changeset 11320:f0a02bf01b85

Merge
author aefimov
date Tue, 13 Oct 2015 18:29:27 +0300
parents 5eda1daea288 fd2fe69089ac
children f712dceafb54
files .hgtags src/share/native/sun/nio/ch/genSocketOptionRegistry.c src/solaris/native/sun/nio/fs/genSolarisConstants.c src/solaris/native/sun/nio/fs/genUnixConstants.c test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilderWithMD5.java
diffstat 39 files changed, 462 insertions(+), 1123 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags	Mon Sep 28 15:42:04 2015 -0700
+++ b/.hgtags	Tue Oct 13 18:29:27 2015 +0300
@@ -479,6 +479,7 @@
 d26fd80f684d44fd9b16e84e585dda3757d4a19c jdk8u65-b14
 64c3b5808a701b6328c18028d1c98bc41679f718 jdk8u65-b15
 372d63c0daaff36677d40f5f05b051f5e4e9e4ea jdk8u65-b16
+14a4b0a9a0b7a3d06432b484f226c71920460808 jdk8u65-b17
 e9f82302d5fdef8a0976640e09363895e9dcde3c jdk8u66-b00
 64d7bd4e98150447916f210e3bfd6875a4c2728a jdk8u66-b01
 d8210091911b14930192abd3138ee37c281fb632 jdk8u66-b02
@@ -492,3 +493,4 @@
 371fc17e38ccf9a729e34c518f6942162ba6c225 jdk8u66-b14
 ea602badedd0cd0c352c072220a884e8f1335e33 jdk8u66-b15
 5ceafca6a734e13d51319df6afd40678d68f9851 jdk8u66-b16
+e6d562c0f079dfd1e21c3734b2dca16f4b2e2494 jdk8u66-b17
--- a/make/CompileJavaClasses.gmk	Mon Sep 28 15:42:04 2015 -0700
+++ b/make/CompileJavaClasses.gmk	Tue Oct 13 18:29:27 2015 +0300
@@ -238,11 +238,6 @@
   EXFILES += sun/nio/fs/PollingWatchService.java
 endif
 
-# TODO: Fix when converting NIO
-# Exclude *-linux-arm.java and *-linux-ppc.java from closed.
-EXFILES += -linux-arm.java \
-    -linux-ppc.java
-
 ifeq ($(OPENJDK_TARGET_OS), windows)
   EXFILES += sun/nio/ch/AbstractPollSelectorImpl.java \
       sun/nio/ch/PollSelectorProvider.java \
--- a/make/gensrc/GensrcMisc.gmk	Mon Sep 28 15:42:04 2015 -0700
+++ b/make/gensrc/GensrcMisc.gmk	Tue Oct 13 18:29:27 2015 +0300
@@ -64,9 +64,9 @@
 
 GENSRC_MISC += $(JDK_OUTPUTDIR)/gensrc/sun/nio/ch/SocketOptionRegistry.java
 
-GENSRC_SOR_SRC := $(JDK_TOPDIR)/src/share/native/sun/nio/ch
+GENSRC_SOR_SRC := $(JDK_TOPDIR)/make/src/native/genconstants/ch
 GENSRC_SOR_SRC_FILE := genSocketOptionRegistry.c
-GENSRC_SOR_BIN := $(JDK_OUTPUTDIR)/gensrc/genSocketOptionRegistry
+GENSRC_SOR_BIN := $(JDK_OUTPUTDIR)/btnative/genSocketOptionRegistry
 
 SOR_COPYRIGHT_YEARS = $(shell $(CAT) $(GENSRC_SOR_SRC)/$(GENSRC_SOR_SRC_FILE) | \
     $(NAWK) '/^.*Copyright.*Oracle/ { printf "%s %s",$$4,$$5 }')
@@ -81,11 +81,9 @@
     OUTPUT_DIR := $(GENSRC_SOR_BIN), \
     PROGRAM := genSocketOptionRegistry))
 
-ifneq ($(wildcard $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/ch/SocketOptionRegistry-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java), )
-  HAS_SOCKET_OPTION_REGISTRY := true
-endif
+SOR_PREGEN_FILE := $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/ch/SocketOptionRegistry-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java.template
 
-ifneq ($(HAS_SOCKET_OPTION_REGISTRY), true)
+ifeq ($(wildcard $(SOR_PREGEN_FILE)), )
   $(JDK_OUTPUTDIR)/gensrc/sun/nio/ch/SocketOptionRegistry.java: $(BUILD_GENSRC_SOR_EXE)
 	$(MKDIR) -p $(@D)
 	$(RM) $@ $@.tmp
@@ -93,7 +91,7 @@
 	$(BUILD_GENSRC_SOR_EXE) >> $@.tmp
 	$(MV) $@.tmp $@
 else
-  $(JDK_OUTPUTDIR)/gensrc/sun/nio/ch/SocketOptionRegistry.java: $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/ch/SocketOptionRegistry-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java
+  $(JDK_OUTPUTDIR)/gensrc/sun/nio/ch/SocketOptionRegistry.java: $(SOR_PREGEN_FILE)
 	$(call install-file)
 endif
 
@@ -103,9 +101,9 @@
 
   GENSRC_MISC += $(JDK_OUTPUTDIR)/gensrc/sun/nio/fs/UnixConstants.java
 
-  GENSRC_UC_SRC := $(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/nio/fs
+  GENSRC_UC_SRC := $(JDK_TOPDIR)/make/src/native/genconstants/fs
   GENSRC_UC_SRC_FILE := genUnixConstants.c
-  GENSRC_UC_BIN := $(JDK_OUTPUTDIR)/gensrc/genUnixConstants
+  GENSRC_UC_BIN := $(JDK_OUTPUTDIR)/btnative/genUnixConstants
 
   UC_COPYRIGHT_YEARS = $(shell $(CAT) $(GENSRC_UC_SRC)/$(GENSRC_UC_SRC_FILE) | \
       $(NAWK) '/^.*Copyright.*Oracle/ { printf "%s %s",$$4,$$5 }')
@@ -121,11 +119,9 @@
       OUTPUT_DIR := $(GENSRC_UC_BIN), \
       PROGRAM := genUnixConstants))
 
-  ifneq ($(wildcard $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/fs/UnixConstants-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java), )
-    HAS_UNIX_CONSTANTS := true
-  endif
+  UC_PREGEN_FILE := $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/fs/UnixConstants-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java.template
 
-  ifneq ($(HAS_UNIX_CONSTANTS), true)
+  ifeq ($(wildcard $(UC_PREGEN_FILE)), )
     $(JDK_OUTPUTDIR)/gensrc/sun/nio/fs/UnixConstants.java: $(BUILD_GENSRC_UC_EXE)
 	$(MKDIR) -p $(@D)
 	$(RM) $@ $@.tmp
@@ -133,7 +129,7 @@
 	$(BUILD_GENSRC_UC_EXE) >> $@.tmp
 	$(MV) $@.tmp $@
   else
-    $(JDK_OUTPUTDIR)/gensrc/sun/nio/fs/UnixConstants.java: $(JDK_TOPDIR)/src/closed/solaris/classes/sun/nio/fs/UnixConstants-$(OPENJDK_TARGET_OS)-$(OPENJDK_TARGET_CPU_ARCH).java
+    $(JDK_OUTPUTDIR)/gensrc/sun/nio/fs/UnixConstants.java: $(UC_PREGEN_FILE)
 	$(call install-file)
   endif
 
@@ -145,9 +141,9 @@
 
   GENSRC_MISC += $(JDK_OUTPUTDIR)/gensrc/sun/nio/fs/SolarisConstants.java
 
-  GENSRC_SOL_SRC := $(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS_API_DIR)/native/sun/nio/fs
+  GENSRC_SOL_SRC := $(JDK_TOPDIR)/make/src/native/genconstants/fs
   GENSRC_SOL_SRC_FILE := genSolarisConstants.c
-  GENSRC_SOL_BIN := $(JDK_OUTPUTDIR)/gensrc/genSolarisConstants
+  GENSRC_SOL_BIN := $(JDK_OUTPUTDIR)/btnative/genSolarisConstants
 
