have (zones send an error to stderr):
+  MB_OF_MEMORY:=$(shell /usr/sbin/prtconf 2>/dev/null | fgrep 'Memory size:' | expand | cut -d' ' -f3)
 endif
 
 # Platform settings specific to Linux
--- a/src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/com/sun/org/apache/xml/internal/security/utils/IdResolver.java	Mon Jan 16 14:26:51 2012 +0000
@@ -248,6 +248,8 @@
                     int index=s==null ? elementIndex : names.indexOf(n.getNamespaceURI());
                     index=(index<0) ? namesLength : index;
                     String name=n.getLocalName();
+                    if (name == null)
+                        name = n.getName();
                     if (name.length()>2)
                         continue;
                     String value=n.getNodeValue();
--- a/src/share/classes/java/lang/invoke/CallSite.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/java/lang/invoke/CallSite.java	Mon Jan 16 14:26:51 2012 +0000
@@ -267,7 +267,7 @@
 
     /*package-private*/
     void setTargetNormal(MethodHandle newTarget) {
-        target = newTarget;
+        MethodHandleNatives.setCallSiteTargetNormal(this, newTarget);
     }
     /*package-private*/
     MethodHandle getTargetVolatile() {
@@ -275,7 +275,7 @@
     }
     /*package-private*/
     void setTargetVolatile(MethodHandle newTarget) {
-        unsafe.putObjectVolatile(this, TARGET_OFFSET, newTarget);
+        MethodHandleNatives.setCallSiteTargetVolatile(this, newTarget);
     }
 
     // this implements the upcall from the JVM, MethodHandleNatives.makeDynamicCallSite:
--- a/src/share/classes/java/lang/invoke/MethodHandleImpl.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/java/lang/invoke/MethodHandleImpl.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1258,12 +1258,4 @@
         return THROW_EXCEPTION;
     }
     static <T extends Throwable> Empty throwException(T t) throws T { throw t; }
-
-    // Linkage support:
-    static void registerBootstrap(Class<?> callerClass, MethodHandle bootstrapMethod) {
-        MethodHandleNatives.registerBootstrap(callerClass, bootstrapMethod);
-    }
-    static MethodHandle getBootstrap(Class<?> callerClass) {
-        return MethodHandleNatives.getBootstrap(callerClass);
-    }
 }
--- a/src/share/classes/java/lang/invoke/MethodHandleNatives.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/java/lang/invoke/MethodHandleNatives.java	Mon Jan 16 14:26:51 2012 +0000
@@ -61,15 +61,6 @@
     /** Initialize a method type, once per form. */
     static native void init(MethodType self);
 
-    /** Tell the JVM about a class's bootstrap method. */
-    static native void registerBootstrap(Class<?> caller, MethodHandle bootstrapMethod);
-
-    /** Ask the JVM about a class's bootstrap method. */
-    static native MethodHandle getBootstrap(Class<?> caller);
-
-    /** Tell the JVM that we need to change the target of an invokedynamic. */
-    static native void setCallSiteTarget(CallSite site, MethodHandle target);
-
     /** Fetch the vmtarget field.
      *  It will be sanitized as necessary to avoid exposing non-Java references.
      *  This routine is for debugging and reflection.
@@ -122,6 +113,12 @@
 
     static final boolean COUNT_GWT;
 
+    /// CallSite support
+
+    /** Tell the JVM that we need to change the target of a CallSite. */
+    static native void setCallSiteTargetNormal(CallSite site, MethodHandle target);
+    static native void setCallSiteTargetVolatile(CallSite site, MethodHandle target);
+
     private static native void registerNatives();
     static {
         registerNatives();
--- a/src/share/classes/java/net/HttpCookie.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/java/net/HttpCookie.java	Mon Jan 16 14:26:51 2012 +0000
@@ -80,6 +80,10 @@
     private boolean httpOnly;   // HttpOnly ... i.e. not accessible to scripts
     private int version = 1;    // Version=1 ... RFC 2965 style
 
+    // The original header this cookie was consructed from, if it was
+    // constructed by parsing a header, otherwise null.
+    private final String header;
+
     //
     // Hold the creation time (in seconds) of the http cookie for later
     // expiration calculation
@@ -145,6 +149,10 @@
      */
 
     public HttpCookie(String name, String value) {
+        this(name, value, null /*header*/);
+    }
+
+    private HttpCookie(String name, String value, String header) {
         name = name.trim();
         if (name.length() == 0 || !isToken(name) || isReserved(name)) {
             throw new IllegalArgumentException("Illegal cookie name");
@@ -157,6 +165,7 @@
 
         whenCreated = System.currentTimeMillis();
         portlist = null;
+        this.header = header;
     }
 
 
@@ -178,6 +187,15 @@
      * @throws NullPointerException     if the header string is <tt>null</tt>
      */
     public static List<HttpCookie> parse(String header) {
+        return parse(header, false);
+    }
+
+    // Private version of parse() that will store the original header used to
+    // create the cookie, in the cookie itself. This can be useful for filtering
+    // Set-Cookie[2] headers, using the internal parsing logic defined in this
+    // class.
+    private static List<HttpCookie> parse(String header, boolean retainHeader) {
+
         int version = guessCookieVersion(header);
 
         // if header start with set-cookie or set-cookie2, strip it off
@@ -194,7 +212,7 @@
         // so the parse logic is slightly different
         if (version == 0) {
             // Netscape draft cookie
-            HttpCookie cookie = parseInternal(header);
+            HttpCookie cookie = parseInternal(header, retainHeader);
             cookie.setVersion(0);
             cookies.add(cookie);
         } else {
@@ -203,7 +221,7 @@
             // it'll separate them with comma
             List<String> cookieStrings = splitMultiCookies(header);
             for (String cookieStr : cookieStrings) {
-                HttpCookie cookie = parseInternal(cookieStr);
+                HttpCookie cookie = parseInternal(cookieStr, retainHeader);
                 cookie.setVersion(1);
                 cookies.add(cookie);
             }
@@ -926,7 +944,8 @@
      * @throws IllegalArgumentException if header string violates the cookie
      *                                  specification
      */
-    private static HttpCookie parseInternal(String header)
+    private static HttpCookie parseInternal(String header,
+                                            boolean retainHeader)
     {
         HttpCookie cookie = null;
         String namevaluePair = null;
@@ -941,7 +960,13 @@
             if (index != -1) {
                 String name = namevaluePair.substring(0, index).trim();
                 String value = namevaluePair.substring(index + 1).trim();
-                cookie = new HttpCookie(name, stripOffSurroundingQuote(value));
+                if (retainHeader)
+                    cookie = new HttpCookie(name,
+                                            stripOffSurroundingQuote(value),
+                                            header);
+                else
+                    cookie = new HttpCookie(name,
+                                            stripOffSurroundingQuote(value));
             } else {
                 // no "=" in name-value pair; it's an error
                 throw new IllegalArgumentException("Invalid cookie name-value pair");
@@ -1064,6 +1089,28 @@
         }
     }
 
+    static {
+        sun.misc.SharedSecrets.setJavaNetHttpCookieAccess(
+            new sun.misc.JavaNetHttpCookieAccess() {
+                public List<HttpCookie> parse(String header) {
+                    return HttpCookie.parse(header, true);
+                }
+
+                public String header(HttpCookie cookie) {
+                    return cookie.header;
+                }
+            }
+        );
+    }
+
+    /*
+     * Returns the original header this cookie was consructed from, if it was
+     * constructed by parsing a header, otherwise null.
+     */
+    private String header() {
+        return header;
+    }
+
     /*
      * Constructs a string representation of this cookie. The string format is
      * as Netscape spec, but without leading "Cookie:" token.
--- a/src/share/classes/java/util/Currency.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/java/util/Currency.java	Mon Jan 16 14:26:51 2012 +0000
@@ -189,7 +189,7 @@
     private static final int VALID_FORMAT_VERSION = 1;
 
     static {
-        AccessController.doPrivileged(new PrivilegedAction() {
+        AccessController.doPrivileged(new PrivilegedAction<Object>() {
             public Object run() {
                 String homeDir = System.getProperty("java.home");
                 try {
@@ -433,7 +433,9 @@
             }
         }
 
-        return (Set<Currency>) available.clone();
+        @SuppressWarnings("unchecked")
+        Set<Currency> result = (Set<Currency>) available.clone();
+        return result;
     }
 
     /**
--- a/src/share/classes/javax/swing/plaf/basic/BasicTreeUI.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/javax/swing/plaf/basic/BasicTreeUI.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1932,20 +1932,22 @@
             else {
                 Rectangle   beginRect = getPathBounds(tree, getPathForRow
                                                       (tree, beginRow));
-                Rectangle   visRect = tree.getVisibleRect();
-                Rectangle   testRect = beginRect;
-                int         beginY = beginRect.y;
-                int         maxY = beginY + visRect.height;
-
-                for(int counter = beginRow + 1; counter <= endRow; counter++) {
-                    testRect = getPathBounds(tree,
-                                             getPathForRow(tree, counter));
-                    if((testRect.y + testRect.height) > maxY)
-                        counter = endRow;
+                if (beginRect != null) {
+                    Rectangle   visRect = tree.getVisibleRect();
+                    Rectangle   testRect = beginRect;
+                    int         beginY = beginRect.y;
+                    int         maxY = beginY + visRect.height;
+
+                    for(int counter = beginRow + 1; counter <= endRow; counter++) {
+                            testRect = getPathBounds(tree,
+                                    getPathForRow(tree, counter));
+                        if((testRect.y + testRect.height) > maxY)
+                                counter = endRow;
+                            }
+                        tree.scrollRectToVisible(new Rectangle(visRect.x, beginY, 1,
+                                                      testRect.y + testRect.height-
+                                                      beginY));
                 }
-                tree.scrollRectToVisible(new Rectangle(visRect.x, beginY, 1,
-                                                  testRect.y + testRect.height-
-                                                  beginY));
             }
         }
     }
@@ -3485,7 +3487,7 @@
             }
 
             Rectangle bounds = getPathBounds(tree, path);
-            if (y > (bounds.y + bounds.height)) {
+            if (bounds == null || y > (bounds.y + bounds.height)) {
                 return false;
             }
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/misc/JavaNetHttpCookieAccess.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.misc;
+
+import java.net.HttpCookie;
+import java.util.List;
+
+public interface JavaNetHttpCookieAccess {
+    /*
+     * Constructs cookies from Set-Cookie or Set-Cookie2 header string,
+     * retaining the original header String in the cookie itself.
+     */
+    public List<HttpCookie> parse(String header);
+
+    /*
+     * Returns the original header this cookie was consructed from, if it was
+     * constructed by parsing a header, otherwise null.
+     */
+    public String header(HttpCookie cookie);
+}
+
--- a/src/share/classes/sun/misc/SharedSecrets.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/misc/SharedSecrets.java	Mon Jan 16 14:26:51 2012 +0000
@@ -49,6 +49,7 @@
     private static JavaLangAccess javaLangAccess;
     private static JavaIOAccess javaIOAccess;
     private static JavaNetAccess javaNetAccess;
+    private static JavaNetHttpCookieAccess javaNetHttpCookieAccess;
     private static JavaNioAccess javaNioAccess;
     private static JavaIOFileDescriptorAccess javaIOFileDescriptorAccess;
     private static JavaSecurityProtectionDomainAccess javaSecurityProtectionDomainAccess;
@@ -85,6 +86,16 @@
         return javaNetAccess;
     }
 
+    public static void setJavaNetHttpCookieAccess(JavaNetHttpCookieAccess a) {
+        javaNetHttpCookieAccess = a;
+    }
+
+    public static JavaNetHttpCookieAccess getJavaNetHttpCookieAccess() {
+        if (javaNetHttpCookieAccess == null)
+            unsafe.ensureClassInitialized(java.net.HttpCookie.class);
+        return javaNetHttpCookieAccess;
+    }
+
     public static void setJavaNioAccess(JavaNioAccess jna) {
         javaNioAccess = jna;
     }
--- a/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/net/www/protocol/http/HttpURLConnection.java	Mon Jan 16 14:26:51 2012 +0000
@@ -31,6 +31,7 @@
 import java.net.HttpRetryException;
 import java.net.PasswordAuthentication;
 import java.net.Authenticator;
+import java.net.HttpCookie;
 import java.net.InetAddress;
 import java.net.UnknownHostException;
 import java.net.SocketTimeoutException;
@@ -45,6 +46,8 @@
 import java.net.CacheRequest;
 import java.net.Authenticator.RequestorType;
 import java.io.*;
+import java.util.ArrayList;
+import java.util.Collections;
 import java.util.Date;
 import java.util.Map;
 import java.util.List;
@@ -2575,6 +2578,78 @@
         return false;
     }
 
+    // constant strings represent set-cookie header names
+    private final static String SET_COOKIE = "set-cookie";
+    private final static String SET_COOKIE2 = "set-cookie2";
+
+    /**
+     * Returns a filtered version of the given headers value.
+     *
+     * Note: The implementation currently only filters out HttpOnly cookies
+     *       from Set-Cookie and Set-Cookie2 headers.
+     */
+    private String filterHeaderField(String name, String value) {
+        if (value == null)
+            return null;
+
+        if (SET_COOKIE.equalsIgnoreCase(name) ||
+            SET_COOKIE2.equalsIgnoreCase(name)) {
+            // Filtering only if there is a cookie handler. [Assumption: the
+            // cookie handler will store/retrieve the HttpOnly cookies]
+            if (cookieHandler == null)
+                return value;
+
+            sun.misc.JavaNetHttpCookieAccess access =
+                    sun.misc.SharedSecrets.getJavaNetHttpCookieAccess();
+            StringBuilder retValue = new StringBuilder();
+            List<HttpCookie> cookies = access.parse(value);
+            boolean multipleCookies = false;
+            for (HttpCookie cookie : cookies) {
+                // skip HttpOnly cookies
+                if (cookie.isHttpOnly())
+                    continue;
+                if (multipleCookies)
+                    retValue.append(',');  // RFC 2965, comma separated
+                retValue.append(access.header(cookie));
+                multipleCookies = true;
+            }
+
+            return retValue.length() == 0 ? null : retValue.toString();
+        }
+
+        return value;
+    }
+
+    // Cache the filtered response headers so that they don't need
+    // to be generated for every getHeaderFields() call.
+    private Map<String, List<String>> filteredHeaders;  // null
+
+    private Map<String, List<String>> getFilteredHeaderFields() {
+        if (filteredHeaders != null)
+            return filteredHeaders;
+
+        Map<String, List<String>> headers, tmpMap = new HashMap<>();
+
+        if (cachedHeaders != null)
+            headers = cachedHeaders.getHeaders();
+        else
+            headers = responses.getHeaders();
+
+        for (Map.Entry<String, List<String>> e: headers.entrySet()) {
+            String key = e.getKey();
+            List<String> values = e.getValue(), filteredVals = new ArrayList<>();
+            for (String value : values) {
+                String fVal = filterHeaderField(key, value);
+                if (fVal != null)
+                    filteredVals.add(fVal);
+            }
+            if (!filteredVals.isEmpty())
+                tmpMap.put(key, Collections.unmodifiableList(filteredVals));
+        }
+
+        return filteredHeaders = Collections.unmodifiableMap(tmpMap);
+    }
+
     /**
      * Gets a header field by name. Returns null if not known.
      * @param name the name of the header field
@@ -2586,10 +2661,10 @@
         } catch (IOException e) {}
 
         if (cachedHeaders != null) {
-            return cachedHeaders.findValue(name);
+            return filterHeaderField(name, cachedHeaders.findValue(name));
         }
 
