changeset 10902:6e6f26621fa2

Merge
author prr
date Tue, 28 Oct 2014 11:38:00 -0700
parents a06c13cb2e45 5a60db1cbd3c
children 6227bcaa8725 92fbb0d087e3
files src/bsd/doc/man/extcheck.1 src/bsd/doc/man/ja/extcheck.1 src/java.base/share/native/libjava/Compiler.c src/jdk.dev/share/classes/com/sun/tools/extcheck/ExtCheck.java src/jdk.dev/share/classes/com/sun/tools/extcheck/Main.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/BerDecoder.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/BerEncoder.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/BerException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/EnumRowStatus.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/Enumerated.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/ASCII_CharStream.README src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/ASCII_CharStream.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/AclEntryImpl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/AclImpl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/GroupImpl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/Host.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMAccess.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMAclBlock.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMAclItem.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMCommunities.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMCommunity.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMEnterprise.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMHost.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMHostInform.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMHostName.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMHostTrap.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMInformBlock.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMInformCommunity.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMInformInterestedHost.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMInformItem.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMIpAddress.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMIpMask.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMIpV6Address.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMManagers.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMNetMask.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMNetMaskV6.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMSecurityDefs.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMTrapBlock.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMTrapCommunity.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMTrapInterestedHost.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMTrapItem.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JDMTrapNum.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/JJTParserState.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/NetMaskImpl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/Node.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/OwnerImpl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/ParseError.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/ParseException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/Parser.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/Parser.jj src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/Parser.jjt src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/ParserConstants.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/ParserTokenManager.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/ParserTreeConstants.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/PermissionImpl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/PrincipalImpl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/README.update src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/SimpleNode.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/SnmpAcl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/Token.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/TokenMgrError.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/IPAcl/package.html src/jdk.snmp/share/classes/com/sun/jmx/snmp/InetAddressAcl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/ServiceName.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpAckPdu.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpBadSecurityLevelException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpCounter.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpCounter64.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpEngine.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpEngineFactory.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpEngineId.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpEngineParameters.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpGauge.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpInt.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpIpAddress.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpMessage.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpMsg.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpNull.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpOpaque.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpParams.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpPdu.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpPduBulk.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpPduBulkType.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpPduFactory.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpPduFactoryBER.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpPduRequest.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpPduRequestType.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpPduTrap.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpScopedPduBulk.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpScopedPduPacket.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpScopedPduRequest.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpSecurityException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpSecurityParameters.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpStatusException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpString.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpStringFixed.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpTooBigException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpUnknownAccContrModelException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpUnknownModelException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpUnknownModelLcdException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpUnknownMsgProcModelException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpUnknownSecModelException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpUnknownSubSystemException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpUnsignedInt.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpUsmKeyHandler.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpV3Message.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/SnmpValue.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/ThreadContext.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/UserAcl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/AcmChecker.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/LongList.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpEntryOid.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpErrorHandlerAgent.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpGenericMetaServer.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpGenericObjectServer.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpIndex.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMib.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibAgent.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibAgentMBean.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibEntry.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibGroup.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibHandler.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibNode.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibOid.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibRequest.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibRequestImpl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibSubRequest.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpMibTable.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpRequestTree.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpStandardMetaServer.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpStandardObjectServer.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpTableCallbackHandler.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpTableEntryFactory.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpTableEntryNotification.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpTableSupport.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/SnmpUserDataFactory.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/agent/package.html src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/ClientHandler.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/CommunicationException.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/CommunicatorServer.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/CommunicatorServerMBean.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/SnmpAdaptorServer.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/SnmpAdaptorServerMBean.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/SnmpInformHandler.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/SnmpMibTree.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/SnmpRequestHandler.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/SnmpSubBulkRequestHandler.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/SnmpSubNextRequestHandler.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/SnmpSubRequestHandler.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/daemon/package.html src/jdk.snmp/share/classes/com/sun/jmx/snmp/defaults/DefaultPaths.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/defaults/SnmpProperties.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/defaults/package.html src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpAccessControlModel.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpAccessControlSubSystem.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpDecryptedPdu.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpEngineImpl.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpIncomingRequest.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpIncomingResponse.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpLcd.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpModel.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpModelLcd.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpMsgProcessingModel.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpMsgProcessingSubSystem.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpOutgoingRequest.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpSecurityCache.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpSecurityModel.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpSecuritySubSystem.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpSubSystem.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/SnmpTools.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/internal/package.html src/jdk.snmp/share/classes/com/sun/jmx/snmp/mpm/SnmpMsgTranslator.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/mpm/package.html src/jdk.snmp/share/classes/com/sun/jmx/snmp/package.html src/jdk.snmp/share/classes/com/sun/jmx/snmp/tasks/Task.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/tasks/TaskServer.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/tasks/ThreadService.java src/jdk.snmp/share/classes/com/sun/jmx/snmp/tasks/package.html src/jdk.snmp/share/classes/sun/management/snmp/AdaptorBootstrap.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JVM_MANAGEMENT_MIB_IMPL.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmClassLoadingImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmCompilationImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmMemGCEntryImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmMemGCTableMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmMemManagerEntryImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmMemManagerTableMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmMemMgrPoolRelEntryImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmMemMgrPoolRelTableMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmMemPoolEntryImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmMemPoolTableMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmMemoryImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmMemoryMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmOSImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmRTBootClassPathEntryImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmRTBootClassPathTableMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmRTClassPathEntryImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmRTClassPathTableMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmRTInputArgsEntryImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmRTInputArgsTableMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmRTLibraryPathEntryImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmRTLibraryPathTableMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmRuntimeImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmRuntimeMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmThreadInstanceEntryImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmThreadInstanceTableMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmThreadingImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/JvmThreadingMetaImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/NotificationTarget.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/NotificationTargetImpl.java src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/README src/jdk.snmp/share/classes/sun/management/snmp/jvminstr/package.html src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmClassesVerboseLevel.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmJITCompilerTimeMonitoring.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmMemManagerState.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolCollectThreshdSupport.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolState.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolThreshdSupport.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmMemPoolType.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmMemoryGCCall.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmMemoryGCVerboseLevel.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmRTBootClassPathSupport.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmThreadContentionMonitoring.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/EnumJvmThreadCpuTimeMonitoring.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JVM_MANAGEMENT_MIB.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JVM_MANAGEMENT_MIBOidTable.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmClassLoadingMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmClassLoadingMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmCompilationMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmCompilationMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemGCEntryMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemGCEntryMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemGCTableMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemManagerEntryMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemManagerEntryMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemManagerTableMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemMgrPoolRelEntryMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemMgrPoolRelEntryMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemMgrPoolRelTableMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemPoolEntryMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemPoolEntryMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemPoolTableMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemoryMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmMemoryMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmOSMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmOSMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTBootClassPathEntryMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTBootClassPathEntryMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTBootClassPathTableMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTClassPathEntryMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTClassPathEntryMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTClassPathTableMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTInputArgsEntryMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTInputArgsEntryMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTInputArgsTableMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTLibraryPathEntryMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTLibraryPathEntryMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRTLibraryPathTableMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRuntimeMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmRuntimeMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmThreadInstanceEntryMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmThreadInstanceEntryMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmThreadInstanceTableMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmThreadingMBean.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/JvmThreadingMeta.java src/jdk.snmp/share/classes/sun/management/snmp/jvmmib/package.html src/jdk.snmp/share/classes/sun/management/snmp/package.html src/jdk.snmp/share/classes/sun/management/snmp/util/JvmContextFactory.java src/jdk.snmp/share/classes/sun/management/snmp/util/MibLogger.java src/jdk.snmp/share/classes/sun/management/snmp/util/SnmpCachedData.java src/jdk.snmp/share/classes/sun/management/snmp/util/SnmpListTableCache.java src/jdk.snmp/share/classes/sun/management/snmp/util/SnmpLoadedClassData.java src/jdk.snmp/share/classes/sun/management/snmp/util/SnmpNamedListTableCache.java src/jdk.snmp/share/classes/sun/management/snmp/util/SnmpTableCache.java src/jdk.snmp/share/classes/sun/management/snmp/util/SnmpTableHandler.java src/jdk.snmp/share/classes/sun/management/snmp/util/package.html src/linux/doc/man/extcheck.1 src/linux/doc/man/ja/extcheck.1 src/solaris/doc/sun/man/man1/extcheck.1 src/solaris/doc/sun/man/man1/ja/extcheck.1 test/com/sun/jmx/snmp/SnmpOidHashCode.java test/com/sun/jmx/snmp/TimeTicksWrapping.java test/com/sun/tools/extcheck/TestExtcheckArgs.java test/com/sun/tools/extcheck/TestExtcheckArgs.sh test/java/sql/util/StubBlob.java test/javax/sql/testng/util/BaseTest.java test/javax/sql/testng/util/TestPolicy.java
diffstat 446 files changed, 11677 insertions(+), 62722 deletions(-) [+]
line wrap: on
line diff
--- a/.hgtags	Wed Oct 22 13:39:33 2014 +0400
+++ b/.hgtags	Tue Oct 28 11:38:00 2014 -0700
@@ -278,3 +278,4 @@
 60fe681c30bc3821545a2506d4d3c2e04073f67c jdk9-b33
 21568031434d7a9dbb0cc6516cc3183d349c2253 jdk9-b34
 e549291a0227031310fa91c574891f892d27f959 jdk9-b35
+cdcf2e599e42935c2d1d19a24bb19e808aeb43b5 jdk9-b36
--- a/make/CompileDemos.gmk	Wed Oct 22 13:39:33 2014 +0400
+++ b/make/CompileDemos.gmk	Tue Oct 28 11:38:00 2014 -0700
@@ -154,9 +154,9 @@
 	(cd $(JDK_OUTPUTDIR)/demo/jfc/CodePointIM && \
 	$(MKDIR) -p _the.tmp/META-INF/services && \
 	$(CP) $(DEMO_SHARE_SRC)/jfc/CodePointIM/java.awt.im.spi.InputMethodDescriptor _the.tmp/META-INF/services && \
-	cd _the.tmp && \
+	cd ./_the.tmp && \
 	$(JAR) uf $(JDK_OUTPUTDIR)/demo/jfc/CodePointIM/CodePointIM.jar META-INF/services/java.awt.im.spi.InputMethodDescriptor && \
-	cd META-INF/services && \
+	cd ./META-INF/services && \
 	$(JAR) uf $(JDK_OUTPUTDIR)/demo/jfc/CodePointIM/CodePointIM.jar java.awt.im.spi.InputMethodDescriptor)
 	$(RM) -r $(JDK_OUTPUTDIR)/demo/jfc/CodePointIM/_the.tmp
 	$(TOUCH) $@
--- a/make/CreateJars.gmk	Wed Oct 22 13:39:33 2014 +0400
+++ b/make/CreateJars.gmk	Tue Oct 28 11:38:00 2014 -0700
@@ -111,6 +111,7 @@
 # This value should exclude types destined for jars other than rt.jar and resources.jar.
 # When building a Profile this value augments the profile specific exclusions
 RT_JAR_EXCLUDES += \
+    com/oracle/security/ucrypto \
     com/sun/codemodel \
     com/sun/crypto/provider \
     com/sun/istack/internal/tools \
@@ -476,7 +477,6 @@
     com/sun/tools/doclint \
     com/sun/tools/example/debug/expr \
     com/sun/tools/example/debug/tty \
-    com/sun/tools/extcheck \
     com/sun/tools/hat \
     com/sun/tools/internal/jxc \
     com/sun/tools/internal/jxc/ap \
--- a/make/CreateSecurityJars.gmk	Wed Oct 22 13:39:33 2014 +0400
+++ b/make/CreateSecurityJars.gmk	Tue Oct 28 11:38:00 2014 -0700
@@ -169,27 +169,25 @@
 ##########################################################################################
 
 ifeq ($(OPENJDK_TARGET_OS), solaris)
-  ifndef OPENJDK
 
-    UCRYPTO_JAR_DST := $(JDK_OUTPUTDIR)/lib/ext/ucrypto.jar
-    UCRYPTO_JAR_UNSIGNED := $(JDK_OUTPUTDIR)/jce/unsigned/ucrypto.jar
+  UCRYPTO_JAR_DST := $(JDK_OUTPUTDIR)/lib/ext/ucrypto.jar
+  UCRYPTO_JAR_UNSIGNED := $(JDK_OUTPUTDIR)/jce/unsigned/ucrypto.jar
 
-    $(eval $(call SetupArchive,BUILD_UCRYPTO_JAR, , \
-        SRCS := $(JDK_OUTPUTDIR)/modules/jdk.crypto.ucrypto, \
-        SUFFIXES := .class, \
-        INCLUDES := com/oracle/security/ucrypto, \
-        JAR := $(UCRYPTO_JAR_UNSIGNED), \
-        MANIFEST := $(JCE_MANIFEST), \
-        SKIP_METAINF := true))
+  $(eval $(call SetupArchive,BUILD_UCRYPTO_JAR, , \
+      SRCS := $(JDK_OUTPUTDIR)/modules/jdk.crypto.ucrypto, \
+      SUFFIXES := .class, \
+      INCLUDES := com/oracle/security/ucrypto, \
+      JAR := $(UCRYPTO_JAR_UNSIGNED), \
+      MANIFEST := $(JCE_MANIFEST), \
+      SKIP_METAINF := true))
 
-    $(UCRYPTO_JAR_UNSIGNED): $(JCE_MANIFEST)
+  $(UCRYPTO_JAR_UNSIGNED): $(JCE_MANIFEST)
 
-    $(UCRYPTO_JAR_DST): $(UCRYPTO_JAR_UNSIGNED)
+  $(UCRYPTO_JAR_DST): $(UCRYPTO_JAR_UNSIGNED)
 	$(install-file)
 
-    TARGETS += $(UCRYPTO_JAR_UNSIGNED) $(UCRYPTO_JAR_DST)
+  TARGETS += $(UCRYPTO_JAR_UNSIGNED) $(UCRYPTO_JAR_DST)
 
-  endif
 endif
 
 all: $(TARGETS)
--- a/make/Images.gmk	Wed Oct 22 13:39:33 2014 +0400
+++ b/make/Images.gmk	Tue Oct 28 11:38:00 2014 -0700
@@ -94,7 +94,6 @@
 ifeq ($(PROFILE), )
   NOT_JRE_BIN_FILES := \
       appletviewer$(EXE_SUFFIX) \
-      extcheck$(EXE_SUFFIX) \
       idlj$(EXE_SUFFIX) \
       jar$(EXE_SUFFIX) \
       jarsigner$(EXE_SUFFIX) \
@@ -326,7 +325,6 @@
   JDK_MAN_PAGES = \
       $(JRE_MAN_PAGES) \
       appletviewer.1 \
-      extcheck.1 \
       idlj.1 \
       jar.1 \
       jarsigner.1 \
--- a/make/copy/Copy-java.base.gmk	Wed Oct 22 13:39:33 2014 +0400
+++ b/make/copy/Copy-java.base.gmk	Tue Oct 28 11:38:00 2014 -0700
@@ -170,10 +170,7 @@
 
 ifeq ($(OPENJDK_TARGET_OS), windows)
   POLICY_SRC_LIST += $(JDK_TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/conf/security/java.policy
-endif
-ifndef OPENJDK
-  # if $(OPENJDK_TARGET_OS) is windows or solaris
-  ifneq ($(findstring $(OPENJDK_TARGET_OS), windows solaris), )
+  ifndef OPENJDK
     POLICY_SRC_LIST += $(JDK_TOPDIR)/src/closed/java.base/$(OPENJDK_TARGET_OS)/conf/security/java.policy
   endif
 endif
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/copy/Copy-jdk.crypto.ucrypto.gmk	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,49 @@
+#
+# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+include CopyCommon.gmk
+
+################################################################################
+
+ifeq ($(OPENJDK_TARGET_OS), solaris)
+
+  UCRYPTO_CFG_SRC := $(JDK_TOPDIR)/src/jdk.crypto.ucrypto/solaris/conf/security/ucrypto-solaris.cfg
+  UCRYPTO_CFG_DST := $(JDK_OUTPUTDIR)/lib/security/ucrypto-solaris.cfg
+
+  $(UCRYPTO_CFG_DST): $(UCRYPTO_CFG_SRC)
+	$(call install-file)
+
+  SECURITY_UCRYPTO_CONF_FILES += $(UCRYPTO_CFG_DST)
+
+endif
+
+################################################################################
+
+jdk.crypto.ucrypto: $(SECURITY_UCRYPTO_CONF_FILES)
+
+all: jdk.crypto.ucrypto
+
+.PHONY: all jdk.crypto.ucrypto
+
--- a/make/launcher/Launcher-jdk.dev.gmk	Wed Oct 22 13:39:33 2014 +0400
+++ b/make/launcher/Launcher-jdk.dev.gmk	Tue Oct 28 11:38:00 2014 -0700
@@ -25,9 +25,6 @@
 
 include LauncherCommon.gmk
 
-$(eval $(call SetupLauncher,extcheck, \
-    -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "com.sun.tools.extcheck.Main"$(COMMA) }'))
-
 $(eval $(call SetupLauncher,jar, \
     -DJAVA_ARGS='{ "-J-ms8m"$(COMMA) "sun.tools.jar.Main"$(COMMA) }'))
 
--- a/make/lib/CoreLibraries.gmk	Wed Oct 22 13:39:33 2014 +0400
+++ b/make/lib/CoreLibraries.gmk	Tue Oct 28 11:38:00 2014 -0700
@@ -169,6 +169,7 @@
         -framework Foundation \
         -framework Security -framework SystemConfiguration, \
     LDFLAGS_SUFFIX_windows := -export:winFileHandleOpen -export:handleLseek \
+        -export:getLastErrorString \
         jvm.lib $(BUILD_LIBFDLIBM) $(WIN_VERIFY_LIB) \
         shell32.lib delayimp.lib -DELAYLOAD:shell32.dll \
         advapi32.lib, \
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/make/lib/Lib-jdk.crypto.ucrypto.gmk	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,62 @@
+#
+# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.  Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+include $(SPEC)
+include $(JDK_TOPDIR)/make/lib/LibCommon.gmk
+
+################################################################################
+
+ifeq ($(OPENJDK_TARGET_OS), solaris)
+
+  LIBJ2UCRYPTO_SRC := $(JDK_TOPDIR)/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto
+
+  $(eval $(call SetupNativeCompilation,BUILD_LIBJ2UCRYPTO, \
+      LIBRARY := j2ucrypto, \
+      OUTPUT_DIR := $(INSTALL_LIBRARIES_HERE), \
+      SRC := $(LIBJ2UCRYPTO_SRC), \
+      LANG := C, \
+      OPTIMIZATION := LOW, \
+      CFLAGS := $(CFLAGS_JDKLIB) \
+          $(addprefix -I, $(LIBJ2UCRYPTO_SRC)), \
+      MAPFILE := $(JDK_TOPDIR)/make/mapfiles/libj2ucrypto/mapfile-vers, \
+      LDFLAGS := $(LDFLAGS_JDKLIB), \
+      LDFLAGS_SUFFIX := $(LIBDL), \
+      LDFLAGS_SUFFIX_solaris := -lc, \
+      OBJECT_DIR := $(JDK_OUTPUTDIR)/objs/libj2ucrypto, \
+      DEBUG_SYMBOLS := $(DEBUG_ALL_BINARIES)))
+
+  $(BUILD_LIBJ2UCRYPTO): $(BUILD_LIBJAVA)
+
+  SECURITY_UCRYPTO_LIBRARIES += $(BUILD_LIBJ2UCRYPTO)
+
+endif
+
+################################################################################
+
+jdk.crypto.ucrypto: $(SECURITY_UCRYPTO_LIBRARIES)
+
+all: jdk.crypto.ucrypto
+
+.PHONY: all jdk.crypto.ucrypto
--- a/make/mapfiles/libjava/mapfile-vers	Wed Oct 22 13:39:33 2014 +0400
+++ b/make/mapfiles/libjava/mapfile-vers	Tue Oct 28 11:38:00 2014 -0700
@@ -75,6 +75,7 @@
 
 		Java_java_io_FileDescriptor_initIDs;
 		Java_java_io_FileDescriptor_sync;
+		Java_java_io_FileDescriptor_getAppend;
 		Java_java_io_FileInputStream_available;
 		Java_java_io_FileInputStream_close0;
 		Java_java_io_FileInputStream_initIDs;
@@ -129,13 +130,11 @@
 		Java_java_lang_ClassLoader_defineClass1;
 		Java_java_lang_ClassLoader_defineClass2;
 		Java_java_lang_ClassLoader_findLoadedClass0;
-		Java_java_lang_ClassLoader_resolveClass0;
 		Java_java_lang_ClassLoader_00024NativeLibrary_find;
 		Java_java_lang_ClassLoader_00024NativeLibrary_load;
 		Java_java_lang_ClassLoader_00024NativeLibrary_unload;
 		Java_java_lang_ClassLoader_00024NativeLibrary_findBuiltinLib;
 		Java_java_lang_ClassLoader_registerNatives;
-		Java_java_lang_Compiler_registerNatives;
 		Java_java_lang_Double_longBitsToDouble;
 		Java_java_lang_Double_doubleToRawLongBits;
 		Java_java_lang_reflect_Proxy_defineClass0;
@@ -196,8 +195,6 @@
 		Java_java_lang_Runtime_gc;
 		Java_java_lang_Runtime_runFinalization0;
 		Java_java_lang_Runtime_totalMemory;
-		Java_java_lang_Runtime_traceInstructions;
-		Java_java_lang_Runtime_traceMethodCalls;
                 Java_java_lang_Runtime_availableProcessors;
 		Java_java_lang_SecurityManager_classDepth;
 		Java_java_lang_SecurityManager_classLoaderDepth0;
@@ -280,6 +277,8 @@
 		
                 # ZipFile.c needs this one
 		throwFileNotFoundException;
+                # zip_util.c needs this one
+		getLastErrorString;
 
 	# Outcalls from libjvm done using dlsym().
 
--- a/make/profile-rtjar-includes.txt	Wed Oct 22 13:39:33 2014 +0400
+++ b/make/profile-rtjar-includes.txt	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -115,6 +115,7 @@
     com/sun/security/ntlm \
     com/sun/security/sasl \
     com/sun/tracing \
+    jdk/management/cmm \
     java/lang/instrument \
     java/lang/management \
     java/security/acl \
--- a/src/bsd/doc/man/extcheck.1	Wed Oct 22 13:39:33 2014 +0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,91 +0,0 @@
-'\" t
-.\"  Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
-.\"
-.\" DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-.\"
-.\" This code is free software; you can redistribute it and/or modify it
-.\" under the terms of the GNU General Public License version 2 only, as
-.\" published by the Free Software Foundation.
-.\"
-.\" This code is distributed in the hope that it will be useful, but WITHOUT
-.\" ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-.\" FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-.\" version 2 for more details (a copy is included in the LICENSE file that
-.\" accompanied this code).
-.\"
-.\" You should have received a copy of the GNU General Public License version
-.\" 2 along with this work; if not, write to the Free Software Foundation,
-.\" Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-.\"
-.\" Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-.\" or visit www.oracle.com if you need additional information or have any
-.\" questions.
-.\"
-.\"     Arch: generic
-.\"     Software: JDK 8
-.\"     Date: 21 November 2013
-.\"     SectDesc: Basic Tools
-.\"     Title: extcheck.1
-.\"
-.if n .pl 99999
-.TH extcheck 1 "21 November 2013" "JDK 8" "Basic Tools"
-.\" -----------------------------------------------------------------
-.\" * Define some portability stuff
-.\" -----------------------------------------------------------------
-.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-.\" http://bugs.debian.org/507673
-.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
-.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-.ie \n(.g .ds Aq \(aq
-.el       .ds Aq '
-.\" -----------------------------------------------------------------
-.\" * set default formatting
-.\" -----------------------------------------------------------------
-.\" disable hyphenation
-.nh
-.\" disable justification (adjust text to left margin only)
-.ad l
-.\" -----------------------------------------------------------------
-.\" * MAIN CONTENT STARTS HERE *
-.\" -----------------------------------------------------------------
-
-.SH NAME    
-extcheck \- Detects version conflicts between a target Java Archive (JAR) file and currently installed extension JAR files\&.
-.SH SYNOPSIS    
-.sp     
-.nf     
-
-\fBextcheck\fR [\fIoptions\fR] \fItargetfile\&.jar\fR
-.fi     
-.sp     
-.TP     
-\fIoptions\fR
-The command-line options\&. See Options\&.
-.TP     
-\fItargetfile\&.jar\fR
-The target JAR file against which the currently installed extension JAR files are compared to detect version conflicts\&.
-.SH DESCRIPTION    
-The \f3extcheck\fR command checks a specified JAR file for title and version conflicts with any extensions installed in the Java SE SDK\&. Before installing an extension, you can use this utility to see whether the same or a more recent version of the extension is already installed\&.
-.PP
-The \f3extcheck\fR command compares the Specification-title and Specification-version headers in the manifest of the \f3targetfile\&.jar\fR file against the corresponding headers in all JAR files currently installed in the extension directory\&. By default, the extension directory is \f3jre/lib/ext\fR on Oracle Solaris and \f3\ejre\elib\eext\fR on Windows\&. The \f3extcheck\fR command compares version numbers in the same way as the \f3java\&.lang\&.Package\&.isCompatibleWith\fR method\&.
-.PP
-If no conflict is detected, then the return code is 0\&.
-.PP
-If the manifest of any JAR file in the extensions directory has the same \f3Specification-title\fR and the same or a newer \f3Specification-version\fR number, then a non-zero error code is returned\&. A non-zero error code is also returned when \f3targetfile\&.jar\fR does not have the \f3Specification-title\fR or \f3Specification-version\fR attributes in its manifest file\&.
-.SH OPTIONS    
-.TP
--verbose
-.br
-Lists JAR files in the extension directory as they are checked\&. Additionally, manifest attributes of the target JAR file and any conflicting JAR files are also reported\&.
-.TP
--J\fIoption\fR
-.br
-Passes \fIoption\fR to the Java Virtual Machine (JVM), where option is one of the options described on the reference page for the Java launcher\&. For example, \f3-J-Xms48m\fR sets the startup memory to 48 MB\&. See java(1)\&.
-.SH SEE\ ALSO    
-.TP 0.2i    
-\(bu
-jar(1)
-.RE
-.br
-'pl 8.5i
-'bp
--- a/src/bsd/doc/man/ja/extcheck.1	Wed Oct 22 13:39:33 2014 +0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,24 +0,0 @@
-." Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
-." DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
-."
-." This code is free software; you can redistribute it and/or modify it
-." under the terms of the GNU General Public License version 2 only, as
-." published by the Free Software Foundation.
-."
-." This code is distributed in the hope that it will be useful, but WITHOUT
-." ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-." FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-." version 2 for more details (a copy is included in the LICENSE file that
-." accompanied this code).
-."
-." You should have received a copy of the GNU General Public License version
-." 2 along with this work; if not, write to the Free Software Foundation,
-." Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-."
-." Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
-." or visit www.oracle.com if you need additional information or have any
-." questions.
-."
-.TH extcheck 1 "07 May 2011"
-
-.LP
--- a/src/java.base/macosx/native/include/jvm_md.h	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/macosx/native/include/jvm_md.h	Tue Oct 28 11:38:00 2014 -0700
@@ -70,7 +70,6 @@
 #define JVM_O_O_APPEND   O_APPEND
 #define JVM_O_EXCL       O_EXCL
 #define JVM_O_CREAT      O_CREAT
-#define JVM_O_DELETE     0x10000
 