   SOL_COPYRIGHT_YEARS = $(shell $(CAT) $(GENSRC_SOL_SRC)/$(GENSRC_SOL_SRC_FILE) | \
       $(NAWK) '/^.*Copyright.*Oracle/ { printf "%s %s",$$4,$$5 }')
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/src/native/genconstants/ch/genSocketOptionRegistry.c	Tue Oct 13 18:29:27 2015 +0300
@@ -0,0 +1,131 @@
+/*
+ * Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <stdio.h>
+#ifdef _WIN32
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#else
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
+#endif
+
+/**
+ * Generates sun.nio.ch.SocketOptionRegistry, a class that maps Java-level
+ * socket options to the platform specific level and option.
+ */
+
+static void out(char* s) {
+    printf("%s\n", s);
+}
+
+static void emit(const char *name, char * family, int level, int optname) {
+    printf("            map.put(new RegistryKey(%s, %s),", name, family);
+    printf(" new OptionKey(%d, %d));\n", level, optname);
+}
+
+static void emit_unspec(const char *name, int level, int optname) {
+    emit(name, "Net.UNSPEC", level, optname);
+}
+
+static  void emit_inet(const char *name, int level, int optname) {
+    emit(name, "StandardProtocolFamily.INET", level, optname);
+}
+
+static void emit_inet6(const char *name, int level, int optname) {
+    emit(name, "StandardProtocolFamily.INET6", level, optname);
+}
+
+int main(int argc, const char* argv[]) {
+    out("// AUTOMATICALLY GENERATED FILE - DO NOT EDIT                                  ");
+    out("package sun.nio.ch;                                                            ");
+    out("import java.net.SocketOption;                                                  ");
+    out("import java.net.StandardSocketOptions;                                         ");
+    out("import java.net.ProtocolFamily;                                                ");
+    out("import java.net.StandardProtocolFamily;                                        ");
+    out("import java.util.Map;                                                          ");
+    out("import java.util.HashMap;                                                      ");
+    out("class SocketOptionRegistry {                                                   ");
+    out("    private SocketOptionRegistry() { }                                         ");
+    out("    private static class RegistryKey {                                         ");
+    out("        private final SocketOption<?> name;                                    ");
+    out("        private final ProtocolFamily family;                                   ");
+    out("        RegistryKey(SocketOption<?> name, ProtocolFamily family) {             ");
+    out("            this.name = name;                                                  ");
+    out("            this.family = family;                                              ");
+    out("        }                                                                      ");
+    out("        public int hashCode() {                                                ");
+    out("            return name.hashCode() + family.hashCode();                        ");
+    out("        }                                                                      ");
+    out("        public boolean equals(Object ob) {                                     ");
+    out("            if (ob == null) return false;                                      ");
+    out("            if (!(ob instanceof RegistryKey)) return false;                    ");
+    out("            RegistryKey other = (RegistryKey)ob;                               ");
+    out("            if (this.name != other.name) return false;                         ");
+    out("            if (this.family != other.family) return false;                     ");
+    out("            return true;                                                       ");
+    out("        }                                                                      ");
+    out("    }                                                                          ");
+    out("    private static class LazyInitialization {                                  ");
+    out("        static final Map<RegistryKey,OptionKey> options = options();           ");
+    out("        private static Map<RegistryKey,OptionKey> options() {                  ");
+    out("            Map<RegistryKey,OptionKey> map =                                   ");
+    out("                new HashMap<RegistryKey,OptionKey>();                          ");
+
+    emit_unspec("StandardSocketOptions.SO_BROADCAST", SOL_SOCKET, SO_BROADCAST);
+    emit_unspec("StandardSocketOptions.SO_KEEPALIVE", SOL_SOCKET, SO_KEEPALIVE);
+    emit_unspec("StandardSocketOptions.SO_LINGER",    SOL_SOCKET, SO_LINGER);
+    emit_unspec("StandardSocketOptions.SO_SNDBUF",    SOL_SOCKET, SO_SNDBUF);
+    emit_unspec("StandardSocketOptions.SO_RCVBUF",    SOL_SOCKET, SO_RCVBUF);
+    emit_unspec("StandardSocketOptions.SO_REUSEADDR", SOL_SOCKET, SO_REUSEADDR);
+    emit_unspec("StandardSocketOptions.TCP_NODELAY",  IPPROTO_TCP, TCP_NODELAY);
+
+    emit_inet("StandardSocketOptions.IP_TOS",            IPPROTO_IP,     IP_TOS);
+    emit_inet("StandardSocketOptions.IP_MULTICAST_IF",   IPPROTO_IP,     IP_MULTICAST_IF);
+    emit_inet("StandardSocketOptions.IP_MULTICAST_TTL",  IPPROTO_IP,     IP_MULTICAST_TTL);
+    emit_inet("StandardSocketOptions.IP_MULTICAST_LOOP", IPPROTO_IP,     IP_MULTICAST_LOOP);
+
+#ifdef AF_INET6
+    emit_inet6("StandardSocketOptions.IP_TOS",            IPPROTO_IPV6,  IPV6_TCLASS);
+    emit_inet6("StandardSocketOptions.IP_MULTICAST_IF",   IPPROTO_IPV6,  IPV6_MULTICAST_IF);
+    emit_inet6("StandardSocketOptions.IP_MULTICAST_TTL",  IPPROTO_IPV6,  IPV6_MULTICAST_HOPS);
+    emit_inet6("StandardSocketOptions.IP_MULTICAST_LOOP", IPPROTO_IPV6,  IPV6_MULTICAST_LOOP);
+#endif
+
+    emit_unspec("ExtendedSocketOption.SO_OOBINLINE", SOL_SOCKET, SO_OOBINLINE);
+
+    out("            return map;                                                        ");
+    out("        }                                                                      ");
+    out("    }                                                                          ");
+    out("    public static OptionKey findOption(SocketOption<?> name, ProtocolFamily family) { ");
+    out("        RegistryKey key = new RegistryKey(name, family);                       ");
+    out("        return LazyInitialization.options.get(key);                            ");
+    out("    }                                                                          ");
+    out("}                                                                              ");
+
+    return 0;
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/src/native/genconstants/fs/genSolarisConstants.c	Tue Oct 13 18:29:27 2015 +0300
@@ -0,0 +1,105 @@
+/*
+ * Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include <unistd.h>
+#include <sys/acl.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+
+/**
+ * Generates sun.nio.fs.SolarisConstants
+ */
+
+static void out(char* s) {
+    printf("%s\n", s);
+}
+
+static void emit(char* name, int value) {
+    printf("    static final int %s = %d;\n", name, value);
+}
+
+static void emitX(char* name, int value) {
+    printf("    static final int %s = 0x%x;\n", name, value);
+}
+
+#define DEF(X) emit(#X, X);
+#define DEFX(X) emitX(#X, X);
+
+int main(int argc, const char* argv[]) {
+    out("// AUTOMATICALLY GENERATED FILE - DO NOT EDIT                                  ");
+    out("package sun.nio.fs;                                                            ");
+    out("class SolarisConstants {                                                       ");
+    out("    private SolarisConstants() { }                                             ");
+
+    // extended attributes
+    DEFX(O_XATTR);
+    DEF(_PC_XATTR_ENABLED);
+
+    // ACL configuration
+    DEF(_PC_ACL_ENABLED);
+    DEFX(_ACL_ACE_ENABLED);
+
+    // ACL commands
+    DEFX(ACE_GETACL);
+    DEFX(ACE_SETACL);
+
+    // ACL mask/flags/types
+    emitX("ACE_ACCESS_ALLOWED_ACE_TYPE",        0x0000);
+    emitX("ACE_ACCESS_DENIED_ACE_TYPE",         0x0001);
+    emitX("ACE_SYSTEM_AUDIT_ACE_TYPE",          0x0002);
+    emitX("ACE_SYSTEM_ALARM_ACE_TYPE",          0x0003);
+    emitX("ACE_READ_DATA",                      0x00000001);
+    emitX("ACE_LIST_DIRECTORY",                 0x00000001);
+    emitX("ACE_WRITE_DATA",                     0x00000002);
+    emitX("ACE_ADD_FILE",                       0x00000002);
+    emitX("ACE_APPEND_DATA",                    0x00000004);
+    emitX("ACE_ADD_SUBDIRECTORY",               0x00000004);
+    emitX("ACE_READ_NAMED_ATTRS",               0x00000008);
+    emitX("ACE_WRITE_NAMED_ATTRS",              0x00000010);
+    emitX("ACE_EXECUTE",                        0x00000020);
+    emitX("ACE_DELETE_CHILD",                   0x00000040);
+    emitX("ACE_READ_ATTRIBUTES",                0x00000080);
+    emitX("ACE_WRITE_ATTRIBUTES",               0x00000100);
+    emitX("ACE_DELETE",                         0x00010000);
+    emitX("ACE_READ_ACL",                       0x00020000);
+    emitX("ACE_WRITE_ACL",                      0x00040000);
+    emitX("ACE_WRITE_OWNER",                    0x00080000);
+    emitX("ACE_SYNCHRONIZE",                    0x00100000);
+    emitX("ACE_FILE_INHERIT_ACE",               0x0001);
+    emitX("ACE_DIRECTORY_INHERIT_ACE",          0x0002);
+    emitX("ACE_NO_PROPAGATE_INHERIT_ACE",       0x0004);
+    emitX("ACE_INHERIT_ONLY_ACE",               0x0008);
+    emitX("ACE_SUCCESSFUL_ACCESS_ACE_FLAG",     0x0010);
+    emitX("ACE_FAILED_ACCESS_ACE_FLAG",         0x0020);
+    emitX("ACE_IDENTIFIER_GROUP",               0x0040);
+    emitX("ACE_OWNER",                          0x1000);
+    emitX("ACE_GROUP",                          0x2000);
+    emitX("ACE_EVERYONE",                       0x4000);
+
+    out("}                                                                              ");
+    return 0;
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/src/native/genconstants/fs/genUnixConstants.c	Tue Oct 13 18:29:27 2015 +0300
@@ -0,0 +1,141 @@
+/*
+ * Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+
+/**
+ * Generates sun.nio.fs.UnixConstants
+ */
+
+static void out(char* s) {
+    printf("%s\n", s);
+}
+
+static void emit(char* name, int value) {
+    printf("    static final int %s = %d;\n", name, value);
+}
+
+static void emitX(char* name, int value) {
+    printf("    static final int %s = 0x%x;\n", name, value);
+}
+
+#define DEF(X) emit(#X, X);
+#define DEFX(X) emitX(#X, X);
+
+int main(int argc, const char* argv[]) {
+    out("// AUTOMATICALLY GENERATED FILE - DO NOT EDIT                                  ");
+    out("package sun.nio.fs;                                                            ");
+    out("class UnixConstants {                                                          ");
+    out("    private UnixConstants() { }                                                ");
+
+    // open flags
+    DEF(O_RDONLY);
+    DEF(O_WRONLY);
+    DEF(O_RDWR);
+    DEFX(O_APPEND);
+    DEFX(O_CREAT);
+    DEFX(O_EXCL);
+    DEFX(O_TRUNC);
+    DEFX(O_SYNC);
+#ifndef O_DSYNC
+    // At least FreeBSD doesn't define O_DSYNC
+    emit("O_DSYNC", O_SYNC);
+#else
+    DEFX(O_DSYNC);
+#endif
+#ifdef O_NOFOLLOW
+    DEFX(O_NOFOLLOW);
+#else
+    // not supported (dummy values will not be used at runtime).
+    emitX("O_NOFOLLOW", 0x0);
+#endif
+
+    // mode masks
+    emitX("S_IAMB",
+         (S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IWGRP|S_IXGRP|S_IROTH|S_IWOTH|S_IXOTH));
+    DEF(S_IRUSR);
+    DEF(S_IWUSR);
+    DEF(S_IXUSR);
+    DEF(S_IRGRP);
+    DEF(S_IWGRP);
+    DEF(S_IXGRP);
+    DEF(S_IROTH);
+    DEF(S_IWOTH);
+    DEF(S_IXOTH);
+    DEFX(S_IFMT);
+    DEFX(S_IFREG);
+    DEFX(S_IFDIR);
+    DEFX(S_IFLNK);
+    DEFX(S_IFCHR);
+    DEFX(S_IFBLK);
+    DEFX(S_IFIFO);
+
+    // access modes
+    DEF(R_OK);
+    DEF(W_OK);
+    DEF(X_OK);
+    DEF(F_OK);
+
+    // errors
+    DEF(ENOENT);
+    DEF(EACCES);
+    DEF(EEXIST);
+    DEF(ENOTDIR);
+    DEF(EINVAL);
+    DEF(EXDEV);
+    DEF(EISDIR);
+    DEF(ENOTEMPTY);
+    DEF(ENOSPC);
+    DEF(EAGAIN);
+    DEF(ENOSYS);
+    DEF(ELOOP);
+    DEF(EROFS);
+#ifndef ENODATA
+    // Only used in Linux java source, provide any value so it compiles
+    emit("ENODATA", ELAST);
+#else
+    DEF(ENODATA);
+#endif
+    DEF(ERANGE);
+    DEF(EMFILE);
+
+    // flags used with openat/unlinkat/etc.
+#if defined(AT_SYMLINK_NOFOLLOW) && defined(AT_REMOVEDIR)
+    DEFX(AT_SYMLINK_NOFOLLOW)
+    DEFX(AT_REMOVEDIR);
+#else
+    // not supported (dummy values will not be used at runtime).
+    emitX("AT_SYMLINK_NOFOLLOW", 0x0);
+    emitX("AT_REMOVEDIR", 0x0);
+#endif
+
+    out("}                                                                              ");
+
+    return 0;
+}
--- a/src/share/lib/security/java.security-aix	Mon Sep 28 15:42:04 2015 -0700
+++ b/src/share/lib/security/java.security-aix	Tue Oct 13 18:29:27 2015 +0300
@@ -481,7 +481,7 @@
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS) processing
--- a/src/share/lib/security/java.security-linux	Mon Sep 28 15:42:04 2015 -0700
+++ b/src/share/lib/security/java.security-linux	Tue Oct 13 18:29:27 2015 +0300
@@ -481,7 +481,7 @@
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS) processing
--- a/src/share/lib/security/java.security-macosx	Mon Sep 28 15:42:04 2015 -0700
+++ b/src/share/lib/security/java.security-macosx	Tue Oct 13 18:29:27 2015 +0300
@@ -484,7 +484,7 @@
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS) processing
--- a/src/share/lib/security/java.security-solaris	Mon Sep 28 15:42:04 2015 -0700
+++ b/src/share/lib/security/java.security-solaris	Tue Oct 13 18:29:27 2015 +0300
@@ -483,7 +483,7 @@
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS) processing
--- a/src/share/lib/security/java.security-windows	Mon Sep 28 15:42:04 2015 -0700
+++ b/src/share/lib/security/java.security-windows	Tue Oct 13 18:29:27 2015 +0300
@@ -484,7 +484,7 @@
 #   jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
 #
 #
-jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
+jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
 