-        return responses.findValue(name);
+        return filterHeaderField(name, responses.findValue(name));
     }
 
     /**
@@ -2608,11 +2683,7 @@
             getInputStream();
         } catch (IOException e) {}
 
-        if (cachedHeaders != null) {
-            return cachedHeaders.getHeaders();
-        }
-
-        return responses.getHeaders();
+        return getFilteredHeaderFields();
     }
 
     /**
@@ -2626,9 +2697,10 @@
         } catch (IOException e) {}
 
         if (cachedHeaders != null) {
-           return cachedHeaders.getValue(n);
+           return filterHeaderField(cachedHeaders.getKey(n),
+                                    cachedHeaders.getValue(n));
         }
-        return responses.getValue(n);
+        return filterHeaderField(responses.getKey(n), responses.getValue(n));
     }
 
     /**
--- a/src/share/classes/sun/nio/ch/SocketAdaptor.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/nio/ch/SocketAdaptor.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -57,13 +57,17 @@
     // Timeout "option" value for reads
     private volatile int timeout = 0;
 
-    // ## super will create a useless impl
-    private SocketAdaptor(SocketChannelImpl sc) {
+    private SocketAdaptor(SocketChannelImpl sc) throws SocketException {
+        super((SocketImpl) null);
         this.sc = sc;
     }
 
     public static Socket create(SocketChannelImpl sc) {
-        return new SocketAdaptor(sc);
+        try {
+            return new SocketAdaptor(sc);
+        } catch (SocketException e) {
+            throw new InternalError("Should not reach here");
+        }
     }
 
     public SocketChannel getChannel() {
--- a/src/share/classes/sun/security/krb5/internal/rcache/ReplayCache.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/security/krb5/internal/rcache/ReplayCache.java	Mon Jan 16 14:26:51 2012 +0000
@@ -31,8 +31,6 @@
 
 package sun.security.krb5.internal.rcache;
 
-import sun.security.krb5.KrbException;
-import sun.security.krb5.Config;
 import sun.security.krb5.internal.Krb5;
 import java.util.LinkedList;
 import java.util.ListIterator;
@@ -48,10 +46,13 @@
 
     private static final long serialVersionUID = 2997933194993803994L;
 
+    // These 3 fields are now useless, keep for serialization compatibility
     private String principal;
     private CacheTable table;
     private int nap = 10 * 60 * 1000; //10 minutes break
+
     private boolean DEBUG = Krb5.DEBUG;
+
     /**
      * Constructs a ReplayCache for a client principal in specified <code>CacheTable</code>.
      * @param p client principal name.
@@ -125,20 +126,11 @@
         if (DEBUG) {
             printList();
         }
-
-        // if there are no entries in the replay cache,
-        // remove the replay cache from the table.
-        if (this.size() == 0) {
-            table.remove(principal);
-        }
-        if (DEBUG) {
-            printList();
-        }
     }
 
 
     /**
-     * Printes out the debug message.
+     * Prints out the debug message.
      */
     private void printList() {
         Object[] total = toArray();
--- a/src/share/classes/sun/security/pkcs11/P11Cipher.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/security/pkcs11/P11Cipher.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -870,7 +870,7 @@
     @Override
     protected int engineGetKeySize(Key key) throws InvalidKeyException {
         int n = P11SecretKeyFactory.convertKey
-                (token, key, keyAlgorithm).keyLength();
+                (token, key, keyAlgorithm).length();
         return n;
     }
 
--- a/src/share/classes/sun/security/pkcs11/P11Key.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/security/pkcs11/P11Key.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -46,6 +46,7 @@
 import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
 
 import sun.security.util.DerValue;
+import sun.security.util.Length;
 
 /**
  * Key implementation classes.
@@ -61,7 +62,7 @@
  * @author  Andreas Sterbenz
  * @since   1.5
  */
-abstract class P11Key implements Key {
+abstract class P11Key implements Key, Length {
 
     private final static String PUBLIC = "public";
     private final static String PRIVATE = "private";
@@ -212,7 +213,11 @@
         return s1;
     }
 
-    int keyLength() {
+    /**
+     * Return bit length of the key.
+     */
+    @Override
+    public int length() {
         return keyLength;
     }
 
--- a/src/share/classes/sun/security/pkcs11/P11RSACipher.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/security/pkcs11/P11RSACipher.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -216,7 +216,7 @@
         } else {
             throw new InvalidKeyException("Unknown key type: " + p11Key);
         }
-        int n = (p11Key.keyLength() + 7) >> 3;
+        int n = (p11Key.length() + 7) >> 3;
         outputSize = n;
         buffer = new byte[n];
         maxInputSize = ((padType == PAD_PKCS1 && encrypt) ?
@@ -495,7 +495,7 @@
 
     // see JCE spec
     protected int engineGetKeySize(Key key) throws InvalidKeyException {
-        int n = P11KeyFactory.convertKey(token, key, algorithm).keyLength();
+        int n = P11KeyFactory.convertKey(token, key, algorithm).length();
         return n;
     }
 }
--- a/src/share/classes/sun/security/pkcs11/P11Signature.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/security/pkcs11/P11Signature.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -272,7 +272,7 @@
                 if (keyAlgorithm.equals("DSA")) {
                     signature = new byte[40];
                 } else {
-                    signature = new byte[(p11Key.keyLength() + 7) >> 3];
+                    signature = new byte[(p11Key.length() + 7) >> 3];
                 }
                 if (type == T_UPDATE) {
                     token.p11.C_VerifyFinal(session.id(), signature);
@@ -357,7 +357,7 @@
         if (keyAlgorithm.equals("RSA") && publicKey != p11Key) {
             int keyLen;
             if (publicKey instanceof P11Key) {
-                keyLen = ((P11Key) publicKey).keyLength();
+                keyLen = ((P11Key) publicKey).length();
             } else {
                 keyLen = ((RSAKey) publicKey).getModulus().bitLength();
             }
@@ -618,7 +618,7 @@
 
     private byte[] pkcs1Pad(byte[] data) {
         try {
-            int len = (p11Key.keyLength() + 7) >> 3;
+            int len = (p11Key.length() + 7) >> 3;
             RSAPadding padding = RSAPadding.getInstance
                                         (RSAPadding.PAD_BLOCKTYPE_1, len);
             byte[] padded = padding.pad(data);
--- a/src/share/classes/sun/security/ssl/ClientHandshaker.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/security/ssl/ClientHandshaker.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -957,7 +957,8 @@
                 if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
                     preferableSignatureAlgorithm =
                         SignatureAndHashAlgorithm.getPreferableAlgorithm(
-                            peerSupportedSignAlgs, signingKey.getAlgorithm());
+                            peerSupportedSignAlgs, signingKey.getAlgorithm(),
+                            signingKey);
 
                     if (preferableSignatureAlgorithm == null) {
                         throw new SSLHandshakeException(
--- a/src/share/classes/sun/security/ssl/ServerHandshaker.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/security/ssl/ServerHandshaker.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -1024,37 +1024,39 @@
             }
             break;
         case K_DHE_RSA:
+            // need RSA certs for authentication
+            if (setupPrivateKeyAndChain("RSA") == false) {
+                return false;
+            }
+
             // get preferable peer signature algorithm for server key exchange
             if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
                 preferableSignatureAlgorithm =
                     SignatureAndHashAlgorithm.getPreferableAlgorithm(
-                                                supportedSignAlgs, "RSA");
+                                        supportedSignAlgs, "RSA", privateKey);
                 if (preferableSignatureAlgorithm == null) {
                     return false;
                 }
             }
 
+            setupEphemeralDHKeys(suite.exportable);
+            break;
+        case K_ECDHE_RSA:
             // need RSA certs for authentication
             if (setupPrivateKeyAndChain("RSA") == false) {
                 return false;
             }
-            setupEphemeralDHKeys(suite.exportable);
-            break;
-        case K_ECDHE_RSA:
+
             // get preferable peer signature algorithm for server key exchange
             if (protocolVersion.v >= ProtocolVersion.TLS12.v) {
                 preferableSignatureAlgorithm =
                     SignatureAndHashAlgorithm.getPreferableAlgorithm(
-                                                supportedSignAlgs, "RSA");
+                                        supportedSignAlgs, "RSA", privateKey);
                 if (preferableSignatureAlgorithm == null) {
                     return false;
                 }
             }
 
-            // need RSA certs for authentication
-            if (setupPrivateKeyAndChain("RSA") == false) {
-                return false;
-            }
             if (setupEphemeralECDHKeys() == false) {
                 return false;
             }
--- a/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,6 +27,7 @@
 
 import java.security.AlgorithmConstraints;
 import java.security.CryptoPrimitive;
+import java.security.PrivateKey;
 
 import java.util.Set;
 import java.util.HashSet;
@@ -37,6 +38,8 @@
 import java.util.Collections;
 import java.util.ArrayList;
 
+import sun.security.util.KeyLength;
+
 /**
  * Signature and hash algorithm.
  *
@@ -231,6 +234,14 @@
     static SignatureAndHashAlgorithm getPreferableAlgorithm(
         Collection<SignatureAndHashAlgorithm> algorithms, String expected) {
 
+        return SignatureAndHashAlgorithm.getPreferableAlgorithm(
+                algorithms, expected, null);
+    }
+
+    static SignatureAndHashAlgorithm getPreferableAlgorithm(
+        Collection<SignatureAndHashAlgorithm> algorithms,
+        String expected, PrivateKey signingKey) {
+
         if (expected == null && !algorithms.isEmpty()) {
             for (SignatureAndHashAlgorithm sigAlg : algorithms) {
                 if (sigAlg.priority <= SUPPORTED_ALG_PRIORITY_MAX_NUM) {
@@ -241,17 +252,58 @@
             return null;  // no supported algorithm
         }
 
+        if (expected == null ) {
+            return null;  // no expected algorithm, no supported algorithm
+        }
+
+        /*
+         * Need to check RSA key length to match the length of hash value
+         */
+        int maxDigestLength = Integer.MAX_VALUE;
+        if (signingKey != null &&
+                "rsa".equalsIgnoreCase(signingKey.getAlgorithm()) &&
+                expected.equalsIgnoreCase("rsa")) {
+            /*
+             * RSA keys of 512 bits have been shown to be practically
+             * breakable, it does not make much sense to use the strong
+             * hash algorithm for keys whose key size less than 512 bits.
+             * So it is not necessary to caculate the required max digest
+             * length exactly.
+             *
+             * If key size is greater than or equals to 768, there is no max
+             * digest length limitation in currect implementation.
+             *
+             * If key size is greater than or equals to 512, but less than
+             * 768, the digest length should be less than or equal to 32 bytes.
+             *
+             * If key size is less than 512, the  digest length should be
+             * less than or equal to 20 bytes.
+             */
+            int keySize = KeyLength.getKeySize(signingKey);
+            if (keySize >= 768) {
+                maxDigestLength = HashAlgorithm.SHA512.length;
+            } else if ((keySize >= 512) && (keySize < 768)) {
+                maxDigestLength = HashAlgorithm.SHA256.length;
+            } else if ((keySize > 0) && (keySize < 512)) {
+                maxDigestLength = HashAlgorithm.SHA1.length;
+            }   // Otherwise, cannot determine the key size, prefer the most
+                // perferable hash algorithm.
+        }
 
         for (SignatureAndHashAlgorithm algorithm : algorithms) {
             int signValue = algorithm.id & 0xFF;
-            if ((expected.equalsIgnoreCase("dsa") &&
-                    signValue == SignatureAlgorithm.DSA.value) ||
-                (expected.equalsIgnoreCase("rsa") &&
-                    signValue == SignatureAlgorithm.RSA.value) ||
-                (expected.equalsIgnoreCase("ecdsa") &&
-                    signValue == SignatureAlgorithm.ECDSA.value) ||
-                (expected.equalsIgnoreCase("ec") &&
-                    signValue == SignatureAlgorithm.ECDSA.value)) {
+            if (expected.equalsIgnoreCase("rsa") &&
+                    signValue == SignatureAlgorithm.RSA.value) {
+                if (algorithm.hash.length <= maxDigestLength) {
+                    return algorithm;
+                }
+            } else if (
+                    (expected.equalsIgnoreCase("dsa") &&
+                        signValue == SignatureAlgorithm.DSA.value) ||
+                    (expected.equalsIgnoreCase("ecdsa") &&
+                        signValue == SignatureAlgorithm.ECDSA.value) ||
+                    (expected.equalsIgnoreCase("ec") &&
+                        signValue == SignatureAlgorithm.ECDSA.value)) {
                 return algorithm;
             }
         }
@@ -260,25 +312,28 @@
     }
 
     static enum HashAlgorithm {
-        UNDEFINED("undefined",        "", -1),
-        NONE(          "none",    "NONE",  0),
-        MD5(            "md5",     "MD5",  1),
-        SHA1(          "sha1",   "SHA-1",  2),
-        SHA224(      "sha224", "SHA-224",  3),
-        SHA256(      "sha256", "SHA-256",  4),
-        SHA384(      "sha384", "SHA-384",  5),
-        SHA512(      "sha512", "SHA-512",  6);
+        UNDEFINED("undefined",        "", -1, -1),
+        NONE(          "none",    "NONE",  0, -1),
+        MD5(            "md5",     "MD5",  1, 16),
+        SHA1(          "sha1",   "SHA-1",  2, 20),
+        SHA224(      "sha224", "SHA-224",  3, 28),
+        SHA256(      "sha256", "SHA-256",  4, 32),
+        SHA384(      "sha384", "SHA-384",  5, 48),
+        SHA512(      "sha512", "SHA-512",  6, 64);
 
         final String name;  // not the standard signature algorithm name
                             // except the UNDEFINED, other names are defined
                             // by TLS 1.2 protocol
         final String standardName; // the standard MessageDigest algorithm name
         final int value;
+        final int length;   // digest length in bytes, -1 means not applicable
 