 /* Signals */
 
--- a/src/java.base/share/classes/java/io/File.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/java/io/File.java	Tue Oct 28 11:38:00 2014 -0700
@@ -1588,7 +1588,7 @@
     /**
      * A convenience method to set the owner's read permission for this abstract
      * pathname. On some platforms it may be possible to start the Java virtual
-     * machine with special privileges that allow it to read files that that are
+     * machine with special privileges that allow it to read files that are
      * marked as unreadable.
      *
      * <p>An invocation of this method of the form <tt>file.setReadable(arg)</tt>
--- a/src/java.base/share/classes/java/io/FileOutputStream.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/java/io/FileOutputStream.java	Tue Oct 28 11:38:00 2014 -0700
@@ -26,6 +26,8 @@
 package java.io;
 
 import java.nio.channels.FileChannel;
+import sun.misc.SharedSecrets;
+import sun.misc.JavaIOFileDescriptorAccess;
 import sun.nio.ch.FileChannelImpl;
 
 
@@ -53,16 +55,17 @@
 class FileOutputStream extends OutputStream
 {
     /**
+     * Access to FileDescriptor internals.
+     */
+    private static final JavaIOFileDescriptorAccess fdAccess =
+        SharedSecrets.getJavaIOFileDescriptorAccess();
+
+    /**
      * The system dependent file descriptor.
      */
     private final FileDescriptor fd;
 
     /**
-     * True if the file is opened for append.
-     */
-    private final boolean append;
-
-    /**
      * The associated channel, initialized lazily.
      */
     private FileChannel channel;
@@ -207,7 +210,6 @@
         }
         this.fd = new FileDescriptor();
         fd.attach(this);
-        this.append = append;
         this.path = name;
 
         open(name, append);
@@ -245,7 +247,6 @@
             security.checkWrite(fdObj);
         }
         this.fd = fdObj;
-        this.append = false;
         this.path = null;
 
         fd.attach(this);
@@ -287,7 +288,7 @@
      * @exception  IOException  if an I/O error occurs.
      */
     public void write(int b) throws IOException {
-        write(b, append);
+        write(b, fdAccess.getAppend(fd));
     }
 
     /**
@@ -310,7 +311,7 @@
      * @exception  IOException  if an I/O error occurs.
      */
     public void write(byte b[]) throws IOException {
-        writeBytes(b, 0, b.length, append);
+        writeBytes(b, 0, b.length, fdAccess.getAppend(fd));
     }
 
     /**
@@ -323,7 +324,7 @@
      * @exception  IOException  if an I/O error occurs.
      */
     public void write(byte b[], int off, int len) throws IOException {
-        writeBytes(b, off, len, append);
+        writeBytes(b, off, len, fdAccess.getAppend(fd));
     }
 
     /**
@@ -395,7 +396,7 @@
     public FileChannel getChannel() {
         synchronized (this) {
             if (channel == null) {
-                channel = FileChannelImpl.open(fd, path, false, true, append, this);
+                channel = FileChannelImpl.open(fd, path, false, true, this);
             }
             return channel;
         }
--- a/src/java.base/share/classes/java/lang/ClassLoader.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/java/lang/ClassLoader.java	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2014 Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -956,11 +956,11 @@
      * @see  #defineClass(String, byte[], int, int)
      */
     protected final void resolveClass(Class<?> c) {
-        resolveClass0(c);
+        if (c == null) {
+            throw new NullPointerException();
+        }
     }
 
-    private native void resolveClass0(Class<?> c);
-
     /**
      * Finds a class with the specified <a href="#name">binary name</a>,
      * loading it if necessary.
--- a/src/java.base/share/classes/java/lang/Compiler.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/java/lang/Compiler.java	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1995, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -47,40 +47,6 @@
 public final class Compiler  {
     private Compiler() {}               // don't make instances
 
-    private static native void initialize();
-
-    private static native void registerNatives();
-
-    static {
-        registerNatives();
-        java.security.AccessController.doPrivileged(
-            new java.security.PrivilegedAction<Void>() {
-                public Void run() {
-                    boolean loaded = false;
-                    String jit = System.getProperty("java.compiler");
-                    if ((jit != null) && (!jit.equals("NONE")) &&
-                        (!jit.equals("")))
-                    {
-                        try {
-                            System.loadLibrary(jit);
-                            initialize();
-                            loaded = true;
-                        } catch (UnsatisfiedLinkError e) {
-                            System.err.println("Warning: JIT compiler \"" +
-                              jit + "\" not found. Will use interpreter.");
-                        }
-                    }
-                    String info = System.getProperty("java.vm.info");
-                    if (loaded) {
-                        System.setProperty("java.vm.info", info + ", " + jit);
-                    } else {
-                        System.setProperty("java.vm.info", info + ", nojit");
-                    }
-                    return null;
-                }
-            });
-    }
-
     /**
      * Compiles the specified class.
      *
@@ -93,7 +59,9 @@
      * @throws  NullPointerException
      *          If {@code clazz} is {@code null}
      */
-    public static native boolean compileClass(Class<?> clazz);
+    public static boolean compileClass(Class<?> clazz) {
+        return false;
+    }
 
     /**
      * Compiles all classes whose name matches the specified string.
@@ -107,7 +75,9 @@
      * @throws  NullPointerException
      *          If {@code string} is {@code null}
      */
-    public static native boolean compileClasses(String string);
+    public static boolean compileClasses(String string) {
+        return false;
+    }
 
     /**
      * Examines the argument type and its fields and perform some documented
@@ -122,15 +92,17 @@
      * @throws  NullPointerException
      *          If {@code any} is {@code null}
      */
-    public static native Object command(Object any);
+    public static Object command(Object any) {
+        return null;
+    }
 
     /**
      * Cause the Compiler to resume operation.
      */
-    public static native void enable();
+    public static void enable() { }
 
     /**
      * Cause the Compiler to cease operation.
      */
-    public static native void disable();
+    public static void disable() { }
 }
--- a/src/java.base/share/classes/java/lang/Runtime.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/java/lang/Runtime.java	Tue Oct 28 11:38:00 2014 -0700
@@ -730,7 +730,7 @@
      * @param   on   <code>true</code> to enable instruction tracing;
      *               <code>false</code> to disable this feature.
      */
-    public native void traceInstructions(boolean on);
+    public void traceInstructions(boolean on) { }
 
     /**
      * Enables/Disables tracing of method calls.
@@ -748,7 +748,7 @@
      * @param   on   <code>true</code> to enable instruction tracing;
      *               <code>false</code> to disable this feature.
      */
-    public native void traceMethodCalls(boolean on);
+    public void traceMethodCalls(boolean on) { }
 
     /**
      * Loads the native library specified by the filename argument.  The filename
--- a/src/java.base/share/classes/java/lang/invoke/MethodType.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/java/lang/invoke/MethodType.java	Tue Oct 28 11:38:00 2014 -0700
@@ -889,11 +889,6 @@
      *     with MHs.eCE.
      *  3a. unboxing conversions can be followed by the full matrix of primitive conversions
      *  3b. unboxing of null is permitted (creates a zero primitive value)
-     *     Most unboxing conversions, like {@code Object->int}, has potentially
-     *     different behaviors for asType vs. MHs.eCE, because the dynamic value
-     *     might be a wrapper of a type that requires narrowing, like {@code (Object)1L->byte}.
-     *     The equivalence is only certain if the static src type is a wrapper,
-     *     and the conversion will be a widening one.
      * Other than interfaces, reference-to-reference conversions are the same.
      * Boxing primitives to references is the same for both operators.
      */
@@ -904,11 +899,8 @@
             // Or a boxing conversion, which is always to an exact wrapper class.
             return canConvert(src, dst);
         } else if (dst.isPrimitive()) {
-            Wrapper dw = Wrapper.forPrimitiveType(dst);
-            // Watch out:  If src is Number or Object, we could get dynamic narrowing conversion.
-            // The conversion is known to be widening only if the wrapper type is statically visible.
-            return (Wrapper.isWrapperType(src) &&
-                    dw.isConvertibleFrom(Wrapper.forWrapperType(src)));
+            // Unboxing behavior is different between MHs.eCA & MH.asType (see 3b).
+            return false;
         } else {
             // R->R always works, but we have to avoid a check-cast to an interface.
             return !dst.isInterface() || dst.isAssignableFrom(src);
--- a/src/java.base/share/classes/java/nio/file/FileStore.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/java/nio/file/FileStore.java	Tue Oct 28 11:38:00 2014 -0700
@@ -208,7 +208,7 @@
      * @param   attribute
      *          the attribute to read
 
-     * @return  the attribute value; {@code null} may be a valid for some
+     * @return  the attribute value; {@code null} may be valid for some
      *          attributes
      *
      * @throws  UnsupportedOperationException
--- a/src/java.base/share/classes/java/nio/file/attribute/package-info.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/java/nio/file/attribute/package-info.java	Tue Oct 28 11:38:00 2014 -0700
@@ -51,7 +51,7 @@
  * <p> An attribute view provides a read-only or updatable view of the non-opaque
  * values, or <em>metadata</em>, associated with objects in a file system.
  * The {@link java.nio.file.attribute.FileAttributeView} interface is
- * extended by several other interfaces that views to specific sets of file
+ * extended by several other interfaces that provide views to specific sets of file
  * attributes. {@code FileAttributeViews} are selected by invoking the {@link
  * java.nio.file.Files#getFileAttributeView} method with a
  * <em>type-token</em> to identify the required view. Views can also be identified
--- a/src/java.base/share/classes/java/util/Collection.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/java/util/Collection.java	Tue Oct 28 11:38:00 2014 -0700
@@ -518,7 +518,7 @@
      * <p>The default implementation should be overridden by subclasses that
      * can return a more efficient spliterator.  In order to
      * preserve expected laziness behavior for the {@link #stream()} and
-     * {@link #parallelStream()}} methods, spliterators should either have the
+     * {@link #parallelStream()} methods, spliterators should either have the
      * characteristic of {@code IMMUTABLE} or {@code CONCURRENT}, or be
      * <em><a href="Spliterator.html#binding">late-binding</a></em>.
      * If none of these is practical, the overriding class should describe the
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/ClassReader.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/ClassReader.java	Tue Oct 28 11:38:00 2014 -0700
@@ -1858,7 +1858,7 @@
             break;
         case 'B': // pointer to CONSTANT_Byte
             av.visit(name,
-                    new Byte((byte) readInt(items[readUnsignedShort(v)])));
+                    (byte) readInt(items[readUnsignedShort(v)]));
             v += 2;
             break;
         case 'Z': // pointer to CONSTANT_Boolean
@@ -1868,13 +1868,13 @@
             v += 2;
             break;
         case 'S': // pointer to CONSTANT_Short
-            av.visit(name, new Short(
-                    (short) readInt(items[readUnsignedShort(v)])));
+            av.visit(name,
+                    (short) readInt(items[readUnsignedShort(v)]));
             v += 2;
             break;
         case 'C': // pointer to CONSTANT_Char
-            av.visit(name, new Character(
-                    (char) readInt(items[readUnsignedShort(v)])));
+            av.visit(name,
+                    (char) readInt(items[readUnsignedShort(v)]));
             v += 2;
             break;
         case 's': // pointer to CONSTANT_Utf8
@@ -2498,13 +2498,13 @@
         int index = items[item];
         switch (b[index - 1]) {
         case ClassWriter.INT:
-            return new Integer(readInt(index));
+            return readInt(index);
         case ClassWriter.FLOAT:
-            return new Float(Float.intBitsToFloat(readInt(index)));
+            return Float.intBitsToFloat(readInt(index));
         case ClassWriter.LONG:
-            return new Long(readLong(index));
+            return readLong(index);
         case ClassWriter.DOUBLE:
-            return new Double(Double.longBitsToDouble(readLong(index)));
+            return Double.longBitsToDouble(readLong(index));
         case ClassWriter.CLASS:
             return Type.getObjectType(readUTF8(index, buf));
         case ClassWriter.STR:
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/TypePath.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/TypePath.java	Tue Oct 28 11:38:00 2014 -0700
@@ -181,6 +181,9 @@
                     typeArg = typeArg * 10 + c - '0';
                     i += 1;
                 }
+                if (i < n && typePath.charAt(i) == ';') {
+                    i += 1;
+                }
                 out.put11(TYPE_ARGUMENT, typeArg);
             }
         }
@@ -193,7 +196,7 @@
      * ARRAY_ELEMENT} steps are represented with '[', {@link #INNER_TYPE
      * INNER_TYPE} steps with '.', {@link #WILDCARD_BOUND WILDCARD_BOUND} steps
      * with '*' and {@link #TYPE_ARGUMENT TYPE_ARGUMENT} steps with their type
-     * argument index in decimal form.
+     * argument index in decimal form followed by ';'.
      */
     @Override
     public String toString() {
@@ -211,7 +214,7 @@
                 result.append('*');
                 break;
             case TYPE_ARGUMENT:
-                result.append(getStepArgument(i));
+                result.append(getStepArgument(i)).append(';');
                 break;
             default:
                 result.append('_');
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/commons/GeneratorAdapter.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/commons/GeneratorAdapter.java	Tue Oct 28 11:38:00 2014 -0700
@@ -408,7 +408,7 @@
         } else if (value >= Short.MIN_VALUE && value <= Short.MAX_VALUE) {
             mv.visitIntInsn(Opcodes.SIPUSH, value);
         } else {
-            mv.visitLdcInsn(new Integer(value));
+            mv.visitLdcInsn(value);
         }
     }
 
@@ -422,7 +422,7 @@
         if (value == 0L || value == 1L) {
             mv.visitInsn(Opcodes.LCONST_0 + (int) value);
         } else {
-            mv.visitLdcInsn(new Long(value));
+            mv.visitLdcInsn(value);
         }
     }
 
@@ -437,7 +437,7 @@
         if (bits == 0L || bits == 0x3f800000 || bits == 0x40000000) { // 0..2
             mv.visitInsn(Opcodes.FCONST_0 + (int) value);
         } else {
-            mv.visitLdcInsn(new Float(value));
+            mv.visitLdcInsn(value);
         }
     }
 
@@ -452,7 +452,7 @@
         if (bits == 0L || bits == 0x3ff0000000000000L) { // +0.0d and 1.0d
             mv.visitInsn(Opcodes.DCONST_0 + (int) value);
         } else {
-            mv.visitLdcInsn(new Double(value));
+            mv.visitLdcInsn(value);
         }
     }
 
@@ -1647,11 +1647,13 @@
      */
     public void catchException(final Label start, final Label end,
             final Type exception) {
+        Label doCatch = new Label();
         if (exception == null) {
-            mv.visitTryCatchBlock(start, end, mark(), null);
+            mv.visitTryCatchBlock(start, end, doCatch, null);
         } else {
-            mv.visitTryCatchBlock(start, end, mark(),
+            mv.visitTryCatchBlock(start, end, doCatch,
                     exception.getInternalName());
         }
+        mark(doCatch);
     }
 }
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/commons/InstructionAdapter.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/commons/InstructionAdapter.java	Tue Oct 28 11:38:00 2014 -0700
@@ -737,7 +737,7 @@
         } else if (cst >= Short.MIN_VALUE && cst <= Short.MAX_VALUE) {
             mv.visitIntInsn(Opcodes.SIPUSH, cst);
         } else {
-            mv.visitLdcInsn(new Integer(cst));
+            mv.visitLdcInsn(cst);
         }
     }
 
@@ -745,7 +745,7 @@
         if (cst == 0L || cst == 1L) {
             mv.visitInsn(Opcodes.LCONST_0 + (int) cst);
         } else {
-            mv.visitLdcInsn(new Long(cst));
+            mv.visitLdcInsn(cst);
         }
     }
 
@@ -754,7 +754,7 @@
         if (bits == 0L || bits == 0x3f800000 || bits == 0x40000000) { // 0..2
             mv.visitInsn(Opcodes.FCONST_0 + (int) cst);
         } else {
-            mv.visitLdcInsn(new Float(cst));
+            mv.visitLdcInsn(cst);
         }
     }
 
@@ -763,7 +763,7 @@
         if (bits == 0L || bits == 0x3ff0000000000000L) { // +0.0d and 1.0d
             mv.visitInsn(Opcodes.DCONST_0 + (int) cst);
         } else {
-            mv.visitLdcInsn(new Double(cst));
+            mv.visitLdcInsn(cst);
         }
     }
 
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/commons/SerialVersionUIDAdder.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/commons/SerialVersionUIDAdder.java	Tue Oct 28 11:38:00 2014 -0700
@@ -366,8 +366,7 @@
 
     protected void addSVUID(long svuid) {
         FieldVisitor fv = super.visitField(Opcodes.ACC_FINAL
-                + Opcodes.ACC_STATIC, "serialVersionUID", "J", null, new Long(
-                svuid));
+                + Opcodes.ACC_STATIC, "serialVersionUID", "J", null, svuid);
         if (fv != null) {
             fv.visitEnd();
         }
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/tree/AnnotationNode.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/tree/AnnotationNode.java	Tue Oct 28 11:38:00 2014 -0700
@@ -247,11 +247,13 @@
                 an.accept(av.visitAnnotation(name, an.desc));
             } else if (value instanceof List) {
                 AnnotationVisitor v = av.visitArray(name);
-                List<?> array = (List<?>) value;
-                for (int j = 0; j < array.size(); ++j) {
-                    accept(v, null, array.get(j));
+                if (v != null) {
+                    List<?> array = (List<?>) value;
+                    for (int j = 0; j < array.size(); ++j) {
+                        accept(v, null, array.get(j));
+                    }
+                    v.visitEnd();
                 }
-                v.visitEnd();
             } else {
                 av.visit(name, value);
             }
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/tree/LookupSwitchInsnNode.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/tree/LookupSwitchInsnNode.java	Tue Oct 28 11:38:00 2014 -0700
@@ -110,7 +110,7 @@
                 : labels.length);
         if (keys != null) {
             for (int i = 0; i < keys.length; ++i) {
-                this.keys.add(new Integer(keys[i]));
+                this.keys.add(keys[i]);
             }
         }
         if (labels != null) {
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/tree/MethodInsnNode.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/tree/MethodInsnNode.java	Tue Oct 28 11:38:00 2014 -0700
@@ -160,6 +160,7 @@
     @Override
     public void accept(final MethodVisitor mv) {
         mv.visitMethodInsn(opcode, owner, name, desc, itf);
+        acceptAnnotations(mv);
     }
 
     @Override
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/util/CheckMethodAdapter.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/util/CheckMethodAdapter.java	Tue Oct 28 11:38:00 2014 -0700
@@ -802,7 +802,7 @@
         if (labels.get(label) != null) {
             throw new IllegalArgumentException("Already visited label");
         }
-        labels.put(label, new Integer(insnCount));
+        labels.put(label, insnCount);
         super.visitLabel(label);
     }
 
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/util/Textifier.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/util/Textifier.java	Tue Oct 28 11:38:00 2014 -0700
@@ -732,7 +732,7 @@
         Textifier t = createTextifier();
         text.add(t.getText());
         text.add(visible ? ") // parameter " : ") // invisible, parameter ");
-        text.add(new Integer(parameter));
+        text.add(parameter);
         text.add("\n");
         return t;
     }
--- a/src/java.base/share/classes/jdk/internal/org/objectweb/asm/version.txt	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/jdk/internal/org/objectweb/asm/version.txt	Tue Oct 28 11:38:00 2014 -0700
@@ -1,12 +1,12 @@
 Path: .
-Working Copy Root Path: /hudson/jobs/objectweb-pull/workspace/asm-svn-2014-06-19
+Working Copy Root Path: /hudson/jobs/objectweb-init/workspace/asm-svn-2014-10-15
 URL: file:///svnroot/asm/trunk/asm
 Repository Root: file:///svnroot/asm
 Repository UUID: 271bd773-ee82-43a6-9b2b-1890ed8ce7f9
-Revision: 1750
+Revision: 1772
 Node Kind: directory
 Schedule: normal
-Last Changed Author: forax
-Last Changed Rev: 1750
-Last Changed Date: 2014-06-06 00:31:02 +0200 (Fri, 06 Jun 2014)
+Last Changed Author: ebruneton
+Last Changed Rev: 1772
+Last Changed Date: 2014-09-06 09:13:07 +0200 (Sat, 06 Sep 2014)
 
--- a/src/java.base/share/classes/sun/invoke/util/Wrapper.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/sun/invoke/util/Wrapper.java	Tue Oct 28 11:38:00 2014 -0700
@@ -26,19 +26,19 @@
 package sun.invoke.util;
 
 public enum Wrapper {
-    BOOLEAN(Boolean.class, boolean.class, 'Z', (Boolean)false, new boolean[0], Format.unsigned(1)),
+    //        wrapperType    primitiveType  char            zero         emptyArray          format
+    BOOLEAN(  Boolean.class, boolean.class, 'Z',      (Boolean)false, new boolean[0], Format.unsigned( 1)),
     // These must be in the order defined for widening primitive conversions in JLS 5.1.2
-    BYTE(Byte.class, byte.class, 'B', (Byte)(byte)0, new byte[0], Format.signed(8)),
-    SHORT(Short.class, short.class, 'S', (Short)(short)0, new short[0], Format.signed(16)),
-    CHAR(Character.class, char.class, 'C', (Character)(char)0, new char[0], Format.unsigned(16)),
-    INT(Integer.class, int.class, 'I', (Integer)/*(int)*/0, new int[0], Format.signed(32)),
-    LONG(Long.class, long.class, 'J', (Long)(long)0, new long[0], Format.signed(64)),
-    FLOAT(Float.class, float.class, 'F', (Float)(float)0, new float[0], Format.floating(32)),
-    DOUBLE(Double.class, double.class, 'D', (Double)(double)0, new double[0], Format.floating(64)),
-    //NULL(Null.class, null.class, 'N', null, null, Format.other(1)),
-    OBJECT(Object.class, Object.class, 'L', null, new Object[0], Format.other(1)),
+    BYTE   (     Byte.class,    byte.class, 'B',       (Byte)(byte)0, new    byte[0], Format.signed(   8)),
+    SHORT  (    Short.class,   short.class, 'S',     (Short)(short)0, new   short[0], Format.signed(  16)),
+    CHAR   (Character.class,    char.class, 'C',  (Character)(char)0, new    char[0], Format.unsigned(16)),
+    INT    (  Integer.class,     int.class, 'I', (Integer)/*(int)*/0, new     int[0], Format.signed(  32)),
+    LONG   (     Long.class,    long.class, 'J',       (Long)(long)0, new    long[0], Format.signed(  64)),
+    FLOAT  (    Float.class,   float.class, 'F',     (Float)(float)0, new   float[0], Format.floating(32)),
+    DOUBLE (   Double.class,  double.class, 'D',   (Double)(double)0, new  double[0], Format.floating(64)),
+    OBJECT (   Object.class,  Object.class, 'L',                null, new  Object[0], Format.other(    1)),
     // VOID must be the last type, since it is "assignable" from any other type:
-    VOID(Void.class, void.class, 'V', null, null, Format.other(0)),
+    VOID   (     Void.class,    void.class, 'V',                null,           null, Format.other(    0)),
     ;
 
     private final Class<?> wrapperType;
--- a/src/java.base/share/classes/sun/misc/JavaIOFileDescriptorAccess.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/sun/misc/JavaIOFileDescriptorAccess.java	Tue Oct 28 11:38:00 2014 -0700
@@ -33,6 +33,8 @@
 public interface JavaIOFileDescriptorAccess {
     public void set(FileDescriptor obj, int fd);
     public int get(FileDescriptor fd);
+    public void setAppend(FileDescriptor obj, boolean append);
+    public boolean getAppend(FileDescriptor obj);
 
     // Only valid on Windows
     public void setHandle(FileDescriptor obj, long handle);
--- a/src/java.base/share/classes/sun/nio/ch/FileChannelImpl.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/classes/sun/nio/ch/FileChannelImpl.java	Tue Oct 28 11:38:00 2014 -0700
@@ -44,6 +44,8 @@
 import java.util.List;
 
 import sun.misc.Cleaner;
+import sun.misc.JavaIOFileDescriptorAccess;
+import sun.misc.SharedSecrets;
 import sun.security.action.GetPropertyAction;
 
 public class FileChannelImpl
@@ -52,6 +54,10 @@
     // Memory allocation size for mapping buffers
     private static final long allocationGranularity;
 
+    // Access to FileDispatcher internals
+    private static final JavaIOFileDescriptorAccess fdAccess =
+        SharedSecrets.getJavaIOFileDescriptorAccess();
+
     // Used to make native read and write calls
     private final FileDispatcher nd;
 
@@ -61,7 +67,6 @@
     // File access mode (immutable)
     private final boolean writable;
     private final boolean readable;
-    private final boolean append;
 
     // Required to prevent finalization of creating stream (immutable)
     private final Object parent;
@@ -77,31 +82,23 @@
     private final Object positionLock = new Object();
 
     private FileChannelImpl(FileDescriptor fd, String path, boolean readable,
-                            boolean writable, boolean append, Object parent)
+                            boolean writable, Object parent)
     {
         this.fd = fd;
         this.readable = readable;
         this.writable = writable;
-        this.append = append;
         this.parent = parent;
         this.path = path;
-        this.nd = new FileDispatcherImpl(append);
+        this.nd = new FileDispatcherImpl();
     }
 
-    // Used by FileInputStream.getChannel() and RandomAccessFile.getChannel()
+    // Used by FileInputStream.getChannel(), FileOutputStream.getChannel
+    // and RandomAccessFile.getChannel()
     public static FileChannel open(FileDescriptor fd, String path,
                                    boolean readable, boolean writable,
                                    Object parent)
     {
-        return new FileChannelImpl(fd, path, readable, writable, false, parent);
-    }
-
-    // Used by FileOutputStream.getChannel
-    public static FileChannel open(FileDescriptor fd, String path,
-                                   boolean readable, boolean writable,
-                                   boolean append, Object parent)
-    {
-        return new FileChannelImpl(fd, path, readable, writable, append, parent);
+        return new FileChannelImpl(fd, path, readable, writable, parent);
     }
 
     private void ensureOpen() throws IOException {
@@ -109,7 +106,6 @@
             throw new ClosedChannelException();
     }
 