 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
 # (SSL/TLS) processing
--- a/src/share/native/sun/nio/ch/genSocketOptionRegistry.c	Mon Sep 28 15:42:04 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,131 +0,0 @@
-/*
- * Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-#include <stdio.h>
-#ifdef _WIN32
-#include <winsock2.h>
-#include <ws2tcpip.h>
-#else
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <netinet/tcp.h>
-#endif
-
-/**
- * Generates sun.nio.ch.SocketOptionRegistry, a class that maps Java-level
- * socket options to the platform specific level and option.
- */
-
-static void out(char* s) {
-    printf("%s\n", s);
-}
-
-static void emit(const char *name, char * family, int level, int optname) {
-    printf("            map.put(new RegistryKey(%s, %s),", name, family);
-    printf(" new OptionKey(%d, %d));\n", level, optname);
-}
-
-static void emit_unspec(const char *name, int level, int optname) {
-    emit(name, "Net.UNSPEC", level, optname);
-}
-
-static  void emit_inet(const char *name, int level, int optname) {
-    emit(name, "StandardProtocolFamily.INET", level, optname);
-}
-
-static void emit_inet6(const char *name, int level, int optname) {
-    emit(name, "StandardProtocolFamily.INET6", level, optname);
-}
-
-int main(int argc, const char* argv[]) {
-    out("// AUTOMATICALLY GENERATED FILE - DO NOT EDIT                                  ");
-    out("package sun.nio.ch;                                                            ");
-    out("import java.net.SocketOption;                                                  ");
-    out("import java.net.StandardSocketOptions;                                         ");
-    out("import java.net.ProtocolFamily;                                                ");
-    out("import java.net.StandardProtocolFamily;                                        ");
-    out("import java.util.Map;                                                          ");
-    out("import java.util.HashMap;                                                      ");
-    out("class SocketOptionRegistry {                                                   ");
-    out("    private SocketOptionRegistry() { }                                         ");
-    out("    private static class RegistryKey {                                         ");
-    out("        private final SocketOption<?> name;                                    ");
-    out("        private final ProtocolFamily family;                                   ");
-    out("        RegistryKey(SocketOption<?> name, ProtocolFamily family) {             ");
-    out("            this.name = name;                                                  ");
-    out("            this.family = family;                                              ");
-    out("        }                                                                      ");
-    out("        public int hashCode() {                                                ");
-    out("            return name.hashCode() + family.hashCode();                        ");
-    out("        }                                                                      ");
-    out("        public boolean equals(Object ob) {                                     ");
-    out("            if (ob == null) return false;                                      ");
-    out("            if (!(ob instanceof RegistryKey)) return false;                    ");
-    out("            RegistryKey other = (RegistryKey)ob;                               ");
-    out("            if (this.name != other.name) return false;                         ");
-    out("            if (this.family != other.family) return false;                     ");
-    out("            return true;                                                       ");
-    out("        }                                                                      ");
-    out("    }                                                                          ");
-    out("    private static class LazyInitialization {                                  ");
-    out("        static final Map<RegistryKey,OptionKey> options = options();           ");
-    out("        private static Map<RegistryKey,OptionKey> options() {                  ");
-    out("            Map<RegistryKey,OptionKey> map =                                   ");
-    out("                new HashMap<RegistryKey,OptionKey>();                          ");
-
-    emit_unspec("StandardSocketOptions.SO_BROADCAST", SOL_SOCKET, SO_BROADCAST);
-    emit_unspec("StandardSocketOptions.SO_KEEPALIVE", SOL_SOCKET, SO_KEEPALIVE);
-    emit_unspec("StandardSocketOptions.SO_LINGER",    SOL_SOCKET, SO_LINGER);
-    emit_unspec("StandardSocketOptions.SO_SNDBUF",    SOL_SOCKET, SO_SNDBUF);
-    emit_unspec("StandardSocketOptions.SO_RCVBUF",    SOL_SOCKET, SO_RCVBUF);
-    emit_unspec("StandardSocketOptions.SO_REUSEADDR", SOL_SOCKET, SO_REUSEADDR);
-    emit_unspec("StandardSocketOptions.TCP_NODELAY",  IPPROTO_TCP, TCP_NODELAY);
-
-    emit_inet("StandardSocketOptions.IP_TOS",            IPPROTO_IP,     IP_TOS);
-    emit_inet("StandardSocketOptions.IP_MULTICAST_IF",   IPPROTO_IP,     IP_MULTICAST_IF);
-    emit_inet("StandardSocketOptions.IP_MULTICAST_TTL",  IPPROTO_IP,     IP_MULTICAST_TTL);
-    emit_inet("StandardSocketOptions.IP_MULTICAST_LOOP", IPPROTO_IP,     IP_MULTICAST_LOOP);
-
-#ifdef AF_INET6
-    emit_inet6("StandardSocketOptions.IP_TOS",            IPPROTO_IPV6,  IPV6_TCLASS);
-    emit_inet6("StandardSocketOptions.IP_MULTICAST_IF",   IPPROTO_IPV6,  IPV6_MULTICAST_IF);
-    emit_inet6("StandardSocketOptions.IP_MULTICAST_TTL",  IPPROTO_IPV6,  IPV6_MULTICAST_HOPS);
-    emit_inet6("StandardSocketOptions.IP_MULTICAST_LOOP", IPPROTO_IPV6,  IPV6_MULTICAST_LOOP);
-#endif
-
-    emit_unspec("ExtendedSocketOption.SO_OOBINLINE", SOL_SOCKET, SO_OOBINLINE);
-
-    out("            return map;                                                        ");
-    out("        }                                                                      ");
-    out("    }                                                                          ");
-    out("    public static OptionKey findOption(SocketOption<?> name, ProtocolFamily family) { ");
-    out("        RegistryKey key = new RegistryKey(name, family);                       ");
-    out("        return LazyInitialization.options.get(key);                            ");
-    out("    }                                                                          ");
-    out("}                                                                              ");
-
-    return 0;
-}
--- a/src/solaris/native/sun/nio/fs/genSolarisConstants.c	Mon Sep 28 15:42:04 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,105 +0,0 @@
-/*
- * Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include <unistd.h>
-#include <sys/acl.h>
-#include <fcntl.h>
-#include <sys/stat.h>
-
-/**
- * Generates sun.nio.fs.SolarisConstants
- */
-
-static void out(char* s) {
-    printf("%s\n", s);
-}
-
-static void emit(char* name, int value) {
-    printf("    static final int %s = %d;\n", name, value);
-}
-
-static void emitX(char* name, int value) {
-    printf("    static final int %s = 0x%x;\n", name, value);
-}
-
-#define DEF(X) emit(#X, X);
-#define DEFX(X) emitX(#X, X);
-
-int main(int argc, const char* argv[]) {
-    out("// AUTOMATICALLY GENERATED FILE - DO NOT EDIT                                  ");
-    out("package sun.nio.fs;                                                            ");
-    out("class SolarisConstants {                                                       ");
-    out("    private SolarisConstants() { }                                             ");
-
-    // extended attributes
-    DEFX(O_XATTR);
-    DEF(_PC_XATTR_ENABLED);
-
-    // ACL configuration
-    DEF(_PC_ACL_ENABLED);
-    DEFX(_ACL_ACE_ENABLED);
-
-    // ACL commands
-    DEFX(ACE_GETACL);
-    DEFX(ACE_SETACL);
-
-    // ACL mask/flags/types
-    emitX("ACE_ACCESS_ALLOWED_ACE_TYPE",        0x0000);
-    emitX("ACE_ACCESS_DENIED_ACE_TYPE",         0x0001);
-    emitX("ACE_SYSTEM_AUDIT_ACE_TYPE",          0x0002);
-    emitX("ACE_SYSTEM_ALARM_ACE_TYPE",          0x0003);
-    emitX("ACE_READ_DATA",                      0x00000001);
-    emitX("ACE_LIST_DIRECTORY",                 0x00000001);
-    emitX("ACE_WRITE_DATA",                     0x00000002);
-    emitX("ACE_ADD_FILE",                       0x00000002);
-    emitX("ACE_APPEND_DATA",                    0x00000004);
-    emitX("ACE_ADD_SUBDIRECTORY",               0x00000004);
-    emitX("ACE_READ_NAMED_ATTRS",               0x00000008);
-    emitX("ACE_WRITE_NAMED_ATTRS",              0x00000010);
-    emitX("ACE_EXECUTE",                        0x00000020);
-    emitX("ACE_DELETE_CHILD",                   0x00000040);
-    emitX("ACE_READ_ATTRIBUTES",                0x00000080);
-    emitX("ACE_WRITE_ATTRIBUTES",               0x00000100);
-    emitX("ACE_DELETE",                         0x00010000);
-    emitX("ACE_READ_ACL",                       0x00020000);
-    emitX("ACE_WRITE_ACL",                      0x00040000);
-    emitX("ACE_WRITE_OWNER",                    0x00080000);
-    emitX("ACE_SYNCHRONIZE",                    0x00100000);
-    emitX("ACE_FILE_INHERIT_ACE",               0x0001);
-    emitX("ACE_DIRECTORY_INHERIT_ACE",          0x0002);
-    emitX("ACE_NO_PROPAGATE_INHERIT_ACE",       0x0004);
-    emitX("ACE_INHERIT_ONLY_ACE",               0x0008);
-    emitX("ACE_SUCCESSFUL_ACCESS_ACE_FLAG",     0x0010);
-    emitX("ACE_FAILED_ACCESS_ACE_FLAG",         0x0020);
-    emitX("ACE_IDENTIFIER_GROUP",               0x0040);
-    emitX("ACE_OWNER",                          0x1000);
-    emitX("ACE_GROUP",                          0x2000);
-    emitX("ACE_EVERYONE",                       0x4000);
-
-    out("}                                                                              ");
-    return 0;
-}
--- a/src/solaris/native/sun/nio/fs/genUnixConstants.c	Mon Sep 28 15:42:04 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,141 +0,0 @@
-/*
- * Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <sys/stat.h>
-
-/**
- * Generates sun.nio.fs.UnixConstants
- */
-
-static void out(char* s) {
-    printf("%s\n", s);
-}
-
-static void emit(char* name, int value) {
-    printf("    static final int %s = %d;\n", name, value);
-}
-
-static void emitX(char* name, int value) {
-    printf("    static final int %s = 0x%x;\n", name, value);
-}
-
-#define DEF(X) emit(#X, X);
-#define DEFX(X) emitX(#X, X);
-
-int main(int argc, const char* argv[]) {
-    out("// AUTOMATICALLY GENERATED FILE - DO NOT EDIT                                  ");
-    out("package sun.nio.fs;                                                            ");
-    out("class UnixConstants {                                                          ");
-    out("    private UnixConstants() { }                                                ");
-
-    // open flags
-    DEF(O_RDONLY);
-    DEF(O_WRONLY);
-    DEF(O_RDWR);
-    DEFX(O_APPEND);
-    DEFX(O_CREAT);
-    DEFX(O_EXCL);
-    DEFX(O_TRUNC);
-    DEFX(O_SYNC);
-#ifndef O_DSYNC
-    // At least FreeBSD doesn't define O_DSYNC
-    emit("O_DSYNC", O_SYNC);
-#else
-    DEFX(O_DSYNC);
-#endif
-#ifdef O_NOFOLLOW
-    DEFX(O_NOFOLLOW);
-#else
-    // not supported (dummy values will not be used at runtime).
-    emitX("O_NOFOLLOW", 0x0);
-#endif
-
-    // mode masks
-    emitX("S_IAMB",
-         (S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IWGRP|S_IXGRP|S_IROTH|S_IWOTH|S_IXOTH));
-    DEF(S_IRUSR);
-    DEF(S_IWUSR);
-    DEF(S_IXUSR);
-    DEF(S_IRGRP);
-    DEF(S_IWGRP);
-    DEF(S_IXGRP);
-    DEF(S_IROTH);
-    DEF(S_IWOTH);
-    DEF(S_IXOTH);
-    DEFX(S_IFMT);
-    DEFX(S_IFREG);
-    DEFX(S_IFDIR);
-    DEFX(S_IFLNK);
-    DEFX(S_IFCHR);
-    DEFX(S_IFBLK);
-    DEFX(S_IFIFO);
-
-    // access modes
-    DEF(R_OK);
-    DEF(W_OK);
-    DEF(X_OK);
-    DEF(F_OK);
-
-    // errors
-    DEF(ENOENT);
-    DEF(EACCES);
-    DEF(EEXIST);
-    DEF(ENOTDIR);
-    DEF(EINVAL);
-    DEF(EXDEV);
-    DEF(EISDIR);
-    DEF(ENOTEMPTY);
-    DEF(ENOSPC);
-    DEF(EAGAIN);
-    DEF(ENOSYS);
-    DEF(ELOOP);
-    DEF(EROFS);
-#ifndef ENODATA
-    // Only used in Linux java source, provide any value so it compiles
-    emit("ENODATA", ELAST);
-#else
-    DEF(ENODATA);
-#endif
-    DEF(ERANGE);
-    DEF(EMFILE);
-
-    // flags used with openat/unlinkat/etc.
-#if defined(AT_SYMLINK_NOFOLLOW) && defined(AT_REMOVEDIR)
-    DEFX(AT_SYMLINK_NOFOLLOW)
-    DEFX(AT_REMOVEDIR);
-#else
-    // not supported (dummy values will not be used at runtime).
-    emitX("AT_SYMLINK_NOFOLLOW", 0x0);
-    emitX("AT_REMOVEDIR", 0x0);
-#endif
-
-    out("}                                                                              ");
-
-    return 0;
-}
--- a/test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/java/security/cert/CertPathBuilder/selfIssued/DisableRevocation.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,12 +21,6 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  * @bug 6852744
@@ -240,10 +234,6 @@
 