-        private HashAlgorithm(String name, String standardName, int value) {
+        private HashAlgorithm(String name, String standardName,
+                int value, int length) {
             this.name = name;
             this.standardName = standardName;
             this.value = value;
+            this.length = length;
         }
 
         static HashAlgorithm valueOf(int value) {
--- a/src/share/classes/sun/security/tools/KeyTool.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/security/tools/KeyTool.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1143,17 +1143,14 @@
             if (token) {
                 keyStore.store(null, null);
             } else {
-                FileOutputStream fout = null;
-                try {
-                    fout = (nullStream ?
-                                        (FileOutputStream)null :
-                                        new FileOutputStream(ksfname));
-                    keyStore.store
-                        (fout,
-                        (storePassNew!=null) ? storePassNew : storePass);
-                } finally {
-                    if (fout != null) {
-                        fout.close();
+                char[] pass = (storePassNew!=null) ? storePassNew : storePass;
+                if (nullStream) {
+                    keyStore.store(null, pass);
+                } else {
+                    ByteArrayOutputStream bout = new ByteArrayOutputStream();
+                    keyStore.store(bout, pass);
+                    try (FileOutputStream fout = new FileOutputStream(ksfname)) {
+                        fout.write(bout.toByteArray());
                     }
                 }
             }
@@ -1401,7 +1398,7 @@
     private char[] promptForKeyPass(String alias, String orig, char[] origPass) throws Exception{
         if (P12KEYSTORE.equalsIgnoreCase(storetype)) {
             return origPass;
-        } else if (!token) {
+        } else if (!token && !protectedPath) {
             // Prompt for key password
             int count;
             for (count = 0; count < 3; count++) {
@@ -1448,7 +1445,7 @@
                 }
             }
         }
-        return null;    // PKCS11
+        return null;    // PKCS11, MSCAPI, or -protected
     }
     /**
      * Creates a new secret key.
--- a/src/share/classes/sun/security/util/DisabledAlgorithmConstraints.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/security/util/DisabledAlgorithmConstraints.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,11 +33,6 @@
 import java.security.Security;
 import java.security.PrivilegedAction;
 import java.security.AccessController;
-import java.security.interfaces.ECKey;
-import java.security.interfaces.RSAKey;
-import java.security.interfaces.DSAKey;
-import javax.crypto.SecretKey;
-import javax.crypto.interfaces.DHKey;
 
 import java.util.Locale;
 import java.util.Set;
@@ -443,40 +438,15 @@
 
         // Does this key constraint disable the specified key?
         public boolean disables(Key key) {
-            int size = -1;
-
-            // it is a SecretKey
-            if (key instanceof SecretKey) {
-                SecretKey sk = (SecretKey)key;
-                if (sk.getFormat().equals("RAW") && sk.getEncoded() != null) {
-                    size = sk.getEncoded().length * 8;
-
-                }
-            }
-
-            // it is an asymmetric key
-            if (key instanceof RSAKey) {
-                RSAKey pubk = (RSAKey)key;
-                size = pubk.getModulus().bitLength();
-            } else if (key instanceof ECKey) {
-                ECKey pubk = (ECKey)key;
-                size = pubk.getParams().getOrder().bitLength();
-            } else if (key instanceof DSAKey) {
-                DSAKey pubk = (DSAKey)key;
-                size = pubk.getParams().getP().bitLength();
-            } else if (key instanceof DHKey) {
-                DHKey pubk = (DHKey)key;
-                size = pubk.getParams().getP().bitLength();
-            } // else, it is not a key we know.
+            int size = KeyLength.getKeySize(key);
 
             if (size == 0) {
                 return true;    // we don't allow any key of size 0.
-            }
-
-            if (size >= 0) {
+            } else if (size > 0) {
                 return ((size < minSize) || (size > maxSize) ||
                     (prohibitedSize == size));
-            }
+            }   // Otherwise, the key size is not accessible. Conservatively,
+                // please don't disable such keys.
 
             return false;
         }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/security/util/KeyLength.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.util;
+
+import java.security.Key;
+import java.security.PrivilegedAction;
+import java.security.AccessController;
+import java.security.interfaces.ECKey;
+import java.security.interfaces.RSAKey;
+import java.security.interfaces.DSAKey;
+import javax.crypto.SecretKey;
+import javax.crypto.interfaces.DHKey;
+
+/**
+ * A utility class to get key length
+ */
+public final class KeyLength {
+
+    /**
+     * Returns the key size of the given key object in bits.
+     *
+     * @param key the key object, cannot be null
+     * @return the key size of the given key object in bits, or -1 if the
+     *       key size is not accessible
+     */
+    final public static int getKeySize(Key key) {
+        int size = -1;
+
+        if (key instanceof Length) {
+            try {
+                Length ruler = (Length)key;
+                size = ruler.length();
+            } catch (UnsupportedOperationException usoe) {
+                // ignore the exception
+            }
+
+            if (size >= 0) {
+                return size;
+            }
+        }
+
+        // try to parse the length from key specification
+        if (key instanceof SecretKey) {
+            SecretKey sk = (SecretKey)key;
+            String format = sk.getFormat();
+            if ("RAW".equals(format) && sk.getEncoded() != null) {
+                size = (sk.getEncoded().length * 8);
+            }   // Otherwise, it may be a unextractable key of PKCS#11, or
+                // a key we are not able to handle.
+        } else if (key instanceof RSAKey) {
+            RSAKey pubk = (RSAKey)key;
+            size = pubk.getModulus().bitLength();
+        } else if (key instanceof ECKey) {
+            ECKey pubk = (ECKey)key;
+            size = pubk.getParams().getOrder().bitLength();
+        } else if (key instanceof DSAKey) {
+            DSAKey pubk = (DSAKey)key;
+            size = pubk.getParams().getP().bitLength();
+        } else if (key instanceof DHKey) {
+            DHKey pubk = (DHKey)key;
+            size = pubk.getParams().getP().bitLength();
+        }   // Otherwise, it may be a unextractable key of PKCS#11, or
+            // a key we are not able to handle.
+
+        return size;
+    }
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/share/classes/sun/security/util/Length.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,43 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.util;
+
+/**
+ * The Length interface defines the length of an object
+ */
+public interface Length {
+
+    /**
+     * Gets the length of this object
+     * <p>
+     * Note that if a class of java.security.Key implements this interfaces,
+     * the length should be measured in bits.
+     *
+     * @return the length of this object
+     * @throws UnsupportedOperationException if the operation is not supported
+     */
+    public int length();
+}
--- a/src/share/classes/sun/util/LocaleServiceProviderPool.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/util/LocaleServiceProviderPool.java	Mon Jan 16 14:26:51 2012 +0000
@@ -40,6 +40,7 @@
 import java.util.ServiceLoader;
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
 import java.util.spi.LocaleServiceProvider;
 
 import sun.util.logging.PlatformLogger;
@@ -57,8 +58,8 @@
      * A Map that holds singleton instances of this class.  Each instance holds a
      * set of provider implementations of a particular locale sensitive service.
      */
-    private static Map<Class, LocaleServiceProviderPool> poolOfPools =
-        new ConcurrentHashMap<Class, LocaleServiceProviderPool>();
+    private static ConcurrentMap<Class<? extends LocaleServiceProvider>, LocaleServiceProviderPool> poolOfPools =
+        new ConcurrentHashMap<>();
 
     /**
      * A Set containing locale service providers that implement the
@@ -109,7 +110,7 @@
         if (pool == null) {
             LocaleServiceProviderPool newPool =
                 new LocaleServiceProviderPool(providerClass);
-            pool = poolOfPools.put(providerClass, newPool);
+            pool = poolOfPools.putIfAbsent(providerClass, newPool);
             if (pool == null) {
                 pool = newPool;
             }
@@ -146,6 +147,10 @@
     /**
      * Lazy loaded set of available locales.
      * Loading all locales is a very long operation.
+     *
+     * We know "providerClasses" contains classes that extends LocaleServiceProvider,
+     * but generic array creation is not allowed, thus the "unchecked" warning
+     * is suppressed here.
      */
     private static class AllAvailableLocales {
         /**
@@ -155,7 +160,9 @@
         static final Locale[] allAvailableLocales;
 
         static {
-            Class[] providerClasses = {
+            @SuppressWarnings("unchecked")
+            Class<LocaleServiceProvider>[] providerClasses =
+                        (Class<LocaleServiceProvider>[]) new Class<?>[] {
                 java.text.spi.BreakIteratorProvider.class,
                 java.text.spi.CollatorProvider.class,
                 java.text.spi.DateFormatProvider.class,
@@ -173,7 +180,7 @@
                 all.add(getLookupLocale(locale));
             }
 
-            for (Class providerClass : providerClasses) {
+            for (Class<LocaleServiceProvider> providerClass : providerClasses) {
                 LocaleServiceProviderPool pool =
                     LocaleServiceProviderPool.getPool(providerClass);
                 all.addAll(pool.getProviderLocales());
@@ -257,10 +264,11 @@
             synchronized (LocaleServiceProviderPool.class) {
                 if (availableJRELocales == null) {
                     Locale[] allLocales = LocaleData.getAvailableLocales();
-                    availableJRELocales = new ArrayList<Locale>(allLocales.length);
+                    List<Locale> tmpList = new ArrayList<>(allLocales.length);
                     for (Locale locale : allLocales) {
-                        availableJRELocales.add(getLookupLocale(locale));
+                        tmpList.add(getLookupLocale(locale));
                     }
+                    availableJRELocales = tmpList;
                 }
             }
         }
@@ -353,7 +361,6 @@
             }
             Locale bundleLocale = (bundle != null ? bundle.getLocale() : null);
             List<Locale> lookupLocales = getLookupLocales(locale);
-            P lsp;
             S providersObj = null;
 
             // check whether a provider has an implementation that's closer
@@ -373,7 +380,9 @@
                     }
                 }
                 if (provLoc.contains(current)) {
-                    lsp = (P)findProvider(current);
+                    // It is safe to assume that findProvider() returns the instance of type P.
+                    @SuppressWarnings("unchecked")
+                    P lsp = (P)findProvider(current);
                     if (lsp != null) {
                         providersObj = getter.getObject(lsp, locale, key, params);
                         if (providersObj != null) {
@@ -395,7 +404,9 @@
                     // JRE has it.
                     return null;
                 } else {
-                    lsp = (P)findProvider(bundleLocale);
+                    // It is safe to assume that findProvider() returns the instance of type P.
+                    @SuppressWarnings("unchecked")
+                    P lsp = (P)findProvider(bundleLocale);
                     if (lsp != null) {
                         providersObj = getter.getObject(lsp, locale, key, params);
                         if (providersObj != null) {
--- a/src/share/classes/sun/util/resources/LocaleData.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/share/classes/sun/util/resources/LocaleData.java	Mon Jan 16 14:26:51 2012 +0000
@@ -137,8 +137,8 @@
     }
 
     private static ResourceBundle getBundle(final String baseName, final Locale locale) {
-        return (ResourceBundle) AccessController.doPrivileged(new PrivilegedAction() {
-                public Object run() {
+        return AccessController.doPrivileged(new PrivilegedAction<ResourceBundle>() {
+                public ResourceBundle run() {
                     return ResourceBundle.
                         getBundle(baseName, locale,
                                   LocaleDataResourceBundleControl.getRBControlInstance());
--- a/src/windows/classes/sun/security/mscapi/Key.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/windows/classes/sun/security/mscapi/Key.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -25,6 +25,8 @@
 
 package sun.security.mscapi;
 
+import sun.security.util.Length;
+
 /**
  * The handle for an RSA or DSA key using the Microsoft Crypto API.
  *
@@ -35,7 +37,7 @@
  * @since 1.6
  * @author  Stanley Man-Kit Ho
  */
-abstract class Key implements java.security.Key
+abstract class Key implements java.security.Key, Length
 {
 
     // Native handle
@@ -81,7 +83,8 @@
     /**
      * Return bit length of the key.
      */
-    public int bitLength()
+    @Override
+    public int length()
     {
         return keyLength;
     }
--- a/src/windows/classes/sun/security/mscapi/RSACipher.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/windows/classes/sun/security/mscapi/RSACipher.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -235,12 +235,12 @@
             mode = encrypt ? MODE_ENCRYPT : MODE_VERIFY;
             publicKey = (sun.security.mscapi.Key)key;
             privateKey = null;
-            outputSize = publicKey.bitLength() / 8;
+            outputSize = publicKey.length() / 8;
         } else if (key instanceof PrivateKey) {
             mode = encrypt ? MODE_SIGN : MODE_DECRYPT;
             privateKey = (sun.security.mscapi.Key)key;
             publicKey = null;
-            outputSize = privateKey.bitLength() / 8;
+            outputSize = privateKey.length() / 8;
         } else {
             throw new InvalidKeyException("Unknown key type: " + key);
         }
@@ -395,7 +395,7 @@
     protected int engineGetKeySize(Key key) throws InvalidKeyException {
 
         if (key instanceof sun.security.mscapi.Key) {
-            return ((sun.security.mscapi.Key) key).bitLength();
+            return ((sun.security.mscapi.Key) key).length();
 
         } else if (key instanceof RSAKey) {
             return ((RSAKey) key).getModulus().bitLength();
--- a/src/windows/classes/sun/security/mscapi/RSASignature.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/src/windows/classes/sun/security/mscapi/RSASignature.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -294,7 +294,7 @@
 
         // Check against the local and global values to make sure
         // the sizes are ok.  Round up to nearest byte.
-        RSAKeyFactory.checkKeyLengths(((privateKey.bitLength() + 7) & ~7),
+        RSAKeyFactory.checkKeyLengths(((privateKey.length() + 7) & ~7),
             null, RSAKeyPairGenerator.KEY_SIZE_MIN,
             RSAKeyPairGenerator.KEY_SIZE_MAX);
 
--- a/test/ProblemList.txt	Mon Jan 16 15:49:14 2012 +0300
+++ b/test/ProblemList.txt	Mon Jan 16 14:26:51 2012 +0000
@@ -195,9 +195,6 @@
 
 # jdk_lang
 
-# requires junit
-java/lang/invoke/InvokeDynamicPrintArgs.java                    generic-all
-
 # Times out on solaris 10 sparc
 java/lang/ClassLoader/Assert.java                               generic-all
 
--- a/test/java/lang/invoke/InvokeDynamicPrintArgs.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/test/java/lang/invoke/InvokeDynamicPrintArgs.java	Mon Jan 16 14:26:51 2012 +0000
@@ -38,8 +38,6 @@
 
 package test.java.lang.invoke;
 
-import org.junit.Test;
-
 import java.util.*;
 import java.io.*;
 