-
     // -- Standard channel operations --
 
     protected void implCloseChannel() throws IOException {
@@ -258,6 +254,7 @@
                 ti = threads.add();
                 if (!isOpen())
                     return 0;
+                boolean append = fdAccess.getAppend(fd);
                 do {
                     // in append-mode then position is advanced to end before writing
                     p = (append) ? nd.size(fd) : position0(fd, -1);
@@ -284,7 +281,7 @@
                 if (!isOpen())
                     return null;
                 do {
-                    p  = position0(fd, newPosition);
+                    p = position0(fd, newPosition);
                 } while ((p == IOStatus.INTERRUPTED) && isOpen());
                 return this;
             } finally {
--- a/src/java.base/share/conf/security/java.policy	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/conf/security/java.policy	Tue Oct 28 11:38:00 2014 -0700
@@ -25,6 +25,18 @@
         permission java.security.AllPermission;
 };
 
+grant codeBase "file:${java.home}/lib/ext/ucrypto.jar" {
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch";
+        permission java.lang.RuntimePermission "loadLibrary.j2ucrypto";
+        // need "com.oracle.security.ucrypto.debug" for debugging
+        permission java.util.PropertyPermission "*", "read";
+        permission java.security.SecurityPermission "putProviderProperty.OracleUcrypto";
+        permission java.security.SecurityPermission "clearProviderProperties.OracleUcrypto";
+        permission java.security.SecurityPermission "removeProviderProperty.OracleUcrypto";
+        permission java.io.FilePermission "${java.home}/lib/security/ucrypto-solaris.cfg", "read";
+};
+
 grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
         permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
         permission java.lang.RuntimePermission "loadLibrary.sunec";
--- a/src/java.base/share/native/include/jvm.h	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/native/include/jvm.h	Tue Oct 28 11:38:00 2014 -0700
@@ -111,19 +111,11 @@
 JNIEXPORT jobject JNICALL
 JVM_InitProperties(JNIEnv *env, jobject p);
 
-/*
- * java.io.File
- */
-JNIEXPORT void JNICALL
-JVM_OnExit(void (*func)(void));
 
 /*
  * java.lang.Runtime
  */
 JNIEXPORT void JNICALL
-JVM_Exit(jint code);
-
-JNIEXPORT void JNICALL
 JVM_Halt(jint code);
 
 JNIEXPORT void JNICALL
@@ -146,12 +138,6 @@
 JNIEXPORT jlong JNICALL
 JVM_MaxObjectInspectionAge(void);
 
-JNIEXPORT void JNICALL
-JVM_TraceInstructions(jboolean on);
-
-JNIEXPORT void JNICALL
-JVM_TraceMethodCalls(jboolean on);
-
 JNIEXPORT jlong JNICALL
 JVM_TotalMemory(void);
 
@@ -177,12 +163,6 @@
 JVM_IsSupportedJNIVersion(jint version);
 
 /*
- * java.lang.Float and java.lang.Double
- */
-JNIEXPORT jboolean JNICALL
-JVM_IsNaN(jdouble d);
-
-/*
  * java.lang.Throwable
  */
 JNIEXPORT void JNICALL
@@ -195,30 +175,6 @@
 JVM_GetStackTraceElement(JNIEnv *env, jobject throwable, jint index);
 
 /*
- * java.lang.Compiler
- */
-JNIEXPORT void JNICALL
-JVM_InitializeCompiler (JNIEnv *env, jclass compCls);
-
-JNIEXPORT jboolean JNICALL
-JVM_IsSilentCompiler(JNIEnv *env, jclass compCls);
-
-JNIEXPORT jboolean JNICALL
-JVM_CompileClass(JNIEnv *env, jclass compCls, jclass cls);
-
-JNIEXPORT jboolean JNICALL
-JVM_CompileClasses(JNIEnv *env, jclass cls, jstring jname);
-
-JNIEXPORT jobject JNICALL
-JVM_CompilerCommand(JNIEnv *env, jclass compCls, jobject arg);
-
-JNIEXPORT void JNICALL
-JVM_EnableCompiler(JNIEnv *env, jclass compCls);
-
-JNIEXPORT void JNICALL
-JVM_DisableCompiler(JNIEnv *env, jclass compCls);
-
-/*
  * java.lang.Thread
  */
 JNIEXPORT void JNICALL
@@ -304,25 +260,9 @@
  * java.io.ObjectInputStream
  */
 JNIEXPORT jobject JNICALL
-JVM_AllocateNewObject(JNIEnv *env, jobject obj, jclass currClass,
-                      jclass initClass);
-
-JNIEXPORT jobject JNICALL
-JVM_AllocateNewArray(JNIEnv *env, jobject obj, jclass currClass,
-                     jint length);
-
-JNIEXPORT jobject JNICALL
 JVM_LatestUserDefinedLoader(JNIEnv *env);
 
 /*
- * This function has been deprecated and should not be considered
- * part of the specified JVM interface.
- */
-JNIEXPORT jclass JNICALL
-JVM_LoadClass0(JNIEnv *env, jobject obj, jclass currClass,
-               jstring currClassName);
-
-/*
  * java.lang.reflect.Array
  */
 JNIEXPORT jint JNICALL
@@ -373,11 +313,6 @@
 JNIEXPORT jclass JNICALL
 JVM_FindPrimitiveClass(JNIEnv *env, const char *utf);
 
-/*
- * Link the class
- */
-JNIEXPORT void JNICALL
-JVM_ResolveClass(JNIEnv *env, jclass cls);
 
 /*
  * Find a class from a boot class loader. Returns NULL if class not found.
@@ -1101,43 +1036,6 @@
  PART 3: I/O and Network Support
  ************************************************************************/
 
-/* Note that the JVM IO functions are expected to return JVM_IO_ERR
- * when there is any kind of error. The caller can then use the
- * platform specific support (e.g., errno) to get the detailed
- * error info.  The JVM_GetLastErrorString procedure may also be used
- * to obtain a descriptive error string.
- */
-#define JVM_IO_ERR  (-1)
-
-/* For interruptible IO. Returning JVM_IO_INTR indicates that an IO
- * operation has been disrupted by Thread.interrupt. There are a
- * number of technical difficulties related to interruptible IO that
- * need to be solved. For example, most existing programs do not handle
- * InterruptedIOExceptions specially, they simply treat those as any
- * IOExceptions, which typically indicate fatal errors.
- *
- * There are also two modes of operation for interruptible IO. In the
- * resumption mode, an interrupted IO operation is guaranteed not to
- * have any side-effects, and can be restarted. In the termination mode,
- * an interrupted IO operation corrupts the underlying IO stream, so
- * that the only reasonable operation on an interrupted stream is to
- * close that stream. The resumption mode seems to be impossible to
- * implement on Win32 and Solaris. Implementing the termination mode is
- * easier, but it's not clear that's the right semantics.
- *
- * Interruptible IO is not supported on Win32.It can be enabled/disabled
- * using a compile-time flag on Solaris. Third-party JVM ports do not
- * need to implement interruptible IO.
- */
-#define JVM_IO_INTR (-2)
-
-/* Write a string into the given buffer, in the platform's local encoding,
- * that describes the most recent system-level error to occur in this thread.
- * Return the length of the string or zero if no error occurred.
- */
-JNIEXPORT jint JNICALL
-JVM_GetLastErrorString(char *buf, int len);
-
 /*
  * Convert a pathname into native format.  This function does syntactic
  * cleanup, such as removing redundant separator characters.  It modifies
@@ -1147,150 +1045,6 @@
 JVM_NativePath(char *);
 
 /*
- * JVM I/O error codes
- */
-#define JVM_EEXIST       -100
-
-/*
- * Open a file descriptor. This function returns a negative error code
- * on error, and a non-negative integer that is the file descriptor on
- * success.
- */
-JNIEXPORT jint JNICALL
-JVM_Open(const char *fname, jint flags, jint mode);
-
-/*
- * Close a file descriptor. This function returns -1 on error, and 0
- * on success.
- *
- * fd        the file descriptor to close.
- */
-JNIEXPORT jint JNICALL
-JVM_Close(jint fd);
-
-/*
- * Read data from a file decriptor into a char array.
- *
- * fd        the file descriptor to read from.
- * buf       the buffer where to put the read data.
- * nbytes    the number of bytes to read.
- *
- * This function returns -1 on error, and 0 on success.
- */
-JNIEXPORT jint JNICALL
-JVM_Read(jint fd, char *buf, jint nbytes);
-
-/*
- * Write data from a char array to a file decriptor.
- *
- * fd        the file descriptor to read from.
- * buf       the buffer from which to fetch the data.
- * nbytes    the number of bytes to write.
- *
- * This function returns -1 on error, and 0 on success.
- */
-JNIEXPORT jint JNICALL
-JVM_Write(jint fd, char *buf, jint nbytes);
-
-/*
- * Returns the number of bytes available for reading from a given file
- * descriptor
- */
-JNIEXPORT jint JNICALL
-JVM_Available(jint fd, jlong *pbytes);
-
-/*
- * Move the file descriptor pointer from whence by offset.
- *
- * fd        the file descriptor to move.
- * offset    the number of bytes to move it by.
- * whence    the start from where to move it.
- *
- * This function returns the resulting pointer location.
- */
-JNIEXPORT jlong JNICALL
-JVM_Lseek(jint fd, jlong offset, jint whence);
-
-/*
- * Set the length of the file associated with the given descriptor to the given
- * length.  If the new length is longer than the current length then the file
- * is extended; the contents of the extended portion are not defined.  The
- * value of the file pointer is undefined after this procedure returns.
- */
-JNIEXPORT jint JNICALL
-JVM_SetLength(jint fd, jlong length);
-
-/*
- * Synchronize the file descriptor's in memory state with that of the
- * physical device.  Return of -1 is an error, 0 is OK.
- */
-JNIEXPORT jint JNICALL
-JVM_Sync(jint fd);
-
-/*
- * Networking library support
- */
-
-JNIEXPORT jint JNICALL
-JVM_InitializeSocketLibrary(void);
-
-struct sockaddr;
-
-JNIEXPORT jint JNICALL
-JVM_Socket(jint domain, jint type, jint protocol);
-
-JNIEXPORT jint JNICALL
-JVM_SocketClose(jint fd);
-
-JNIEXPORT jint JNICALL
-JVM_SocketShutdown(jint fd, jint howto);
-
-JNIEXPORT jint JNICALL
-JVM_Recv(jint fd, char *buf, jint nBytes, jint flags);
-
-JNIEXPORT jint JNICALL
-JVM_Send(jint fd, char *buf, jint nBytes, jint flags);
-
-JNIEXPORT jint JNICALL
-JVM_Timeout(int fd, long timeout);
-
-JNIEXPORT jint JNICALL
-JVM_Listen(jint fd, jint count);
-
-JNIEXPORT jint JNICALL
-JVM_Connect(jint fd, struct sockaddr *him, jint len);
-
-JNIEXPORT jint JNICALL
-JVM_Bind(jint fd, struct sockaddr *him, jint len);
-
-JNIEXPORT jint JNICALL
-JVM_Accept(jint fd, struct sockaddr *him, jint *len);
-
-JNIEXPORT jint JNICALL
-JVM_RecvFrom(jint fd, char *buf, int nBytes,
-                  int flags, struct sockaddr *from, int *fromlen);
-
-JNIEXPORT jint JNICALL
-JVM_SendTo(jint fd, char *buf, int len,
-                int flags, struct sockaddr *to, int tolen);
-
-JNIEXPORT jint JNICALL
-JVM_SocketAvailable(jint fd, jint *result);
-
-
-JNIEXPORT jint JNICALL
-JVM_GetSockName(jint fd, struct sockaddr *him, int *len);
-
-JNIEXPORT jint JNICALL
-JVM_GetSockOpt(jint fd, int level, int optname, char *optval, int *optlen);
-
-JNIEXPORT jint JNICALL
-JVM_SetSockOpt(jint fd, int level, int optname, const char *optval, int optlen);
-
-JNIEXPORT int JNICALL
-JVM_GetHostName(char* name, int namelen);
-
-/*
  * The standard printing functions supported by the Java VM. (Should they
  * be renamed to JVM_* in the future?
  */
@@ -1355,39 +1109,6 @@
 JNIEXPORT jobjectArray JNICALL
 JVM_GetEnclosingMethodInfo(JNIEnv* env, jclass ofClass);
 
-/*
- * Java thread state support
- */
-enum {
-    JAVA_THREAD_STATE_NEW           = 0,
-    JAVA_THREAD_STATE_RUNNABLE      = 1,
-    JAVA_THREAD_STATE_BLOCKED       = 2,
-    JAVA_THREAD_STATE_WAITING       = 3,
-    JAVA_THREAD_STATE_TIMED_WAITING = 4,
-    JAVA_THREAD_STATE_TERMINATED    = 5,
-    JAVA_THREAD_STATE_COUNT         = 6
-};
-
-/*
- * Returns an array of the threadStatus values representing the
- * given Java thread state.  Returns NULL if the VM version is
- * incompatible with the JDK or doesn't support the given
- * Java thread state.
- */
-JNIEXPORT jintArray JNICALL
-JVM_GetThreadStateValues(JNIEnv* env, jint javaThreadState);
-
-/*
- * Returns an array of the substate names representing the
- * given Java thread state.  Returns NULL if the VM version is
- * incompatible with the JDK or the VM doesn't support
- * the given Java thread state.
- * values must be the jintArray returned from JVM_GetThreadStateValues
- * and javaThreadState.
- */
-JNIEXPORT jobjectArray JNICALL
-JVM_GetThreadStateNames(JNIEnv* env, jint javaThreadState, jintArray values);
-
 /* =========================================================================
  * The following defines a private JVM interface that the JDK can query
  * for the JVM version and capabilities.  sun.misc.Version defines
--- a/src/java.base/share/native/libjava/ClassLoader.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/native/libjava/ClassLoader.c	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -224,18 +224,6 @@
     return result;
 }
 
-JNIEXPORT void JNICALL
-Java_java_lang_ClassLoader_resolveClass0(JNIEnv *env, jobject this,
-                                         jclass cls)
-{
-    if (cls == NULL) {
-        JNU_ThrowNullPointerException(env, 0);
-        return;
-    }
-
-    JVM_ResolveClass(env, cls);
-}
-
 /*
  * Returns NULL if class not found.
  */
--- a/src/java.base/share/native/libjava/Compiler.c	Wed Oct 22 13:39:33 2014 +0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,53 +0,0 @@
-/*
- * Copyright (c) 1995, 1999, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-#include "jvm.h"
-#include "jni.h"
-#include "java_lang_Compiler.h"
-
-static JNINativeMethod methods[] = {
-    {"compileClass",
-     "(Ljava/lang/Class;)Z",
-     (void *)&JVM_CompileClass},
-    {"compileClasses",
-     "(Ljava/lang/String;)Z",
-     (void *)&JVM_CompileClasses},
-    {"command",
-     "(Ljava/lang/Object;)Ljava/lang/Object;",
-     (void *)&JVM_CompilerCommand},
-    {"enable",
-     "()V",
-     (void *)&JVM_EnableCompiler},
-    {"disable",
-     "()V",
-     (void *)&JVM_DisableCompiler}
-};
-
-JNIEXPORT void JNICALL
-Java_java_lang_Compiler_registerNatives(JNIEnv *env, jclass compCls)
-{
-    (*env)->RegisterNatives(env, compCls, methods,
-                            sizeof methods / sizeof methods[0]);
-}
--- a/src/java.base/share/native/libjava/Runtime.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/native/libjava/Runtime.c	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2000, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -66,18 +66,6 @@
 }
 
 JNIEXPORT void JNICALL
-Java_java_lang_Runtime_traceInstructions(JNIEnv *env, jobject this, jboolean on)
-{
-    JVM_TraceInstructions(on);
-}
-
-JNIEXPORT void JNICALL
-Java_java_lang_Runtime_traceMethodCalls(JNIEnv *env, jobject this, jboolean on)
-{
-    JVM_TraceMethodCalls(on);
-}
-
-JNIEXPORT void JNICALL
 Java_java_lang_Runtime_runFinalization0(JNIEnv *env, jobject this)
 {
     jclass cl;
--- a/src/java.base/share/native/libjava/io_util.h	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/native/libjava/io_util.h	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,6 +28,7 @@
 
 extern jfieldID IO_fd_fdID;
 extern jfieldID IO_handle_fdID;
+extern jfieldID IO_append_fdID;
 
 #ifdef _ALLBSD_SOURCE
 #include <fcntl.h>
@@ -54,7 +55,6 @@
                 jint len, jboolean append, jfieldID fid);
 void fileOpen(JNIEnv *env, jobject this, jstring path, jfieldID fid, int flags);
 void throwFileNotFoundException(JNIEnv *env, jstring path);
-size_t getLastErrorString(char *buf, size_t len);
 
 /*
  * Macros for managing platform strings.  The typical usage pattern is:
--- a/src/java.base/share/native/libjava/jni_util.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/native/libjava/jni_util.c	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -157,7 +157,7 @@
                              const char *defaultDetail)
 {
     char buf[256];
-    int n = JVM_GetLastErrorString(buf, sizeof(buf));
+    int n = getLastErrorString(buf, sizeof(buf));
 
     if (n > 0) {
         jstring s = JNU_NewStringPlatform(env, buf);
--- a/src/java.base/share/native/libjava/jni_util.h	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/native/libjava/jni_util.h	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -387,6 +387,7 @@
 void buildJniFunctionName(const char *sym, const char *cname,
                           char *jniEntryName);
 
+extern size_t getLastErrorString(char *buf, size_t len);
 #ifdef __cplusplus
 } /* extern "C" */
 #endif /* __cplusplus */
--- a/src/java.base/share/native/libzip/ZipFile.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/native/libzip/ZipFile.c	Tue Oct 28 11:38:00 2014 -0700
@@ -93,24 +93,27 @@
     jzfile *zip = 0;
 
     if (mode & OPEN_READ) flag |= O_RDONLY;
-    if (mode & OPEN_DELETE) flag |= JVM_O_DELETE;
 
     if (path != 0) {
         zip = ZIP_Get_From_Cache(path, &msg, lastModified);
         if (zip == 0 && msg == 0) {
             ZFILE zfd = 0;
 #ifdef WIN32
+            if (mode & OPEN_DELETE) flag |= O_TEMPORARY;
             zfd = winFileHandleOpen(env, name, flag);
             if (zfd == -1) {
                 /* Exception already pending. */
                 goto finally;
             }
 #else
-            zfd = JVM_Open(path, flag, 0);
+            zfd = open(path, flag, 0);
             if (zfd < 0) {
                 throwFileNotFoundException(env, name);
                 goto finally;
             }
+            if (mode & OPEN_DELETE) {
+                unlink(path);
+            }
 #endif
             zip = ZIP_Put_In_Cache0(path, zfd, &msg, lastModified, usemmap);
         }
--- a/src/java.base/share/native/libzip/zip_util.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/share/native/libzip/zip_util.c	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1995, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -123,7 +123,7 @@
         flagsAndAttributes, /* flags and attributes */
         NULL);
 #else
-    return JVM_Open(fname, flags, 0);
+    return open(fname, flags, 0);
 #endif
 }
 
@@ -136,7 +136,7 @@
 #ifdef WIN32
     CloseHandle((HANDLE) zfd);
 #else
-    JVM_Close(zfd);
+    close(zfd);
 #endif
 }
 
@@ -145,14 +145,6 @@
 #ifdef WIN32
     return (int) IO_Read(zfd, buf, nbytes);
 #else
-    /*
-     * Calling JVM_Read will return JVM_IO_INTR when Thread.interrupt is called
-     * only on Solaris. Continue reading jar file in this case is the best
-     * thing to do since zip file reading is relatively fast and it is very onerous
-     * for a interrupted thread to deal with this kind of hidden I/O. However, handling
-     * JVM_IO_INTR is tricky and could cause undesired side effect. So we decided
-     * to simply call "read" on Solaris/Linux. See details in bug 6304463.
-     */
     return read(zfd, buf, nbytes);
 #endif
 }
@@ -198,9 +190,8 @@
         if (n > 0) {
             bp += n;
             len -= n;
-        } else if (n == JVM_IO_ERR && errno == EINTR) {
-          /* Retry after EINTR (interrupted by signal).
-             We depend on the fact that JVM_IO_ERR == -1. */
+        } else if (n == -1 && errno == EINTR) {
+          /* Retry after EINTR (interrupted by signal). */
             continue;
         } else { /* EOF or IO error */
             return -1;
@@ -828,7 +819,7 @@
     zip->lastModified = lastModified;
 
     if (zfd == -1) {
-        if (pmsg && JVM_GetLastErrorString(errbuf, sizeof(errbuf)) > 0)
+        if (pmsg && getLastErrorString(errbuf, sizeof(errbuf)) > 0)
             *pmsg = strdup(errbuf);
         freeZip(zip);
         return NULL;
@@ -849,7 +840,7 @@
                 *pmsg = strdup("zip file is empty");
             }
         } else { /* error */
-            if (pmsg && JVM_GetLastErrorString(errbuf, sizeof(errbuf)) > 0)
+            if (pmsg && getLastErrorString(errbuf, sizeof(errbuf)) > 0)
                 *pmsg = strdup(errbuf);
         }
         ZFILE_Close(zfd);
--- a/src/java.base/unix/classes/java/io/FileDescriptor.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/unix/classes/java/io/FileDescriptor.java	Tue Oct 28 11:38:00 2014 -0700
@@ -52,15 +52,21 @@
     private boolean closed;
 
     /**
+     * true, if file is opened for appending.
+     */
+    private boolean append;
+
+    /**
      * Constructs an (invalid) FileDescriptor
      * object.
      */
-    public /**/ FileDescriptor() {
+    public FileDescriptor() {
         fd = -1;
     }
 
-    private /* */ FileDescriptor(int fd) {
+    private FileDescriptor(int fd) {
         this.fd = fd;
+        this.append = getAppend(fd);
     }
 
     /**
@@ -149,6 +155,14 @@
                     return obj.fd;
                 }
 
+                public void setAppend(FileDescriptor obj, boolean append) {
+                    obj.append = append;
+                }
+
+                public boolean getAppend(FileDescriptor obj) {
+                    return obj.append;
+                }
+
                 public void setHandle(FileDescriptor obj, long handle) {
                     throw new UnsupportedOperationException();
                 }
@@ -160,6 +174,11 @@
         );
     }
 
+    /**
+     * Returns true, if the file was opened for appending.
+     */
+    private static native boolean getAppend(int fd);
+
     /*
      * Package private methods to track referents.
      * If multiple streams point to the same FileDescriptor, we cycle
--- a/src/java.base/unix/classes/sun/nio/ch/FileDispatcherImpl.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/unix/classes/sun/nio/ch/FileDispatcherImpl.java	Tue Oct 28 11:38:00 2014 -0700
@@ -35,10 +35,6 @@
         init();
     }
 
-    FileDispatcherImpl(boolean append) {
-        /* append is ignored */
-    }
-
     FileDispatcherImpl() {
     }
 
--- a/src/java.base/unix/classes/sun/nio/fs/UnixChannelFactory.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/unix/classes/sun/nio/fs/UnixChannelFactory.java	Tue Oct 28 11:38:00 2014 -0700
@@ -134,7 +134,7 @@
             throw new IllegalArgumentException("APPEND + TRUNCATE_EXISTING not allowed");
 
         FileDescriptor fdObj = open(dfd, path, pathForPermissionCheck, flags, mode);
-        return FileChannelImpl.open(fdObj, path.toString(), flags.read, flags.write, flags.append, null);
+        return FileChannelImpl.open(fdObj, path.toString(), flags.read, flags.write, null);
     }
 
     /**
@@ -288,6 +288,7 @@
         // create java.io.FileDescriptor
         FileDescriptor fdObj = new FileDescriptor();
         fdAccess.set(fdObj, fd);
+        fdAccess.setAppend(fdObj, flags.append);
         return fdObj;
     }
 }
--- a/src/java.base/unix/native/include/jvm_md.h	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/unix/native/include/jvm_md.h	Tue Oct 28 11:38:00 2014 -0700
@@ -75,7 +75,6 @@
 #define JVM_O_O_APPEND   O_APPEND
 #define JVM_O_EXCL       O_EXCL
 #define JVM_O_CREAT      O_CREAT
-#define JVM_O_DELETE     0x10000
 
 /* Signals */
 
--- a/src/java.base/unix/native/libjava/FileDescriptor_md.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/unix/native/libjava/FileDescriptor_md.c	Tue Oct 28 11:38:00 2014 -0700
@@ -23,6 +23,9 @@
  * questions.
  */
 
+#include <unistd.h>
+#include <fcntl.h>
+
 #include "jvm.h"
 #include "io_util_md.h"
 
@@ -35,6 +38,9 @@
 /* field id for jint 'fd' in java.io.FileDescriptor */
 jfieldID IO_fd_fdID;
 
+/* field id for jboolean 'append' in java.io.FileDescriptor */
+jfieldID IO_append_fdID;
+
 /**************************************************************
  * static methods to store field ID's in initializers
  */
@@ -42,6 +48,7 @@
 JNIEXPORT void JNICALL
 Java_java_io_FileDescriptor_initIDs(JNIEnv *env, jclass fdClass) {
     IO_fd_fdID = (*env)->GetFieldID(env, fdClass, "fd", "I");
+    IO_append_fdID = (*env)->GetFieldID(env, fdClass, "append", "Z");
 }
 
 /**************************************************************
@@ -55,3 +62,9 @@
         JNU_ThrowByName(env, "java/io/SyncFailedException", "sync failed");
     }
 }
+
+JNIEXPORT jboolean JNICALL
+Java_java_io_FileDescriptor_getAppend(JNIEnv *env, jclass fdClass, jint fd) {
+    int flags = fcntl(fd, F_GETFL);
+    return ((flags & O_APPEND) == 0) ? JNI_FALSE : JNI_TRUE;
+}
--- a/src/java.base/unix/native/libjava/io_util_md.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/unix/native/libjava/io_util_md.c	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -107,7 +107,15 @@
 #endif
         fd = handleOpen(ps, flags, 0666);
         if (fd != -1) {
+            jobject fdobj;
+            jboolean append;
             SET_FD(this, fd, fid);
+
+            fdobj = (*env)->GetObjectField(env, this, fid);
+            if (fdobj != NULL) {
+                append = (flags & O_APPEND) == 0 ? JNI_FALSE : JNI_TRUE;
+                (*env)->SetBooleanField(env, fdobj, IO_append_fdID, append);
+            }
         } else {
             throwFileNotFoundException(env, path);
         }
@@ -211,18 +219,3 @@
     RESTARTABLE(ftruncate64(fd, length), result);
     return result;
 }
-
-size_t
-getLastErrorString(char *buf, size_t len)
-{
-    if (errno == 0 || len < 1) return 0;
-
-    const char *err = strerror(errno);
-    size_t n = strlen(err);
-    if (n >= len)
-        n = len - 1;
-
-    strncpy(buf, err, n);
-    buf[n] = '\0';
-    return n;
-}
--- a/src/java.base/unix/native/libjava/jni_util_md.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/unix/native/libjava/jni_util_md.c	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2008, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,6 +23,7 @@
  * questions.
  */
 