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
 
         X509CertSelector selector = generateSelector(args[0]);
--- a/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/java/security/cert/CertPathBuilder/selfIssued/KeyUsageMatters.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,12 +21,6 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  * @bug 6852744
@@ -283,10 +277,6 @@
 
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
 
         X509CertSelector selector = generateSelector(args[0]);
--- a/test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/java/security/cert/CertPathBuilder/selfIssued/StatusLoopDependency.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,12 +21,6 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  * @bug 6852744
@@ -289,10 +283,6 @@
 
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
 
         X509CertSelector selector = generateSelector(args[0]);
--- a/test/java/security/cert/CertPathValidator/OCSP/AIACheck.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/java/security/cert/CertPathValidator/OCSP/AIACheck.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,19 +21,12 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  * @bug 5072953
  * @summary Verify that the URL for an OCSP responder can be extracted from a
  *          certificate's AuthorityInfoAccess extension when OCSP certifiate
  *          validation has been enabled.
- * @run main/othervm AIACheck
  */
 
 import java.io.*;
@@ -58,10 +51,6 @@
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         X509Certificate aiaCert = loadCertificate("AIACert.pem");
         X509Certificate rootCert = loadCertificate("RootCert.pem");
 
--- a/test/java/security/cert/CertPathValidator/OCSP/FailoverToCRL.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/java/security/cert/CertPathValidator/OCSP/FailoverToCRL.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,24 +21,16 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  * @bug 6383095
  * @summary CRL revoked certificate failures masked by OCSP failures
- * @run main/othervm FailoverToCRL
- * @author Xuelei Fan
- */
-
-/*
+ *
  * Note that the certificate validity is from Mar 16 14:55:35 2009 GMT to
  * Dec 1 14:55:35 2028 GMT, please update it with newer certificate if
  * expires.
+ *
+ * @author Xuelei Fan
  */
 