@@ -99,21 +97,6 @@
         System.setSecurityManager(new SM());
     }
 
-    @Test
-    public void testInvokeDynamicPrintArgs() throws IOException {
-        System.err.println(System.getProperties());
-        String testClassPath = System.getProperty("build.test.classes.dir");
-        if (testClassPath == null)  throw new RuntimeException();
-        String[] args = new String[]{
-            "--verify-specifier-count=3",
-            "--verbose",
-            "--expand-properties", "--classpath", testClassPath,
-            "--java", "test.java.lang.invoke.InvokeDynamicPrintArgs", "--check-output"
-        };
-        System.err.println("Indify: "+Arrays.toString(args));
-        indify.Indify.main(args);
-    }
-
     private static PrintStream oldOut;
     private static ByteArrayOutputStream buf;
     private static void openBuf() {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/net/HttpURLConnection/UnmodifiableMaps.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,149 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 7128648
+ * @summary HttpURLConnection.getHeaderFields should return an unmodifiable Map
+ */
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.URI;
+import java.net.HttpURLConnection;
+import java.util.Collection;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import com.sun.net.httpserver.HttpExchange;
+import com.sun.net.httpserver.HttpHandler;
+import com.sun.net.httpserver.HttpServer;
+import com.sun.net.httpserver.Headers;
+
+public class UnmodifiableMaps {
+
+    void test(String[] args) throws Exception {
+        HttpServer server = startHttpServer();
+        try {
+            InetSocketAddress address = server.getAddress();
+            URI uri = new URI("http://" + InetAddress.getLocalHost().getHostAddress()
+                              + ":" + address.getPort() + "/foo");
+            doClient(uri);
+        } finally {
+            server.stop(0);
+        }
+    }
+
+    void doClient(URI uri) throws Exception {
+        HttpURLConnection uc = (HttpURLConnection) uri.toURL().openConnection();
+
+        // Test1: getRequestProperties is unmodifiable
+        System.out.println("Check getRequestProperties");
+        checkUnmodifiable(uc.getRequestProperties());
+        uc.addRequestProperty("X", "V");
+        uc.addRequestProperty("X1", "V1");
+        checkUnmodifiable(uc.getRequestProperties());
+
+        int resp = uc.getResponseCode();
+        check(resp == 200,
+              "Unexpected response code. Expected 200, got " + resp);
+
+        // Test2: getHeaderFields is unmodifiable
+        System.out.println("Check getHeaderFields");
+        checkUnmodifiable(uc.getHeaderFields());
+        // If the implementation does caching, check again.
+        checkUnmodifiable(uc.getHeaderFields());
+    }
+
+    // HTTP Server
+    HttpServer startHttpServer() throws IOException {
+        HttpServer httpServer = HttpServer.create(new InetSocketAddress(0), 0);
+        httpServer.createContext("/foo", new SimpleHandler());
+        httpServer.start();
+        return httpServer;
+    }
+
+    class SimpleHandler implements HttpHandler {
+        @Override
+        public void handle(HttpExchange t) throws IOException {
+            Headers respHeaders = t.getResponseHeaders();
+            // ensure some response headers, over the usual ones
+            respHeaders.add("RespHdr1", "Value1");
+            respHeaders.add("RespHdr2", "Value2");
+            respHeaders.add("RespHdr3", "Value3");
+            t.sendResponseHeaders(200, -1);
+            t.close();
+        }
+    }
+
+    void checkUnmodifiable(Map<String,List<String>> map) {
+        checkUnmodifiableMap(map);
+
+        // Now check the individual values
+        Collection<List<String>> values = map.values();
+        for (List<String> value : values) {
+            checkUnmodifiableList(value);
+        }
+    }
+
+    void checkUnmodifiableMap(final Map<String,List<String>> map) {
+        expectThrow( new Runnable() {
+            public void run() { map.clear(); }});
+        expectThrow( new Runnable() {
+            public void run() { map.put("X", new ArrayList<String>()); }});
+        expectThrow( new Runnable() {
+            public void run() { map.remove("X"); }});
+    }
+
+    void checkUnmodifiableList(final List<String> list) {
+        expectThrow( new Runnable() {
+            public void run() { list.clear(); }});
+        expectThrow( new Runnable() {
+            public void run() { list.add("X"); }});
+        expectThrow( new Runnable() {
+            public void run() { list.remove("X"); }});
+    }
+
+    void expectThrow(Runnable r) {
+        try { r.run(); fail("Excepted UOE to be thrown."); Thread.dumpStack(); }
+        catch (UnsupportedOperationException e) { pass(); }
+    }
+
+    volatile int passed = 0, failed = 0;
+    void pass() {passed++;}
+    void fail() {failed++;}
+    void fail(String msg) {System.err.println(msg); fail();}
+    void unexpected(Throwable t) {failed++; t.printStackTrace();}
+    void check(boolean cond, String failMessage) {if (cond) pass(); else fail(failMessage);}
+    public static void main(String[] args) throws Throwable {
+        Class<?> k = new Object(){}.getClass().getEnclosingClass();
+        try {k.getMethod("instanceMain",String[].class)
+                .invoke( k.newInstance(), (Object) args);}
+        catch (Throwable e) {throw e.getCause();}}
+    public void instanceMain(String[] args) throws Throwable {
+        try {test(args);} catch (Throwable t) {unexpected(t);}
+        System.out.printf("%nPassed = %d, failed = %d%n%n", passed, failed);
+        if (failed > 0) throw new AssertionError("Some tests failed");}
+}
+
--- a/test/java/util/Locale/Bug6989440.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/test/java/util/Locale/Bug6989440.java	Mon Jan 16 14:26:51 2012 +0000
@@ -37,26 +37,49 @@
 import sun.util.LocaleServiceProviderPool;
 
 public class Bug6989440 {
-    public static void main(String[] args) {
-        TestThread t1 = new TestThread(LocaleNameProvider.class);
-        TestThread t2 = new TestThread(TimeZoneNameProvider.class);
-        TestThread t3 = new TestThread(DateFormatProvider.class);
+    static volatile boolean failed;  // false
+    static final int THREADS = 50;
 
-        t1.start();
-        t2.start();
-        t3.start();
+    public static void main(String[] args) throws Exception {
+        Thread[] threads = new Thread[THREADS];
+        for (int i=0; i<threads.length; i++)
+            threads[i] = new TestThread();
+        for (int i=0; i<threads.length; i++)
+            threads[i].start();
+        for (int i=0; i<threads.length; i++)
+            threads[i].join();
+
+        if (failed)
+            throw new RuntimeException("Failed: check output");
     }
 
     static class TestThread extends Thread {
         private Class<? extends LocaleServiceProvider> cls;
+        private static int count;
 
         public TestThread(Class<? extends LocaleServiceProvider> providerClass) {
             cls = providerClass;
         }
 