+#include <errno.h>
 #include <string.h>
 
 #include "jni.h"
@@ -51,3 +52,17 @@
     }
 }
 
+size_t
+getLastErrorString(char *buf, size_t len)
+{
+    if (errno == 0 || len < 1) return 0;
+
+    const char *err = strerror(errno);
+    size_t n = strlen(err);
+    if (n >= len)
+        n = len - 1;
+
+    strncpy(buf, err, n);
+    buf[n] = '\0';
+    return n;
+}
--- a/src/java.base/windows/classes/java/io/FileDescriptor.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/windows/classes/java/io/FileDescriptor.java	Tue Oct 28 11:38:00 2014 -0700
@@ -51,6 +51,11 @@
     private boolean closed;
 
     /**
+     * true, if file is opened for appending.
+     */
+    private boolean append;
+
+    /**
      * Constructs an (invalid) FileDescriptor
      * object.
      */
@@ -75,6 +80,14 @@
                     return obj.fd;
                 }
 
+                public void setAppend(FileDescriptor obj, boolean append) {
+                    obj.append = append;
+                }
+
+                public boolean getAppend(FileDescriptor obj) {
+                    return obj.append;
+                }
+
                 public void setHandle(FileDescriptor obj, long handle) {
                     obj.handle = handle;
                 }
--- a/src/java.base/windows/classes/sun/nio/ch/FileDispatcherImpl.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/windows/classes/sun/nio/ch/FileDispatcherImpl.java	Tue Oct 28 11:38:00 2014 -0700
@@ -31,22 +31,14 @@
 
 class FileDispatcherImpl extends FileDispatcher
 {
+    private static final JavaIOFileDescriptorAccess fdAccess =
+        SharedSecrets.getJavaIOFileDescriptorAccess();
+
     static {
         IOUtil.load();
     }
 
-    /**
-     * Indicates if the dispatcher should first advance the file position
-     * to the end of file when writing.
-     */
-    private final boolean append;
-
-    FileDispatcherImpl(boolean append) {
-        this.append = append;
-    }
-
     FileDispatcherImpl() {
-        this(false);
     }
 
     @Override
@@ -71,7 +63,7 @@
     }
 
     int write(FileDescriptor fd, long address, int len) throws IOException {
-        return write0(fd, address, len, append);
+        return write0(fd, address, len, fdAccess.getAppend(fd));
     }
 
     int pwrite(FileDescriptor fd, long address, int len, long position)
@@ -81,7 +73,7 @@
     }
 
     long writev(FileDescriptor fd, long address, int len) throws IOException {
-        return writev0(fd, address, len, append);
+        return writev0(fd, address, len, fdAccess.getAppend(fd));
     }
 
     int force(FileDescriptor fd, boolean metaData) throws IOException {
@@ -112,8 +104,6 @@
 
     FileDescriptor duplicateForMapping(FileDescriptor fd) throws IOException {
         // on Windows we need to keep a handle to the file
-        JavaIOFileDescriptorAccess fdAccess =
-            SharedSecrets.getJavaIOFileDescriptorAccess();
         FileDescriptor result = new FileDescriptor();
         long handle = duplicateHandle(fdAccess.getHandle(fd));
         fdAccess.setHandle(result, handle);
--- a/src/java.base/windows/classes/sun/nio/fs/WindowsChannelFactory.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/windows/classes/sun/nio/fs/WindowsChannelFactory.java	Tue Oct 28 11:38:00 2014 -0700
@@ -160,7 +160,7 @@
             throw new IllegalArgumentException("APPEND + TRUNCATE_EXISTING not allowed");
 
         FileDescriptor fdObj = open(pathForWindows, pathToCheck, flags, pSecurityDescriptor);
-        return FileChannelImpl.open(fdObj, pathForWindows, flags.read, flags.write, flags.append, null);
+        return FileChannelImpl.open(fdObj, pathForWindows, flags.read, flags.write, null);
     }
 
     /**
@@ -339,6 +339,7 @@
         // create FileDescriptor and return
         FileDescriptor fdObj = new FileDescriptor();
         fdAccess.setHandle(fdObj, handle);
+        fdAccess.setAppend(fdObj, flags.append);
         return fdObj;
     }
 }
--- a/src/java.base/windows/native/include/jvm_md.h	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/windows/native/include/jvm_md.h	Tue Oct 28 11:38:00 2014 -0700
@@ -97,7 +97,6 @@
 #define JVM_O_O_APPEND   O_APPEND
 #define JVM_O_EXCL       O_EXCL
 #define JVM_O_CREAT      O_CREAT
-#define JVM_O_DELETE     O_TEMPORARY
 
 /* Signals */
 
--- a/src/java.base/windows/native/libjava/FileDescriptor_md.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/windows/native/libjava/FileDescriptor_md.c	Tue Oct 28 11:38:00 2014 -0700
@@ -42,6 +42,9 @@
 /* field id for jlong 'handle' in java.io.FileDescriptor */
 jfieldID IO_handle_fdID;
 
+/* field id for jboolean 'append' in java.io.FileDescriptor */
+jfieldID IO_append_fdID;
+
 /**************************************************************
  * static methods to store field IDs in initializers
  */
@@ -50,6 +53,7 @@
 Java_java_io_FileDescriptor_initIDs(JNIEnv *env, jclass fdClass) {
     CHECK_NULL(IO_fd_fdID = (*env)->GetFieldID(env, fdClass, "fd", "I"));
     CHECK_NULL(IO_handle_fdID = (*env)->GetFieldID(env, fdClass, "handle", "J"));
+    CHECK_NULL(IO_append_fdID = (*env)->GetFieldID(env, fdClass, "append", "Z"));
 }
 
 JNIEXPORT jlong JNICALL
--- a/src/java.base/windows/native/libjava/io_util_md.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/windows/native/libjava/io_util_md.c	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -275,7 +275,15 @@
 {
     FD h = winFileHandleOpen(env, path, flags);
     if (h >= 0) {
+        jobject fdobj;
+        jboolean append;
         SET_FD(this, h, fid);
+
+        fdobj = (*env)->GetObjectField(env, this, fid);
+        if (fdobj != NULL) {
+            append = (flags & O_APPEND) == 0 ? JNI_FALSE : JNI_TRUE;
+            (*env)->SetBooleanField(env, fdobj, IO_append_fdID, append);
+        }
     }
 }
 
@@ -576,77 +584,3 @@
     }
     return long_to_jlong(pos.QuadPart);
 }
-
-size_t
-getLastErrorString(char *utf8_jvmErrorMsg, size_t cbErrorMsg)
-{
-    size_t n = 0;
-    if (cbErrorMsg > 0) {
-        BOOLEAN noError = FALSE;
-        WCHAR *utf16_osErrorMsg = (WCHAR *)malloc(cbErrorMsg*sizeof(WCHAR));
-        if (utf16_osErrorMsg == NULL) {
-            // OOM accident
-            strncpy(utf8_jvmErrorMsg, "Out of memory", cbErrorMsg);
-            // truncate if too long
-            utf8_jvmErrorMsg[cbErrorMsg - 1] = '\0';
-            n = strlen(utf8_jvmErrorMsg);
-        } else {
-            DWORD errval = GetLastError();
-            if (errval != 0) {
-                // WIN32 error
-                n = (size_t)FormatMessageW(
-                    FORMAT_MESSAGE_FROM_SYSTEM|FORMAT_MESSAGE_IGNORE_INSERTS,
-                    NULL,
-                    errval,
-                    0,
-                    utf16_osErrorMsg,
-                    (DWORD)cbErrorMsg,
-                    NULL);
-                if (n > 3) {
-                    // Drop final '.', CR, LF
-                    if (utf16_osErrorMsg[n - 1] == L'\n') --n;
-                    if (utf16_osErrorMsg[n - 1] == L'\r') --n;
-                    if (utf16_osErrorMsg[n - 1] == L'.') --n;
-                    utf16_osErrorMsg[n] = L'\0';
-                }
-            } else if (errno != 0) {
-                // C runtime error that has no corresponding WIN32 error code
-                const WCHAR *rtError = _wcserror(errno);
-                if (rtError != NULL) {
-                    wcsncpy(utf16_osErrorMsg, rtError, cbErrorMsg);
-                    // truncate if too long
-                    utf16_osErrorMsg[cbErrorMsg - 1] = L'\0';
-                    n = wcslen(utf16_osErrorMsg);
-                }
-            } else
-                noError = TRUE; //OS has no error to report
-
-            if (!noError) {
-                if (n > 0) {
-                    n = WideCharToMultiByte(
-                        CP_UTF8,
-                        0,
-                        utf16_osErrorMsg,
-                        n,
-                        utf8_jvmErrorMsg,
-                        cbErrorMsg,
-                        NULL,
-                        NULL);
-
-                    // no way to die
-                    if (n > 0)
-                        utf8_jvmErrorMsg[min(cbErrorMsg - 1, n)] = '\0';
-                }
-
-                if (n <= 0) {
-                    strncpy(utf8_jvmErrorMsg, "Secondary error while OS message extraction", cbErrorMsg);
-                    // truncate if too long
-                    utf8_jvmErrorMsg[cbErrorMsg - 1] = '\0';
-                    n = strlen(utf8_jvmErrorMsg);
-                }
-            }
-            free(utf16_osErrorMsg);
-        }
-    }
-    return n;
-}
--- a/src/java.base/windows/native/libjava/jni_util_md.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.base/windows/native/libjava/jni_util_md.c	Tue Oct 28 11:38:00 2014 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2004, 2014 Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -73,3 +73,77 @@
     }
     return;
 }
+
+size_t
+getLastErrorString(char *utf8_jvmErrorMsg, size_t cbErrorMsg)
+{
+    size_t n = 0;
+    if (cbErrorMsg > 0) {
+        BOOLEAN noError = FALSE;
+        WCHAR *utf16_osErrorMsg = (WCHAR *)malloc(cbErrorMsg*sizeof(WCHAR));
+        if (utf16_osErrorMsg == NULL) {
+            // OOM accident
+            strncpy(utf8_jvmErrorMsg, "Out of memory", cbErrorMsg);
+            // truncate if too long
+            utf8_jvmErrorMsg[cbErrorMsg - 1] = '\0';
+            n = strlen(utf8_jvmErrorMsg);
+        } else {
+            DWORD errval = GetLastError();
+            if (errval != 0) {
+                // WIN32 error
+                n = (size_t)FormatMessageW(
+                    FORMAT_MESSAGE_FROM_SYSTEM|FORMAT_MESSAGE_IGNORE_INSERTS,
+                    NULL,
+                    errval,
+                    0,
+                    utf16_osErrorMsg,
+                    (DWORD)cbErrorMsg,
+                    NULL);
+                if (n > 3) {
+                    // Drop final '.', CR, LF
+                    if (utf16_osErrorMsg[n - 1] == L'\n') --n;
+                    if (utf16_osErrorMsg[n - 1] == L'\r') --n;
+                    if (utf16_osErrorMsg[n - 1] == L'.') --n;
+                    utf16_osErrorMsg[n] = L'\0';
+                }
+            } else if (errno != 0) {
+                // C runtime error that has no corresponding WIN32 error code
+                const WCHAR *rtError = _wcserror(errno);
+                if (rtError != NULL) {
+                    wcsncpy(utf16_osErrorMsg, rtError, cbErrorMsg);
+                    // truncate if too long
+                    utf16_osErrorMsg[cbErrorMsg - 1] = L'\0';
+                    n = wcslen(utf16_osErrorMsg);
+                }
+            } else
+                noError = TRUE; //OS has no error to report
+
+            if (!noError) {
+                if (n > 0) {
+                    n = WideCharToMultiByte(
+                        CP_UTF8,
+                        0,
+                        utf16_osErrorMsg,
+                        n,
+                        utf8_jvmErrorMsg,
+                        cbErrorMsg,
+                        NULL,
+                        NULL);
+
+                    // no way to die
+                    if (n > 0)
+                        utf8_jvmErrorMsg[min(cbErrorMsg - 1, n)] = '\0';
+                }
+
+                if (n <= 0) {
+                    strncpy(utf8_jvmErrorMsg, "Secondary error while OS message extraction", cbErrorMsg);
+                    // truncate if too long
+                    utf8_jvmErrorMsg[cbErrorMsg - 1] = '\0';
+                    n = strlen(utf8_jvmErrorMsg);
+                }
+            }
+            free(utf16_osErrorMsg);
+        }
+    }
+    return n;
+}
--- a/src/java.logging/share/classes/java/util/logging/FileHandler.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.logging/share/classes/java/util/logging/FileHandler.java	Tue Oct 28 11:38:00 2014 -0700
@@ -150,7 +150,7 @@
 public class FileHandler extends StreamHandler {
     private MeteredStream meter;
     private boolean append;
-    private int limit;       // zero => no limit.
+    private long limit;       // zero => no limit.
     private int count;
     private String pattern;
     private String lockFileName;
@@ -164,11 +164,11 @@
      * (a) forwards all its output to a target stream
      * (b) keeps track of how many bytes have been written
      */
-    private class MeteredStream extends OutputStream {
+    private static final class MeteredStream extends OutputStream {
         final OutputStream out;
-        int written;
+        long written;
 
-        MeteredStream(OutputStream out, int written) {
+        MeteredStream(OutputStream out, long written) {
             this.out = out;
             this.written = written;
         }
@@ -203,9 +203,9 @@
     }
 
     private void open(File fname, boolean append) throws IOException {
-        int len = 0;
+        long len = 0;
         if (append) {
-            len = (int)fname.length();
+            len = fname.length();
         }
         FileOutputStream fout = new FileOutputStream(fname.toString(), append);
         BufferedOutputStream bout = new BufferedOutputStream(fout);
@@ -223,7 +223,7 @@
         String cname = getClass().getName();
 
         pattern = manager.getStringProperty(cname + ".pattern", "%h/java%u.log");
-        limit = manager.getIntProperty(cname + ".limit", 0);
+        limit = manager.getLongProperty(cname + ".limit", 0);
         if (limit < 0) {
             limit = 0;
         }
@@ -395,6 +395,39 @@
      */
     public FileHandler(String pattern, int limit, int count, boolean append)
                                         throws IOException, SecurityException {
+        this(pattern, (long)limit, count, append);
+    }
+
+    /**
+     * Initialize a {@code FileHandler} to write to a set of files
+     * with optional append.  When (approximately) the given limit has
+     * been written to one file, another file will be opened.  The
+     * output will cycle through a set of count files.
+     * <p>
+     * The {@code FileHandler} is configured based on {@code LogManager}
+     * properties (or their default values) except that the given pattern
+     * argument is used as the filename pattern, the file limit is
+     * set to the limit argument, and the file count is set to the
+     * given count argument, and the append mode is set to the given
+     * {@code append} argument.
+     * <p>
+     * The count must be at least 1.
+     *
+     * @param pattern  the pattern for naming the output file
+     * @param limit  the maximum number of bytes to write to any one file
+     * @param count  the number of files to use
+     * @param append  specifies append mode
+     * @exception  IOException if there are IO problems opening the files.
+     * @exception  SecurityException  if a security manager exists and if
+     *             the caller does not have {@code LoggingPermission("control")}.
+     * @exception  IllegalArgumentException if {@code limit < 0}, or {@code count < 1}.
+     * @exception  IllegalArgumentException if pattern is an empty string
+     *
+     * @since 1.9
+     *
+     */
+    public FileHandler(String pattern, long limit, int count, boolean append)
+                                        throws IOException {
         if (limit < 0 || count < 1 || pattern.length() < 1) {
             throw new IllegalArgumentException();
         }
@@ -690,7 +723,7 @@
         }
         super.publish(record);
         flush();
-        if (limit > 0 && meter.written >= limit) {
+        if (limit > 0 && (meter.written >= limit || meter.written < 0)) {
             // We performed access checks in the "init" method to make sure
             // we are only initialized from trusted code.  So we assume
             // it is OK to write the target files, even if we are
--- a/src/java.logging/share/classes/java/util/logging/LogManager.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.logging/share/classes/java/util/logging/LogManager.java	Tue Oct 28 11:38:00 2014 -0700
@@ -1387,6 +1387,21 @@
         }
     }
 
+    // Package private method to get a long property.
+    // If the property is not defined or cannot be parsed
+    // we return the given default value.
+    long getLongProperty(String name, long defaultValue) {
+        String val = getProperty(name);
+        if (val == null) {
+            return defaultValue;
+        }
+        try {
+            return Long.parseLong(val.trim());
+        } catch (Exception ex) {
+            return defaultValue;
+        }
+    }
+
     // Package private method to get a boolean property.
     // If the property is not defined or cannot be parsed
     // we return the given default value.
--- a/src/java.management/share/classes/java/lang/management/ManagementFactory.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.management/share/classes/java/lang/management/ManagementFactory.java	Tue Oct 28 11:38:00 2014 -0700
@@ -52,6 +52,7 @@
 import java.security.PrivilegedExceptionAction;
 import javax.management.JMX;
 import sun.management.ManagementFactoryHelper;
+import sun.management.ExtendedPlatformComponent;
 
 /**
  * The {@code ManagementFactory} class is a factory class for getting
@@ -489,6 +490,12 @@
             for (Map.Entry<ObjectName, DynamicMBean> e : dynmbeans.entrySet()) {
                 addDynamicMBean(platformMBeanServer, e.getValue(), e.getKey());
             }
+            for (final PlatformManagedObject o :
+                                       ExtendedPlatformComponent.getMXBeans()) {
+                if (!platformMBeanServer.isRegistered(o.getObjectName())) {
+                    addMXBean(platformMBeanServer, o);
+                }
+            }
         }
         return platformMBeanServer;
     }
@@ -655,9 +662,14 @@
     public static <T extends PlatformManagedObject>
             T getPlatformMXBean(Class<T> mxbeanInterface) {
         PlatformComponent pc = PlatformComponent.getPlatformComponent(mxbeanInterface);
-        if (pc == null)
+        if (pc == null) {
+            T mbean = ExtendedPlatformComponent.getMXBean(mxbeanInterface);
+            if (mbean != null) {
+                return mbean;
+            }
             throw new IllegalArgumentException(mxbeanInterface.getName() +
                 " is not a platform management interface");
+        }
         if (!pc.isSingleton())
             throw new IllegalArgumentException(mxbeanInterface.getName() +
                 " can have zero or more than one instances");
@@ -690,9 +702,14 @@
     public static <T extends PlatformManagedObject> List<T>
             getPlatformMXBeans(Class<T> mxbeanInterface) {
         PlatformComponent pc = PlatformComponent.getPlatformComponent(mxbeanInterface);
-        if (pc == null)
+        if (pc == null) {
+            T mbean = ExtendedPlatformComponent.getMXBean(mxbeanInterface);
+            if (mbean != null) {
+                return Collections.singletonList(mbean);
+            }
             throw new IllegalArgumentException(mxbeanInterface.getName() +
                 " is not a platform management interface");
+        }
         return Collections.unmodifiableList(pc.getMXBeans(mxbeanInterface));
     }
 
@@ -737,9 +754,17 @@
         throws java.io.IOException
     {
         PlatformComponent pc = PlatformComponent.getPlatformComponent(mxbeanInterface);
-        if (pc == null)
+        if (pc == null) {
+            T mbean = ExtendedPlatformComponent.getMXBean(mxbeanInterface);
+            if (mbean != null) {
+                ObjectName on = mbean.getObjectName();
+                return ManagementFactory.newPlatformMXBeanProxy(connection,
+                                                                on.getCanonicalName(),
+                                                                mxbeanInterface);
+            }
             throw new IllegalArgumentException(mxbeanInterface.getName() +
                 " is not a platform management interface");
+        }
         if (!pc.isSingleton())
             throw new IllegalArgumentException(mxbeanInterface.getName() +
                 " can have zero or more than one instances");
@@ -781,6 +806,13 @@
     {
         PlatformComponent pc = PlatformComponent.getPlatformComponent(mxbeanInterface);
         if (pc == null) {
+            T mbean = ExtendedPlatformComponent.getMXBean(mxbeanInterface);
+            if (mbean != null) {
+                ObjectName on = mbean.getObjectName();
+                T proxy = ManagementFactory.newPlatformMXBeanProxy(connection,
+                            on.getCanonicalName(), mxbeanInterface);
+                return Collections.singletonList(proxy);
+            }
             throw new IllegalArgumentException(mxbeanInterface.getName() +
                 " is not a platform management interface");
         }
--- a/src/java.management/share/classes/javax/management/loading/DefaultLoaderRepository.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.management/share/classes/javax/management/loading/DefaultLoaderRepository.java	Tue Oct 28 11:38:00 2014 -0700
@@ -47,7 +47,7 @@
  * <code>DefaultLoaderRepository</code> be rewritten.</p>
  *
  * @deprecated Use
- * {@link javax.management.MBeanServer#getClassLoaderRepository()}}
+ * {@link javax.management.MBeanServer#getClassLoaderRepository()}
  * instead.
  *
  * @since 1.5
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.management/share/classes/sun/management/ExtendedPlatformComponent.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.management;
+
+import java.util.Collections;
+import java.util.List;
+import java.lang.management.PlatformManagedObject;
+
+/**
+ * Class to allow for an extended set of platform MXBeans
+ */
+public final class ExtendedPlatformComponent {
+    private ExtendedPlatformComponent() {} // Don't create any instances
+
+    /**
+     * Get the extended set of platform MXBeans that should be registered in the
+     * platform MBeanServer, or an empty list if there are no such MXBeans.
+     */
+    public static List<? extends PlatformManagedObject> getMXBeans() {
+        return Collections.emptyList();
+    }
+
+    /**
+     * Returns the extended platform MXBean implementing the given
+     * mxbeanInterface, or null if there is no such MXBean.
+     */
+    public static <T extends PlatformManagedObject>
+            T getMXBean(Class<T> mxbeanInterface) {
+        return null;
+    }
+}
--- a/src/java.management/share/native/libmanagement/DiagnosticCommandImpl.c	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.management/share/native/libmanagement/DiagnosticCommandImpl.c	Tue Oct 28 11:38:00 2014 -0700
@@ -65,6 +65,11 @@
                                                    dcmd_arg_info_array);
   dcmdArgInfoCls = (*env)->FindClass(env,
                                      "sun/management/DiagnosticCommandArgumentInfo");
+  if ((*env)->ExceptionCheck(env)) {
+    free(dcmd_arg_info_array);
+    return NULL;
+  }
+
   result = (*env)->NewObjectArray(env, num_arg, dcmdArgInfoCls, NULL);
   if (result == NULL) {
     free(dcmd_arg_info_array);
@@ -91,9 +96,16 @@
   }
   free(dcmd_arg_info_array);
   arraysCls = (*env)->FindClass(env, "java/util/Arrays");
+  if ((*env)->ExceptionCheck(env)) {
+    return NULL;
+  }
   mid = (*env)->GetStaticMethodID(env, arraysCls,
                                   "asList", "([Ljava/lang/Object;)Ljava/util/List;");
   resultList = (*env)->CallStaticObjectMethod(env, arraysCls, mid, result);
+  if ((*env)->ExceptionCheck(env)) {
+    // Make sure we return NULL in case of OOM inside Java
+    return NULL;
+  }
   return resultList;
 }
 
@@ -121,6 +133,10 @@
   num_commands = (*env)->GetArrayLength(env, commands);
   dcmdInfoCls = (*env)->FindClass(env,
                                   "sun/management/DiagnosticCommandInfo");
+  if ((*env)->ExceptionCheck(env)) {
+    return NULL;
+  }
+
   result = (*env)->NewObjectArray(env, num_commands, dcmdInfoCls, NULL);
   if (result == NULL) {
       JNU_ThrowOutOfMemoryError(env, 0);
--- a/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetMetaDataImpl.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetMetaDataImpl.java	Tue Oct 28 11:38:00 2014 -0700
@@ -803,8 +803,10 @@
      * @throws SQLException if a database access error occurs
      * or the given column number is out of bounds
      */
-    public  boolean isDefinitelyWritable(int columnIndex)
-        throws SQLException { return true;}
+    public  boolean isDefinitelyWritable(int columnIndex) throws SQLException {
+        checkColRange(columnIndex);
+        return true;
+    }
 
     /**
      * Retrieves the fully-qualified name of the class in the Java
--- a/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetWarning.java	Wed Oct 22 13:39:33 2014 +0400
+++ b/src/java.sql.rowset/share/classes/javax/sql/rowset/RowSetWarning.java	Tue Oct 28 11:38:00 2014 -0700
@@ -56,11 +56,6 @@
 public class RowSetWarning extends SQLException {
 
     /**
-     * RowSetWarning object handle.
-     */
-     private RowSetWarning rwarning;
-
-    /**
      * Constructs a <code>RowSetWarning</code> object
      * with the given value for the reason; SQLState defaults to null,
      * and vendorCode defaults to 0.
@@ -128,7 +123,15 @@
      * @see #setNextWarning
      */
     public RowSetWarning getNextWarning() {
-        return rwarning;
+        SQLException warning = getNextException();
+        if (  warning == null || warning instanceof RowSetWarning) {
+            return (RowSetWarning)warning;
+        } else {
+            // The chained value isn't a RowSetWarning.
+            // This is a programming error by whoever added it to
+            // the RowSetWarning chain.  We throw a Java "Error".
+            throw new Error("RowSetWarning chain holds value that is not a RowSetWarning: ");
+        }
     }
 