 /*
@@ -237,10 +229,6 @@
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPath path = generateCertificatePath();
         Set<TrustAnchor> anchors = generateTrustAnchors();
         CertStore crls = generateCertificateStore();
--- a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevel.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevel.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,18 +21,11 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  *
  * @bug 6720721
  * @summary CRL check with circular depency support needed
- * @run main/othervm CircularCRLOneLevel
  * @author Xuelei Fan
  */
 
@@ -165,10 +158,6 @@
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPath path = generateCertificatePath();
         Set<TrustAnchor> anchors = generateTrustAnchors();
         CertStore crls = generateCertificateStore();
--- a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevelRevoked.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLOneLevelRevoked.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,18 +21,11 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  *
  * @bug 6720721
  * @summary CRL check with circular depency support needed
- * @run main/othervm CircularCRLOneLevelRevoked
  * @author Xuelei Fan
  */
 
@@ -166,10 +159,6 @@
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPath path = generateCertificatePath();
         Set<TrustAnchor> anchors = generateTrustAnchors();
         CertStore crls = generateCertificateStore();
--- a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevel.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevel.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,18 +21,11 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  *
  * @bug 6720721
  * @summary CRL check with circular depency support needed
- * @run main/othervm CircularCRLTwoLevel
  * @author Xuelei Fan
  */
 
@@ -217,10 +210,6 @@
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPath path = generateCertificatePath();
         Set<TrustAnchor> anchors = generateTrustAnchors();
         CertStore crls = generateCertificateStore();
--- a/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevelRevoked.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/java/security/cert/CertPathValidator/indirectCRL/CircularCRLTwoLevelRevoked.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,18 +21,11 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /**
  * @test
  *
  * @bug 6720721
  * @summary CRL check with circular depency support needed
- * @run main/othervm CircularCRLTwoLevelRevoked
  * @author Xuelei Fan
  */
 