+        public TestThread() {
+            int which = count++ % 3;
+            switch (which) {
+                case 0 : cls = LocaleNameProvider.class; break;
+                case 1 : cls = TimeZoneNameProvider.class; break;
+                case 2 : cls = DateFormatProvider.class; break;
+                default : throw new AssertionError("Should not reach here");
+            }
+        }
+
         public void run() {
-            LocaleServiceProviderPool pool = LocaleServiceProviderPool.getPool(cls);
-            pool.getAvailableLocales();
+            try {
+                LocaleServiceProviderPool pool = LocaleServiceProviderPool.getPool(cls);
+                pool.getAvailableLocales();
+            } catch (Exception e) {
+                System.out.println(e);
+                e.printStackTrace();
+                failed = true;
+            }
         }
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/swing/JSplitPane/4885629/bug4885629.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 4885629
+ * @summary With JSplitPane in VERTICAL_SPLIT, SplitPaneBorder draws bottom edge of divider
+ * @author Andrey Pikalev
+ */
+
+import sun.awt.SunToolkit;
+
+import javax.swing.*;
+import javax.swing.border.Border;
+import javax.swing.border.EmptyBorder;
+import javax.swing.plaf.basic.BasicBorders;
+import javax.swing.plaf.basic.BasicLookAndFeel;
+import javax.swing.plaf.basic.BasicSplitPaneUI;
+import java.awt.*;
+
+
+public class bug4885629 {
+
+    private static final Color darkShadow = new Color(100,120,200);
+    private static final Color darkHighlight = new Color(200,120,50);
+    private static final Color lightHighlight = darkHighlight.brighter();
+    private static final Color BGCOLOR = Color.blue;
+
+    private static JSplitPane sp;
+
+    public static void main(String[] args) throws Exception {
+        UIManager.setLookAndFeel(new BasicLookAndFeel() {
+                public boolean isSupportedLookAndFeel(){ return true; }
+                public boolean isNativeLookAndFeel(){ return false; }
+                public String getDescription() { return "Foo"; }
+                public String getID() { return "FooID"; }
+                public String getName() { return "FooName"; }
+        });
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+            public void run() {
+                JFrame frame = new JFrame();
+
+                JComponent a = new JPanel();
+                a.setBackground(Color.white);
+                a.setMinimumSize(new Dimension(10, 10));
+
+                JComponent b = new JPanel();
+                b.setBackground(Color.white);
+                b.setMinimumSize(new Dimension(10, 10));
+
+                sp = new JSplitPane(JSplitPane.VERTICAL_SPLIT, a, b);
+                sp.setPreferredSize(new Dimension(20, 20));
+                sp.setBackground(BGCOLOR);
+
+                Border bo = new BasicBorders.SplitPaneBorder(lightHighlight,
+                        Color.red);
+                Border ibo = new EmptyBorder(0, 0, 0, 0);
+                sp.setBorder(bo);
+                sp.setMinimumSize(new Dimension(200, 200));
+
+                ((BasicSplitPaneUI) sp.getUI()).getDivider().setBorder(ibo);
+
+                frame.getContentPane().setLayout(new FlowLayout());
+                frame.getContentPane().setBackground(darkShadow);
+                frame.getContentPane().add(sp);
+
+                frame.setSize(200, 200);
+                frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+                frame.setVisible(true);
+            }
+        });
+
+        ((SunToolkit) SunToolkit.getDefaultToolkit()).realSync();
+
+        final Robot robot = new Robot();
+        robot.delay(1000);
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+            public void run() {
+                Rectangle rect = ((BasicSplitPaneUI) sp.getUI()).getDivider().getBounds();
+
+                Point p = rect.getLocation();
+
+                SwingUtilities.convertPointToScreen(p, sp);
+
+                for (int i = 0; i < rect.width; i++) {
+                    if (!BGCOLOR.equals(robot.getPixelColor(p.x + i, p.y + rect.height - 1))) {
+                        throw new Error("The divider's area has incorrect color.");
+                    }
+                }
+            }
+        });
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/swing/JTable/6263446/bug6263446.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,242 @@
+/*
+ * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 6263446
+ * @summary Tests that double-clicking to edit a cell doesn't select the content.
+ * @author Shannon Hickey
+ * @run main bug6263446
+ */
+import java.awt.*;
+import java.awt.event.*;
+import javax.swing.*;
+import javax.swing.table.*;
+import sun.awt.SunToolkit;
+
+public class bug6263446 {
+
+    private static JTable table;
+    private static final String FIRST = "AAAAA";
+    private static final String SECOND = "BB";
+    private static final String ALL = FIRST + " " + SECOND;
+    private static Robot robot;
+
+    public static void main(String[] args) throws Exception {
+        SunToolkit toolkit = (SunToolkit) Toolkit.getDefaultToolkit();
+        robot = new Robot();
+        robot.setAutoDelay(50);
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            public void run() {
+                createAndShowGUI();
+            }
+        });
+
+
+        toolkit.realSync();
+
+        Point point = getClickPoint();
+        robot.mouseMove(point.x, point.y);
+        toolkit.realSync();
+
+        click(1);
+        toolkit.realSync();
+        assertEditing(false);
+
+        click(2);
+        toolkit.realSync();
+        checkSelectedText(null);
+
+        click(3);
+        toolkit.realSync();
+        checkSelectedText(FIRST);
+
+
+        click(4);
+        toolkit.realSync();
+        checkSelectedText(ALL);
+
+        setClickCountToStart(1);
+
+        click(1);
+        toolkit.realSync();
+        checkSelectedText(null);
+
+        click(2);
+        toolkit.realSync();
+        checkSelectedText(FIRST);
+
+        click(3);
+        toolkit.realSync();
+        checkSelectedText(ALL);
+
+        setClickCountToStart(3);
+
+        click(1);
+        toolkit.realSync();
+        assertEditing(false);
+
+        click(2);
+        toolkit.realSync();
+        assertEditing(false);
+
+        click(3);
+        toolkit.realSync();
+        checkSelectedText(null);
+
+        click(4);
+        toolkit.realSync();
+        checkSelectedText(FIRST);
+
+        click(5);
+        toolkit.realSync();
+        checkSelectedText(ALL);
+
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                table.editCellAt(0, 0);
+            }
+        });
+
+        toolkit.realSync();
+        assertEditing(true);
+
+        click(2);
+        toolkit.realSync();
+        checkSelectedText(FIRST);
+
+    }
+
+    private static void checkSelectedText(String sel) throws Exception {
+        assertEditing(true);
+        checkSelection(sel);
+        cancelCellEditing();
+        assertEditing(false);
+    }
+
+    private static void setClickCountToStart(final int clicks) throws Exception {
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                DefaultCellEditor editor =
+                        (DefaultCellEditor) table.getDefaultEditor(String.class);
+                editor.setClickCountToStart(clicks);
+            }
+        });
+
+    }
+
+    private static void cancelCellEditing() throws Exception {
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                table.getCellEditor().cancelCellEditing();
+            }
+        });
+    }
+
+    private static void checkSelection(final String sel) throws Exception {
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                DefaultCellEditor editor =
+                        (DefaultCellEditor) table.getDefaultEditor(String.class);
+                JTextField field = (JTextField) editor.getComponent();
+                String text = field.getSelectedText();
+                if (sel == null) {
+                    if (text != null && text.length() != 0) {
+                        throw new RuntimeException("Nothing should be selected,"
+                                + " but \"" + text + "\" is selected.");
+                    }
+                } else if (!sel.equals(text)) {
+                    throw new RuntimeException("\"" + sel + "\" should be "
+                            + "selected, but \"" + text + "\" is selected.");
+                }
+            }
+        });
+    }
+
+    private static void assertEditing(final boolean editing) throws Exception {
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                if (editing && !table.isEditing()) {
+                    throw new RuntimeException("Table should be editing");
+                }
+                if (!editing && table.isEditing()) {
+                    throw new RuntimeException("Table should not be editing");
+                }
+            }
+        });
+    }
+
+    private static Point getClickPoint() throws Exception {
+        final Point[] result = new Point[1];
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                Rectangle rect = table.getCellRect(0, 0, false);
+                Point point = new Point(rect.x + rect.width / 5,
+                        rect.y + rect.height / 2);
+                SwingUtilities.convertPointToScreen(point, table);
+                result[0] = point;
+            }
+        });
+
+        return result[0];
+    }
+
+    private static void click(int times) {
+        robot.delay(500);
+        for (int i = 0; i < times; i++) {
+            robot.mousePress(InputEvent.BUTTON1_MASK);
+            robot.mouseRelease(InputEvent.BUTTON1_MASK);
+        }
+    }
+
+    private static TableModel createTableModel() {
+        String[] columnNames = {"Column 0"};
+        String[][] data = {{ALL}};
+
+        return new DefaultTableModel(data, columnNames);
+    }
+
+    private static void createAndShowGUI() {
+        JFrame frame = new JFrame("bug6263446");
+        frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+        table = new JTable(createTableModel());
+        frame.add(table);
+        frame.pack();
+        frame.setVisible(true);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/swing/JTextArea/4697612/bug4697612.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,208 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 4697612 6244705
+ * @author Peter Zhelezniakov
+ * @library ../../regtesthelpers
+ * @build Util
+ * @run main bug4697612
+ */
+import java.io.*;
+import java.awt.*;
+import java.awt.event.*;
+import javax.swing.*;
+
+import javax.swing.text.BadLocationException;
+import sun.awt.SunToolkit;
+
+public class bug4697612 {
+
+    static final int FRAME_WIDTH = 300;
+    static final int FRAME_HEIGHT = 300;
+    static final int FONT_HEIGHT = 16;
+    private static volatile int frameHeight;
+    private static volatile int fontHeight;
+    private static JFrame frame;
+    private static JTextArea text;
+    private static JScrollPane scroller;
+
+    public static void main(String[] args) throws Throwable {
+        SunToolkit toolkit = (SunToolkit) Toolkit.getDefaultToolkit();
+        Robot robot = new Robot();
+        robot.setAutoDelay(100);
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                createAndShowGUI();
+            }
+        });
+
+        toolkit.realSync();
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                text.requestFocus();
+            }
+        });
+
+        toolkit.realSync();
+
+        // 4697612: pressing PgDn + PgUp should not alter caret position
+        Util.hitKeys(robot, KeyEvent.VK_HOME);
+        Util.hitKeys(robot, KeyEvent.VK_PAGE_DOWN);
+
+
+        int pos0 = getTextCaretPosition();
+        int caretHeight = getTextCaretHeight();
+        fontHeight = FONT_HEIGHT;
+
+        // iterate two times, for different (even and odd) font height
+        for (int i = 0; i < 2; i++) {
+
+            SwingUtilities.invokeAndWait(new Runnable() {
+
+                public void run() {
+                    text.setFont(text.getFont().deriveFont(fontHeight));
+                }
+            });
+
+            frameHeight = FRAME_HEIGHT;
+
+            for (int j = 0; j < caretHeight; j++) {
+                SwingUtilities.invokeAndWait(new Runnable() {
+
+                    public void run() {
+                        frame.setSize(FRAME_WIDTH, frameHeight);
+                    }
+                });
+
+                toolkit.realSync();
+
+                Util.hitKeys(robot, KeyEvent.VK_PAGE_DOWN);
+                Util.hitKeys(robot, KeyEvent.VK_PAGE_UP);
+                toolkit.realSync();
+
+                int pos = getTextCaretPosition();
+                if (pos0 != pos) {
+                    throw new RuntimeException("Failed 4697612: PgDn & PgUp keys scroll by different amounts");
+                }
+                frameHeight++;
+            }
+            fontHeight++;
+        }
+
+
+        // 6244705: pressing PgDn at the very bottom should not scroll
+        LookAndFeel laf = UIManager.getLookAndFeel();
+        if (laf.getID().equals("Aqua")) {
+            Util.hitKeys(robot, KeyEvent.VK_END);
+        } else {
+            Util.hitKeys(robot, KeyEvent.VK_CONTROL, KeyEvent.VK_END);
+        }
+
+        toolkit.realSync();
+
+        pos0 = getScrollerViewPosition();
+        Util.hitKeys(robot, KeyEvent.VK_PAGE_DOWN);
+        toolkit.realSync();
+
+        int pos = getScrollerViewPosition();
+
+        if (pos0 != pos) {
+            throw new RuntimeException("Failed 6244705: PgDn at the bottom causes scrolling");
+        }
+    }
+
+    private static int getTextCaretPosition() throws Exception {
+        final int[] result = new int[1];
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                result[0] = text.getCaretPosition();
+            }
+        });
+
+        return result[0];
+    }
+
+    private static int getTextCaretHeight() throws Exception {
+        final int[] result = new int[1];
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                try {
+                    int pos0 = text.getCaretPosition();
+                    Rectangle dotBounds = text.modelToView(pos0);
+                    result[0] = dotBounds.height;
+                } catch (BadLocationException ex) {
+                    throw new RuntimeException(ex);
+                }
+            }
+        });
+
+        return result[0];
+    }
+
+    private static int getScrollerViewPosition() throws Exception {
+        final int[] result = new int[1];
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                result[0] = scroller.getViewport().getViewPosition().y;
+            }
+        });
+
+        return result[0];
+    }
+
+    private static void createAndShowGUI() {
+        frame = new JFrame();
+        frame.setSize(FRAME_WIDTH, FRAME_HEIGHT);
+        frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+
+        text = new JTextArea();
+        try {
+            InputStream is =
+                    bug4697612.class.getResourceAsStream("bug4697612.txt");
+            text.read(new InputStreamReader(is), null);
+        } catch (IOException e) {
+            throw new Error(e);
+        }
+
+        scroller = new JScrollPane(text);
+
+        frame.getContentPane().add(scroller);
+
+        frame.pack();
+        frame.setVisible(true);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/swing/JTextArea/4697612/bug4697612.txt	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,223 @@
+                                   README
+
+                      Java(TM) 2 SDK, Standard Edition
+                             Version 1.4.2 Beta
+
+     For a more extensive HTML version of this file, see README.html.
+
+Contents
+
+   * Introduction
+   * Release Notes
+   * Bug Reports and Feedback
+   * Java 2 SDK Documentation
+   * Redistribution
+   * Web Pages
+
+
+Introduction
+
+     Thank you for downloading this release of the Java(TM) 2 SDK,
+     Standard Edition. The Java 2 SDK is a development environment for
+     building applications, applets, and components that can be
+     deployed on the Java platform.
+
+     The Java 2 SDK software includes tools useful for developing and
+     testing programs written in the Java programming language and
+     running on the Java platform. These tools are designed to be used
+     from the command line. Except for appletviewer, these tools do not
+     provide a graphical user interface.
+
+
+Release Notes
+
+      See the Release Notes on the Java Software web site for additional 
+      information pertaining to this release. 
+ 
+      http://java.sun.com/j2se/1.4.2/relnotes.html
+
+      The on-line release notes will be updated as needed, so you should 
+      check it occasionally for the latest information. 
+
+
+Bug Reports and Feedback
+
+      The Bug Parade Web Page on the Java Developer Connection(SM) web 
+      site lets you search for and examine existing bug reports, submit 
+      your own bug reports, and tell us which bug fixes matter most to you. 
+
+      http://java.sun.com/jdc/bugParade/
+
+      To directly submit a bug or request a feature, fill out this form: 
+
+      http://java.sun.com/cgi-bin/bugreport.cgi 
+
+      You can also send comments directly to Java Software engineering 
+      team email addresses. 
+
+      http://java.sun.com/mail/
+
+
+Java 2 SDK Documentation
+
+     The on-line Java 2 SDK Documentation contains API specifications,
+     feature descriptions, developer guides, tool reference pages, demos, 
+     and links to related information. It is located at
+
+     http://java.sun.com/j2se/1.4.2/docs/
+
+     The Java 2 SDK documentation is also available in a download bundle 
+     which you can install locally on your machine. See the 
+     Java 2 SDK download page: 
+     
+     http://java.sun.com/j2se/1.4.2/download.html
+
+
+Redistribution
+
+      The term "vendors" used here refers to licensees, developers, 
+      and independent software vendors (ISVs) who license and 
+      distribute the Java 2 Runtime Environment with their programs. 
+      Vendors must follow the terms of the Java 2 SDK, Standard 
+      Edition, Binary Code License agreement. 
+      Required vs. Optional Files
+
+      The files that make up the Java 2 SDK, Standard Edition, are
+      divided into two categories: required and optional. Optional 
+      files may be excluded from redistributions of the Java 2 SDK 
+      at the vendor's discretion. The following section contains a 
+      list of the files and directories that may optionally be 
+      omitted from redistributions of the Java 2 SDK. All files not 
+      in these lists of optional files must be included in 
+      redistributions of the Java 2 SDK. 
+
+      Optional Files and Directories
+
+      The following files may be optionally excluded from 
+      redistributions:
+
+      jre/lib/charsets.jar 
+            Character conversion classes 
+      jre/lib/ext/ 
+            sunjce_provider.jar - the SunJCE provider for Java 
+              Cryptography APIs
+            localedata.jar - contains many of the resources 
+              needed for non US English locales
+            ldapsec.jar - contains security features supported 
+              by the LDAP service provider
+            dnsns.jar - for the InetAddress wrapper of JNDI DNS 
+              provider
+      bin/rmid and jre/bin/rmid 
+            Java RMI Activation System Daemon 
+      bin/rmiregistry and jre/bin/rmiregistry 
+            Java Remote Object Registry 
+      bin/tnameserv and jre/bin/tnameserv 
+            Java IDL Name Server 
+      bin/keytool and jre/bin/keytool 
+            Key and Certificate Management Tool 
+      bin/kinit and jre/bin/kinit
+            Used to obtain and cache Kerberos ticket-granting tickets
+      bin/klist and jre/bin/klist
+            Kerberos display entries in credentials cache and keytab
+      bin/ktab and jre/bin/ktab
+            Kerberos key table manager
+      bin/policytool and jre/bin/policytool 
+            Policy File Creation and Management Tool 
+      bin/orbd and jre/bin/orbd 
+            Object Request Broker Daemon 
+      bin/servertool and jre/bin/servertool 
+            Java IDL Server Tool 
+      src.zip 
+            Archive of source files 
+
+      In addition, the Java Web Start product may be excluded from
+      redistributions. The Java Web Start product is contained in a 
+      file named javaws-1_2-solaris-sparc-i.zip,
+      javaws-1_2-solaris-i586-i.zip,
+      javaws-1_2-linux-i586-i.zip, or
+      javaws-1_2-windows-i586-i.exe, depending on the platform. 
+
+
+      Unlimited Strength Java Cryptography Extension
+
+      Due to import control restrictions for some countries, the 
+      Java Cryptography Extension (JCE) policy files shipped with 
+      the Java 2 SDK, Standard Edition and the Java 2 Runtime 
+      Environment allow strong but limited cryptography to be 
+      used.  These files are located at
+
+      <java-home>/lib/security/local_policy.jar
+      <java-home>/lib/security/US_export_policy.jar
+
+      where <java-home> is the jre directory of the Java 2 
+      SDK or the top-level directory of the Java 2 Runtime 
+      Environment.
+
+      An unlimited strength version of these files indicating 
+      no restrictions on cryptographic strengths is available 
+      on the Java 2 SDK web site for those living in eligible 
+      countries.  Those living in eligible countries may download 
+      the unlimited strength version and replace the strong 
+      cryptography jar files with the unlimited strength files.
+
+
+      Endorsed Standards Override Mechanism
+
+      An endorsed standard is a Java API defined through a standards
+      process other than the Java Community Process(SM) (JCP(SM)).
+      Because endorsed standards are defined outside the JCP, it is
+      anticipated that such standards will be revised between 
+      releases of the Java 2 Platform. In order to take advantage of 
+      new revisions to endorsed standards, developers and software
+      vendors may use the Endorsed Standards Override Mechanism to
+      provide newer versions of an endorsed standard than those
+      included in the Java 2 Platform as released by Sun Microsystems.
+
+      For more information on the Endorsed Standards Override
+      Mechanism, including the list of platform packages that it may 
+      be used to override, see 
+
+            http://java.sun.com/j2se/1.4.2/docs/guide/standards/ 
+
+      Classes in the packages listed on that web page may be replaced
+      only by classes implementing a more recent version of the API 
+      as defined by the appropriate standards body. 
+
+      In addition to the packages listed in the document at the above 
+      URL, which are part of the Java 2 Platform, Standard Edition 
+      (J2SE(TM)) specification, redistributors of Sun's J2SE 
+      Reference Implementation are allowed to override classes whose 
+      sole purpose is to implement the functionality provided by 
+      public APIs defined in these Endorsed Standards packages.  
+      Redistributors may also override classes in the org.w3c.dom.* 
+      packages, or other classes whose sole purpose is to implement 
+      these APIs. 
+
+
+Sun Java Web Pages
+
+     For additional information, refer to these Sun Microsystems pages
+     on the World Wide Web:
+
+     http://java.sun.com/
+          The Java Software web site, with the latest information on
+          Java technology, product information, news, and features.
+     http://java.sun.com/docs
+          Java Platform Documentation provides access to white papers,
+          the Java Tutorial and other documents.
+     http://java.sun.com/jdc
+          The Java Developer Connection(SM) web site. (Free registration
+          required.) Additional technical information, news, and
+          features; user forums; support information, and much more.
+     http://java.sun.com/products/
+          Java Technology Products & API
+
+
+------------------------------------------------------------------------
+The Java 2 SDK, Standard Edition, is a product of Sun Microsystems(TM), 
+Inc.  This product includes code licensed from RSA Security.
+
+Copyright 2003 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, 
+California 95054, U.S.A.  All rights reserved.
+
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/javax/swing/JTree/6505523/bug6505523.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,132 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 6505523
+ * @summary NullPointerException in BasicTreeUI when a node is removed by expansion listener
+ * @author Alexandr Scherbatiy
+ * @run main bug6505523
+ */
+import java.awt.Point;
+import java.awt.Rectangle;
+import java.awt.Robot;
+import java.awt.Toolkit;
+import java.awt.event.InputEvent;
+import javax.swing.JFrame;
+import javax.swing.JScrollPane;
+import javax.swing.JTree;
+import javax.swing.SwingUtilities;
+import javax.swing.event.TreeExpansionEvent;
+import javax.swing.event.TreeExpansionListener;
+import javax.swing.tree.DefaultMutableTreeNode;
+import javax.swing.tree.DefaultTreeModel;
+import javax.swing.tree.TreeNode;
+import sun.awt.SunToolkit;
+
+public class bug6505523 {
+
+    private static JTree tree;
+
+    public static void main(String[] args) throws Exception {
+        SunToolkit toolkit = (SunToolkit) Toolkit.getDefaultToolkit();
+        Robot robot = new Robot();
+        robot.setAutoDelay(50);
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                createAndShowGUI();
+            }
+        });
+
+        toolkit.realSync();
+
+        Point point = getRowPointToClick(2);
+        robot.mouseMove(point.x, point.y);
+        robot.mousePress(InputEvent.BUTTON1_MASK);
+        robot.mouseRelease(InputEvent.BUTTON1_MASK);
+
+        toolkit.realSync();
+
+    }
+
+    private static Point getRowPointToClick(final int row) throws Exception {
+
+        final Point[] result = new Point[1];
+
+        SwingUtilities.invokeAndWait(new Runnable() {
+
+            @Override
+            public void run() {
+                Rectangle rect = tree.getRowBounds(row);
+                Point point = new Point(rect.x - 5, rect.y + rect.height / 2);
+                SwingUtilities.convertPointToScreen(point, tree);
+                result[0] = point;
+            }
+        });
+
+        return result[0];
+    }
+
+    private static void createAndShowGUI() {
+        final DefaultMutableTreeNode root = new DefaultMutableTreeNode("Problem with NPE under JDK 1.6");
+        final DefaultMutableTreeNode problematic = new DefaultMutableTreeNode("Expand me and behold a NPE in stderr");
+        problematic.add(new DefaultMutableTreeNode("some content"));
+        root.add(new DefaultMutableTreeNode("irrelevant..."));
+        root.add(problematic);
+
+        final DefaultTreeModel model = new DefaultTreeModel(root);
+        tree = new JTree(model);
+        tree.setRootVisible(true);
+        tree.setShowsRootHandles(true);
+        tree.expandRow(0);
+        tree.collapseRow(2);
+
+        // this is critical - without dragEnabled everything works
+        tree.setDragEnabled(true);
+
+        tree.addTreeExpansionListener(new TreeExpansionListener() {
+
+            @Override
+            public void treeExpanded(TreeExpansionEvent event) {
+                TreeNode parent = problematic.getParent();
+                if (parent instanceof DefaultMutableTreeNode) {
+                    model.removeNodeFromParent(problematic);
+                }
+            }
+
+            @Override
+            public void treeCollapsed(TreeExpansionEvent event) {
+            }
+        });
+
+        JFrame frame = new JFrame("JTree Problem");
+        frame.add(new JScrollPane(tree));
+        frame.setSize(500, 300);
+        frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+        frame.setLocationRelativeTo(null);
+        frame.setVisible(true);
+    }
+}
\ No newline at end of file
--- a/test/javax/xml/crypto/dsig/GenerationTests.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/test/javax/xml/crypto/dsig/GenerationTests.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 4635230 6283345 6303830 6824440 6867348
+ * @bug 4635230 6283345 6303830 6824440 6867348 7094155
  * @summary Basic unit tests for generating XML Signatures with JSR 105
  * @compile -XDignore.symbol.file KeySelectors.java SignatureValidator.java
  *     X509KeySelector.java GenerationTests.java
@@ -134,6 +134,7 @@
         test_create_signature_enveloping_sha512_rsa_sha384();
         test_create_signature_enveloping_sha512_rsa_sha512();
         test_create_signature_reference_dependency();
+        test_create_signature_with_attr_in_no_namespace();
     }
 
     private static void setup() throws Exception {
@@ -443,6 +444,52 @@
 
         sig.sign(dsc);
 