     /**
@@ -141,7 +144,7 @@
      * @see #getNextWarning
      */
     public void setNextWarning(RowSetWarning warning) {
-        rwarning = warning;
+        setNextException(warning);
     }
 
     static final long serialVersionUID = 6678332766434564774L;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/CipherContextRef.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.nio.ByteBuffer;
+import java.util.Set;
+import java.util.Arrays;
+import java.util.concurrent.ConcurrentSkipListSet;
+import java.lang.ref.*;
+
+import java.security.*;
+import java.security.spec.*;
+import javax.crypto.*;
+
+import javax.crypto.spec.SecretKeySpec;
+import javax.crypto.spec.IvParameterSpec;
+
+/**
+ * Internal class for context resource clean up.
+ *
+ * @since 1.9
+ */
+final class CipherContextRef extends PhantomReference<NativeCipher>
+    implements Comparable<CipherContextRef> {
+
+    private static ReferenceQueue<NativeCipher> refQueue =
+        new ReferenceQueue<NativeCipher>();
+
+    // Needed to keep these references from being GC'ed until when their
+    // referents are GC'ed so we can do post-mortem processing
+    private static Set<CipherContextRef> refList =
+        new ConcurrentSkipListSet<CipherContextRef>();
+
+    final long id;
+    final boolean encrypt;
+
+    private static void drainRefQueueBounded() {
+        while (true) {
+            CipherContextRef next = (CipherContextRef) refQueue.poll();
+            if (next == null) break;
+            next.dispose(true);
+        }
+    }
+
+    CipherContextRef(NativeCipher nc, long id, boolean encrypt) {
+        super(nc, refQueue);
+        this.id = id;
+        this.encrypt = encrypt;
+        refList.add(this);
+        UcryptoProvider.debug("Resource: trace CipherCtxt " + this.id);
+        drainRefQueueBounded();
+    }
+
+    public int compareTo(CipherContextRef other) {
+        if (this.id == other.id) {
+            return 0;
+        } else {
+            return (this.id < other.id) ? -1 : 1;
+        }
+    }
+
+    void dispose(boolean doCancel) {
+        refList.remove(this);
+        try {
+            if (doCancel) {
+                UcryptoProvider.debug("Resource: cancel CipherCtxt " + id);
+                int k = NativeCipher.nativeFinal(id, encrypt, null, 0);
+                if (k < 0) {
+                    UcryptoProvider.debug
+                        ("Resource: error cancelling CipherCtxt " + id +
+                        " " + new UcryptoException(-k).getMessage());
+                }
+            } else {
+                UcryptoProvider.debug("Resource: untrace CipherCtxt " + id);
+            }
+        } finally {
+            this.clear();
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/Config.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,219 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.io.*;
+import static java.io.StreamTokenizer.*;
+import java.math.BigInteger;
+import java.util.*;
+
+import java.security.*;
+
+import sun.security.action.GetPropertyAction;
+import sun.security.util.PropertyExpander;
+
+import sun.security.pkcs11.wrapper.*;
+
+/**
+ * Configuration container and file parsing.
+ *
+ * Currently, there is only one supported entry "disabledServices"
+ * for disabling crypto services. Its syntax is as follows:
+ *
+ * disabledServices = {
+ * <ServiceType>.<Algorithm>
+ * ...
+ * }
+ *
+ * where <Service> can be "MessageDigest", "Cipher", etc. and <Algorithm>
+ * reprepresents the value that's passed into the various getInstance() calls.
+ *
+ * @since   1.9
+ */
+final class Config {
+
+    // Reader and StringTokenizer used during parsing
+    private Reader reader;
+
+    private StreamTokenizer st;
+
+    private Set<String> parsedKeywords;
+
+    // set of disabled crypto services, e.g. MessageDigest.SHA1, or
+    // Cipher.AES/ECB/PKCS5Padding
+    private Set<String> disabledServices;
+
+    Config(String filename) throws IOException {
+        FileInputStream in = new FileInputStream(expand(filename));
+        reader = new BufferedReader(new InputStreamReader(in));
+        parsedKeywords = new HashSet<String>();
+        st = new StreamTokenizer(reader);
+        setupTokenizer();
+        parse();
+    }
+
+    String[] getDisabledServices() {
+        if (disabledServices != null) {
+            return disabledServices.toArray(new String[disabledServices.size()]);
+        } else {
+            return new String[0];
+        }
+    }
+
+    private static String expand(final String s) throws IOException {
+        try {
+            return PropertyExpander.expand(s);
+        } catch (Exception e) {
+            throw new RuntimeException(e.getMessage());
+        }
+    }
+
+    private void setupTokenizer() {
+        st.resetSyntax();
+        st.wordChars('a', 'z');
+        st.wordChars('A', 'Z');
+        st.wordChars('0', '9');
+        st.wordChars(':', ':');
+        st.wordChars('.', '.');
+        st.wordChars('_', '_');
+        st.wordChars('-', '-');
+        st.wordChars('/', '/');
+        st.wordChars('\\', '\\');
+        st.wordChars('$', '$');
+        st.wordChars('{', '{'); // need {} for property subst
+        st.wordChars('}', '}');
+        st.wordChars('*', '*');
+        st.wordChars('+', '+');
+        st.wordChars('~', '~');
+        // XXX check ASCII table and add all other characters except special
+
+        // special: #="(),
+        st.whitespaceChars(0, ' ');
+        st.commentChar('#');
+        st.eolIsSignificant(true);
+        st.quoteChar('\"');
+    }
+
+    private ConfigException excToken(String msg) {
+        return new ConfigException(msg + " " + st);
+    }
+
+    private ConfigException excLine(String msg) {
+        return new ConfigException(msg + ", line " + st.lineno());
+    }
+
+    private void parse() throws IOException {
+        while (true) {
+            int token = nextToken();
+            if (token == TT_EOF) {
+                break;
+            }
+            if (token == TT_EOL) {
+                continue;
+            }
+            if (token != TT_WORD) {
+                throw excToken("Unexpected token:");
+            }
+            String word = st.sval;
+            if (word.equals("disabledServices")) {
+                parseDisabledServices(word);
+            } else {
+                throw new ConfigException
+                        ("Unknown keyword '" + word + "', line " + st.lineno());
+            }
+            parsedKeywords.add(word);
+        }
+        reader.close();
+        reader = null;
+        st = null;
+        parsedKeywords = null;
+    }
+
+    //
+    // Parsing helper methods
+    //
+    private int nextToken() throws IOException {
+        int token = st.nextToken();
+        return token;
+    }
+
+    private void parseEquals() throws IOException {
+        int token = nextToken();
+        if (token != '=') {
+            throw excToken("Expected '=', read");
+        }
+    }
+
+    private void parseOpenBraces() throws IOException {
+        while (true) {
+            int token = nextToken();
+            if (token == TT_EOL) {
+                continue;
+            }
+            if ((token == TT_WORD) && st.sval.equals("{")) {
+                return;
+            }
+            throw excToken("Expected '{', read");
+        }
+    }
+
+    private boolean isCloseBraces(int token) {
+        return (token == TT_WORD) && st.sval.equals("}");
+    }
+
+    private void checkDup(String keyword) throws IOException {
+        if (parsedKeywords.contains(keyword)) {
+            throw excLine(keyword + " must only be specified once");
+        }
+    }
+
+    private void parseDisabledServices(String keyword) throws IOException {
+        checkDup(keyword);
+        disabledServices = new HashSet<String>();
+        parseEquals();
+        parseOpenBraces();
+        while (true) {
+            int token = nextToken();
+            if (isCloseBraces(token)) {
+                break;
+            }
+            if (token == TT_EOL) {
+                continue;
+            }
+            if (token != TT_WORD) {
+                throw excToken("Expected mechanism, read");
+            }
+            disabledServices.add(st.sval);
+        }
+    }
+}
+
+class ConfigException extends IOException {
+    private static final long serialVersionUID = 254492758127673194L;
+    ConfigException(String msg) {
+        super(msg);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/GCMParameters.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.io.IOException;
+import java.util.Arrays;
+import java.security.AlgorithmParametersSpi;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+import javax.crypto.spec.GCMParameterSpec;
+import sun.security.util.*;
+
+/**
+ * This class implements the parameter set used with GCM mode
+ * which is defined in RFC5084 as follows:
+ *
+ * <pre>
+ * GCMParameters ::= SEQUENCE {
+ *   aes-nonce        OCTET STRING, -- recommended size is 12 octets
+ *   aes-ICVlen       AES-GCM-ICVlen DEFAULT 12 }
+ *
+ * where
+ * AES-GCM-ICVlen ::= INTEGER (12 | 13 | 14 | 15 | 16)
+ * NOTE: however, NIST 800-38D also lists 4 (32bit) and 8 (64bit)
+ * as possible AES-GCM-ICVlen values, so we allow all 6 values.
+ * </pre>
+ *
+ * @since 1.9
+ */
+public final class GCMParameters extends AlgorithmParametersSpi {
+
+    private byte[] iv; // i.e. aes-nonce
+    private int tLen; // i.e. aes-ICVlen, in bytes
+
+    public GCMParameters() {}
+
+    private void setValues(byte[] iv, int tLen) throws IOException {
+        if (iv == null) {
+            throw new IOException("IV cannot be null");
+        }
+        if (tLen != 4 && tLen != 8 && (tLen < 12 || tLen > 16)) {
+            throw new IOException("Unsupported tag length: " + tLen);
+        }
+        this.iv = iv;
+        this.tLen = tLen;
+    }
+
+    protected byte[] engineGetEncoded() throws IOException {
+        DerOutputStream out = new DerOutputStream();
+        DerOutputStream bytes = new DerOutputStream();
+
+        bytes.putOctetString(iv);
+        bytes.putInteger(tLen);
+        out.write(DerValue.tag_Sequence, bytes);
+        return out.toByteArray();
+    }
+
+    protected byte[] engineGetEncoded(String format) throws IOException {
+        // ignore format for now
+        return engineGetEncoded();
+    }
+
+    protected <T extends AlgorithmParameterSpec>
+            T engineGetParameterSpec(Class<T> paramSpec)
+        throws InvalidParameterSpecException {
+        if (GCMParameterSpec.class.isAssignableFrom(paramSpec)) {
+            return paramSpec.cast(new GCMParameterSpec(tLen*8, iv.clone()));
+        } else {
+            throw new InvalidParameterSpecException
+                ("Inappropriate parameter specification");
+        }
+    }
+
+    protected void engineInit(AlgorithmParameterSpec paramSpec)
+        throws InvalidParameterSpecException {
+        if (!(paramSpec instanceof GCMParameterSpec)) {
+            throw new InvalidParameterSpecException
+                ("Inappropriate parameter specification");
+        }
+        GCMParameterSpec gcmSpec = (GCMParameterSpec) paramSpec;
+        try {
+            setValues(gcmSpec.getIV(), gcmSpec.getTLen()/8);
+        } catch (IOException ioe) {
+            throw new InvalidParameterSpecException(ioe.getMessage());
+        }
+    }
+
+    protected void engineInit(byte[] encoded) throws IOException {
+        DerValue val = new DerValue(encoded);
+        if (val.tag == DerValue.tag_Sequence) {
+            val.data.reset();
+            setValues(val.data.getOctetString(), val.data.getInteger());
+        } else {
+            throw new IOException("GCM parameter parsing error: SEQ tag expected");
+        }
+    }
+
+    protected void engineInit(byte[] encoded, String format)
+        throws IOException {
+        // ignore format for now
+        engineInit(encoded);
+    }
+
+    protected String engineToString() {
+        return ("IV=" + Arrays.toString(iv) + ", tLen=" + tLen * 8);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/NativeCipher.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,588 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.nio.ByteBuffer;
+import java.util.Set;
+import java.util.Arrays;
+import java.util.concurrent.ConcurrentSkipListSet;
+import java.lang.ref.*;
+
+import java.security.*;
+import java.security.spec.*;
+import javax.crypto.*;
+
+import javax.crypto.spec.SecretKeySpec;
+import javax.crypto.spec.IvParameterSpec;
+
+/**
+ * Cipher wrapper class utilizing ucrypto APIs. This class currently supports
+ * - AES/ECB/NOPADDING
+ * - AES/CBC/NOPADDING
+ * - AES/CTR/NOPADDING
+ * - AES/CFB128/NOPADDING
+ * (Support for GCM mode is inside the child class NativeGCMCipher)
+ *
+ * @since 1.9
+ */
+class NativeCipher extends CipherSpi {
+
+    // public implementation classes
+    public static final class AesEcbNoPadding extends NativeCipher {
+        public AesEcbNoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_AES_ECB);
+        }
+    }
+    public static final class AesCbcNoPadding extends NativeCipher {
+        public AesCbcNoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_AES_CBC);
+        }
+    }
+    public static final class AesCtrNoPadding extends NativeCipher {
+        public AesCtrNoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_AES_CTR);
+        }
+    }
+    public static final class AesCfb128NoPadding extends NativeCipher {
+        public AesCfb128NoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_AES_CFB128);
+        }
+    }
+
+    // public implementation classes with fixed key sizes
+    public static final class Aes128EcbNoPadding extends NativeCipher {
+        public Aes128EcbNoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_AES_ECB, 16);
+        }
+    }
+    public static final class Aes128CbcNoPadding extends NativeCipher {
+        public Aes128CbcNoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_AES_CBC, 16);
+        }
+    }
+    public static final class Aes192EcbNoPadding extends NativeCipher {
+        public Aes192EcbNoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_AES_ECB, 24);
+        }
+    }
+    public static final class Aes192CbcNoPadding extends NativeCipher {
+        public Aes192CbcNoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_AES_CBC, 24);
+        }
+    }
+    public static final class Aes256EcbNoPadding extends NativeCipher {
+        public Aes256EcbNoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_AES_ECB, 32);
+        }
+    }
+    public static final class Aes256CbcNoPadding extends NativeCipher {
+        public Aes256CbcNoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_AES_CBC, 32);
+        }
+    }
+
+    // ok as constants since AES is all we support
+    public static final int AES_BLOCK_SIZE = 16;
+    public static final String AES_KEY_ALGO = "AES";
+
+    // fields set in constructor
+    protected final UcryptoMech mech;
+    protected String keyAlgo;
+    protected int blockSize;
+    protected int fixedKeySize;
+
+    //
+    // fields (re)set in every init()
+    //
+    protected CipherContextRef pCtxt = null;
+    protected byte[] keyValue = null;
+    protected byte[] iv = null;
+    protected boolean initialized = false;
+    protected boolean encrypt = true;
+    protected int bytesBuffered = 0;
+
+    // private utility methods for key re-construction
+    private static final PublicKey constructPublicKey(byte[] encodedKey,
+                                              String encodedKeyAlgorithm)
+        throws InvalidKeyException, NoSuchAlgorithmException {
+
+        PublicKey key = null;
+        try {
+            KeyFactory keyFactory =
+                KeyFactory.getInstance(encodedKeyAlgorithm);
+            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey);
+            key = keyFactory.generatePublic(keySpec);
+        } catch (NoSuchAlgorithmException nsae) {
+            throw new NoSuchAlgorithmException("No provider found for " +
+                                               encodedKeyAlgorithm +
+                                               " KeyFactory");
+        } catch (InvalidKeySpecException ikse) {
+            // Should never happen
+            throw new InvalidKeyException("Cannot construct public key", ikse);
+        }
+        return key;
+    }
+
+    private static final PrivateKey constructPrivateKey(byte[] encodedKey,
+                                                String encodedKeyAlgorithm)
+        throws InvalidKeyException, NoSuchAlgorithmException {
+
+        PrivateKey key = null;
+        try {
+            KeyFactory keyFactory =
+                KeyFactory.getInstance(encodedKeyAlgorithm);
+            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey);
+            key = keyFactory.generatePrivate(keySpec);
+        } catch (NoSuchAlgorithmException nsae) {
+            throw new NoSuchAlgorithmException("No provider found for " +
+                                               encodedKeyAlgorithm +
+                                               " KeyFactory");
+        } catch (InvalidKeySpecException ikse) {
+            // Should never happen
+            throw new InvalidKeyException("Cannot construct private key", ikse);
+        }
+        return key;
+    }
+
+    private static final SecretKey constructSecretKey(byte[] encodedKey,
+                                              String encodedKeyAlgorithm) {
+        return new SecretKeySpec(encodedKey, encodedKeyAlgorithm);
+    }
+
+    // package-private utility method for general key re-construction
+    static final Key constructKey(int keyType, byte[] encodedKey,
+                                  String encodedKeyAlgorithm)
+        throws InvalidKeyException, NoSuchAlgorithmException {
+        Key result = null;
+        switch (keyType) {
+        case Cipher.SECRET_KEY:
+            result = constructSecretKey(encodedKey,
+                                        encodedKeyAlgorithm);
+            break;
+        case Cipher.PRIVATE_KEY:
+            result = constructPrivateKey(encodedKey,
+                                         encodedKeyAlgorithm);
+            break;
+        case Cipher.PUBLIC_KEY:
+            result = constructPublicKey(encodedKey,
+                                        encodedKeyAlgorithm);
+            break;
+        }
+        return result;
+    }
+
+    NativeCipher(UcryptoMech mech, int fixedKeySize) throws NoSuchAlgorithmException {
+        this.mech = mech;
+        // defaults to AES - the only supported symmetric cipher algo
+        this.blockSize = AES_BLOCK_SIZE;
+        this.keyAlgo = AES_KEY_ALGO;
+        this.fixedKeySize = fixedKeySize;
+    }
+
+    NativeCipher(UcryptoMech mech) throws NoSuchAlgorithmException {
+        this(mech, -1);
+    }
+
+    @Override
+    protected void engineSetMode(String mode) throws NoSuchAlgorithmException {
+        // Disallow change of mode for now since currently it's explicitly
+        // defined in transformation strings
+        throw new NoSuchAlgorithmException("Unsupported mode " + mode);
+    }
+
+    // see JCE spec
+    @Override
+    protected void engineSetPadding(String padding)
+            throws NoSuchPaddingException {
+        // Disallow change of padding for now since currently it's explicitly
+        // defined in transformation strings
+        throw new NoSuchPaddingException("Unsupported padding " + padding);
+    }
+
+    // see JCE spec
+    @Override
+    protected int engineGetBlockSize() {
+        return blockSize;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineGetOutputSize(int inputLen) {
+        return getOutputSizeByOperation(inputLen, true);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineGetIV() {
+        return (iv != null? iv.clone() : null);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized AlgorithmParameters engineGetParameters() {
+        AlgorithmParameters params = null;
+        try {
+            if (iv != null) {
+                IvParameterSpec ivSpec = new IvParameterSpec(iv.clone());
+                params = AlgorithmParameters.getInstance(keyAlgo);
+                params.init(ivSpec);
+            }
+        } catch (GeneralSecurityException e) {
+            // NoSuchAlgorithmException, NoSuchProviderException
+            // InvalidParameterSpecException
+            throw new UcryptoException("Could not encode parameters", e);
+        }
+        return params;
+    }
+
+    @Override
+    protected int engineGetKeySize(Key key) throws InvalidKeyException {
+        return checkKey(key) * 8;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key key,
+            SecureRandom random) throws InvalidKeyException {
+        try {
+            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
+        } catch (InvalidAlgorithmParameterException e) {
+            throw new InvalidKeyException("init() failed", e);
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key key,
+            AlgorithmParameterSpec params, SecureRandom random)
+            throws InvalidKeyException, InvalidAlgorithmParameterException {
+        checkKey(key);
+        if (opmode != Cipher.ENCRYPT_MODE &&
+            opmode != Cipher.DECRYPT_MODE &&
+            opmode != Cipher.WRAP_MODE &&
+            opmode != Cipher.UNWRAP_MODE) {
+            throw new InvalidAlgorithmParameterException
+                ("Unsupported mode: " + opmode);
+        }
+        boolean doEncrypt =
+                (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE);
+
+        byte[] ivBytes = null;
+        if (mech == UcryptoMech.CRYPTO_AES_ECB) {
+            if (params != null) {
+                throw new InvalidAlgorithmParameterException
+                        ("No Parameters for ECB mode");
+            }
+        } else {
+            if (params != null) {
+                if (!(params instanceof IvParameterSpec)) {
+                    throw new InvalidAlgorithmParameterException
+                            ("IvParameterSpec required");
+                } else {
+                    ivBytes = ((IvParameterSpec) params).getIV();
+                    if (ivBytes.length != blockSize) {
+                        throw new InvalidAlgorithmParameterException
+                             ("Wrong IV length: must be " + blockSize +
+                              " bytes long");
+                    }
+                }
+            } else {
+                if (encrypt) {
+                    // generate IV if none supplied for encryption
+                    ivBytes = new byte[blockSize];
+                    new SecureRandom().nextBytes(ivBytes);
+                } else {
+                    throw new InvalidAlgorithmParameterException
+                            ("Parameters required for decryption");
+                }
+            }
+        }
+        init(doEncrypt, key.getEncoded().clone(), ivBytes);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key key,
+            AlgorithmParameters params, SecureRandom random)
+            throws InvalidKeyException, InvalidAlgorithmParameterException {
+        AlgorithmParameterSpec spec = null;
+        if (params != null) {
+            try {
+                spec = params.getParameterSpec(IvParameterSpec.class);
+            } catch (InvalidParameterSpecException iaps) {
+                throw new InvalidAlgorithmParameterException(iaps);
+            }
+        }
+        engineInit(opmode, key, spec, random);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineUpdate(byte[] in, int ofs, int len) {
+        byte[] out = new byte[getOutputSizeByOperation(len, false)];
+        int n = update(in, ofs, len, out, 0);
+        if (n == 0) {
+            return null;
+        } else if (out.length != n) {
+            out = Arrays.copyOf(out, n);
+        }
+        return out;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineUpdate(byte[] in, int inOfs, int inLen,
+        byte[] out, int outOfs) throws ShortBufferException {
+        int min = getOutputSizeByOperation(inLen, false);
+        if (out.length - outOfs < min) {
+            throw new ShortBufferException("min " + min + "-byte buffer needed");
+        }
+        return update(in, inOfs, inLen, out, outOfs);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineUpdateAAD(byte[] src, int ofs, int len)
+            throws IllegalStateException {
+        throw new IllegalStateException("No AAD can be supplied");
+    }
+
+    // see JCE spec
+    @Override
+    protected void engineUpdateAAD(ByteBuffer src)
+            throws IllegalStateException {
+        throw new IllegalStateException("No AAD can be supplied");
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineDoFinal(byte[] in, int ofs, int len)
+            throws IllegalBlockSizeException, BadPaddingException {
+        byte[] out = new byte[getOutputSizeByOperation(len, true)];
+        try {
+            // delegate to the other engineDoFinal(...) method
+            int k = engineDoFinal(in, ofs, len, out, 0);
+            if (out.length != k) {
+                out = Arrays.copyOf(out, k);
+            }
+            return out;
+        } catch (ShortBufferException e) {
+            throw new UcryptoException("Internal Error", e);
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineDoFinal(byte[] in, int inOfs, int inLen,
+                                             byte[] out, int outOfs)
+            throws ShortBufferException, IllegalBlockSizeException,
+            BadPaddingException {
+        int k = 0;
+        int min = getOutputSizeByOperation(inLen, true);
+        if (out.length - outOfs < min) {
+            throw new ShortBufferException("min " + min + "-byte buffer needed");
+        }
+        if (inLen > 0) {
+            k = update(in, inOfs, inLen, out, outOfs);
+            outOfs += k;
+        }
+        k += doFinal(out, outOfs);
+        return k;
+    }
+
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineWrap(Key key)
+            throws IllegalBlockSizeException, InvalidKeyException {
+        byte[] result = null;
+        try {
+            byte[] encodedKey = key.getEncoded();
+            if ((encodedKey == null) || (encodedKey.length == 0)) {
+                throw new InvalidKeyException("Cannot get an encoding of " +
+                                              "the key to be wrapped");
+            }
+            result = engineDoFinal(encodedKey, 0, encodedKey.length);
+        } catch (BadPaddingException e) {
+            // Should never happen for key wrapping
+            throw new UcryptoException("Internal Error" , e);
+        }
+        return result;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized Key engineUnwrap(byte[] wrappedKey,
+            String wrappedKeyAlgorithm, int wrappedKeyType)
+            throws InvalidKeyException, NoSuchAlgorithmException {
+
+        byte[] encodedKey;
+        Key result = null;
+        try {
+            encodedKey = engineDoFinal(wrappedKey, 0,
+                                       wrappedKey.length);
+        } catch (Exception e) {
+            throw (InvalidKeyException)
+                (new InvalidKeyException()).initCause(e);
+        }
+
+        return constructKey(wrappedKeyType, encodedKey, wrappedKeyAlgorithm);
+    }
+
+    final int checkKey(Key key) throws InvalidKeyException {
+        if (key == null || key.getEncoded() == null) {
+            throw new InvalidKeyException("Key cannot be null");
+        } else {
+            // check key algorithm and format
+            if (!keyAlgo.equalsIgnoreCase(key.getAlgorithm())) {
+                throw new InvalidKeyException("Key algorithm must be " +
+                    keyAlgo);
+            }
+            if (!"RAW".equalsIgnoreCase(key.getFormat())) {
+                throw new InvalidKeyException("Key format must be RAW");
+            }
+            int keyLen = key.getEncoded().length;
+            if (fixedKeySize == -1) {
+                // all 3 AES key lengths are allowed
+                if (keyLen != 16 && keyLen != 24 && keyLen != 32) {
+                    throw new InvalidKeyException("Key size is not valid");
+                }
+            } else {
+                if (keyLen != fixedKeySize) {
+                    throw new InvalidKeyException("Only " + fixedKeySize +
+                        "-byte keys are accepted");
+                }
+            }
+            // return the validated key length in bytes
+            return keyLen;
+        }
+    }
+
+    protected void reset(boolean doCancel) {
+        initialized = false;
+        bytesBuffered = 0;
+        if (pCtxt != null) {
+            pCtxt.dispose(doCancel);
+            pCtxt = null;
+        }
+    }
+
+    /**
+     * calls ucrypto_encrypt_init(...) or ucrypto_decrypt_init(...)
+     * @return pointer to the context
+     */
+    protected native static long nativeInit(int mech, boolean encrypt,
+                                            byte[] key, byte[] iv,
+                                            int tagLen, byte[] aad);
+
+    /**
+     * calls ucrypto_encrypt_update(...) or ucrypto_decrypt_update(...)
+     * @returns the length of output or if negative, an error status code
+     */