@@ -218,10 +211,6 @@
     }
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         CertPath path = generateCertificatePath();
         Set<TrustAnchor> anchors = generateTrustAnchors();
         CertStore crls = generateCertificateStore();
--- a/test/sun/security/provider/certpath/DisabledAlgorithms/CPBuilderWithMD5.java	Mon Sep 28 15:42:04 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,449 +0,0 @@
-/*
- * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-// This test case relies on static security property, no way to re-use
-// security property in samevm/agentvm mode.
-
-/**
- * @test
- *
- * @bug 8030829
- * @summary Add MD5 to jdk.certpath.disabledAlgorithms security property
- *
- * @run main/othervm CPBuilderWithMD5 trustAnchor_SHA1withRSA_1024 0 true
- * @run main/othervm CPBuilderWithMD5 trustAnchor_SHA1withRSA_512  0 true
- * @run main/othervm CPBuilderWithMD5 intermediate_SHA1withRSA_1024_1024 1 true
- * @run main/othervm CPBuilderWithMD5 intermediate_SHA1withRSA_1024_512  1 false
- * @run main/othervm CPBuilderWithMD5 intermediate_SHA1withRSA_512_1024  1 false
- * @run main/othervm CPBuilderWithMD5 intermediate_SHA1withRSA_512_512  1 false
- * @run main/othervm CPBuilderWithMD5 intermediate_MD5withRSA_1024_1024  1 false
- * @run main/othervm CPBuilderWithMD5 intermediate_MD5withRSA_1024_512  1 false
- * @run main/othervm CPBuilderWithMD5 endentiry_SHA1withRSA_1024_1024  2 true
- * @run main/othervm CPBuilderWithMD5 endentiry_SHA1withRSA_1024_512  2 false
- * @run main/othervm CPBuilderWithMD5 endentiry_SHA1withRSA_512_1024  2 false
- * @run main/othervm CPBuilderWithMD5 endentiry_SHA1withRSA_512_512  2 false
- * @run main/othervm CPBuilderWithMD5 endentiry_MD5withRSA_1024_1024  2 false
- * @run main/othervm CPBuilderWithMD5 endentiry_MD5withRSA_1024_512  2 false
- *
- * @author Xuelei Fan
- */
-
-/*
- * The generate.sh was designed to generate MD2 signed certificates.  The
- * certificates used in this test are generated by an updated generate.sh that
- * replacing MD2 with MD5 algorithm.
- */
-import java.io.*;
-import java.net.SocketException;
-import java.util.*;
-import java.security.Security;
-import java.security.cert.*;
-import sun.security.util.DerInputStream;
-
-public class CPBuilderWithMD5 {
-
-    // SHA1withRSA 1024
-    static String trustAnchor_SHA1withRSA_1024 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICPjCCAaegAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA4NTFaFw0zNDEyMDgxMTA4NTFa\n" +
-        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
-        "AQUAA4GNADCBiQKBgQDn3JSHACqi/bcohVy7eFqDs3L5ehnXmF9Jrg4rMRUeNrxA\n" +
-        "61F8bJ9JXx4j8WyqmT0TtokgXuqGxbsXRQVVw4AdXLF2PwCs/y+Y+AwU59uDHA3J\n" +
-        "AMk4VvjV9MB2Ea6YzuLnbbj/TNrfxB6LZ7KBvh0fYGt2T40yMvOvilU/f6e3zQID\n" +
-        "AQABo4GJMIGGMB0GA1UdDgQWBBSIxINDFVm8GpUz3v+BbWNmDEKP7TBHBgNVHSME\n" +
-        "QDA+gBSIxINDFVm8GpUz3v+BbWNmDEKP7aEjpCEwHzELMAkGA1UEBhMCVVMxEDAO\n" +
-        "BgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAgQw\n" +
-        "DQYJKoZIhvcNAQEFBQADgYEAt0mYDXTpInrGvEOylIL2gx65A/bpdz9iDQsSs5sZ\n" +
-        "r3m0v9zJnzR8lRqN4GbaD1vrFdkUrIoObcvXjXitnf5QqDzmc9BbIYj83Ft8QSUj\n" +
-        "jCMy04EGT/7ATss4SiFEu6sJpmOBjsgH6wYuobR27wl/01XOu2CXUo3OOjgAoPBs\n" +
-        "QoQ=\n" +
-        "-----END CERTIFICATE-----";
-
-    // SHA1withRSA 512
-    static String trustAnchor_SHA1withRSA_512 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIBuTCCAWOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA4NTFaFw0zNDEyMDgxMTA4NTFa\n" +
-        "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMFwwDQYJKoZIhvcNAQEB\n" +
-        "BQADSwAwSAJBANLqQkOpH7rBTo/a2ccYjJxvNib/Lxm6UXO1uAd/0AUzPWzJsOpB\n" +
-        "u2zyD26UYc0GNyXCkWMZ44FrtSQ8VI146j8CAwEAAaOBiTCBhjAdBgNVHQ4EFgQU\n" +
-        "5PVLxBY//smN31jHb/MAmCEz5NIwRwYDVR0jBEAwPoAU5PVLxBY//smN31jHb/MA\n" +
-        "mCEz5NKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlggEAMA8G\n" +
-        "A1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0GCSqGSIb3DQEBBQUAA0EAzF9E\n" +
-        "dXYPLqziCRY45IHCUtxaLjLQmwsjEu91TV4xyuuozGEumcqH7m6Hg6Ohnd1FGfsN\n" +
-        "X+vt1tdaDIu9+OzGjQ==\n" +
-        "-----END CERTIFICATE-----";
-
-    // SHA1withRSA 1024 signed with RSA 1024
-    static String intermediate_SHA1withRSA_1024_1024 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICUDCCAbmgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MDlaFw0zMzA5MTQxMTA5MDla\n" +
-        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
-        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/m9wdJT0HR+exquh2Q2Yq\n" +
-        "XvL9HtEsCabCikd0Vjuoi3sZJ/5SBbbHTvh7z7enW0NEpLHQee0ry5FW8mLxDtrR\n" +
-        "38NjE9W7zutucBG5WztwGuvcts13aEw+vH+EwhokJW9PXz9Do+y4PTJo3vdsk7Zs\n" +
-        "bGVY9+YjvlgEaozWXZ1JhQIDAQABo4GJMIGGMB0GA1UdDgQWBBQIsaDZL94kLug/\n" +
-        "A1N4EkNOA4z47DBHBgNVHSMEQDA+gBSIxINDFVm8GpUz3v+BbWNmDEKP7aEjpCEw\n" +
-        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
-        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADgYEA0673aIUF2k20jkpR\n" +
-        "4USN9UkbfX57Uazhl4n765EeAiteWnTzKztISeH1GTrCw7bSl1r07aaflsnbKOHC\n" +
-        "RrL2RxbxNwQARvuuCxr664vXnsGrt86xA5F2iNF22uDM/5HA5sIfBmEk5xXSLrgH\n" +
-        "I7jOaYqAA1b8C+4DU2Z5ZgO4LOA=\n" +
-        "-----END CERTIFICATE-----";
-
-    // SHA1withRSA 1024 signed with RSA 512
-    static String intermediate_SHA1withRSA_1024_512 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICDzCCAbmgAwIBAgIBBDANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MDlaFw0zMzA5MTQxMTA5MDla\n" +
-        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
-        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/m9wdJT0HR+exquh2Q2Yq\n" +
-        "XvL9HtEsCabCikd0Vjuoi3sZJ/5SBbbHTvh7z7enW0NEpLHQee0ry5FW8mLxDtrR\n" +
-        "38NjE9W7zutucBG5WztwGuvcts13aEw+vH+EwhokJW9PXz9Do+y4PTJo3vdsk7Zs\n" +
-        "bGVY9+YjvlgEaozWXZ1JhQIDAQABo4GJMIGGMB0GA1UdDgQWBBQIsaDZL94kLug/\n" +
-        "A1N4EkNOA4z47DBHBgNVHSMEQDA+gBTk9UvEFj/+yY3fWMdv8wCYITPk0qEjpCEw\n" +
-        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
-        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEFBQADQQAihshnF7RWZ13tUGsH\n" +
-        "iM4i8HmBjw2+pwW/cs0E8BcycYEy3beWMcL1Np2yfOa/7K5ZvGPhe/piwzTel+Kt\n" +
-        "5VLm\n" +
-        "-----END CERTIFICATE-----";
-
-    // SHA1withRSA 512 signed with RSA 1024
-    static String intermediate_SHA1withRSA_512_1024 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICDDCCAXWgAwIBAgIBBTANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MDlaFw0zMzA5MTQxMTA5MDla\n" +
-        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
-        "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAK4h/iW3wt+ugR5ObWiFSl394UU/\n" +
-        "lWNm+N6UAgsBRhSzZz/Iof7xZTQI+usNXzOrTnU3+uZsMgokpjkrko1osxUCAwEA\n" +
-        "AaOBiTCBhjAdBgNVHQ4EFgQU88OD48Osuh7lJiLnhfMhrySqW8QwRwYDVR0jBEAw\n" +
-        "PoAUiMSDQxVZvBqVM97/gW1jZgxCj+2hI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
-        "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
-        "CSqGSIb3DQEBBQUAA4GBAAHN8XUTT6asa1MvpfqAvKTH6tNrMOmzoFsUamPxSrUB\n" +
-        "tnBv/fa/E9+1QvQwl3g6luVXBkQf2/nVD0195IdkEuD/C6psuGKerXmiaRMv5Wcs\n" +
-        "B+8bTzhNxMzHKPZDJ8Tf/RD3XpPvtxw0T+I5xud68FH/WDhJtu7TiXPAhs7srtHt\n" +
-        "-----END CERTIFICATE-----";
-
-    // SHA1withRSA 512 signed with RSA 512
-    static String intermediate_SHA1withRSA_512_512 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIByzCCAXWgAwIBAgIBBjANBgkqhkiG9w0BAQUFADAfMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MDlaFw0zMzA5MTQxMTA5MDla\n" +
-        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
-        "cy0xMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAK4h/iW3wt+ugR5ObWiFSl394UU/\n" +
-        "lWNm+N6UAgsBRhSzZz/Iof7xZTQI+usNXzOrTnU3+uZsMgokpjkrko1osxUCAwEA\n" +
-        "AaOBiTCBhjAdBgNVHQ4EFgQU88OD48Osuh7lJiLnhfMhrySqW8QwRwYDVR0jBEAw\n" +
-        "PoAU5PVLxBY//smN31jHb/MAmCEz5NKhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
-        "VQQKEwdFeGFtcGxlggEAMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgIEMA0G\n" +
-        "CSqGSIb3DQEBBQUAA0EASLN+1/pfo+9ty5EaYkoPu4QeYGr+5wmXyDceiaED/Lok\n" +
-        "RdV0ZH0qwD4kiarlJssNOgMCk+2EzgvXcIhEMDa5hA==\n" +
-        "-----END CERTIFICATE-----";
-
-    // MD5withRSA 1024 signed with RSA 1024
-    static String intermediate_MD5withRSA_1024_1024 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICUDCCAbmgAwIBAgIBBzANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MDlaFw0zMzA5MTQxMTA5MDla\n" +
-        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
-        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/m9wdJT0HR+exquh2Q2Yq\n" +
-        "XvL9HtEsCabCikd0Vjuoi3sZJ/5SBbbHTvh7z7enW0NEpLHQee0ry5FW8mLxDtrR\n" +
-        "38NjE9W7zutucBG5WztwGuvcts13aEw+vH+EwhokJW9PXz9Do+y4PTJo3vdsk7Zs\n" +
-        "bGVY9+YjvlgEaozWXZ1JhQIDAQABo4GJMIGGMB0GA1UdDgQWBBQIsaDZL94kLug/\n" +
-        "A1N4EkNOA4z47DBHBgNVHSMEQDA+gBSIxINDFVm8GpUz3v+BbWNmDEKP7aEjpCEw\n" +
-        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
-        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEEBQADgYEAerx2je3FBVn2eoPs\n" +
-        "nTzLKILezqCTCO7mXWiyBidRhh4RGdM8JggMN5SRmuwRurxfYFgPfqmAenWtEFqO\n" +
-        "xZrTXQUvIrrEgpzqkfppFnkCh4kDsX4roD5Nho3J4MTBQkqE0r676Yq6Rp6cywCq\n" +
-        "CHQQztRGY7n/ZYRNJ3uzvuoT1tk=\n" +
-        "-----END CERTIFICATE-----";
-
-    // MD5withRSA 1024 signed with RSA 512
-    static String intermediate_MD5withRSA_1024_512 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICDzCCAbmgAwIBAgIBCDANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTAeFw0xMzEyMjgxMTA5MTBaFw0zMzA5MTQxMTA5MTBa\n" +
-        "MDExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMRAwDgYDVQQLEwdDbGFz\n" +
-        "cy0xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/m9wdJT0HR+exquh2Q2Yq\n" +
-        "XvL9HtEsCabCikd0Vjuoi3sZJ/5SBbbHTvh7z7enW0NEpLHQee0ry5FW8mLxDtrR\n" +
-        "38NjE9W7zutucBG5WztwGuvcts13aEw+vH+EwhokJW9PXz9Do+y4PTJo3vdsk7Zs\n" +
-        "bGVY9+YjvlgEaozWXZ1JhQIDAQABo4GJMIGGMB0GA1UdDgQWBBQIsaDZL94kLug/\n" +
-        "A1N4EkNOA4z47DBHBgNVHSMEQDA+gBTk9UvEFj/+yY3fWMdv8wCYITPk0qEjpCEw\n" +
-        "HzELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0V4YW1wbGWCAQAwDwYDVR0TAQH/BAUw\n" +
-        "AwEB/zALBgNVHQ8EBAMCAgQwDQYJKoZIhvcNAQEEBQADQQA3XGQPNin8cDIsJ4vx\n" +
-        "tTxUO6XVJoWOdTsjwzlMrPmLvjJNZeXLtQe3pQu0vjgyUpQ59VYLW3qKN/LF3UH0\n" +
-        "Ep7V\n" +
-        "-----END CERTIFICATE-----";
-
-    // SHA1withRSA 1024 signed with RSA 1024
-    static String endentiry_SHA1withRSA_1024_1024 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICNzCCAaCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" +
-        "MTJaFw0zMzA5MTQxMTA5MTJaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
-        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
-        "9w0BAQEFAAOBjQAwgYkCgYEAvktJqK4/SvQrTyGgV8tM6zP/K5xQP1pFRipRKS8i\n" +
-        "2yaXdlW4jQBZWVXdfEsm8YwGwtXFKIlleALmgJcLldPwNm0qaKixL4mRJVMm4bXM\n" +
-        "UXCfmr+Im1SpA4Yum4VFCfIJ1kkeQkXqc57sCSfS+rFnC+1kSNa9wj+Mc4+5FR4k\n" +
-        "zqUCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBRDzLh/sWyTsdq1KKnG\n" +
-        "8e7JW1tPUDAfBgNVHSMEGDAWgBQIsaDZL94kLug/A1N4EkNOA4z47DANBgkqhkiG\n" +
-        "9w0BAQUFAAOBgQB2RkWHOaL4WTOGoeTS4J4o9FW+4UXihbocdI/64rMExERjDkE/\n" +
-        "Jh31TEmatnP1gPrF1AfmqQPubqVSbRtCHrZF+Ilk6L6YeyRNzKvsLiMUtgrLYLas\n" +
-        "Vop0DFZxR02xHgaJdoJkcWBjNadb9zG7eZtt8OOOJ4lRwg02aLTy+WDqPA==\n" +
-        "-----END CERTIFICATE-----";
-
-    // SHA1withRSA 1024 signed with RSA 512