+        // dumpDocument(doc, new PrintWriter(System.out));
+
+        DOMValidateContext dvc = new DOMValidateContext
+            (kvks, doc.getDocumentElement());
+        XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);
+
+        if (sig.equals(sig2) == false) {
+            throw new Exception
+                ("Unmarshalled signature is not equal to generated signature");
+        }
+        if (sig2.validate(dvc) == false) {
+            throw new Exception("Validation of generated signature failed");
+        }
+
+        System.out.println();
+    }
+
+    static void test_create_signature_with_attr_in_no_namespace()
+        throws Exception
+    {
+        System.out.println
+            ("* Generating signature-with-attr-in-no-namespace.xml");
+
+        // create references
+        List<Reference> refs = Collections.singletonList
+            (fac.newReference("#unknown", sha1));
+
+        // create SignedInfo
+        SignedInfo si = fac.newSignedInfo(withoutComments, rsaSha1, refs);
+
+        // create object-1
+        Document doc = db.newDocument();
+        Element nc = doc.createElementNS(null, "NonCommentandus");
+        // add attribute with no namespace
+        nc.setAttribute("Id", "unknown");
+        XMLObject obj = fac.newXMLObject(Collections.singletonList
+            (new DOMStructure(nc)), "object-1", null, null);
+
+        // create XMLSignature
+        XMLSignature sig = fac.newXMLSignature(si, rsa,
+                                               Collections.singletonList(obj),
+                                               "signature", null);
+        DOMSignContext dsc = new DOMSignContext(getPrivateKey("RSA"), doc);
+
+        sig.sign(dsc);
+
 //      dumpDocument(doc, new PrintWriter(System.out));
 
         DOMValidateContext dvc = new DOMValidateContext
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/net/www/protocol/http/HttpOnly.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,242 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+/**
+ * @test
+ * @bug 7095980
+ * @summary Ensure HttpURLConnection (and supporting APIs) don't expose
+ *          HttpOnly cookies
+ */
+
+import java.io.IOException;
+import java.net.CookieHandler;
+import java.net.CookieManager;
+import java.net.CookiePolicy;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.URI;
+import java.net.HttpURLConnection;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import com.sun.net.httpserver.Headers;
+import com.sun.net.httpserver.HttpExchange;
+import com.sun.net.httpserver.HttpHandler;
+import com.sun.net.httpserver.HttpServer;
+
+/*
+ * 1) start the HTTP server
+ * 2) populate cookie store with HttpOnly cookies
+ * 3) make HTTP request that should contain HttpOnly cookies
+ * 4) check HttpOnly cookies received by server
+ * 5) server reply with Set-Cookie containing HttpOnly cookie
+ * 6) check HttpOnly cookies are not accessible from Http client
+ */
+
+public class HttpOnly {
+
+    static final String URI_PATH = "/xxyyzz/";
+    static final int SESSION_ID = 12345;
+
+     void test(String[] args) throws Exception {
+        HttpServer server = startHttpServer();
+        CookieHandler previousHandler = CookieHandler.getDefault();
+        try {
+            InetSocketAddress address = server.getAddress();
+            URI uri = new URI("http://" + InetAddress.getLocalHost().getHostAddress()
+                              + ":" + address.getPort() + URI_PATH);
+            populateCookieStore(uri);
+            doClient(uri);
+        } finally {
+            CookieHandler.setDefault(previousHandler);
+            server.stop(0);
+        }
+    }
+
+    void populateCookieStore(URI uri)
+            throws IOException {
+
+        CookieManager cm = new CookieManager(null, CookiePolicy.ACCEPT_ALL);
+        CookieHandler.setDefault(cm);
+        Map<String,List<String>> header = new HashMap<>();
+        List<String> values = new ArrayList<>();
+        values.add("JSESSIONID=" + SESSION_ID + "; version=1; Path="
+                   + URI_PATH +"; HttpOnly");
+        values.add("CUSTOMER=WILE_E_COYOTE; version=1; Path=" + URI_PATH);
+        header.put("Set-Cookie", values);
+        cm.put(uri, header);
+    }
+
+    void doClient(URI uri) throws Exception {
+        HttpURLConnection uc = (HttpURLConnection) uri.toURL().openConnection();
+        int resp = uc.getResponseCode();
+        check(resp == 200,
+              "Unexpected response code. Expected 200, got " + resp);
+
+        // TEST 1: check getRequestProperty doesn't return the HttpOnly cookie
+        // In fact, that it doesn't return any automatically set cookies.
+        String cookie = uc.getRequestProperty("Cookie");
+        check(cookie == null,
+              "Cookie header returned from getRequestProperty, value " + cookie);
+
+        // TEST 2: check getRequestProperties doesn't return the HttpOnly cookie.
+        // In fact, that it doesn't return any automatically set cookies.
+        Map<String,List<String>> reqHeaders = uc.getRequestProperties();
+        Set<Map.Entry<String,List<String>>> entries = reqHeaders.entrySet();
+        for (Map.Entry<String,List<String>> entry : entries) {
+            String header = entry.getKey();
+            check(!"Cookie".equalsIgnoreCase(header),
+                  "Cookie header returned from getRequestProperties, value " +
+                         entry.getValue());
+        }
+
+        // TEST 3: check getHeaderField doesn't return Set-Cookie with HttpOnly
+        String setCookie = uc.getHeaderField("Set-Cookie");
+        if (setCookie != null) {
+            debug("Set-Cookie:" + setCookie);
+            check(!setCookie.toLowerCase().contains("httponly"),
+                  "getHeaderField returned Set-Cookie header with HttpOnly, " +
+                  "value = " + setCookie);
+        }
+
+        // TEST 3.5: check getHeaderField doesn't return Set-Cookie2 with HttpOnly
+        String setCookie2 = uc.getHeaderField("Set-Cookie2");
+        if (setCookie2 != null) {
+            debug("Set-Cookie2:" + setCookie2);
+            check(!setCookie2.toLowerCase().contains("httponly"),
+                  "getHeaderField returned Set-Cookie2 header with HttpOnly, " +
+                  "value = " + setCookie2);
+        }
+
+        // TEST 4: check getHeaderFields doesn't return Set-Cookie
+        //         or Set-Cookie2 headers with HttpOnly
+        Map<String,List<String>> respHeaders = uc.getHeaderFields();
+        Set<Map.Entry<String,List<String>>> respEntries = respHeaders.entrySet();
+        for (Map.Entry<String,List<String>> entry : respEntries) {
+            String header = entry.getKey();
+            if ("Set-Cookie".equalsIgnoreCase(header)) {
+                List<String> setCookieValues = entry.getValue();
+                debug("Set-Cookie:" + setCookieValues);
+                for (String value : setCookieValues)
+                    check(!value.toLowerCase().contains("httponly"),
+                          "getHeaderFields returned Set-Cookie header with HttpOnly, "
+                          + "value = " + value);
+            }
+            if ("Set-Cookie2".equalsIgnoreCase(header)) {
+                List<String> setCookieValues = entry.getValue();
+                debug("Set-Cookie2:" + setCookieValues);
+                for (String value : setCookieValues)
+                    check(!value.toLowerCase().contains("httponly"),
+                          "getHeaderFields returned Set-Cookie2 header with HttpOnly, "
+                          + "value = " + value);
+            }
+        }
+
+        // Now add some user set cookies into the mix.
+        uc = (HttpURLConnection) uri.toURL().openConnection();
+        uc.addRequestProperty("Cookie", "CUSTOMER_ID=CHEGAR;");
+        resp = uc.getResponseCode();
+        check(resp == 200,
+              "Unexpected response code. Expected 200, got " + resp);
+
+        // TEST 5: check getRequestProperty doesn't return the HttpOnly cookie
+        cookie = uc.getRequestProperty("Cookie");
+        check(!cookie.toLowerCase().contains("httponly"),
+              "HttpOnly cookie returned from getRequestProperty, value " + cookie);
+
+        // TEST 6: check getRequestProperties doesn't return the HttpOnly cookie.
+        reqHeaders = uc.getRequestProperties();
+        entries = reqHeaders.entrySet();
+        for (Map.Entry<String,List<String>> entry : entries) {
+            String header = entry.getKey();
+            if ("Cookie".equalsIgnoreCase(header)) {
+                for (String val : entry.getValue())
+                    check(!val.toLowerCase().contains("httponly"),
+                          "HttpOnly cookie returned from getRequestProperties," +
+                          " value " + val);
+            }
+        }
+    }
+
+    // HTTP Server
+    HttpServer startHttpServer() throws IOException {
+        HttpServer httpServer = HttpServer.create(new InetSocketAddress(0), 0);
+        httpServer.createContext(URI_PATH, new SimpleHandler());
+        httpServer.start();
+        return httpServer;
+    }
+
+    class SimpleHandler implements HttpHandler {
+        @Override
+        public void handle(HttpExchange t) throws IOException {
+            Headers reqHeaders = t.getRequestHeaders();
+
+            // some small sanity check
+            List<String> cookies = reqHeaders.get("Cookie");
+            for (String cookie : cookies) {
+                if (!cookie.contains("JSESSIONID")
+                    || !cookie.contains("WILE_E_COYOTE"))
+                    t.sendResponseHeaders(400, -1);
+            }
+
+            // return some cookies so we can check getHeaderField(s)
+            Headers respHeaders = t.getResponseHeaders();
+            List<String> values = new ArrayList<>();
+            values.add("ID=JOEBLOGGS; version=1; Path=" + URI_PATH);
+            values.add("NEW_JSESSIONID=" + (SESSION_ID+1) + "; version=1; Path="
+                       + URI_PATH +"; HttpOnly");
+            values.add("NEW_CUSTOMER=WILE_E_COYOTE2; version=1; Path=" + URI_PATH);
+            respHeaders.put("Set-Cookie", values);
+            values = new ArrayList<>();
+            values.add("COOKIE2_CUSTOMER=WILE_E_COYOTE2; version=1; Path="
+                       + URI_PATH);
+            respHeaders.put("Set-Cookie2", values);
+            values.add("COOKIE2_JSESSIONID=" + (SESSION_ID+100)
+                       + "; version=1; Path=" + URI_PATH +"; HttpOnly");
+            respHeaders.put("Set-Cookie2", values);
+
+            t.sendResponseHeaders(200, -1);
+            t.close();
+        }
+    }
+
+    volatile int passed = 0, failed = 0;
+    boolean debug = false;
+    void pass() {passed++;}
+    void fail() {failed++;}
+    void fail(String msg) {System.err.println(msg); fail();}
+    void unexpected(Throwable t) {failed++; t.printStackTrace();}
+    void debug(String message) { if (debug) System.out.println(message); }
+    void check(boolean cond, String failMessage) {if (cond) pass(); else fail(failMessage);}
+    public static void main(String[] args) throws Throwable {
+        Class<?> k = new Object(){}.getClass().getEnclosingClass();
+        try {k.getMethod("instanceMain",String[].class)
+                .invoke( k.newInstance(), (Object) args);}
+        catch (Throwable e) {throw e.getCause();}}
+    public void instanceMain(String[] args) throws Throwable {
+        try {test(args);} catch (Throwable t) {unexpected(t);}
+        System.out.printf("%nPassed = %d, failed = %d%n%n", passed, failed);
+        if (failed > 0) throw new AssertionError("Some tests failed");}
+}
+
--- a/test/sun/security/krb5/auto/Context.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/test/sun/security/krb5/auto/Context.java	Mon Jan 16 14:26:51 2012 +0000
@@ -76,7 +76,6 @@
 
     private Subject s;
     private ExtendedGSSContext x;
-    private boolean f;      // context established?
     private String name;
     private GSSCredential cred;     // see static method delegated().
 
@@ -194,7 +193,6 @@
                 return null;
             }
         }, null);
-        f = false;
     }
 
     /**
@@ -228,7 +226,6 @@
                 return null;
             }
         }, null);
-        f = false;
     }
 