+    private native static int nativeUpdate(long pContext, boolean encrypt,
+                                           byte[] in, int inOfs, int inLen,
+                                           byte[] out, int outOfs);
+
+    /**
+     * calls ucrypto_encrypt_final(...) or ucrypto_decrypt_final(...)
+     * @returns the length of output or if negative, an error status code
+     */
+    native static int nativeFinal(long pContext, boolean encrypt,
+                                          byte[] out, int outOfs);
+
+    protected void ensureInitialized() {
+        if (!initialized) {
+            init(encrypt, keyValue, iv);
+            if (!initialized) {
+                throw new UcryptoException("Cannot initialize Cipher");
+            }
+        }
+    }
+
+    protected int getOutputSizeByOperation(int inLen, boolean isDoFinal) {
+        if (inLen <= 0) {
+            inLen = 0;
+        }
+        if (!isDoFinal && (inLen == 0)) {
+            return 0;
+        }
+        return inLen + bytesBuffered;
+    }
+
+    // actual init() implementation - caller should clone key and iv if needed
+    protected void init(boolean encrypt, byte[] keyVal, byte[] ivVal) {
+        reset(true);
+        this.encrypt = encrypt;
+        this.keyValue = keyVal;
+        this.iv = ivVal;
+        long pCtxtVal = nativeInit(mech.value(), encrypt, keyValue, iv, 0, null);
+        initialized = (pCtxtVal != 0L);
+        if (initialized) {
+            pCtxt = new CipherContextRef(this, pCtxtVal, encrypt);
+        } else {
+            throw new UcryptoException("Cannot initialize Cipher");
+        }
+    }
+
+    // Caller MUST check and ensure output buffer has enough capacity
+    private int update(byte[] in, int inOfs, int inLen, byte[] out, int outOfs) {
+        ensureInitialized();
+        if (inLen <= 0) { return 0; }
+
+        int k = nativeUpdate(pCtxt.id, encrypt, in, inOfs, inLen, out, outOfs);
+        if (k < 0) {
+            reset(false);
+            // cannot throw ShortBufferException here since it's too late
+            // native context is invalid upon any failure
+            throw new UcryptoException(-k);
+        }
+        bytesBuffered += (inLen - k);
+        return k;
+    }
+
+    // Caller MUST check and ensure output buffer has enough capacity
+    private int doFinal(byte[] out, int outOfs) throws IllegalBlockSizeException,
+            BadPaddingException {
+        try {
+            ensureInitialized();
+
+            int k = nativeFinal(pCtxt.id, encrypt, out, outOfs);
+            if (k < 0) {
+                String cause = UcryptoException.getErrorMessage(-k);
+                if (cause.endsWith("_LEN_RANGE")) {
+                    throw new IllegalBlockSizeException(cause);
+                } else if (cause.endsWith("_DATA_INVALID")) {
+                    throw new BadPaddingException(cause);
+                } else {
+                    throw new UcryptoException(-k);
+                }
+            }
+            return k;
+        } finally {
+            reset(false);
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/NativeCipherWithJavaPadding.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,464 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.nio.ByteBuffer;
+import java.util.Set;
+import java.util.Arrays;
+import java.util.concurrent.ConcurrentSkipListSet;
+import java.lang.ref.*;
+
+import java.security.AlgorithmParameters;
+import java.security.GeneralSecurityException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.CipherSpi;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.ShortBufferException;
+
+import javax.crypto.spec.IvParameterSpec;
+
+/**
+ * Wrapper class which uses NativeCipher class and Java impls of padding scheme.
+ * This class currently supports
+ * - AES/ECB/PKCS5PADDING
+ * - AES/CBC/PKCS5PADDING
+ * - AES/CFB128/PKCS5PADDING
+ *
+ * @since 1.9
+ */
+public class NativeCipherWithJavaPadding extends CipherSpi {
+
+    private static interface Padding {
+        // ENC: generate and return the necessary padding bytes
+        int getPadLen(int dataLen);
+
+        // ENC: generate and return the necessary padding bytes
+        byte[] getPaddingBytes(int dataLen);
+
+        // DEC: process the decrypted data and buffer up the potential padding
+        // bytes
+        byte[] bufferBytes(byte[] intermediateData);
+
+        // DEC: return the length of internally buffered pad bytes
+        int getBufferedLength();
+
+        // DEC: unpad and place the output in 'out', starting from outOfs
+        // and return the number of bytes unpadded into 'out'.
+        int unpad(byte[] paddedData, byte[] out, int outOfs)
+                throws BadPaddingException, IllegalBlockSizeException,
+                ShortBufferException;
+
+        // DEC: Clears the padding object to the initial state
+        void clear();
+    }
+
+    private static class PKCS5Padding implements Padding {
+        private final int blockSize;
+        // buffer for storing the the potential padding bytes
+        private ByteBuffer trailingBytes = null;
+
+        PKCS5Padding(int blockSize)
+            throws NoSuchPaddingException {
+            if (blockSize == 0) {
+                throw new NoSuchPaddingException
+                        ("PKCS#5 padding not supported with stream ciphers");
+            }
+            this.blockSize = blockSize;
+        }
+
+        public int getPadLen(int dataLen) {
+            return (blockSize - (dataLen & (blockSize - 1)));
+        }
+
+        public byte[] getPaddingBytes(int dataLen) {
+            byte padValue = (byte) getPadLen(dataLen);
+            byte[] paddingBytes = new byte[padValue];
+            Arrays.fill(paddingBytes, padValue);
+            return paddingBytes;
+        }
+
+        public byte[] bufferBytes(byte[] dataFromUpdate) {
+            if (dataFromUpdate == null || dataFromUpdate.length == 0) {
+                return null;
+            }
+            byte[] result = null;
+            if (trailingBytes == null) {
+                trailingBytes = ByteBuffer.wrap(new byte[blockSize]);
+            }
+            int tbSize = trailingBytes.position();
+            if (dataFromUpdate.length > trailingBytes.remaining()) {
+                int totalLen = dataFromUpdate.length + tbSize;
+                int newTBSize = totalLen % blockSize;
+                if (newTBSize == 0) {
+                    newTBSize = blockSize;
+                }
+                if (tbSize == 0) {
+                    result = Arrays.copyOf(dataFromUpdate, totalLen - newTBSize);
+                } else {
+                    // combine 'trailingBytes' and 'dataFromUpdate'
+                    result = Arrays.copyOf(trailingBytes.array(),
+                                           totalLen - newTBSize);
+                    if (result.length != tbSize) {
+                        System.arraycopy(dataFromUpdate, 0, result, tbSize,
+                                         result.length - tbSize);
+                    }
+                }
+                // update 'trailingBytes' w/ remaining bytes in 'dataFromUpdate'
+                trailingBytes.clear();
+                trailingBytes.put(dataFromUpdate,
+                                  dataFromUpdate.length - newTBSize, newTBSize);
+            } else {
+                trailingBytes.put(dataFromUpdate);
+            }
+            return result;
+        }
+
+        public int getBufferedLength() {
+            if (trailingBytes != null) {
+                return trailingBytes.position();
+            }
+            return 0;
+        }
+
+        public int unpad(byte[] lastData, byte[] out, int outOfs)
+                throws BadPaddingException, IllegalBlockSizeException,
+                ShortBufferException {
+            int tbSize = (trailingBytes == null? 0:trailingBytes.position());
+            int dataLen = tbSize + lastData.length;
+            // check total length
+            if ((dataLen < 1) || (dataLen % blockSize != 0)) {
+                UcryptoProvider.debug("PKCS5Padding: unpad, buffered " + tbSize +
+                                 " bytes, last block " + lastData.length + " bytes");
+
+                throw new IllegalBlockSizeException
+                    ("Input length must be multiples of " + blockSize);
+            }
+
+            // check padding bytes
+            if (lastData.length == 0) {
+                if (tbSize != 0) {
+                    // work on 'trailingBytes' directly
+                    lastData = Arrays.copyOf(trailingBytes.array(), tbSize);
+                    trailingBytes.clear();
+                    tbSize = 0;
+                } else {
+                    throw new BadPaddingException("No pad bytes found!");
+                }
+            }
+            byte padValue = lastData[lastData.length - 1];
+            if (padValue < 1 || padValue > blockSize) {
+                UcryptoProvider.debug("PKCS5Padding: unpad, lastData: " + Arrays.toString(lastData));
+                UcryptoProvider.debug("PKCS5Padding: unpad, padValue=" + padValue);
+                throw new BadPaddingException("Invalid pad value!");
+            }
+
+            // sanity check padding bytes
+            int padStartIndex = lastData.length - padValue;
+            for (int i = padStartIndex; i < lastData.length; i++) {
+                if (lastData[i] != padValue) {
+                    UcryptoProvider.debug("PKCS5Padding: unpad, lastData: " + Arrays.toString(lastData));
+                    UcryptoProvider.debug("PKCS5Padding: unpad, padValue=" + padValue);
+                    throw new BadPaddingException("Invalid padding bytes!");
+                }
+            }
+
+            int actualOutLen = dataLen - padValue;
+            // check output buffer capacity
+            if (out.length - outOfs < actualOutLen) {
+                throw new ShortBufferException("Output buffer too small, need " + actualOutLen +
+                    ", got " + (out.length - outOfs));
+            }
+            try {
+                if (tbSize != 0) {
+                    trailingBytes.rewind();
+                    if (tbSize < actualOutLen) {
+                        trailingBytes.get(out, outOfs, tbSize);
+                        outOfs += tbSize;
+                    } else {
+                        // copy from trailingBytes and we are done
+                        trailingBytes.get(out, outOfs, actualOutLen);
+                        return actualOutLen;
+                    }
+                }
+                if (lastData.length > padValue) {
+                    System.arraycopy(lastData, 0, out, outOfs,
+                                     lastData.length - padValue);
+                }
+                return actualOutLen;
+            } finally {
+                clear();
+            }
+        }
+
+        public void clear() {
+            if (trailingBytes != null) trailingBytes.clear();
+        }
+    }
+
+    public static final class AesEcbPKCS5 extends NativeCipherWithJavaPadding {
+        public AesEcbPKCS5() throws NoSuchAlgorithmException, NoSuchPaddingException {
+            super(new NativeCipher.AesEcbNoPadding(), "PKCS5Padding");
+        }
+    }
+
+    public static final class AesCbcPKCS5 extends NativeCipherWithJavaPadding {
+        public AesCbcPKCS5() throws NoSuchAlgorithmException, NoSuchPaddingException {
+            super(new NativeCipher.AesCbcNoPadding(), "PKCS5Padding");
+        }
+    }
+
+    public static final class AesCfb128PKCS5 extends NativeCipherWithJavaPadding {
+        public AesCfb128PKCS5() throws NoSuchAlgorithmException, NoSuchPaddingException {
+            super(new NativeCipher.AesCfb128NoPadding(), "PKCS5Padding");
+        }
+    }
+
+    // fields (re)set in every init()
+    private final NativeCipher nc;
+    private final Padding padding;
+    private final int blockSize;
+    private int lastBlockLen = 0;
+
+    // Only ECB, CBC, CTR, and CFB128 modes w/ NOPADDING for now
+    NativeCipherWithJavaPadding(NativeCipher nc, String paddingScheme)
+        throws NoSuchAlgorithmException, NoSuchPaddingException {
+        this.nc = nc;
+        this.blockSize = nc.engineGetBlockSize();
+        if (paddingScheme.toUpperCase().equals("PKCS5PADDING")) {
+            padding = new PKCS5Padding(blockSize);
+        } else {
+            throw new NoSuchAlgorithmException("Unsupported padding scheme: " + paddingScheme);
+        }
+    }
+
+    void reset() {
+        padding.clear();
+        lastBlockLen = 0;
+    }
+
+    @Override
+    protected synchronized void engineSetMode(String mode) throws NoSuchAlgorithmException {
+        nc.engineSetMode(mode);
+    }
+
+    // see JCE spec
+    @Override
+    protected void engineSetPadding(String padding)
+            throws NoSuchPaddingException {
+        // Disallow change of padding for now since currently it's explicitly
+        // defined in transformation strings
+        throw new NoSuchPaddingException("Unsupported padding " + padding);
+    }
+
+    // see JCE spec
+    @Override
+    protected int engineGetBlockSize() {
+        return blockSize;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineGetOutputSize(int inputLen) {
+        int result = nc.engineGetOutputSize(inputLen);
+        if (nc.encrypt) {
+            result += padding.getPadLen(result);
+        } else {
+            result += padding.getBufferedLength();
+        }
+        return result;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineGetIV() {
+        return nc.engineGetIV();
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized AlgorithmParameters engineGetParameters() {
+        return nc.engineGetParameters();
+    }
+
+    @Override
+    protected int engineGetKeySize(Key key) throws InvalidKeyException {
+        return nc.engineGetKeySize(key);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key key, SecureRandom random)
+            throws InvalidKeyException {
+        reset();
+        nc.engineInit(opmode, key, random);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key key,
+            AlgorithmParameterSpec params, SecureRandom random)
+            throws InvalidKeyException, InvalidAlgorithmParameterException {
+        reset();
+        nc.engineInit(opmode, key, params, random);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key key, AlgorithmParameters params,
+            SecureRandom random)
+            throws InvalidKeyException, InvalidAlgorithmParameterException {
+        reset();
+        nc.engineInit(opmode, key, params, random);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineUpdate(byte[] in, int inOfs, int inLen) {
+        if (nc.encrypt) {
+            lastBlockLen += inLen;
+            lastBlockLen &= (blockSize - 1);
+            return nc.engineUpdate(in, inOfs, inLen);
+        } else {
+            return padding.bufferBytes(nc.engineUpdate(in, inOfs, inLen));
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineUpdate(byte[] in, int inOfs, int inLen, byte[] out,
+            int outOfs) throws ShortBufferException {
+        if (nc.encrypt) {
+            lastBlockLen += inLen;
+            lastBlockLen &= (blockSize - 1);
+            return nc.engineUpdate(in, inOfs, inLen, out, outOfs);
+        } else {
+            byte[] result = padding.bufferBytes(nc.engineUpdate(in, inOfs, inLen));
+            if (result != null) {
+                System.arraycopy(result, 0, out, outOfs, result.length);
+                return result.length;
+            } else return 0;
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineDoFinal(byte[] in, int inOfs, int inLen)
+            throws IllegalBlockSizeException, BadPaddingException {
+        int estimatedOutLen = engineGetOutputSize(inLen);
+        byte[] out = new byte[estimatedOutLen];
+        try {
+            int actualOut = this.engineDoFinal(in, inOfs, inLen, out, 0);
+            // truncate off extra bytes
+            if (actualOut != out.length) {
+                out = Arrays.copyOf(out, actualOut);
+            }
+        } catch (ShortBufferException sbe) {
+            throw new UcryptoException("Internal Error");
+        } finally {
+            reset();
+        }
+        return out;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineDoFinal(byte[] in, int inOfs, int inLen, byte[] out,
+                                             int outOfs)
+        throws ShortBufferException, IllegalBlockSizeException,
+               BadPaddingException {
+        int estimatedOutLen = engineGetOutputSize(inLen);
+
+        if (out.length - outOfs < estimatedOutLen) {
+            throw new ShortBufferException();
+        }
+        try {
+            if (nc.encrypt) {
+                int k = nc.engineUpdate(in, inOfs, inLen, out, outOfs);
+                lastBlockLen += inLen;
+                lastBlockLen &= (blockSize - 1);
+                byte[] padBytes = padding.getPaddingBytes(lastBlockLen);
+                k += nc.engineDoFinal(padBytes, 0, padBytes.length, out, (outOfs + k));
+                return k;
+            } else {
+                byte[] tempOut = nc.engineDoFinal(in, inOfs, inLen);
+                int len = padding.unpad(tempOut, out, outOfs);
+                return len;
+            }
+        } finally {
+            reset();
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineWrap(Key key) throws IllegalBlockSizeException,
+                                                InvalidKeyException {
+        byte[] result = null;
+        try {
+            byte[] encodedKey = key.getEncoded();
+            if ((encodedKey == null) || (encodedKey.length == 0)) {
+                throw new InvalidKeyException("Cannot get an encoding of " +
+                                              "the key to be wrapped");
+            }
+            result = engineDoFinal(encodedKey, 0, encodedKey.length);
+        } catch (BadPaddingException e) {
+            // Should never happen for key wrapping
+            throw new UcryptoException("Internal Error", e);
+        }
+        return result;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm,
+                               int wrappedKeyType)
+        throws InvalidKeyException, NoSuchAlgorithmException {
+
+        byte[] encodedKey;
+        try {
+            encodedKey = engineDoFinal(wrappedKey, 0,
+                                       wrappedKey.length);
+        } catch (Exception e) {
+            throw (InvalidKeyException)
+                (new InvalidKeyException()).initCause(e);
+        }
+
+        return NativeCipher.constructKey(wrappedKeyType, encodedKey,
+                                         wrappedKeyAlgorithm);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/NativeDigest.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,243 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.lang.ref.*;
+
+import java.io.ByteArrayOutputStream;
+import java.util.*;
+import java.util.concurrent.ConcurrentSkipListSet;
+import java.security.*;
+
+/**
+ * MessageDigest implementation class. This class currently supports
+ * MD5, SHA1, SHA256, SHA384, and SHA512
+ *
+ * @since 1.9
+ */
+public abstract class NativeDigest extends MessageDigestSpi
+        implements Cloneable {
+
+    private static final int MECH_MD5 = 1;
+    private static final int MECH_SHA1 = 2;
+    private static final int MECH_SHA256 = 3;
+    private static final int MECH_SHA224 = 4;
+    private static final int MECH_SHA384 = 5;
+    private static final int MECH_SHA512 = 6;
+
+    private final int digestLen;
+    private final int mech;
+
+    // field for ensuring native memory is freed
+    private DigestContextRef pCtxt = null;
+
+    private static class DigestContextRef extends PhantomReference<NativeDigest>
+        implements Comparable<DigestContextRef> {
+
+        private static ReferenceQueue<NativeDigest> refQueue =
+            new ReferenceQueue<NativeDigest>();
+
+        // Needed to keep these references from being GC'ed until when their
+        // referents are GC'ed so we can do post-mortem processing
+        private static Set<DigestContextRef> refList =
+            new ConcurrentSkipListSet<DigestContextRef>();
+            //            Collections.synchronizedSortedSet(new TreeSet<DigestContextRef>());
+
+        private final long id;
+        private final int mech;
+
+        private static void drainRefQueueBounded() {
+            while (true) {
+                DigestContextRef next = (DigestContextRef) refQueue.poll();
+                if (next == null) break;
+                next.dispose(true);
+            }
+        }
+
+        DigestContextRef(NativeDigest nc, long id, int mech) {
+            super(nc, refQueue);
+            this.id = id;
+            this.mech = mech;
+            refList.add(this);
+            UcryptoProvider.debug("Resource: track Digest Ctxt " + this.id);
+            drainRefQueueBounded();
+        }
+
+        public int compareTo(DigestContextRef other) {
+            if (this.id == other.id) {
+                return 0;
+            } else {
+                return (this.id < other.id) ? -1 : 1;
+            }
+        }
+
+        void dispose(boolean needFree) {
+            refList.remove(this);
+            try {
+                if (needFree) {
+                    UcryptoProvider.debug("Resource: free Digest Ctxt " + this.id);
+                    NativeDigest.nativeFree(mech, id);
+                } else UcryptoProvider.debug("Resource: stop tracking Digest Ctxt " + this.id);
+            } finally {
+                this.clear();
+            }
+        }
+    }
+
+    NativeDigest(int mech, int digestLen) {
+        this.digestLen = digestLen;
+        this.mech = mech;
+    }
+
+    // see JCA spec
+    protected int engineGetDigestLength() {
+        return digestLen;
+    }
+
+    // see JCA spec
+    protected synchronized void engineReset() {
+        if (pCtxt != null) {
+            pCtxt.dispose(true);
+            pCtxt = null;
+        }
+    }
+
+    // see JCA spec
+    protected synchronized byte[] engineDigest() {
+        byte[] digest = new byte[digestLen];
+        try {
+            int len = engineDigest(digest, 0, digestLen);
+            if (len != digestLen) {
+                throw new UcryptoException("Digest length mismatch");
+            }
+            return digest;
+        } catch (DigestException de) {
+            throw new UcryptoException("Internal error", de);
+        }
+    }
+
+    // see JCA spec
+    protected synchronized int engineDigest(byte[] out, int ofs, int len)
+            throws DigestException {
+        if (len < digestLen) {
+            throw new DigestException("Output buffer must be at least " +
+                                      digestLen + " bytes long");
+        }
+        if ((ofs < 0) || (len < 0) || (ofs > out.length - len)) {
+            throw new DigestException("Buffer too short to store digest");
+        }
+
+        if (pCtxt == null) {
+            pCtxt = new DigestContextRef(this, nativeInit(mech), mech);
+        }
+        try {
+            int status = nativeDigest(mech, pCtxt.id, out, ofs, digestLen);
+            if (status != 0) {
+                throw new DigestException("Internal error: " + status);
+            }
+        } finally {
+            pCtxt.dispose(false);
+            pCtxt = null;
+        }
+        return digestLen;
+    }
+
+    // see JCA spec
+    protected synchronized void engineUpdate(byte in) {
+        byte[] temp = { in };
+        engineUpdate(temp, 0, 1);
+    }
+
+    // see JCA spec
+    protected synchronized void engineUpdate(byte[] in, int ofs, int len) {
+        if (len == 0) {
+            return;
+        }
+        if ((ofs < 0) || (len < 0) || (ofs > in.length - len)) {
+            throw new ArrayIndexOutOfBoundsException();
+        }
+        if (pCtxt == null) {
+            pCtxt = new DigestContextRef(this, nativeInit(mech), mech);
+        }
+        nativeUpdate(mech, pCtxt.id, in, ofs, len);
+    }
+
+    /**
+     * Clone this digest.
+     */
+    public synchronized Object clone() throws CloneNotSupportedException {
+        NativeDigest copy = (NativeDigest) super.clone();
+        // re-work the fields that cannot be copied over
+        if (pCtxt != null) {
+            copy.pCtxt = new DigestContextRef(this, nativeClone(mech, pCtxt.id), mech);
+        }
+        return copy;
+    }
+
+    // return pointer to the context
+    protected static native long nativeInit(int mech);
+    // return status code; always 0
+    protected static native int nativeUpdate(int mech, long pCtxt, byte[] in, int ofs, int inLen);
+    // return status code; always 0
+    protected static native int nativeDigest(int mech, long pCtxt, byte[] out, int ofs, int digestLen);
+    // return pointer to the duplicated context
+    protected static native long nativeClone(int mech, long pCtxt);
+    // free the specified context
+    private native static void nativeFree(int mech, long id);
+
+
+    public static final class MD5 extends NativeDigest {
+        public MD5() {
+            super(MECH_MD5, 16);
+        }
+    }
+
+    public static final class SHA1 extends NativeDigest {
+        public SHA1() {
+            super(MECH_SHA1, 20);
+        }
+    }
+
+    public static final class SHA256 extends NativeDigest {
+        public SHA256() {
+            super(MECH_SHA256, 32);
+        }
+    }
+
+
+    public static final class SHA384 extends NativeDigest {
+        public SHA384() {
+            super(MECH_SHA384, 48);
+        }
+    }
+
+
+    public static final class SHA512 extends NativeDigest {
+        public SHA512() {
+            super(MECH_SHA512, 64);
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/NativeGCMCipher.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,422 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.io.ByteArrayOutputStream;
+import java.nio.ByteBuffer;
+
+import java.util.Set;
+import java.util.Arrays;
+import java.security.*;
+import java.security.spec.*;
+import javax.crypto.*;
+import javax.crypto.spec.SecretKeySpec;
+import javax.crypto.spec.GCMParameterSpec;
+
+/**
+ * Cipher wrapper class utilizing ucrypto APIs. This class currently supports
+ * - AES/GCM/NoPADDING
+ *
+ * @since 1.9
+ */
+class NativeGCMCipher extends NativeCipher {
+
+    public static final class AesGcmNoPadding extends NativeGCMCipher {
+        public AesGcmNoPadding() throws NoSuchAlgorithmException {
+            super(-1);
+        }
+    }
+    public static final class Aes128GcmNoPadding extends NativeGCMCipher {
+        public Aes128GcmNoPadding() throws NoSuchAlgorithmException {
+            super(16);
+        }
+    }
+    public static final class Aes192GcmNoPadding extends NativeGCMCipher {
+        public Aes192GcmNoPadding() throws NoSuchAlgorithmException {
+            super(24);
+        }
+    }
+    public static final class Aes256GcmNoPadding extends NativeGCMCipher {
+        public Aes256GcmNoPadding() throws NoSuchAlgorithmException {
+            super(32);
+        }
+    }
+
+    private static final int DEFAULT_TAG_LEN = 128; // same as SunJCE provider
+
+    // buffer for storing AAD data; if null, meaning buffer content has been
+    // supplied to native context
+    private ByteArrayOutputStream aadBuffer = new ByteArrayOutputStream();
+
+    // buffer for storing input in decryption, not used for encryption
+    private ByteArrayOutputStream ibuffer = null;
+
+    private int tagLen = DEFAULT_TAG_LEN;
+
+    /*
+     * variables used for performing the GCM (key+iv) uniqueness check.
+     * To use GCM mode safely, the cipher object must be re-initialized
+     * with a different combination of key + iv values for each
+     * ENCRYPTION operation. However, checking all past key + iv values
+     * isn't feasible. Thus, we only do a per-instance check of the
+     * key + iv values used in previous encryption.
+     * For decryption operations, no checking is necessary.
+     */
+    private boolean requireReinit = false;
+    private byte[] lastEncKey = null;
+    private byte[] lastEncIv = null;
+
+    NativeGCMCipher(int fixedKeySize) throws NoSuchAlgorithmException {
+        super(UcryptoMech.CRYPTO_AES_GCM, fixedKeySize);
+    }
+
+    @Override
+    protected void ensureInitialized() {
+        if (!initialized) {
+            if (aadBuffer != null && aadBuffer.size() > 0) {
+                init(encrypt, keyValue, iv, tagLen, aadBuffer.toByteArray());
+                aadBuffer = null;
+            } else {
+                init(encrypt, keyValue, iv, tagLen, null);
+            }
+            if (!initialized) {
+                throw new UcryptoException("Cannot initialize Cipher");
+            }
+        }
+    }
+
+    @Override
+    protected int getOutputSizeByOperation(int inLen, boolean isDoFinal) {
+        if (inLen < 0) return 0;
+
+        if (!isDoFinal && (inLen == 0)) {
+            return 0;
+        }
+
+        int result = inLen + bytesBuffered;
+        if (encrypt) {
+            if (isDoFinal) {
+                result += tagLen/8;
+            }
+        } else {
+            if (ibuffer != null) {
+                result += ibuffer.size();
+            }
+            if (isDoFinal) {