-    static String endentiry_SHA1withRSA_1024_512 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIB9jCCAaCgAwIBAgIBAzANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" +
-        "MTJaFw0zMzA5MTQxMTA5MTJaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
-        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
-        "9w0BAQEFAAOBjQAwgYkCgYEAvktJqK4/SvQrTyGgV8tM6zP/K5xQP1pFRipRKS8i\n" +
-        "2yaXdlW4jQBZWVXdfEsm8YwGwtXFKIlleALmgJcLldPwNm0qaKixL4mRJVMm4bXM\n" +
-        "UXCfmr+Im1SpA4Yum4VFCfIJ1kkeQkXqc57sCSfS+rFnC+1kSNa9wj+Mc4+5FR4k\n" +
-        "zqUCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBRDzLh/sWyTsdq1KKnG\n" +
-        "8e7JW1tPUDAfBgNVHSMEGDAWgBTzw4Pjw6y6HuUmIueF8yGvJKpbxDANBgkqhkiG\n" +
-        "9w0BAQUFAANBAIapvjECUm4YD4O99G0v2SM17cKQzjZtSWkScS7FSk4sxS+dP3hM\n" +
-        "Qb2UpoRl6CGynhOVVy2G/VJN8BEqOfywj8k=\n" +
-        "-----END CERTIFICATE-----";
-
-    // SHA1withRSA 512 signed with RSA 1024
-    static String endentiry_SHA1withRSA_512_1024 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIB8zCCAVygAwIBAgIBBDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" +
-        "MTJaFw0zMzA5MTQxMTA5MTJaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
-        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
-        "DQEBAQUAA0sAMEgCQQCngiNTE+qngHcfj2jUpdc82gCw+TFRjR7oMSdp7b/3NwpD\n" +
-        "E+11z9WspoXTDzvbKcGUH9svFl691NyY0ZUmf+4RAgMBAAGjTzBNMAsGA1UdDwQE\n" +
-        "AwID6DAdBgNVHQ4EFgQUK+oVsFTQbz08evgQZ5Sd82c2y4UwHwYDVR0jBBgwFoAU\n" +
-        "CLGg2S/eJC7oPwNTeBJDTgOM+OwwDQYJKoZIhvcNAQEFBQADgYEAMd/8XnjRz5jK\n" +
-        "nbss9DDQQC2mUuCbV/tGdke7eQ1DtBVZLBU6wDgisGr52sUXmyZIPmSVKpQqwCG5\n" +
-        "8cY5uQhaNwPtPmMMKXzX32zN9NhVkiDNceL+zHs3vdjD1i/QiUTST+NKfLYVb6dF\n" +
-        "YMG65lxe3gMVxMweiHSZSukmk1k3gUA=\n" +
-        "-----END CERTIFICATE-----";
-
-    // SHA1withRSA 512 signed with RSA 512
-    static String endentiry_SHA1withRSA_512_512 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIBsjCCAVygAwIBAgIBBTANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" +
-        "MTJaFw0zMzA5MTQxMTA5MTJaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
-        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTBcMA0GCSqGSIb3\n" +
-        "DQEBAQUAA0sAMEgCQQCngiNTE+qngHcfj2jUpdc82gCw+TFRjR7oMSdp7b/3NwpD\n" +
-        "E+11z9WspoXTDzvbKcGUH9svFl691NyY0ZUmf+4RAgMBAAGjTzBNMAsGA1UdDwQE\n" +
-        "AwID6DAdBgNVHQ4EFgQUK+oVsFTQbz08evgQZ5Sd82c2y4UwHwYDVR0jBBgwFoAU\n" +
-        "88OD48Osuh7lJiLnhfMhrySqW8QwDQYJKoZIhvcNAQEFBQADQQB4xFWtC6ijDBIe\n" +
-        "/Gkf3B9+ycmP52pTPNiPwMS6u1a5vTRXMn5xRDexWfxJKJVZ2s9UR1jheZvWgPC8\n" +
-        "VUWO8bbG\n" +
-        "-----END CERTIFICATE-----";
-
-    // MD5withRSA 1024 signed with RSA 1024
-    static String endentiry_MD5withRSA_1024_1024 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIICNzCCAaCgAwIBAgIBBjANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" +
-        "MTJaFw0zMzA5MTQxMTA5MTJaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
-        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
-        "9w0BAQEFAAOBjQAwgYkCgYEAvktJqK4/SvQrTyGgV8tM6zP/K5xQP1pFRipRKS8i\n" +
-        "2yaXdlW4jQBZWVXdfEsm8YwGwtXFKIlleALmgJcLldPwNm0qaKixL4mRJVMm4bXM\n" +
-        "UXCfmr+Im1SpA4Yum4VFCfIJ1kkeQkXqc57sCSfS+rFnC+1kSNa9wj+Mc4+5FR4k\n" +
-        "zqUCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBRDzLh/sWyTsdq1KKnG\n" +
-        "8e7JW1tPUDAfBgNVHSMEGDAWgBQIsaDZL94kLug/A1N4EkNOA4z47DANBgkqhkiG\n" +
-        "9w0BAQQFAAOBgQBCVn9/JQxsRTaKIKSrgB+KtEreat+33k3SXuJICuRxcmvjOXIx\n" +
-        "wSdq+mRCA+DpIPSNtgnDAUyipnyxRxpdmRRUHuRYpkALq4a5QtTJK0Y/CEMfsd2J\n" +
-        "Yd2zKcfynDLW6LVeNdtjlY7fTemJnbA/WImNhwyW55V9vbnk3J04EZN8jw==\n" +
-        "-----END CERTIFICATE-----";
-
-    // MD5withRSA 1024 signed with RSA 512
-    static String endentiry_MD5withRSA_1024_512 =
-        "-----BEGIN CERTIFICATE-----\n" +
-        "MIIB9jCCAaCgAwIBAgIBBzANBgkqhkiG9w0BAQQFADAxMQswCQYDVQQGEwJVUzEQ\n" +
-        "MA4GA1UEChMHRXhhbXBsZTEQMA4GA1UECxMHQ2xhc3MtMTAeFw0xMzEyMjgxMTA5\n" +
-        "MTNaFw0zMzA5MTQxMTA5MTNaMEExCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFt\n" +
-        "cGxlMRAwDgYDVQQLEwdDbGFzcy0xMQ4wDAYDVQQDEwVBbGljZTCBnzANBgkqhkiG\n" +
-        "9w0BAQEFAAOBjQAwgYkCgYEAvktJqK4/SvQrTyGgV8tM6zP/K5xQP1pFRipRKS8i\n" +
-        "2yaXdlW4jQBZWVXdfEsm8YwGwtXFKIlleALmgJcLldPwNm0qaKixL4mRJVMm4bXM\n" +
-        "UXCfmr+Im1SpA4Yum4VFCfIJ1kkeQkXqc57sCSfS+rFnC+1kSNa9wj+Mc4+5FR4k\n" +
-        "zqUCAwEAAaNPME0wCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBRDzLh/sWyTsdq1KKnG\n" +
-        "8e7JW1tPUDAfBgNVHSMEGDAWgBTzw4Pjw6y6HuUmIueF8yGvJKpbxDANBgkqhkiG\n" +
-        "9w0BAQQFAANBAAbZwmkqb6sfiiIxuLnj6PjhJsXGfvPomkkbLu5CapAMhen/p6ZG\n" +
-        "6vh69TbIsBR9UHu7qDyTl5Xax7bmYeW+sDQ=\n" +
-        "-----END CERTIFICATE-----";
-
-    static HashMap<String, String> certmap = new HashMap<String, String>();
-    static {
-        certmap.put("trustAnchor_SHA1withRSA_1024",
-                                    trustAnchor_SHA1withRSA_1024);
-        certmap.put("trustAnchor_SHA1withRSA_512",
-                                    trustAnchor_SHA1withRSA_512);
-        certmap.put("intermediate_SHA1withRSA_1024_1024",
-                                    intermediate_SHA1withRSA_1024_1024);
-        certmap.put("intermediate_SHA1withRSA_1024_512",
-                                    intermediate_SHA1withRSA_1024_512);
-        certmap.put("intermediate_SHA1withRSA_512_1024",
-                                    intermediate_SHA1withRSA_512_1024);
-        certmap.put("intermediate_SHA1withRSA_512_512",
-                                    intermediate_SHA1withRSA_512_512);
-        certmap.put("intermediate_MD5withRSA_1024_1024",
-                                    intermediate_MD5withRSA_1024_1024);
-        certmap.put("intermediate_MD5withRSA_1024_512",
-                                    intermediate_MD5withRSA_1024_512);
-        certmap.put("endentiry_SHA1withRSA_1024_1024",
-                                    endentiry_SHA1withRSA_1024_1024);
-        certmap.put("endentiry_SHA1withRSA_1024_512",
-                                    endentiry_SHA1withRSA_1024_512);
-        certmap.put("endentiry_SHA1withRSA_512_1024",
-                                    endentiry_SHA1withRSA_512_1024);
-        certmap.put("endentiry_SHA1withRSA_512_512",
-                                    endentiry_SHA1withRSA_512_512);
-        certmap.put("endentiry_MD5withRSA_1024_1024",
-                                    endentiry_MD5withRSA_1024_1024);
-        certmap.put("endentiry_MD5withRSA_1024_512",
-                                    endentiry_MD5withRSA_1024_512);
-    }
-
-    private static Set<TrustAnchor> generateTrustAnchors()
-            throws CertificateException {
-        // generate certificate from cert string
-        CertificateFactory cf = CertificateFactory.getInstance("X.509");
-        HashSet<TrustAnchor> anchors = new HashSet<TrustAnchor>();
-
-        ByteArrayInputStream is =
-            new ByteArrayInputStream(trustAnchor_SHA1withRSA_1024.getBytes());
-        Certificate cert = cf.generateCertificate(is);
-        TrustAnchor anchor = new TrustAnchor((X509Certificate)cert, null);
-        anchors.add(anchor);
-
-        is = new ByteArrayInputStream(trustAnchor_SHA1withRSA_512.getBytes());
-        cert = cf.generateCertificate(is);
-        anchor = new TrustAnchor((X509Certificate)cert, null);
-        anchors.add(anchor);
-
-        return anchors;
-    }
-
-    private static CertStore generateCertificateStore() throws Exception {
-        Collection entries = new HashSet();
-
-        // generate certificate from certificate string
-        CertificateFactory cf = CertificateFactory.getInstance("X.509");
-
-        for (String key : certmap.keySet()) {
-            String certStr = certmap.get(key);
-            ByteArrayInputStream is =
-                        new ByteArrayInputStream(certStr.getBytes());;
-            Certificate cert = cf.generateCertificate(is);
-            entries.add(cert);
-        }
-
-        return CertStore.getInstance("Collection",
-                            new CollectionCertStoreParameters(entries));
-    }
-
-    private static X509CertSelector generateSelector(String name)
-                throws Exception {
-        X509CertSelector selector = new X509CertSelector();
-
-        String certStr = certmap.get(name);
-        if (certStr == null) {
-            return null;
-        }
-
-        // generate certificate from certificate string
-        CertificateFactory cf = CertificateFactory.getInstance("X.509");
-        ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
-        X509Certificate target = (X509Certificate)cf.generateCertificate(is);
-
-        selector.setCertificate(target);
-
-        return selector;
-    }
-
-    private static boolean match(String name, Certificate cert)
-                throws Exception {
-        X509CertSelector selector = new X509CertSelector();
-
-        String certStr = certmap.get(name);
-        if (certStr == null) {
-            return false;
-        }
-
-        // generate certificate from certificate string
-        CertificateFactory cf = CertificateFactory.getInstance("X.509");
-        ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
-        X509Certificate target = (X509Certificate)cf.generateCertificate(is);
-
-        return target.equals(cert);
-    }
-
-    public static void main(String args[]) throws Exception {
-        CertPathBuilder builder = CertPathBuilder.getInstance("PKIX");
-
-        X509CertSelector selector = generateSelector(args[0]);
-        if (selector == null) {
-            // no target certificate, ignore it
-            return;
-        }
-
-        Set<TrustAnchor> anchors = generateTrustAnchors();
-        CertStore certs = generateCertificateStore();
-
-        PKIXBuilderParameters params =
-                new PKIXBuilderParameters(anchors, selector);
-        params.addCertStore(certs);
-        params.setRevocationEnabled(false);
-        params.setDate(new Date(114, 9, 1));   // 2014-09-01
-
-        boolean success = Boolean.valueOf(args[2]);
-        try {
-            PKIXCertPathBuilderResult result =
-                        (PKIXCertPathBuilderResult)builder.build(params);
-            if (!success) {
-                throw new Exception("expected algorithm disabled exception");
-            }
-
-            int length = Integer.parseInt(args[1]);
-            List<? extends Certificate> path =
-                                    result.getCertPath().getCertificates();
-            if (length != path.size()) {
-                throw new Exception("unexpected certification path length");
-            }
-
-            if (!path.isEmpty()) {    // the target is not a trust anchor
-                if (!match(args[0], path.get(0))) {
-                    throw new Exception("unexpected certificate");
-                }
-            }
-        } catch (CertPathBuilderException cpbe) {
-            if (success) {
-                throw new Exception("unexpected exception", cpbe);
-            } else {
-                System.out.println("Get the expected exception " + cpbe);
-            }
-        }
-    }
-
-}
--- a/test/sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,23 +21,15 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /*
  * @test
  * @bug 7167988
  * @summary PKIX CertPathBuilder in reverse mode doesn't work if more than
  *          one trust anchor is specified
- * @run main/othervm ReverseBuild
  */
 import java.io.*;
 import java.util.*;
 import java.security.cert.*;
-import java.security.Security;
 