     /**
@@ -502,6 +499,29 @@
         return sb.toString();
     }
 
+    public byte[] take(final byte[] in) throws Exception {
+        return doAs(new Action() {
+            @Override
+            public byte[] run(Context me, byte[] input) throws Exception {
+                if (me.x.isEstablished()) {
+                    System.out.println(name + " side established");
+                    if (input != null) {
+                        throw new Exception("Context established but " +
+                                "still receive token at " + name);
+                    }
+                    return null;
+                } else {
+                    System.out.println(name + " call initSecContext");
+                    if (me.x.isInitiator()) {
+                        return me.x.initSecContext(input, 0, input.length);
+                    } else {
+                        return me.x.acceptSecContext(input, 0, input.length);
+                    }
+                }
+            }
+        }, in);
+    }
+
     /**
      * Handshake (security context establishment process) between two Contexts
      * @param c the initiator
@@ -510,54 +530,9 @@
      */
     static public void handshake(final Context c, final Context s) throws Exception {
         byte[] t = new byte[0];
-        while (!c.f || !s.f) {
-            t = c.doAs(new Action() {
-                @Override
-                public byte[] run(Context me, byte[] input) throws Exception {
-                    if (me.x.isEstablished()) {
-                        me.f = true;
-                        System.out.println(c.name + " side established");
-                        if (input != null) {
-                            throw new Exception("Context established but " +
-                                    "still receive token at " + c.name);
-                        }
-                        return null;
-                    } else {
-                        System.out.println(c.name + " call initSecContext");
-                        if (usingStream) {
-                            ByteArrayOutputStream os = new ByteArrayOutputStream();
-                            me.x.initSecContext(new ByteArrayInputStream(input), os);
-                            return os.size() == 0 ? null : os.toByteArray();
-                        } else {
-                            return me.x.initSecContext(input, 0, input.length);
-                        }
-                    }
-                }
-            }, t);
-
-            t = s.doAs(new Action() {
-                @Override
-                public byte[] run(Context me, byte[] input) throws Exception {
-                    if (me.x.isEstablished()) {
-                        me.f = true;
-                        System.out.println(s.name + " side established");
-                        if (input != null) {
-                            throw new Exception("Context established but " +
-                                    "still receive token at " + s.name);
-                        }
-                        return null;
-                    } else {
-                        System.out.println(s.name + " called acceptSecContext");
-                        if (usingStream) {
-                            ByteArrayOutputStream os = new ByteArrayOutputStream();
-                            me.x.acceptSecContext(new ByteArrayInputStream(input), os);
-                            return os.size() == 0 ? null : os.toByteArray();
-                        } else {
-                            return me.x.acceptSecContext(input, 0, input.length);
-                        }
-                    }
-                }
-            }, t);
+        while (!c.x.isEstablished() || !s.x.isEstablished()) {
+            t = c.take(t);
+            t = s.take(t);
         }
     }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/krb5/auto/ReplayCache.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2012 Sun Microsystems, Inc.  All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 7118809
+ * @run main/othervm ReplayCache
+ * @summary rcache deadlock
+ */
+
+import org.ietf.jgss.GSSException;
+import sun.security.jgss.GSSUtil;
+import sun.security.krb5.KrbException;
+import sun.security.krb5.internal.Krb5;
+
+public class ReplayCache {
+
+    public static void main(String[] args)
+            throws Exception {
+
+        new OneKDC(null).writeJAASConf();
+
+        Context c, s;
+        c = Context.fromJAAS("client");
+        s = Context.fromJAAS("server");
+
+        c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);
+        s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
+
+        byte[] first = c.take(new byte[0]);
+        s.take(first);
+
+        s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
+        try {
+            s.take(first);  // Replay the last token sent
+            throw new Exception("This method should fail");
+        } catch (GSSException gsse) {
+            KrbException ke = (KrbException)gsse.getCause();
+            if (ke.returnCode() != Krb5.KRB_AP_ERR_REPEAT) {
+                throw gsse;
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/ShortRSAKey1024.sh	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+
+# @test
+# @bug 7106773
+# @summary 512 bits RSA key cannot work with SHA384 and SHA512
+# @run shell ShortRSAKey1024.sh
+
+# set a few environment variables so that the shell-script can run stand-alone
+# in the source directory
+if [ "${TESTSRC}" = "" ] ; then
+   TESTSRC="."
+fi
+
+if [ "${TESTCLASSES}" = "" ] ; then
+   TESTCLASSES="."
+fi
+
+if [ "${TESTJAVA}" = "" ] ; then
+   echo "TESTJAVA not set.  Test cannot execute."
+   echo "FAILED!!!"
+   exit 1
+fi
+
+OS=`uname -s`
+case "$OS" in
+    Windows* | CYGWIN* )
+
+        echo "Creating a temporary RSA keypair in the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -genkeypair \
+            -storetype Windows-My \
+            -keyalg RSA \
+            -alias 7106773.1024 \
+            -keysize 1024 \
+            -dname "cn=localhost,c=US" \
+            -noprompt
+
+        echo
+        echo "Running the test..."
+        ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\ShortRSAKeyWithinTLS.java
+        ${TESTJAVA}/bin/java ShortRSAKeyWithinTLS 7106773.1024 1024 \
+            TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+
+        rc=$?
+
+        echo
+        echo "Removing the temporary RSA keypair from the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -delete \
+            -storetype Windows-My \
+            -alias 7106773.1024
+
+        echo done.
+        exit $rc
+        ;;
+
+    * )
+        echo "This test is not intended for '$OS' - passing test"
+        exit 0
+        ;;
+esac
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/ShortRSAKey512.sh	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,86 @@
+#!/bin/sh
+
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+
+# @test
+# @bug 7106773
+# @summary 512 bits RSA key cannot work with SHA384 and SHA512
+# @run shell ShortRSAKey512.sh
+
+# set a few environment variables so that the shell-script can run stand-alone
+# in the source directory
+if [ "${TESTSRC}" = "" ] ; then
+   TESTSRC="."
+fi
+
+if [ "${TESTCLASSES}" = "" ] ; then
+   TESTCLASSES="."
+fi
+
+if [ "${TESTJAVA}" = "" ] ; then
+   echo "TESTJAVA not set.  Test cannot execute."
+   echo "FAILED!!!"
+   exit 1
+fi
+
+OS=`uname -s`
+case "$OS" in
+    Windows* | CYGWIN* )
+
+        echo "Creating a temporary RSA keypair in the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -genkeypair \
+            -storetype Windows-My \
+            -keyalg RSA \
+            -alias 7106773.512 \
+            -keysize 512 \
+            -dname "cn=localhost,c=US" \
+            -noprompt
+
+        echo
+        echo "Running the test..."
+        ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\ShortRSAKeyWithinTLS.java
+        ${TESTJAVA}/bin/java ShortRSAKeyWithinTLS 7106773.512 512 \
+            TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+
+
+        rc=$?
+
+        echo
+        echo "Removing the temporary RSA keypair from the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -delete \
+            -storetype Windows-My \
+            -alias 7106773.512
+
+        echo done.
+        exit $rc
+        ;;
+
+    * )
+        echo "This test is not intended for '$OS' - passing test"
+        exit 0
+        ;;
+esac
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/ShortRSAKey768.sh	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+#
+# Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+
+# @test
+# @bug 7106773
+# @summary 512 bits RSA key cannot work with SHA384 and SHA512
+# @run shell ShortRSAKey768.sh
+
+# set a few environment variables so that the shell-script can run stand-alone
+# in the source directory
+if [ "${TESTSRC}" = "" ] ; then
+   TESTSRC="."
+fi
+
+if [ "${TESTCLASSES}" = "" ] ; then
+   TESTCLASSES="."
+fi
+
+if [ "${TESTJAVA}" = "" ] ; then
+   echo "TESTJAVA not set.  Test cannot execute."
+   echo "FAILED!!!"
+   exit 1
+fi
+
+OS=`uname -s`
+case "$OS" in
+    Windows* | CYGWIN* )
+
+        echo "Creating a temporary RSA keypair in the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -genkeypair \
+            -storetype Windows-My \
+            -keyalg RSA \
+            -alias 7106773.768 \
+            -keysize 768 \
+            -dname "cn=localhost,c=US" \
+            -noprompt
+
+        echo
+        echo "Running the test..."
+        ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\ShortRSAKeyWithinTLS.java
+        ${TESTJAVA}/bin/java ShortRSAKeyWithinTLS 7106773.768 768 \
+            TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+
+        rc=$?
+
+        echo
+        echo "Removing the temporary RSA keypair from the Windows-My store..."
+        ${TESTJAVA}/bin/keytool \
+            -delete \
+            -storetype Windows-My \
+            -alias 7106773.768
+
+        echo done.
+        exit $rc
+        ;;
+
+    * )
+        echo "This test is not intended for '$OS' - passing test"
+        exit 0
+        ;;
+esac
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/ShortRSAKeyWithinTLS.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,355 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.*;
+import java.net.*;
+import java.util.*;
+import java.security.*;
+import javax.net.*;
+import javax.net.ssl.*;
+import java.lang.reflect.*;
+
+import sun.security.util.KeyLength;
+
+public class ShortRSAKeyWithinTLS {
+
+    /*
+     * =============================================================
+     * Set the various variables needed for the tests, then
+     * specify what tests to run on each side.
+     */
+
+    /*
+     * Should we run the client or server in a separate thread?
+     * Both sides can throw exceptions, but do you have a preference
+     * as to which side should be the main thread.
+     */
+    static boolean separateServerThread = false;
+
+    /*
+     * Is the server ready to serve?
+     */
+    volatile static boolean serverReady = false;
+
+    /*
+     * Turn on SSL debugging?
+     */
+    static boolean debug = false;
+
+    /*
+     * If the client or server is doing some kind of object creation
+     * that the other side depends on, and that thread prematurely
+     * exits, you may experience a hang.  The test harness will
+     * terminate all hung threads after its timeout has expired,
+     * currently 3 minutes by default, but you might try to be
+     * smart about it....
+     */
+
+    /*
+     * Define the server side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doServerSide() throws Exception {
+
+        // load the key store
+        KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
+        ks.load(null, null);
+        System.out.println("Loaded keystore: Windows-MY");
+
+        // check key size
+        checkKeySize(ks);
+
+        // initialize the SSLContext
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+        kmf.init(ks, null);
+
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+        tmf.init(ks);
+
+        SSLContext ctx = SSLContext.getInstance("TLS");
+        ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+
+        ServerSocketFactory ssf = ctx.getServerSocketFactory();
+        SSLServerSocket sslServerSocket = (SSLServerSocket)
+                                ssf.createServerSocket(serverPort);
+        sslServerSocket.setNeedClientAuth(true);
+        serverPort = sslServerSocket.getLocalPort();
+        System.out.println("serverPort = " + serverPort);
+
+        /*
+         * Signal Client, we're ready for his connect.
+         */
+        serverReady = true;
+
+        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
+        InputStream sslIS = sslSocket.getInputStream();
+        OutputStream sslOS = sslSocket.getOutputStream();
+
+        sslIS.read();
+        sslOS.write(85);
+        sslOS.flush();
+
+        sslSocket.close();
+    }
+
+    /*
+     * Define the client side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doClientSide() throws Exception {
+
+        /*
+         * Wait for server to get started.
+         */
+        while (!serverReady) {
+            Thread.sleep(50);
+        }
+
+        // load the key store
+        KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
+        ks.load(null, null);
+        System.out.println("Loaded keystore: Windows-MY");
+
+        // initialize the SSLContext
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+        kmf.init(ks, null);
+
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+        tmf.init(ks);
+
+        SSLContext ctx = SSLContext.getInstance("TLS");
+        ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+
+        SSLSocketFactory sslsf = ctx.getSocketFactory();
+        SSLSocket sslSocket = (SSLSocket)
+            sslsf.createSocket("localhost", serverPort);
+
+        if (clientProtocol != null) {
+            sslSocket.setEnabledProtocols(new String[] {clientProtocol});
+        }
+
+        if (clientCiperSuite != null) {
+            sslSocket.setEnabledCipherSuites(new String[] {clientCiperSuite});
+        }
+
+        InputStream sslIS = sslSocket.getInputStream();
+        OutputStream sslOS = sslSocket.getOutputStream();
+
+        sslOS.write(280);
+        sslOS.flush();
+        sslIS.read();
+
+        sslSocket.close();
+    }
+
+    private void checkKeySize(KeyStore ks) throws Exception {
+        PrivateKey privateKey = null;
+        PublicKey publicKey = null;
+
+        if (ks.containsAlias(keyAlias)) {
+            System.out.println("Loaded entry: " + keyAlias);
+            privateKey = (PrivateKey)ks.getKey(keyAlias, null);
+            publicKey = (PublicKey)ks.getCertificate(keyAlias).getPublicKey();
+
+            int privateKeySize = KeyLength.getKeySize(privateKey);
+            if (privateKeySize != keySize) {
+                throw new Exception("Expected key size is " + keySize +
+                        ", but the private key size is " + privateKeySize);
+            }
+
+            int publicKeySize = KeyLength.getKeySize(publicKey);
+            if (publicKeySize != keySize) {
+                throw new Exception("Expected key size is " + keySize +
+                        ", but the public key size is " + publicKeySize);
+            }
+        }
+    }
+
+    /*
+     * =============================================================
+     * The remainder is just support stuff
+     */
+
+    // use any free port by default
+    volatile int serverPort = 0;
+
+    volatile Exception serverException = null;
+    volatile Exception clientException = null;
+
+    private static String keyAlias;
+    private static int keySize;
+    private static String clientProtocol = null;
+    private static String clientCiperSuite = null;
+
+    private static void parseArguments(String[] args) {
+        keyAlias = args[0];
+        keySize = Integer.parseInt(args[1]);
+
+        if (args.length > 2) {
+            clientProtocol = args[2];
+        }
+
+        if (args.length > 3) {
+            clientCiperSuite = args[3];
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        if (debug) {
+            System.setProperty("javax.net.debug", "all");
+        }
+
+        // Get the customized arguments.
+        parseArguments(args);
+
+        new ShortRSAKeyWithinTLS();
+    }
+
+    Thread clientThread = null;
+    Thread serverThread = null;
+
+    /*
+     * Primary constructor, used to drive remainder of the test.
+     *
+     * Fork off the other side, then do your work.
+     */
+    ShortRSAKeyWithinTLS() throws Exception {
+        try {
+            if (separateServerThread) {
+                startServer(true);
+                startClient(false);
+            } else {
+                startClient(true);
+                startServer(false);
+            }
+        } catch (Exception e) {
+            // swallow for now.  Show later
+        }
+
+        /*
+         * Wait for other side to close down.
+         */
+        if (separateServerThread) {
+            serverThread.join();
+        } else {
+            clientThread.join();
+        }
+
+        /*
+         * When we get here, the test is pretty much over.
+         * Which side threw the error?
+         */
+        Exception local;
+        Exception remote;
+        String whichRemote;
+
+        if (separateServerThread) {
+            remote = serverException;
+            local = clientException;
+            whichRemote = "server";
+        } else {
+            remote = clientException;
+            local = serverException;
+            whichRemote = "client";
+        }
+
+        /*
+         * If both failed, return the curthread's exception, but also
+         * print the remote side Exception
+         */
+        if ((local != null) && (remote != null)) {
+            System.out.println(whichRemote + " also threw:");
+            remote.printStackTrace();
+            System.out.println();
+            throw local;
+        }
+
+        if (remote != null) {
+            throw remote;
+        }
+
+        if (local != null) {
+            throw local;
+        }
+    }
+
+    void startServer(boolean newThread) throws Exception {
+        if (newThread) {
+            serverThread = new Thread() {
+                public void run() {
+                    try {
+                        doServerSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our server thread just died.
+                         *
+                         * Release the client, if not active already...
+                         */
+                        System.err.println("Server died...");
+                        serverReady = true;
+                        serverException = e;
+                    }
+                }
+            };
+            serverThread.start();
+        } else {
+            try {
+                doServerSide();
+            } catch (Exception e) {
+                serverException = e;
+            } finally {
+                serverReady = true;
+            }
+        }
+    }
+
+    void startClient(boolean newThread) throws Exception {
+        if (newThread) {
+            clientThread = new Thread() {
+                public void run() {
+                    try {
+                        doClientSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our client thread just died.
+                         */
+                        System.err.println("Client died...");
+                        clientException = e;
+                    }
+                }
+            };
+            clientThread.start();
+        } else {
+            try {
+                doClientSide();
+            } catch (Exception e) {
+                clientException = e;
+            }
+        }
+    }
+}
+
--- a/test/sun/security/pkcs11/KeyStore/ClientAuth.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/test/sun/security/pkcs11/KeyStore/ClientAuth.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -155,6 +155,14 @@
         SSLSocket sslSocket = (SSLSocket)
             sslsf.createSocket("localhost", serverPort);
 
+        if (clientProtocol != null) {
+            sslSocket.setEnabledProtocols(new String[] {clientProtocol});
+        }
+
+        if (clientCiperSuite != null) {
+            sslSocket.setEnabledCipherSuites(new String[] {clientCiperSuite});
+        }
+
         InputStream sslIS = sslSocket.getInputStream();
         OutputStream sslOS = sslSocket.getOutputStream();
 
@@ -176,7 +184,22 @@
     volatile Exception serverException = null;
     volatile Exception clientException = null;
 
+    private static String clientProtocol = null;
+    private static String clientCiperSuite = null;
+
+    private static void parseArguments(String[] args) {
+        if (args.length > 0) {
+            clientProtocol = args[0];
+        }
+
+        if (args.length > 1) {
+            clientCiperSuite = args[1];
+        }
+    }
+
     public static void main(String[] args) throws Exception {
+        // Get the customized arguments.
+        parseArguments(args);
         main(new ClientAuth());
     }
 
--- a/test/sun/security/pkcs11/KeyStore/ClientAuth.sh	Mon Jan 16 15:49:14 2012 +0300
+++ b/test/sun/security/pkcs11/KeyStore/ClientAuth.sh	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -22,8 +22,9 @@
 #
 
 # @test
-# @bug 4938185
+# @bug 4938185 7106773
 # @summary KeyStore support for NSS cert/key databases
+#          512 bits RSA key cannot work with SHA384 and SHA512
 #
 # @run shell ClientAuth.sh
 
@@ -126,6 +127,7 @@
 	${TESTSRC}${FS}ClientAuth.java
 
 # run test
+echo "Run ClientAuth ..."
 ${TESTJAVA}${FS}bin${FS}java \
 	-classpath ${TESTCLASSES}${PS}${TESTSRC}${FS}loader.jar \
 	-DDIR=${TESTSRC}${FS}ClientAuthData${FS} \
@@ -140,5 +142,26 @@
 # save error status
 status=$?
 