+                result -= tagLen/8;
+            }
+        }
+        if (result < 0) {
+            result = 0;
+        }
+        return result;
+    }
+
+    @Override
+    protected void reset(boolean doCancel) {
+        super.reset(doCancel);
+        if (aadBuffer == null) {
+            aadBuffer = new ByteArrayOutputStream();
+        } else {
+            aadBuffer.reset();
+        }
+
+        if (ibuffer != null) {
+            ibuffer.reset();
+        }
+        if (!encrypt) requireReinit = false;
+    }
+
+    // actual init() implementation - caller should clone key and iv if needed
+    protected void init(boolean encrypt, byte[] keyVal, byte[] ivVal, int tLen, byte[] aad) {
+        reset(true);
+        this.encrypt = encrypt;
+        this.keyValue = keyVal;
+        this.iv = ivVal;
+        long pCtxtVal = NativeCipher.nativeInit(mech.value(), encrypt, keyValue, iv,
+            tLen, aad);
+        initialized = (pCtxtVal != 0L);
+        if (initialized) {
+            pCtxt = new CipherContextRef(this, pCtxtVal, encrypt);
+        } else {
+            throw new UcryptoException("Cannot initialize Cipher");
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized AlgorithmParameters engineGetParameters() {
+        AlgorithmParameters params = null;
+        try {
+            if (iv != null) {
+                GCMParameterSpec gcmSpec = new GCMParameterSpec(tagLen, iv.clone());
+                params = AlgorithmParameters.getInstance("GCM");
+                params.init(gcmSpec);
+            }
+        } catch (GeneralSecurityException e) {
+            // NoSuchAlgorithmException, NoSuchProviderException
+            // InvalidParameterSpecException
+            throw new UcryptoException("Could not encode parameters", e);
+        }
+        return params;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key key,
+            AlgorithmParameterSpec params, SecureRandom random)
+            throws InvalidKeyException, InvalidAlgorithmParameterException {
+        checkKey(key);
+        if (opmode != Cipher.ENCRYPT_MODE &&
+            opmode != Cipher.DECRYPT_MODE &&
+            opmode != Cipher.WRAP_MODE &&
+            opmode != Cipher.UNWRAP_MODE) {
+            throw new InvalidAlgorithmParameterException
+                ("Unsupported mode: " + opmode);
+        }
+        boolean doEncrypt = (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE);
+        byte[] keyBytes = key.getEncoded().clone();
+        byte[] ivBytes = null;
+        if (params != null) {
+            if (!(params instanceof GCMParameterSpec)) {
+                throw new InvalidAlgorithmParameterException("GCMParameterSpec required");
+            } else {
+                tagLen = ((GCMParameterSpec) params).getTLen();
+                ivBytes = ((GCMParameterSpec) params).getIV();
+            }
+        } else {
+            if (doEncrypt) {
+                tagLen = DEFAULT_TAG_LEN;
+
+                // generate IV if none supplied for encryption
+                ivBytes = new byte[blockSize];
+                new SecureRandom().nextBytes(ivBytes);
+            } else {
+                throw new InvalidAlgorithmParameterException("Parameters required for decryption");
+            }
+        }
+        if (doEncrypt) {
+            requireReinit = Arrays.equals(ivBytes, lastEncIv) &&
+                Arrays.equals(keyBytes, lastEncKey);
+            if (requireReinit) {
+                throw new InvalidAlgorithmParameterException
+                    ("Cannot reuse iv for GCM encryption");
+            }
+            lastEncIv = ivBytes;
+            lastEncKey = keyBytes;
+        } else {
+            requireReinit = false;
+            ibuffer = new ByteArrayOutputStream();
+        }
+        init(doEncrypt, keyBytes, ivBytes, tagLen, null);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key key, AlgorithmParameters params,
+            SecureRandom random)
+            throws InvalidKeyException, InvalidAlgorithmParameterException {
+        AlgorithmParameterSpec spec = null;
+        if (params != null) {
+            try {
+                // mech must be UcryptoMech.CRYPTO_AES_GCM
+                spec = params.getParameterSpec(GCMParameterSpec.class);
+            } catch (InvalidParameterSpecException iaps) {
+                throw new InvalidAlgorithmParameterException(iaps);
+            }
+        }
+        engineInit(opmode, key, spec, random);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineUpdate(byte[] in, int inOfs, int inLen) {
+        if (aadBuffer != null && aadBuffer.size() > 0) {
+            // init again with AAD data
+            init(encrypt, keyValue, iv, tagLen, aadBuffer.toByteArray());
+            aadBuffer = null;
+        }
+        if (requireReinit) {
+            throw new IllegalStateException
+                ("Must use either different key or iv for GCM encryption");
+        }
+        if (inLen > 0) {
+            if (!encrypt) {
+                ibuffer.write(in, inOfs, inLen);
+                return null;
+            }
+            return super.engineUpdate(in, inOfs, inLen);
+        } else return null;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineUpdate(byte[] in, int inOfs, int inLen, byte[] out,
+            int outOfs) throws ShortBufferException {
+        int len = getOutputSizeByOperation(inLen, false);
+        if (out.length - outOfs < len) {
+            throw new ShortBufferException("Output buffer must be "
+                                           + "(at least) " + len
+                                           + " bytes long");
+        }
+        if (aadBuffer != null && aadBuffer.size() > 0) {
+            // init again with AAD data
+            init(encrypt, keyValue, iv, tagLen, aadBuffer.toByteArray());
+            aadBuffer = null;
+        }
+        if (requireReinit) {
+            throw new IllegalStateException
+                ("Must use either different key or iv for GCM encryption");
+        }
+        if (inLen > 0) {
+            if (!encrypt) {
+                ibuffer.write(in, inOfs, inLen);
+                return 0;
+            } else {
+                return super.engineUpdate(in, inOfs, inLen, out, outOfs);
+            }
+        }
+        return 0;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineUpdateAAD(byte[] src, int srcOfs, int srcLen)
+            throws IllegalStateException {
+
+        if ((src == null) || (srcOfs < 0) || (srcOfs + srcLen > src.length)) {
+            throw new IllegalArgumentException("Invalid AAD");
+        }
+        if (keyValue == null) {
+            throw new IllegalStateException("Need to initialize Cipher first");
+        }
+        if (requireReinit) {
+            throw new IllegalStateException
+                ("Must use either different key or iv for GCM encryption");
+        }
+        if (aadBuffer != null) {
+            aadBuffer.write(src, srcOfs, srcLen);
+        } else {
+            // update has already been called
+            throw new IllegalStateException
+                ("Update has been called; no more AAD data");
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected void engineUpdateAAD(ByteBuffer src)
+            throws IllegalStateException {
+        if (src == null) {
+            throw new IllegalArgumentException("Invalid AAD");
+        }
+        if (keyValue == null) {
+            throw new IllegalStateException("Need to initialize Cipher first");
+        }
+        if (requireReinit) {
+            throw new IllegalStateException
+                ("Must use either different key or iv for GCM encryption");
+        }
+        if (aadBuffer != null) {
+            if (src.hasRemaining()) {
+                byte[] srcBytes = new byte[src.remaining()];
+                src.get(srcBytes);
+                aadBuffer.write(srcBytes, 0, srcBytes.length);
+            }
+        } else {
+            // update has already been called
+            throw new IllegalStateException
+                ("Update has been called; no more AAD data");
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineDoFinal(byte[] in, int inOfs, int inLen)
+            throws IllegalBlockSizeException, BadPaddingException {
+        byte[] out = new byte[getOutputSizeByOperation(inLen, true)];
+        try {
+            // delegate to the other engineDoFinal(...) method
+            int k = engineDoFinal(in, inOfs, inLen, out, 0);
+            if (out.length != k) {
+                out = Arrays.copyOf(out, k);
+            }
+            return out;
+        } catch (ShortBufferException e) {
+            throw new UcryptoException("Internal Error", e);
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineDoFinal(byte[] in, int inOfs, int inLen,
+                                             byte[] out, int outOfs)
+        throws ShortBufferException, IllegalBlockSizeException,
+               BadPaddingException {
+        int len = getOutputSizeByOperation(inLen, true);
+        if (out.length - outOfs < len) {
+            throw new ShortBufferException("Output buffer must be "
+                                           + "(at least) " + len
+                                           + " bytes long");
+        }
+        if (aadBuffer != null && aadBuffer.size() > 0) {
+            // init again with AAD data
+            init(encrypt, keyValue, iv, tagLen, aadBuffer.toByteArray());
+            aadBuffer = null;
+        }
+        if (requireReinit) {
+            throw new IllegalStateException
+                ("Must use either different key or iv for GCM encryption");
+        }
+        if (!encrypt) {
+            if (inLen > 0) {
+                ibuffer.write(in, inOfs, inLen);
+            }
+            inLen = ibuffer.size();
+            if (inLen < tagLen/8) {
+                // Otherwise, Solaris lib will error out w/ CRYPTO_BUFFER_TOO_SMALL
+                // when ucrypto_decrypt_final() is called
+                throw new AEADBadTagException("Input too short - need tag");
+            }
+            // refresh 'in' to all buffered-up bytes
+            in = ibuffer.toByteArray();
+            inOfs = 0;
+            ibuffer.reset();
+        }
+        try {
+            return super.engineDoFinal(in, inOfs, inLen, out, outOfs);
+        } catch (UcryptoException ue) {
+            if (ue.getMessage().equals("CRYPTO_INVALID_MAC")) {
+                throw new AEADBadTagException("Tag does not match");
+            } else {
+                // pass it up
+                throw ue;
+            }
+        } finally {
+            requireReinit = encrypt;
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/NativeKey.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,230 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.util.Set;
+import java.util.Arrays;
+import java.util.concurrent.ConcurrentSkipListSet;
+import java.lang.ref.*;
+
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.Key;
+import java.security.PublicKey;
+import java.security.PrivateKey;
+import java.security.KeyFactorySpi;
+import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.interfaces.RSAPublicKey;
+
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+import java.security.spec.RSAPrivateCrtKeySpec;
+import java.security.spec.RSAPublicKeySpec;
+
+/**
+ * Wrapper class for native keys needed for using ucrypto APIs.
+ * This class currently supports native RSA private/public keys.
+ *
+ * @since 1.9
+ */
+abstract class NativeKey implements Key {
+
+    private static final long serialVersionUID = 6812507588904302830L;
+
+    private final int numComponents;
+
+    NativeKey(int numComponents) {
+        this.numComponents = numComponents;
+    }
+
+    abstract long value();
+
+    int length() {
+        return numComponents;
+    }
+
+    public String getAlgorithm() { return "RSA"; }
+    public String getFormat() { return "RAW"; }
+    public byte[] getEncoded() {
+        // not used; so not generated
+        return null;
+    }
+
+    private native static void nativeFree(long id, int numComponents);
+
+    static byte[] getMagnitude(BigInteger bi) {
+        byte[] b = bi.toByteArray();
+        if ((b.length > 1) && (b[0] == 0)) {
+            int n = b.length - 1;
+            byte[] newarray = new byte[n];
+            System.arraycopy(b, 1, newarray, 0, n);
+            b = newarray;
+        }
+        return b;
+    }
+
+    static final class RSAPrivateCrt extends NativeKey implements RSAPrivateCrtKey {
+
+        private static final long serialVersionUID = 6812507588904302831L;
+
+        private final RSAPrivateCrtKeySpec keySpec;
+        private final long keyId;
+
+        RSAPrivateCrt(KeySpec keySpec) throws InvalidKeySpecException {
+            super(8);
+            long pKey = 0L;
+            if (keySpec instanceof RSAPrivateCrtKeySpec) {
+                RSAPrivateCrtKeySpec ks = (RSAPrivateCrtKeySpec) keySpec;
+                BigInteger mod = ks.getModulus();
+                BigInteger publicExp =  ks.getPublicExponent();
+                BigInteger privateExp =  ks.getPrivateExponent();
+                BigInteger primeP = ks.getPrimeP();
+                BigInteger primeQ = ks.getPrimeQ();
+                BigInteger primeExpP = ks.getPrimeExponentP();
+                BigInteger primeExpQ = ks.getPrimeExponentQ();
+                BigInteger crtCoeff = ks.getCrtCoefficient();
+                pKey = nativeInit(NativeKey.getMagnitude(mod),
+                                  NativeKey.getMagnitude(publicExp),
+                                  NativeKey.getMagnitude(privateExp),
+                                  NativeKey.getMagnitude(primeP),
+                                  NativeKey.getMagnitude(primeQ),
+                                  NativeKey.getMagnitude(primeExpP),
+                                  NativeKey.getMagnitude(primeExpQ),
+                                  NativeKey.getMagnitude(crtCoeff));
+            } else {
+                throw new InvalidKeySpecException("Only supports RSAPrivateCrtKeySpec");
+            }
+            if (pKey == 0L) {
+                throw new UcryptoException("Error constructing RSA PrivateKey");
+            }
+            // track native resource clean up
+            new KeyRef(this, pKey);
+            this.keySpec = (RSAPrivateCrtKeySpec) keySpec;
+            this.keyId = pKey;
+        }
+
+        long value() { return keyId; }
+        public BigInteger getModulus() { return keySpec.getModulus(); };
+        public BigInteger getPublicExponent() { return keySpec.getPublicExponent(); };
+        public BigInteger getPrivateExponent() { return keySpec.getPrivateExponent(); };
+        public BigInteger getPrimeP() { return keySpec.getPrimeP(); };
+        public BigInteger getPrimeQ() { return keySpec.getPrimeQ(); };
+        public BigInteger getPrimeExponentP() { return keySpec.getPrimeExponentP(); };
+        public BigInteger getPrimeExponentQ() { return keySpec.getPrimeExponentQ(); };
+        public BigInteger getCrtCoefficient() { return keySpec.getCrtCoefficient(); };
+
+        private native static long nativeInit(byte[] mod, byte[] pubExp, byte[] privExp,
+                                      byte[] p, byte[] q,
+                                      byte[] expP, byte[] expQ, byte[] crtCoeff);
+    }
+
+    static final class RSAPublic extends NativeKey implements RSAPublicKey {
+
+        private static final long serialVersionUID = 6812507588904302832L;
+
+        private final RSAPublicKeySpec keySpec;
+        private final long keyId;
+
+        RSAPublic(KeySpec keySpec) throws InvalidKeySpecException {
+            super(2);
+            long pKey = 0L;
+            if (keySpec instanceof RSAPublicKeySpec) {
+                RSAPublicKeySpec ks = (RSAPublicKeySpec) keySpec;
+                BigInteger mod = ks.getModulus();
+                BigInteger publicExp = ks.getPublicExponent();
+                pKey = nativeInit(NativeKey.getMagnitude(mod),
+                                  NativeKey.getMagnitude(publicExp));
+            } else {
+                throw new InvalidKeySpecException("Only supports RSAPublicKeySpec");
+            }
+            if (pKey == 0L) {
+                throw new UcryptoException("Error constructing RSA PublicKey");
+            }
+            // track native resource clean up
+            new KeyRef(this, pKey);
+            this.keySpec = (RSAPublicKeySpec) keySpec;
+            this.keyId = pKey;
+        }
+
+        long value() { return keyId; }
+        public BigInteger getModulus() { return keySpec.getModulus(); };
+        public BigInteger getPublicExponent() { return keySpec.getPublicExponent(); };
+
+        private native static long nativeInit(byte[] mod, byte[] pubExp);
+    }
+
+    // internal class for native resource cleanup
+    private static class KeyRef extends PhantomReference<NativeKey>
+        implements Comparable<KeyRef> {
+
+        private static ReferenceQueue<NativeKey> refQueue =
+            new ReferenceQueue<NativeKey>();
+
+        // Needed to keep these references from being GC'ed until when their
+        // referents are GC'ed so we can do post-mortem processing
+        private static Set<KeyRef> refList =
+            new ConcurrentSkipListSet<KeyRef>();
+
+        private final long id;
+        private final int length;
+
+        private static void drainRefQueueBounded() {
+            while (true) {
+                KeyRef next = (KeyRef) refQueue.poll();
+                if (next == null) break;
+                next.dispose();
+            }
+        }
+
+        KeyRef(NativeKey nk, long id) {
+            super(nk, refQueue);
+            this.id = id;
+            this.length = nk.length();
+            refList.add(this);
+            UcryptoProvider.debug("Resource: track NativeKey " + this.id);
+            drainRefQueueBounded();
+        }
+
+        public int compareTo(KeyRef other) {
+            if (this.id == other.id) {
+                return 0;
+            } else {
+                return (this.id < other.id) ? -1 : 1;
+            }
+        }
+
+        void dispose() {
+            refList.remove(this);
+            UcryptoProvider.debug("Resource: free NativeKey " + this.id);
+            try {
+                NativeKey.nativeFree(id, length);
+            } finally {
+                this.clear();
+            }
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/NativeRSACipher.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,448 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.util.Arrays;
+import java.util.WeakHashMap;
+import java.util.Collections;
+import java.util.Map;
+
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.PublicKey;
+import java.security.PrivateKey;
+import java.security.spec.RSAPrivateCrtKeySpec;
+import java.security.spec.RSAPublicKeySpec;
+import java.security.interfaces.RSAKey;
+import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.interfaces.RSAPublicKey;
+
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+import java.security.spec.InvalidKeySpecException;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.CipherSpi;
+import javax.crypto.SecretKey;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.ShortBufferException;
+
+import javax.crypto.spec.SecretKeySpec;
+
+import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec;
+import sun.security.util.KeyUtil;
+
+/**
+ * Asymmetric Cipher wrapper class utilizing ucrypto APIs. This class
+ * currently supports
+ * - RSA/ECB/NOPADDING
+ * - RSA/ECB/PKCS1PADDING
+ *
+ * @since 1.9
+ */
+public class NativeRSACipher extends CipherSpi {
+    // fields set in constructor
+    private final UcryptoMech mech;
+    private final int padLen;
+    private final NativeRSAKeyFactory keyFactory;
+    private AlgorithmParameterSpec spec;
+    private SecureRandom random;
+
+    // Keep a cache of RSA keys and their RSA NativeKey for reuse.
+    // When the RSA key is gc'ed, we let NativeKey phatom references cleanup
+    // the native allocation
+    private static final Map<Key, NativeKey> keyList =
+            Collections.synchronizedMap(new WeakHashMap<Key, NativeKey>());
+
+    //
+    // fields (re)set in every init()
+    //
+    private NativeKey key = null;
+    private int outputSize = 0; // e.g. modulus size in bytes
+    private boolean encrypt = true;
+    private byte[] buffer;
+    private int bufOfs = 0;
+
+    // public implementation classes
+    public static final class NoPadding extends NativeRSACipher {
+        public NoPadding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_RSA_X_509, 0);
+        }
+    }
+
+    public static final class PKCS1Padding extends NativeRSACipher {
+        public PKCS1Padding() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_RSA_PKCS, 11);
+        }
+    }
+
+    NativeRSACipher(UcryptoMech mech, int padLen)
+        throws NoSuchAlgorithmException {
+        this.mech = mech;
+        this.padLen = padLen;
+        this.keyFactory = new NativeRSAKeyFactory();
+    }
+
+    @Override
+    protected void engineSetMode(String mode) throws NoSuchAlgorithmException {
+        // Disallow change of mode for now since currently it's explicitly
+        // defined in transformation strings
+        throw new NoSuchAlgorithmException("Unsupported mode " + mode);
+    }
+
+    // see JCE spec
+    @Override
+    protected void engineSetPadding(String padding)
+            throws NoSuchPaddingException {
+        // Disallow change of padding for now since currently it's explicitly
+        // defined in transformation strings
+        throw new NoSuchPaddingException("Unsupported padding " + padding);
+    }
+
+    // see JCE spec
+    @Override
+    protected int engineGetBlockSize() {
+        return 0;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineGetOutputSize(int inputLen) {
+        return outputSize;
+    }
+
+    // see JCE spec
+    @Override
+    protected byte[] engineGetIV() {
+        return null;
+    }
+
+    // see JCE spec
+    @Override
+    protected AlgorithmParameters engineGetParameters() {
+        return null;
+    }
+
+    @Override
+    protected int engineGetKeySize(Key key) throws InvalidKeyException {
+        if (!(key instanceof RSAKey)) {
+            throw new InvalidKeyException("RSAKey required");
+        }
+        int n = ((RSAKey)key).getModulus().bitLength();
+        // strip off the leading extra 0x00 byte prefix
+        int realByteSize = (n + 7) >> 3;
+        return realByteSize * 8;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key key, SecureRandom random)
+            throws InvalidKeyException {
+        try {
+            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
+        } catch (InvalidAlgorithmParameterException e) {
+            throw new InvalidKeyException("init() failed", e);
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key newKey,
+            AlgorithmParameterSpec params, SecureRandom random)
+            throws InvalidKeyException, InvalidAlgorithmParameterException {
+        if (newKey == null) {
+            throw new InvalidKeyException("Key cannot be null");
+        }
+        if (opmode != Cipher.ENCRYPT_MODE &&
+            opmode != Cipher.DECRYPT_MODE &&
+            opmode != Cipher.WRAP_MODE &&
+            opmode != Cipher.UNWRAP_MODE) {
+            throw new InvalidAlgorithmParameterException
+                ("Unsupported mode: " + opmode);
+        }
+        if (params != null) {
+            if (!(params instanceof TlsRsaPremasterSecretParameterSpec)) {
+                throw new InvalidAlgorithmParameterException(
+                        "No Parameters can be specified");
+            }
+            spec = params;
+            this.random = random;   // for TLS RSA premaster secret
+        }
+        boolean doEncrypt = (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE);
+
+        // Make sure the proper opmode uses the proper key
+        if (doEncrypt && (!(newKey instanceof RSAPublicKey))) {
+            throw new InvalidKeyException("RSAPublicKey required for encryption");
+        } else if (!doEncrypt && (!(newKey instanceof RSAPrivateCrtKey))) {
+            throw new InvalidKeyException("RSAPrivateCrtKey required for decryption");
+        }
+
+        NativeKey nativeKey = null;
+        // Check keyList cache for a nativeKey
+        nativeKey = keyList.get(newKey);
+        if (nativeKey == null) {
+            // With no existing nativeKey for this newKey, create one
+            if (doEncrypt) {
+                RSAPublicKey publicKey = (RSAPublicKey) newKey;
+                try {
+                    nativeKey = (NativeKey) keyFactory.engineGeneratePublic
+                        (new RSAPublicKeySpec(publicKey.getModulus(), publicKey.getPublicExponent()));
+                } catch (InvalidKeySpecException ikse) {
+                    throw new InvalidKeyException(ikse);
+                }
+            } else {
+                RSAPrivateCrtKey privateKey = (RSAPrivateCrtKey) newKey;
+                try {
+                    nativeKey = (NativeKey) keyFactory.engineGeneratePrivate
+                        (new RSAPrivateCrtKeySpec(privateKey.getModulus(),
+                                                  privateKey.getPublicExponent(),
+                                                  privateKey.getPrivateExponent(),
+                                                  privateKey.getPrimeP(),
+                                                  privateKey.getPrimeQ(),
+                                                  privateKey.getPrimeExponentP(),
+                                                  privateKey.getPrimeExponentQ(),
+                                                  privateKey.getCrtCoefficient()));
+                } catch (InvalidKeySpecException ikse) {
+                    throw new InvalidKeyException(ikse);
+                }
+            }
+
+            // Add nativeKey to keyList cache and associate it with newKey
+            keyList.put(newKey, nativeKey);
+        }
+
+        init(doEncrypt, nativeKey);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized void engineInit(int opmode, Key key, AlgorithmParameters params,
+            SecureRandom random)
+            throws InvalidKeyException, InvalidAlgorithmParameterException {
+        if (params != null) {
+            throw new InvalidAlgorithmParameterException("No Parameters can be specified");
+        }
+        engineInit(opmode, key, (AlgorithmParameterSpec) null, random);
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineUpdate(byte[] in, int inOfs, int inLen) {
+        if (inLen > 0) {
+            update(in, inOfs, inLen);
+        }
+        return null;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineUpdate(byte[] in, int inOfs, int inLen, byte[] out,
+            int outOfs) throws ShortBufferException {
+        if (out.length - outOfs < outputSize) {
+            throw new ShortBufferException("Output buffer too small");
+        }
+        if (inLen > 0) {
+            update(in, inOfs, inLen);
+        }
+        return 0;
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineDoFinal(byte[] in, int inOfs, int inLen)
+            throws IllegalBlockSizeException, BadPaddingException {
+        byte[] out = new byte[outputSize];
+        try {
+            // delegate to the other engineDoFinal(...) method
+            int actualLen = engineDoFinal(in, inOfs, inLen, out, 0);
+            if (actualLen != outputSize) {
+                return Arrays.copyOf(out, actualLen);
+            } else {
+                return out;
+            }
+        } catch (ShortBufferException e) {
+            throw new UcryptoException("Internal Error", e);
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized int engineDoFinal(byte[] in, int inOfs, int inLen, byte[] out,
+                                             int outOfs)
+        throws ShortBufferException, IllegalBlockSizeException,
+               BadPaddingException {
+        if (inLen != 0) {
+            update(in, inOfs, inLen);
+        }
+        return doFinal(out, outOfs, out.length - outOfs);
+    }
+
+
+    // see JCE spec
+    @Override
+    protected synchronized byte[] engineWrap(Key key) throws IllegalBlockSizeException,
+                                                             InvalidKeyException {
+        try {
+            byte[] encodedKey = key.getEncoded();
+            if ((encodedKey == null) || (encodedKey.length == 0)) {
+                throw new InvalidKeyException("Cannot get an encoding of " +
+                                              "the key to be wrapped");
+            }
+            if (encodedKey.length > buffer.length) {
+                throw new InvalidKeyException("Key is too long for wrapping");
+            }
+            return engineDoFinal(encodedKey, 0, encodedKey.length);
+        } catch (BadPaddingException e) {
+            // Should never happen for key wrapping
+            throw new UcryptoException("Internal Error", e);
+        }
+    }
+
+    // see JCE spec
+    @Override
+    protected synchronized Key engineUnwrap(byte[] wrappedKey,
+            String wrappedKeyAlgorithm, int wrappedKeyType)