 import sun.security.provider.certpath.SunCertPathBuilderParameters;
 
@@ -287,9 +279,6 @@
 
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
 
         // generate certificate from cert string
         CertificateFactory cf = CertificateFactory.getInstance("X.509");
--- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/MD2InTrustAnchor.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/MD2InTrustAnchor.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,15 +23,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 7113275
  * @summary compatibility issue with MD2 trust anchor and old X509TrustManager
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @run main/othervm MD2InTrustAnchor PKIX TLSv1.1
  * @run main/othervm MD2InTrustAnchor SunX509 TLSv1.1
  * @run main/othervm MD2InTrustAnchor PKIX TLSv1.2
@@ -42,7 +40,6 @@
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -286,10 +283,6 @@
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 
--- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/TrustTrustedCert.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/SSLContextImpl/TrustTrustedCert.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,15 +23,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 7113275
  * @summary compatibility issue with MD2 trust anchor and old X509TrustManager
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @run main/othervm TrustTrustedCert PKIX TLSv1.1
  * @run main/othervm TrustTrustedCert SunX509 TLSv1.1
  * @run main/othervm TrustTrustedCert PKIX TLSv1.2
@@ -338,10 +336,6 @@
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 
--- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509KeyManager/PreferredKey.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509KeyManager/PreferredKey.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,18 +21,11 @@
  * questions.
  */
 
-//
-// Security properties, once set, cannot revert to unset.  To avoid
-// conflicts with tests running in the same VM isolate this test by
-// running it in otherVM mode.
-//
-
 /*
  * @test
  * @bug 6302644
  * @summary X509KeyManager implementation for NewSunX509 doesn't return most
  *          preferable key
- * @run main/othervm PreferredKey
  */
 import java.io.*;
 import java.net.*;
@@ -56,10 +49,6 @@
 
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         KeyStore ks;
         KeyManagerFactory kmf;
         X509KeyManager km;
--- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/BasicConstraints.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/BasicConstraints.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,16 +21,14 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 7166570
  * @summary JSSE certificate validation has started to fail for
  *     certificate chains
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @run main/othervm BasicConstraints PKIX
  * @run main/othervm BasicConstraints SunX509
  */
@@ -39,7 +37,6 @@
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.*;
@@ -457,10 +454,6 @@
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 
--- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/PKIXExtendedTM.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/PKIXExtendedTM.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,23 +21,21 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
 
 /*
  * @test
  * @bug 6916074
  * @summary Add support for TLS 1.2
  * @run main/othervm PKIXExtendedTM
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  */
 
 import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -793,10 +791,6 @@
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 
--- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SelfIssuedCert.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SelfIssuedCert.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,17 +21,15 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 6822460
  * @summary support self-issued certificate
  * @run main/othervm SelfIssuedCert PKIX
  * @run main/othervm SelfIssuedCert SunX509
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @author Xuelei Fan
  */
 
@@ -39,7 +37,6 @@
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -305,10 +302,6 @@
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 
--- a/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SunX509ExtendedTM.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/SunX509ExtendedTM.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,23 +21,20 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 6916074
  * @summary Add support for TLS 1.2
  * @run main/othervm SunX509ExtendedTM
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  */
 
 import java.net.*;
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -795,10 +792,6 @@
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 
--- a/test/sun/security/ssl/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnection/CriticalSubjectAltName.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnection/CriticalSubjectAltName.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,21 +21,18 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 6668231
  * @summary Presence of a critical subjectAltName causes JSSE's SunX509 to
  *          fail trusted checks
  * @run main/othervm CriticalSubjectAltName
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
+ *
  * @author Xuelei Fan
- */
-
-/*
+ *
  * This test depends on binary keystore, crisubn.jks and trusted.jks. Because
  * JAVA keytool cannot generate X509 certificate with SubjectAltName extension,
  * the certificates are generated with openssl toolkits and then imported into
@@ -50,7 +47,6 @@
 import java.io.*;
 import java.net.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.cert.Certificate;
 
 public class CriticalSubjectAltName implements HostnameVerifier {
@@ -158,10 +154,6 @@
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         String keyFilename =
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + keyStoreFile;
--- a/test/sun/security/ssl/javax/net/ssl/ServerName/SSLSocketSNISensitive.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/javax/net/ssl/ServerName/SSLSocketSNISensitive.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -44,7 +44,6 @@
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -432,10 +431,6 @@
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 
--- a/test/sun/security/ssl/javax/net/ssl/TLSv11/EmptyCertificateAuthorities.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/javax/net/ssl/TLSv11/EmptyCertificateAuthorities.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,16 +23,15 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /*
  * @test
  * @bug 4873188
  * @summary Support TLS 1.1
  * @run main/othervm EmptyCertificateAuthorities
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
+ *
  * @author Xuelei Fan
  */
 
@@ -229,10 +228,6 @@
     volatile Exception clientException = null;
 
     public static void main(String[] args) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         String keyFilename =
             System.getProperty("test.src", ".") + "/" + pathToStores +
                 "/" + keyStoreFile;
--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,15 +21,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /* @test
  * @bug 6766775
  * @summary X509 certificate hostname checking is broken in JDK1.6.0_10
  * @run main/othervm DNSIdentities
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @author Xuelei Fan
  */
 
@@ -37,7 +35,6 @@
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -746,10 +743,6 @@
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 
--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,15 +21,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /* @test
  * @summary X509 certificate hostname checking is broken in JDK1.6.0_10
  * @bug 6766775
  * @run main/othervm IPAddressIPIdentities
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @author Xuelei Fan
  */
 
@@ -37,7 +35,6 @@
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -747,10 +744,6 @@
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 
--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,15 +21,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /* @test
  * @summary X509 certificate hostname checking is broken in JDK1.6.0_10
  * @bug 6766775
  * @run main/othervm IPIdentities
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @author Xuelei Fan
  */
 
@@ -37,7 +35,6 @@
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -746,10 +743,6 @@
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");
 
--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/Identities.java	Mon Sep 28 15:42:04 2015 -0700
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/Identities.java	Tue Oct 13 18:29:27 2015 +0300
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,15 +21,13 @@
  * questions.
  */
 
-//
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-//
-
 /* @test
  * @bug 6766775
  * @summary X509 certificate hostname checking is broken in JDK1.6.0_10
  * @run main/othervm Identities
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
  * @author Xuelei Fan
  */
 
@@ -37,7 +35,6 @@
 import java.util.*;
 import java.io.*;
 import javax.net.ssl.*;
-import java.security.Security;
 import java.security.KeyStore;
 import java.security.KeyFactory;
 import java.security.cert.Certificate;
@@ -746,10 +743,6 @@
     volatile Exception clientException = null;
 
     public static void main(String args[]) throws Exception {
-        // MD5 is used in this test case, don't disable MD5 algorithm.
-        Security.setProperty(
-                "jdk.certpath.disabledAlgorithms", "MD2, RSA keySize < 1024");
-
         if (debug)
             System.setProperty("javax.net.debug", "all");