+# return if failed
+if [ "${status}" != "0" ] ; then
+    exit $status
+fi
+
+# run test with specified TLS protocol and cipher suite
+echo "Run ClientAuth TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+${TESTJAVA}${FS}bin${FS}java \
+	-classpath ${TESTCLASSES}${PS}${TESTSRC}${FS}loader.jar \
+	-DDIR=${TESTSRC}${FS}ClientAuthData${FS} \
+	-DCUSTOM_DB_DIR=${TESTCLASSES} \
+	-DCUSTOM_P11_CONFIG=${TESTSRC}${FS}ClientAuthData${FS}p11-nss.txt \
+	-DNO_DEFAULT=true \
+	-DNO_DEIMOS=true \
+	-Dtest.src=${TESTSRC} \
+	-Dtest.classes=${TESTCLASSES} \
+	ClientAuth TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+
+# save error status
+status=$?
+
 # return
 exit $status
--- a/test/sun/security/ssl/javax/net/ssl/SSLContextVersion.java	Mon Jan 16 15:49:14 2012 +0300
+++ b/test/sun/security/ssl/javax/net/ssl/SSLContextVersion.java	Mon Jan 16 14:26:51 2012 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -91,7 +91,7 @@
             ciphers = parameters.getCipherSuites();
 
             if (protocols.length == 0 || ciphers.length == 0) {
-                throw new Exception("No default protocols or cipher suites");
+                throw new Exception("No supported protocols or cipher suites");
             }
 
             isMatch = false;
@@ -104,7 +104,7 @@
             }
 
             if (!isMatch) {
-                throw new Exception("No matched default protocol");
+                throw new Exception("No matched supported protocol");
             }
             System.out.println("\t... Success");
         }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ssl/javax/net/ssl/TLSv12/ShortRSAKey512.java	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,414 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7106773
+ * @summary 512 bits RSA key cannot work with SHA384 and SHA512
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
+ * @run main/othervm ShortRSAKey512 PKIX
+ * @run main/othervm ShortRSAKey512 SunX509
+ */
+
+import java.net.*;
+import java.util.*;
+import java.io.*;
+import javax.net.ssl.*;
+import java.security.KeyStore;
+import java.security.KeyFactory;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+import java.security.spec.*;
+import java.security.interfaces.*;
+import sun.misc.BASE64Decoder;
+
+
+public class ShortRSAKey512 {
+
+    /*
+     * =============================================================
+     * Set the various variables needed for the tests, then
+     * specify what tests to run on each side.
+     */
+
+    /*
+     * Should we run the client or server in a separate thread?
+     * Both sides can throw exceptions, but do you have a preference
+     * as to which side should be the main thread.
+     */
+    static boolean separateServerThread = false;
+
+    /*
+     * Where do we find the keystores?
+     */
+    // Certificates and key used in the test.
+    static String trustedCertStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICkjCCAfugAwIBAgIBADANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
+        "MTEwODE5MDE1MjE5WhcNMzIwNzI5MDE1MjE5WjA7MQswCQYDVQQGEwJVUzENMAsG\n" +
+        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwgZ8wDQYJ\n" +
+        "KoZIhvcNAQEBBQADgY0AMIGJAoGBAM8orG08DtF98TMSscjGsidd1ZoN4jiDpi8U\n" +
+        "ICz+9dMm1qM1d7O2T+KH3/mxyox7Rc2ZVSCaUD0a3CkhPMnlAx8V4u0H+E9sqso6\n" +
+        "iDW3JpOyzMExvZiRgRG/3nvp55RMIUV4vEHOZ1QbhuqG4ebN0Vz2DkRft7+flthf\n" +
+        "vDld6f5JAgMBAAGjgaUwgaIwHQYDVR0OBBYEFLl81dnfp0wDrv0OJ1sxlWzH83Xh\n" +
+        "MGMGA1UdIwRcMFqAFLl81dnfp0wDrv0OJ1sxlWzH83XhoT+kPTA7MQswCQYDVQQG\n" +
+        "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" +
+        "Y2WCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEE\n" +
+        "BQADgYEALlgaH1gWtoBZ84EW8Hu6YtGLQ/L9zIFmHonUPZwn3Pr//icR9Sqhc3/l\n" +
+        "pVTxOINuFHLRz4BBtEylzRIOPzK3tg8XwuLb1zd0db90x3KBCiAL6E6cklGEPwLe\n" +
+        "XYMHDn9eDsaq861Tzn6ZwzMgw04zotPMoZN0mVd/3Qca8UJFucE=\n" +
+        "-----END CERTIFICATE-----";
+
+    static String targetCertStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICNDCCAZ2gAwIBAgIBDDANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
+        "MTExMTA3MTM1NTUyWhcNMzEwNzI1MTM1NTUyWjBPMQswCQYDVQQGEwJVUzENMAsG\n" +
+        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxEjAQBgNV\n" +
+        "BAMTCWxvY2FsaG9zdDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3Pb49OSPfOD2G\n" +
+        "HSXFCFx1GJEZfqG9ZUf7xuIi/ra5dLjPGAaoY5QF2QOa8VnOriQCXDfyXHxsuRnE\n" +
+        "OomxL7EVAgMBAAGjeDB2MAsGA1UdDwQEAwID6DAdBgNVHQ4EFgQUXNCJK3/dtCIc\n" +
+        "xb+zlA/JINlvs/MwHwYDVR0jBBgwFoAUuXzV2d+nTAOu/Q4nWzGVbMfzdeEwJwYD\n" +
+        "VR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAzANBgkqhkiG9w0B\n" +
+        "AQQFAAOBgQB2qIDUxA2caMPpGtUACZAPRUtrGssCINIfItETXJZCx/cRuZ5sP4D9\n" +
+        "N1acoNDn0hCULe3lhXAeTC9NZ97680yJzregQMV5wATjo1FGsKY30Ma+sc/nfzQW\n" +
+        "+h/7RhYtoG0OTsiaDCvyhI6swkNJzSzrAccPY4+ZgU8HiDLzZTmM3Q==\n" +
+        "-----END CERTIFICATE-----";
+
+    // Private key in the format of PKCS#8, key size is 512 bits.
+    static String targetPrivateKey =
+        "MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAtz2+PTkj3zg9hh0l\n" +
+        "xQhcdRiRGX6hvWVH+8biIv62uXS4zxgGqGOUBdkDmvFZzq4kAlw38lx8bLkZxDqJ\n" +
+        "sS+xFQIDAQABAkByx/5Oo2hQ/w2q4L8z+NTRlJ3vdl8iIDtC/4XPnfYfnGptnpG6\n" +
+        "ZThQRvbMZiai0xHQPQMszvAHjZVme1eDl3EBAiEA3aKJHynPVCEJhpfCLWuMwX5J\n" +
+        "1LntwJO7NTOyU5m8rPECIQDTpzn5X44r2rzWBDna/Sx7HW9IWCxNgUD2Eyi2nA7W\n" +
+        "ZQIgJerEorw4aCAuzQPxiGu57PB6GRamAihEAtoRTBQlH0ECIQDN08FgTtnesgCU\n" +
+        "DFYLLcw1CiHvc7fZw4neBDHCrC8NtQIgA8TOUkGnpCZlQ0KaI8KfKWI+vxFcgFnH\n" +
+        "3fnqsTgaUs4=";
+
+    static char passphrase[] = "passphrase".toCharArray();
+
+    /*
+     * Is the server ready to serve?
+     */
+    volatile static boolean serverReady = false;
+
+    /*
+     * Turn on SSL debugging?
+     */
+    static boolean debug = false;
+
+    /*
+     * Define the server side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doServerSide() throws Exception {
+        SSLContext context = generateSSLContext(null, targetCertStr,
+                                            targetPrivateKey);
+        SSLServerSocketFactory sslssf = context.getServerSocketFactory();
+        SSLServerSocket sslServerSocket =
+            (SSLServerSocket)sslssf.createServerSocket(serverPort);
+        serverPort = sslServerSocket.getLocalPort();
+
+        /*
+         * Signal Client, we're ready for his connect.
+         */
+        serverReady = true;
+
+        SSLSocket sslSocket = (SSLSocket)sslServerSocket.accept();
+        InputStream sslIS = sslSocket.getInputStream();
+        OutputStream sslOS = sslSocket.getOutputStream();
+
+        sslIS.read();
+        sslOS.write('A');
+        sslOS.flush();
+
+        sslSocket.close();
+    }
+
+    /*
+     * Define the client side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doClientSide() throws Exception {
+
+        /*
+         * Wait for server to get started.
+         */
+        while (!serverReady) {
+            Thread.sleep(50);
+        }
+
+        SSLContext context = generateSSLContext(trustedCertStr, null, null);
+        SSLSocketFactory sslsf = context.getSocketFactory();
+
+        SSLSocket sslSocket =
+            (SSLSocket)sslsf.createSocket("localhost", serverPort);
+
+        // enable TLSv1.2 only
+        sslSocket.setEnabledProtocols(new String[] {"TLSv1.2"});
+
+        // enable a block cipher
+        sslSocket.setEnabledCipherSuites(
+            new String[] {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA"});
+
+        InputStream sslIS = sslSocket.getInputStream();
+        OutputStream sslOS = sslSocket.getOutputStream();
+
+        sslOS.write('B');
+        sslOS.flush();
+        sslIS.read();
+
+        sslSocket.close();
+    }
+
+    /*
+     * =============================================================
+     * The remainder is just support stuff
+     */
+    private static String tmAlgorithm;        // trust manager
+
+    private static void parseArguments(String[] args) {
+        tmAlgorithm = args[0];
+    }
+
+    private static SSLContext generateSSLContext(String trustedCertStr,
+            String keyCertStr, String keySpecStr) throws Exception {
+
+        // generate certificate from cert string
+        CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+        // create a key store
+        KeyStore ks = KeyStore.getInstance("JKS");
+        ks.load(null, null);
+
+        // import the trused cert
+        Certificate trusedCert = null;
+        ByteArrayInputStream is = null;
+        if (trustedCertStr != null) {
+            is = new ByteArrayInputStream(trustedCertStr.getBytes());
+            trusedCert = cf.generateCertificate(is);
+            is.close();
+
+            ks.setCertificateEntry("RSA Export Signer", trusedCert);
+        }
+
+        if (keyCertStr != null) {
+            // generate the private key.
+            PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
+                                new BASE64Decoder().decodeBuffer(keySpecStr));
+            KeyFactory kf = KeyFactory.getInstance("RSA");
+            RSAPrivateKey priKey =
+                    (RSAPrivateKey)kf.generatePrivate(priKeySpec);
+
+            // generate certificate chain
+            is = new ByteArrayInputStream(keyCertStr.getBytes());
+            Certificate keyCert = cf.generateCertificate(is);
+            is.close();
+
+            Certificate[] chain = null;
+            if (trusedCert != null) {
+                chain = new Certificate[2];
+                chain[0] = keyCert;
+                chain[1] = trusedCert;
+            } else {
+                chain = new Certificate[1];
+                chain[0] = keyCert;
+            }
+
+            // import the key entry.
+            ks.setKeyEntry("Whatever", priKey, passphrase, chain);
+        }
+
+        // create SSL context
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm);
+        tmf.init(ks);
+
+        SSLContext ctx = SSLContext.getInstance("TLS");
+        if (keyCertStr != null && !keyCertStr.isEmpty()) {
+            KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");
+            kmf.init(ks, passphrase);
+
+            ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+            ks = null;
+        } else {
+            ctx.init(null, tmf.getTrustManagers(), null);
+        }
+
+        return ctx;
+    }
+
+
+    // use any free port by default
+    volatile int serverPort = 0;
+
+    volatile Exception serverException = null;
+    volatile Exception clientException = null;
+
+    public static void main(String[] args) throws Exception {
+        if (debug)
+            System.setProperty("javax.net.debug", "all");
+
+        /*
+         * Get the customized arguments.
+         */
+        parseArguments(args);
+
+        /*
+         * Start the tests.
+         */
+        new ShortRSAKey512();
+    }
+
+    Thread clientThread = null;
+    Thread serverThread = null;
+
+    /*
+     * Primary constructor, used to drive remainder of the test.
+     *
+     * Fork off the other side, then do your work.
+     */
+    ShortRSAKey512() throws Exception {
+        try {
+            if (separateServerThread) {
+                startServer(true);
+                startClient(false);
+            } else {
+                startClient(true);
+                startServer(false);
+            }
+        } catch (Exception e) {
+            // swallow for now.  Show later
+        }
+
+        /*
+         * Wait for other side to close down.
+         */
+        if (separateServerThread) {
+            serverThread.join();
+        } else {
+            clientThread.join();
+        }
+
+        /*
+         * When we get here, the test is pretty much over.
+         * Which side threw the error?
+         */
+        Exception local;
+        Exception remote;
+        String whichRemote;
+
+        if (separateServerThread) {
+            remote = serverException;
+            local = clientException;
+            whichRemote = "server";
+        } else {
+            remote = clientException;
+            local = serverException;
+            whichRemote = "client";
+        }
+
+        /*
+         * If both failed, return the curthread's exception, but also
+         * print the remote side Exception
+         */
+        if ((local != null) && (remote != null)) {
+            System.out.println(whichRemote + " also threw:");
+            remote.printStackTrace();
+            System.out.println();
+            throw local;
+        }
+
+        if (remote != null) {
+            throw remote;
+        }
+
+        if (local != null) {
+            throw local;
+        }
+    }
+
+    void startServer(boolean newThread) throws Exception {
+        if (newThread) {
+            serverThread = new Thread() {
+                public void run() {
+                    try {
+                        doServerSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our server thread just died.
+                         *
+                         * Release the client, if not active already...
+                         */
+                        System.err.println("Server died...");
+                        serverReady = true;
+                        serverException = e;
+                    }
+                }
+            };
+            serverThread.start();
+        } else {
+            try {
+                doServerSide();
+            } catch (Exception e) {
+                serverException = e;
+            } finally {
+                serverReady = true;
+            }
+        }
+    }
+
+    void startClient(boolean newThread) throws Exception {
+        if (newThread) {
+            clientThread = new Thread() {
+                public void run() {
+                    try {
+                        doClientSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our client thread just died.
+                         */
+                        System.err.println("Client died...");
+                        clientException = e;
+                    }
+                }
+            };
+            clientThread.start();
+        } else {
+            try {
+                doClientSide();
+            } catch (Exception e) {
+                clientException = e;
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/tools/keytool/trystore.sh	Mon Jan 16 14:26:51 2012 +0000
@@ -0,0 +1,65 @@
+#
+# Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 7047200
+# @summary keytool can try save to a byte array before overwrite the file
+
+if [ "${TESTJAVA}" = "" ] ; then
+  JAVAC_CMD=`which javac`
+  TESTJAVA=`dirname $JAVAC_CMD`/..
+fi
+
+# set platform-dependent variables
+OS=`uname -s`
+case "$OS" in
+  Windows_* )
+    FS="\\"
+    ;;
+  * )
+    FS="/"
+    ;;
+esac
+
+rm trystore.jks 2> /dev/null
+
+KEYTOOL="${TESTJAVA}${FS}bin${FS}keytool -storetype jks -keystore trystore.jks"
+$KEYTOOL -genkeypair -alias a -dname CN=A -storepass changeit -keypass changeit
+$KEYTOOL -genkeypair -alias b -dname CN=B -storepass changeit -keypass changeit
+
+# We use -protected for JKS keystore. This is illegal so the command should
+# fail. Then we can check if the keystore is damaged.
+
+$KEYTOOL -genkeypair -protected -alias b -delete -debug
+
+if [ $? = 0 ]; then
+    echo "What? -protected works for JKS?"
+    exit 1
+fi
+
+$KEYTOOL -list -storepass changeit
+
+if [ $? != 0 ]; then
+    echo "Keystore file damaged"
+    exit 2
+fi