+            throws InvalidKeyException, NoSuchAlgorithmException {
+
+        if (wrappedKey.length > buffer.length) {
+            throw new InvalidKeyException("Key is too long for unwrapping");
+        }
+
+        boolean isTlsRsaPremasterSecret =
+                wrappedKeyAlgorithm.equals("TlsRsaPremasterSecret");
+        Exception failover = null;
+
+        byte[] encodedKey = null;
+        try {
+            encodedKey = engineDoFinal(wrappedKey, 0, wrappedKey.length);
+        } catch (BadPaddingException bpe) {
+            if (isTlsRsaPremasterSecret) {
+                failover = bpe;
+            } else {
+                throw new InvalidKeyException("Unwrapping failed", bpe);
+            }
+        } catch (Exception e) {
+            throw new InvalidKeyException("Unwrapping failed", e);
+        }
+
+        if (isTlsRsaPremasterSecret) {
+            if (!(spec instanceof TlsRsaPremasterSecretParameterSpec)) {
+                throw new IllegalStateException(
+                        "No TlsRsaPremasterSecretParameterSpec specified");
+            }
+
+            // polish the TLS premaster secret
+            encodedKey = KeyUtil.checkTlsPreMasterSecretKey(
+                ((TlsRsaPremasterSecretParameterSpec)spec).getClientVersion(),
+                ((TlsRsaPremasterSecretParameterSpec)spec).getServerVersion(),
+                random, encodedKey, (failover != null));
+        }
+
+        return NativeCipher.constructKey(wrappedKeyType,
+                encodedKey, wrappedKeyAlgorithm);
+    }
+
+    /**
+     * calls ucrypto_encrypt(...) or ucrypto_decrypt(...)
+     * @returns the length of output or an negative error status code
+     */
+    private native static int nativeAtomic(int mech, boolean encrypt,
+                                           long keyValue, int keyLength,
+                                           byte[] in, int inLen,
+                                           byte[] out, int ouOfs, int outLen);
+
+    // do actual initialization
+    private void init(boolean encrypt, NativeKey key) {
+        this.encrypt = encrypt;
+        this.key = key;
+        try {
+            this.outputSize = engineGetKeySize(key)/8;
+        } catch (InvalidKeyException ike) {
+            throw new UcryptoException("Internal Error", ike);
+        }
+        this.buffer = new byte[outputSize];
+        this.bufOfs = 0;
+    }
+
+    // store the specified input into the internal buffer
+    private void update(byte[] in, int inOfs, int inLen) {
+        if ((inLen <= 0) || (in == null)) {
+            return;
+        }
+        // buffer bytes internally until doFinal is called
+        if ((bufOfs + inLen + (encrypt? padLen:0)) > buffer.length) {
+            // lead to IllegalBlockSizeException when doFinal() is called
+            bufOfs = buffer.length + 1;
+            return;
+        }
+        System.arraycopy(in, inOfs, buffer, bufOfs, inLen);
+        bufOfs += inLen;
+    }
+
+    // return the actual non-negative output length
+    private int doFinal(byte[] out, int outOfs, int outLen)
+            throws ShortBufferException, IllegalBlockSizeException,
+            BadPaddingException {
+        if (bufOfs > buffer.length) {
+            throw new IllegalBlockSizeException(
+                "Data must not be longer than " +
+                (buffer.length - (encrypt ? padLen : 0)) + " bytes");
+        }
+        if (outLen < outputSize) {
+            throw new ShortBufferException();
+        }
+        try {
+            long keyValue = key.value();
+            int k = nativeAtomic(mech.value(), encrypt, keyValue,
+                                 key.length(), buffer, bufOfs,
+                                 out, outOfs, outLen);
+            if (k < 0) {
+                if ( k == -16 || k == -64) {
+                    // -16: CRYPTO_ENCRYPTED_DATA_INVALID
+                    // -64: CKR_ENCRYPTED_DATA_INVALID, see bug 17459266
+                    UcryptoException ue = new UcryptoException(16);
+                    BadPaddingException bpe =
+                        new BadPaddingException("Invalid encryption data");
+                    bpe.initCause(ue);
+                    throw bpe;
+                }
+                throw new UcryptoException(-k);
+            }
+
+            return k;
+        } finally {
+            bufOfs = 0;
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/NativeRSAKeyFactory.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.util.Set;
+import java.util.Arrays;
+import java.util.concurrent.ConcurrentSkipListSet;
+import java.lang.ref.*;
+
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.Key;
+import java.security.PublicKey;
+import java.security.PrivateKey;
+import java.security.KeyFactorySpi;
+
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+import java.security.spec.RSAPrivateCrtKeySpec;
+import java.security.spec.RSAPublicKeySpec;
+
+/**
+ * Ucrypto-private KeyFactory class for generating native keys
+ * needed for using ucrypto APIs. Given that it's not used
+ * externally, it only needs to support RSAPrivateCrtKeySpec
+ * and RSAPublicKeySpec objects.
+ *
+ * @since 1.9
+ */
+public final class NativeRSAKeyFactory extends KeyFactorySpi {
+
+    @Override
+    protected PrivateKey engineGeneratePrivate(KeySpec keySpec)
+        throws InvalidKeySpecException {
+        return new NativeKey.RSAPrivateCrt(keySpec);
+    }
+
+    @Override
+    protected PublicKey engineGeneratePublic(KeySpec keySpec)
+        throws InvalidKeySpecException {
+        return new NativeKey.RSAPublic(keySpec);
+    }
+
+    @Override
+    protected <T extends KeySpec> T
+        engineGetKeySpec(Key key, Class<T> keySpec)
+            throws InvalidKeySpecException {
+        throw new UnsupportedOperationException();
+    }
+
+    @Override
+    protected Key engineTranslateKey(Key key) throws InvalidKeyException {
+        // no need to support this
+        throw new UnsupportedOperationException();
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/NativeRSASignature.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,445 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.util.Set;
+import java.util.Arrays;
+import java.util.concurrent.ConcurrentSkipListSet;
+import java.lang.ref.*;
+import java.math.BigInteger;
+import java.nio.ByteBuffer;
+
+import java.security.SignatureSpi;
+import java.security.NoSuchAlgorithmException;
+import java.security.InvalidParameterException;
+import java.security.InvalidKeyException;
+import java.security.SignatureException;
+import java.security.Key;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+
+import java.security.*;
+import java.security.interfaces.*;
+import java.security.spec.RSAPrivateCrtKeySpec;
+import java.security.spec.RSAPublicKeySpec;
+import java.security.spec.InvalidKeySpecException;
+import sun.nio.ch.DirectBuffer;
+import java.nio.ByteBuffer;
+import sun.security.rsa.RSAPadding;
+
+/**
+ * Signature implementation class. This class currently supports the
+ * following algorithms:
+ *
+ * . RSA:
+ *   . MD5withRSA
+ *   . SHA1withRSA
+ *   . SHA256withRSA
+ *   . SHA384withRSA
+ *   . SHA512withRSA
+ *
+ * @since 1.9
+ */
+class NativeRSASignature extends SignatureSpi {
+
+    private static final int PKCS1PADDING_LEN = 11;
+
+    // fields set in constructor
+    private final UcryptoMech mech;
+    private final int encodedLen;
+
+    // field for ensuring native memory is freed
+    private SignatureContextRef pCtxt = null;
+
+    //
+    // fields (re)set in every init()
+    //
+    private boolean initialized = false;
+    private boolean sign = true;
+    private int sigLength;
+    private NativeKey key;
+    private NativeRSAKeyFactory keyFactory; // may need a more generic type later
+
+    // public implementation classes
+    public static final class MD5 extends NativeRSASignature {
+        public MD5() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_MD5_RSA_PKCS, 34);
+        }
+    }
+
+    public static final class SHA1 extends NativeRSASignature {
+        public SHA1() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_SHA1_RSA_PKCS, 35);
+        }
+    }
+
+    public static final class SHA256 extends NativeRSASignature {
+        public SHA256() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_SHA256_RSA_PKCS, 51);
+        }
+    }
+
+    public static final class SHA384 extends NativeRSASignature {
+        public SHA384() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_SHA384_RSA_PKCS, 67);
+        }
+    }
+
+    public static final class SHA512 extends NativeRSASignature {
+        public SHA512() throws NoSuchAlgorithmException {
+            super(UcryptoMech.CRYPTO_SHA512_RSA_PKCS, 83);
+        }
+    }
+
+    // internal class for native resource cleanup
+    private static class SignatureContextRef extends PhantomReference<NativeRSASignature>
+        implements Comparable<SignatureContextRef> {
+
+        private static ReferenceQueue<NativeRSASignature> refQueue =
+            new ReferenceQueue<NativeRSASignature>();
+
+        // Needed to keep these references from being GC'ed until when their
+        // referents are GC'ed so we can do post-mortem processing
+        private static Set<SignatureContextRef> refList =
+            new ConcurrentSkipListSet<SignatureContextRef>();
+        //           Collections.synchronizedSortedSet(new TreeSet<SignatureContextRef>());
+
+        private final long id;
+        private final boolean sign;
+
+        private static void drainRefQueueBounded() {
+            while (true) {
+                SignatureContextRef next = (SignatureContextRef) refQueue.poll();
+                if (next == null) break;
+                next.dispose(true);
+            }
+        }
+
+        SignatureContextRef(NativeRSASignature ns, long id, boolean sign) {
+            super(ns, refQueue);
+            this.id = id;
+            this.sign = sign;
+            refList.add(this);
+            UcryptoProvider.debug("Resource: track Signature Ctxt " + this.id);
+            drainRefQueueBounded();
+        }
+
+        public int compareTo(SignatureContextRef other) {
+            if (this.id == other.id) {
+                return 0;
+            } else {
+                return (this.id < other.id) ? -1 : 1;
+            }
+        }
+
+        void dispose(boolean doCancel) {
+            refList.remove(this);
+            try {
+                if (doCancel) {
+                    UcryptoProvider.debug("Resource: free Signature Ctxt " + this.id);
+                    NativeRSASignature.nativeFinal(id, sign, null, 0, 0);
+                } else {
+                    UcryptoProvider.debug("Resource: stop tracking Signature Ctxt " + this.id);
+                }
+            } finally {
+                this.clear();
+            }
+        }
+    }
+
+    NativeRSASignature(UcryptoMech mech, int encodedLen)
+        throws NoSuchAlgorithmException {
+        this.mech = mech;
+        this.encodedLen = encodedLen;
+        this.keyFactory = new NativeRSAKeyFactory();
+    }
+
+    // deprecated but abstract
+    @SuppressWarnings("deprecation")
+    protected Object engineGetParameter(String param) throws InvalidParameterException {
+        throw new UnsupportedOperationException("getParameter() not supported");
+    }
+
+    @Override
+    protected synchronized void engineInitSign(PrivateKey privateKey)
+            throws InvalidKeyException {
+        if (privateKey == null) {
+            throw new InvalidKeyException("Key must not be null");
+        }
+        NativeKey newKey = key;
+        int newSigLength = sigLength;
+        // Need to check RSA key length whenever a new private key is set
+        if (privateKey != key) {
+            if (privateKey instanceof RSAPrivateCrtKey) {
+                RSAPrivateCrtKey rsaPrivKey = (RSAPrivateCrtKey) privateKey;
+                BigInteger mod = rsaPrivKey.getModulus();
+                newSigLength = checkRSAKeyLength(mod);
+                try {
+                    newKey = (NativeKey) keyFactory.engineGeneratePrivate
+                        (new RSAPrivateCrtKeySpec(mod,
+                                                  rsaPrivKey.getPublicExponent(),
+                                                  rsaPrivKey.getPrivateExponent(),
+                                                  rsaPrivKey.getPrimeP(),
+                                                  rsaPrivKey.getPrimeQ(),
+                                                  rsaPrivKey.getPrimeExponentP(),
+                                                  rsaPrivKey.getPrimeExponentQ(),
+                                                  rsaPrivKey.getCrtCoefficient()));
+                } catch (InvalidKeySpecException ikse) {
+                    throw new InvalidKeyException(ikse);
+                }
+            } else {
+                throw new InvalidKeyException("RSAPrivateCrtKey required");
+            }
+        }
+        init(true, newKey, newSigLength);
+    }
+
+
+    @Override
+    protected synchronized void engineInitVerify(PublicKey publicKey)
+            throws InvalidKeyException {
+        if (publicKey == null) {
+            throw new InvalidKeyException("Key must not be null");
+        }
+        NativeKey newKey = key;
+        int newSigLength = sigLength;
+        // Need to check RSA key length whenever a new public key is set
+        if (publicKey != key) {
+            if (publicKey instanceof RSAPublicKey) {
+                BigInteger mod = ((RSAPublicKey) publicKey).getModulus();
+                newSigLength = checkRSAKeyLength(mod);
+                try {
+                    newKey = (NativeKey) keyFactory.engineGeneratePublic
+                        (new RSAPublicKeySpec(mod, ((RSAPublicKey) publicKey).getPublicExponent()));
+                } catch (InvalidKeySpecException ikse) {
+                    throw new InvalidKeyException(ikse);
+                }
+            } else {
+                throw new InvalidKeyException("RSAPublicKey required");
+            }
+        }
+        init(false, newKey, newSigLength);
+    }
+
+    // deprecated but abstract
+    @SuppressWarnings("deprecation")
+    protected void engineSetParameter(String param, Object value) throws InvalidParameterException {
+        throw new UnsupportedOperationException("setParameter() not supported");
+    }
+
+    @Override
+    protected synchronized byte[] engineSign() throws SignatureException {
+        byte[] sig = new byte[sigLength];
+        int rv = doFinal(sig, 0, sigLength);
+        if (rv < 0) {
+            throw new SignatureException(new UcryptoException(-rv));
+        }
+        return sig;
+    }
+
+    @Override
+    protected synchronized int engineSign(byte[] outbuf, int offset, int len)
+        throws SignatureException {
+        if (outbuf == null || (offset < 0) || (outbuf.length < (offset + sigLength))
+            || (len < sigLength)) {
+            throw new SignatureException("Invalid output buffer");
+        }
+        int rv = doFinal(outbuf, offset, sigLength);
+        if (rv < 0) {
+            throw new SignatureException(new UcryptoException(-rv));
+        }
+        return sigLength;
+    }
+
+    @Override
+    protected synchronized void engineUpdate(byte b) throws SignatureException {
+        byte[] in = { b };
+        int rv = update(in, 0, 1);
+        if (rv < 0) {
+            throw new SignatureException(new UcryptoException(-rv));
+        }
+    }
+
+    @Override
+    protected synchronized void engineUpdate(byte[] in, int inOfs, int inLen)
+            throws SignatureException {
+        if (in == null || inOfs < 0 || inLen == 0) return;
+
+        int rv = update(in, inOfs, inLen);
+        if (rv < 0) {
+            throw new SignatureException(new UcryptoException(-rv));
+        }
+    }
+
+    @Override
+    protected synchronized void engineUpdate(ByteBuffer in) {
+        if (in == null || in.remaining() == 0) return;
+
+        if (in instanceof DirectBuffer == false) {
+            // cannot do better than default impl
+            super.engineUpdate(in);
+            return;
+        }
+        long inAddr = ((DirectBuffer)in).address();
+        int inOfs = in.position();
+        int inLen = in.remaining();
+
+        int rv = update((inAddr + inOfs), inLen);
+        if (rv < 0) {
+            throw new UcryptoException(-rv);
+        }
+        in.position(inOfs + inLen);
+    }
+
+    @Override
+    protected synchronized boolean engineVerify(byte[] sigBytes) throws SignatureException {
+        return engineVerify(sigBytes, 0, sigBytes.length);
+    }
+
+    @Override
+    protected synchronized boolean engineVerify(byte[] sigBytes, int sigOfs, int sigLen)
+        throws SignatureException {
+        if (sigBytes == null || (sigOfs < 0) || (sigBytes.length < (sigOfs + this.sigLength))
+            || (sigLen < this.sigLength)) {
+            throw new SignatureException("Invalid signature buffer");
+        }
+
+        int rv = doFinal(sigBytes, sigOfs, sigLen);
+        if (rv == 0) {
+            return true;
+        } else {
+            UcryptoProvider.debug("Signature: " + mech + " verification error " +
+                             new UcryptoException(-rv).getMessage());
+            return false;
+        }
+    }
+
+    void reset(boolean doCancel) {
+        initialized = false;
+        if (pCtxt != null) {
+            pCtxt.dispose(doCancel);
+            pCtxt = null;
+        }
+    }
+
+    /**
+     * calls ucrypto_sign_init(...) or ucrypto_verify_init(...)
+     * @return pointer to the context
+     */
+    private native static long nativeInit(int mech, boolean sign,
+                                          long keyValue, int keyLength);
+
+    /**
+     * calls ucrypto_sign_update(...) or ucrypto_verify_update(...)
+     * @returns an error status code (0 means SUCCESS)
+     */
+    private native static int nativeUpdate(long pContext, boolean sign,
+                                           byte[] in, int inOfs, int inLen);
+    /**
+     * calls ucrypto_sign_update(...) or ucrypto_verify_update(...)
+     * @returns an error status code (0 means SUCCESS)
+     */
+    private native static int nativeUpdate(long pContext, boolean sign,
+                                           long pIn, int inLen);
+
+    /**
+     * calls ucrypto_sign_final(...) or ucrypto_verify_final(...)
+     * @returns the length of signature bytes or verification status.
+     * If negative, it indicates an error status code
+     */
+    private native static int nativeFinal(long pContext, boolean sign,
+                                          byte[] sig, int sigOfs, int sigLen);
+
+    // actual init() implementation - caller should clone key if needed
+    private void init(boolean sign, NativeKey key, int sigLength) {
+        reset(true);
+        this.sign = sign;
+        this.sigLength = sigLength;
+        this.key = key;
+        long pCtxtVal = nativeInit(mech.value(), sign, key.value(),
+                                   key.length());
+        initialized = (pCtxtVal != 0L);
+        if (initialized) {
+            pCtxt = new SignatureContextRef(this, pCtxtVal, sign);
+        } else {
+            throw new UcryptoException("Cannot initialize Signature");
+        }
+    }
+
+    private void ensureInitialized() {
+        if (!initialized) {
+            init(sign, key, sigLength);
+            if (!initialized) {
+                throw new UcryptoException("Cannot initialize Signature");
+            }
+        }
+    }
+
+    // returns 0 (success) or negative (ucrypto error occurred)
+    private int update(byte[] in, int inOfs, int inLen) {
+        if (inOfs < 0 || inOfs + inLen > in.length) {
+            throw new ArrayIndexOutOfBoundsException();
+        }
+        ensureInitialized();
+        int k = nativeUpdate(pCtxt.id, sign, in, inOfs, inLen);
+        if (k < 0) {
+            reset(false);
+        }
+        return k;
+    }
+
+    // returns 0 (success) or negative (ucrypto error occurred)
+    private int update(long pIn, int inLen) {
+        ensureInitialized();
+        int k = nativeUpdate(pCtxt.id, sign, pIn, inLen);
+        if (k < 0) {
+            reset(false);
+        }
+        return k;
+    }
+
+    // returns 0 (success) or negative (ucrypto error occurred)
+    private int doFinal(byte[] sigBytes, int sigOfs, int sigLen) {
+        try {
+            ensureInitialized();
+            int k = nativeFinal(pCtxt.id, sign, sigBytes, sigOfs, sigLen);
+            return k;
+        } finally {
+            reset(false);
+        }
+    }
+
+    // check and return RSA key size in number of bytes
+    private int checkRSAKeyLength(BigInteger mod) throws InvalidKeyException {
+        int keySize = (mod.bitLength() + 7) >> 3;
+        int maxDataSize = keySize - PKCS1PADDING_LEN;
+        if (maxDataSize < encodedLen) {
+            throw new InvalidKeyException
+                ("Key is too short for this signature algorithm");
+        }
+        return keySize;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/UcryptoException.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,179 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.util.*;
+import java.security.ProviderException;
+
+/**
+ * The exception class used by SunUcrypto provider. An exception
+ * object of this class indicates that a function call to the underlying
+ * native calls returned a value not equal to CRYPTO_SUCCESS.
+ *
+ * @since 1.9
+ */
+public final class UcryptoException extends ProviderException {
+
+    private static final long serialVersionUID = -933864511110035746L;
+
+    // NOTE: check /usr/include/sys/crypto/common.h for updates
+    private static final String ERROR_MSG[] = {
+        "CRYPTO_SUCCESS",
+        "CRYPTO_CANCEL",
+        "CRYPTO_HOST_MEMORY",
+        "CRYPTO_GENERAL_ERROR",
+        "CRYPTO_FAILED",
+        "CRYPTO_ARGUMENTS_BAD",
+        "CRYPTO_ATTRIBUTE_READ_ONLY",
+        "CRYPTO_ATTRIBUTE_SENSITIVE",
+        "CRYPTO_ATTRIBUTE_TYPE_INVALID",
+        "CRYPTO_ATTRIBUTE_VALUE_INVALID",
+        "CRYPTO_CANCELED",
+        "CRYPTO_DATA_INVALID",
+        "CRYPTO_DATA_LEN_RANGE",
+        "CRYPTO_DEVICE_ERROR",
+        "CRYPTO_DEVICE_MEMORY",
+        "CRYPTO_DEVICE_REMOVED",
+        "CRYPTO_ENCRYPTED_DATA_INVALID",
+        "CRYPTO_ENCRYPTED_DATA_LEN_RANGE",
+        "CRYPTO_KEY_HANDLE_INVALID",
+        "CRYPTO_KEY_SIZE_RANGE",
+        "CRYPTO_KEY_TYPE_INCONSISTENT",
+        "CRYPTO_KEY_NOT_NEEDED",
+        "CRYPTO_KEY_CHANGED",
+        "CRYPTO_KEY_NEEDED",
+        "CRYPTO_KEY_INDIGESTIBLE",
+        "CRYPTO_KEY_FUNCTION_NOT_PERMITTED",
+        "CRYPTO_KEY_NOT_WRAPPABLE",
+        "CRYPTO_KEY_UNEXTRACTABLE",
+        "CRYPTO_MECHANISM_INVALID",
+        "CRYPTO_MECHANISM_PARAM_INVALID",
+        "CRYPTO_OBJECT_HANDLE_INVALID",
+        "CRYPTO_OPERATION_IS_ACTIVE",
+        "CRYPTO_OPERATION_NOT_INITIALIZED",
+        "CRYPTO_PIN_INCORRECT",
+        "CRYPTO_PIN_INVALID",
+        "CRYPTO_PIN_LEN_RANGE",
+        "CRYPTO_PIN_EXPIRED",
+        "CRYPTO_PIN_LOCKED",
+        "CRYPTO_SESSION_CLOSED",
+        "CRYPTO_SESSION_COUNT",
+        "CRYPTO_SESSION_HANDLE_INVALID",
+        "CRYPTO_SESSION_READ_ONLY",
+        "CRYPTO_SESSION_EXISTS",
+        "CRYPTO_SESSION_READ_ONLY_EXISTS",
+        "CRYPTO_SESSION_READ_WRITE_SO_EXISTS",
+        "CRYPTO_SIGNATURE_INVALID",
+        "CRYPTO_SIGNATURE_LEN_RANGE",
+        "CRYPTO_TEMPLATE_INCOMPLETE",
+        "CRYPTO_TEMPLATE_INCONSISTENT",
+        "CRYPTO_UNWRAPPING_KEY_HANDLE_INVALID",
+        "CRYPTO_UNWRAPPING_KEY_SIZE_RANGE",
+        "CRYPTO_UNWRAPPING_KEY_TYPE_INCONSISTENT",
+        "CRYPTO_USER_ALREADY_LOGGED_IN",
+        "CRYPTO_USER_NOT_LOGGED_IN",
+        "CRYPTO_USER_PIN_NOT_INITIALIZED",
+        "CRYPTO_USER_TYPE_INVALID",
+        "CRYPTO_USER_ANOTHER_ALREADY_LOGGED_IN",
+        "CRYPTO_USER_TOO_MANY_TYPES",
+        "CRYPTO_WRAPPED_KEY_INVALID",
+        "CRYPTO_WRAPPED_KEY_LEN_RANGE",
+        "CRYPTO_WRAPPING_KEY_HANDLE_INVALID",
+        "CRYPTO_WRAPPING_KEY_SIZE_RANGE",
+        "CRYPTO_WRAPPING_KEY_TYPE_INCONSISTENT",
+        "CRYPTO_RANDOM_SEED_NOT_SUPPORTED",
+        "CRYPTO_RANDOM_NO_RNG",
+        "CRYPTO_DOMAIN_PARAMS_INVALID",
+        "CRYPTO_BUFFER_TOO_SMALL",
+        "CRYPTO_INFORMATION_SENSITIVE",
+        "CRYPTO_NOT_SUPPORTED",
+        "CRYPTO_QUEUED",
+        "CRYPTO_BUFFER_TOO_BIG",
+        "CRYPTO_INVALID_CONTEXT",
+        "CRYPTO_INVALID_MAC",
+        "CRYPTO_MECH_NOT_SUPPORTED",
+        "CRYPTO_INCONSISTENT_ATTRIBUTE",
+        "CRYPTO_NO_PERMISSION",
+        "CRYPTO_INVALID_PROVIDER_ID",
+        "CRYPTO_VERSION_MISMATCH",
+        "CRYPTO_BUSY",
+        "CRYPTO_UNKNOWN_PROVIDER",
+        "CRYPTO_MODVERIFICATION_FAILED",
+        "CRYPTO_OLD_CTX_TEMPLATE",
+        "CRYPTO_WEAK_KEY",
+        "CRYPTO_FIPS140_ERROR"
+    };
+
+    /**
+     * The error code if this exception is triggered by a Ucrypto error.
+     */
+    private final int errorCode;
+
+    /**
+     * This method gets the corresponding text error message from a
+     * predefined mapping. If mapping is not found, then it returns the error
+     * code as a hex-string.
+     *
+     * @return The message or the error code; e.g. "CRYPTO_DATA_INVALID" or
+     *         "0x88".
+     */
+    static String getErrorMessage(int errorCode) {
+        String message;
+        if (errorCode < ERROR_MSG.length) {
+            message = ERROR_MSG[errorCode];
+        } else {
+            message = "0x" + Integer.toHexString(errorCode);
+        }
+        return message;
+    }
+
+    /**
+     * Constructor taking the error code as defined for the CRYPTO_* constants
+     */
+    public UcryptoException(int rv) {
+        super(getErrorMessage(rv));
+        this.errorCode = rv;
+    }
+
+    public UcryptoException(String message) {
+        super(message);
+        errorCode = -1;
+    }
+
+    public UcryptoException(String message, Throwable cause) {
+        super(message, cause);
+        errorCode = -1;
+    }
+
+    /**
+     * Returns the Ucrypto error code.
+     *
+     * @return The error code.
+     */
+    public int getErrorCode() {
+        return errorCode;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/UcryptoMech.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,119 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.util.HashMap;
+
+/**
+ * Enum for representing the ucrypto mechanisms.
+ *
+ * @since 1.9
+ */
+// Check /usr/include/libsoftcrypto.h for updates
+public enum UcryptoMech {
+    CRYPTO_AES_ECB(1, new String[]
+        { "Cipher.AES/ECB/NoPadding;com.oracle.security.ucrypto.NativeCipher$AesEcbNoPadding",
+          "Cipher.AES/ECB/PKCS5Padding;com.oracle.security.ucrypto.NativeCipherWithJavaPadding$AesEcbPKCS5",
+          "Cipher.AES_128/ECB/NoPadding;com.oracle.security.ucrypto.NativeCipher$Aes128EcbNoPadding",
+          "Alg.Alias.Cipher.2.16.840.1.101.3.4.1.1;AES_128/ECB/NoPadding",
+          "Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.1;AES_128/ECB/NoPadding",
+          "Cipher.AES_192/ECB/NoPadding;com.oracle.security.ucrypto.NativeCipher$Aes192EcbNoPadding",
+          "Alg.Alias.Cipher.2.16.840.1.101.3.4.1.21;AES_192/ECB/NoPadding",
+          "Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.21;AES_192/ECB/NoPadding",
+          "Cipher.AES_256/ECB/NoPadding;com.oracle.security.ucrypto.NativeCipher$Aes256EcbNoPadding",
+          "Alg.Alias.Cipher.2.16.840.1.101.3.4.1.41;AES_256/ECB/NoPadding",
+          "Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.41;AES_256/ECB/NoPadding"
+        }),
+    CRYPTO_AES_CBC(2, new String[]
+        { "Cipher.AES/CBC/NoPadding;com.oracle.security.ucrypto.NativeCipher$AesCbcNoPadding",
+          "Cipher.AES/CBC/PKCS5Padding;com.oracle.security.ucrypto.NativeCipherWithJavaPadding$AesCbcPKCS5",
+          "Cipher.AES_128/CBC/NoPadding;com.oracle.security.ucrypto.NativeCipher$Aes128CbcNoPadding",
+          "Alg.Alias.Cipher.2.16.840.1.101.3.4.1.2;AES_128/CBC/NoPadding",
+          "Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.2;AES_128/CBC/NoPadding",
+          "Cipher.AES_192/CBC/NoPadding;com.oracle.security.ucrypto.NativeCipher$Aes192CbcNoPadding",
+          "Alg.Alias.Cipher.2.16.840.1.101.3.4.1.22;AES_192/CBC/NoPadding",
+          "Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.22;AES_192/CBC/NoPadding",
+          "Cipher.AES_256/CBC/NoPadding;com.oracle.security.ucrypto.NativeCipher$Aes256CbcNoPadding",
+          "Alg.Alias.Cipher.2.16.840.1.101.3.4.1.42;AES_256/CBC/NoPadding",
+          "Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.42;AES_256/CBC/NoPadding"
+        }),
+    CRYPTO_AES_CBC_PAD(3, null), // No support from Solaris yet
+    CRYPTO_AES_CTR(4, new String[]
+        { "Cipher.AES/CTR/NoPadding;com.oracle.security.ucrypto.NativeCipher$AesCtrNoPadding" }),
+    CRYPTO_AES_CCM(5, null), // Cannot support due to lack of Java API which corresponds to CK_AES_CCM_PARAMS
+    CRYPTO_AES_GCM(6, new String[]
+        { "Cipher.AES/GCM/NoPadding;com.oracle.security.ucrypto.NativeGCMCipher$AesGcmNoPadding",
+          "Cipher.AES_128/GCM/NoPadding;com.oracle.security.ucrypto.NativeGCMCipher$Aes128GcmNoPadding",
+          "Alg.Alias.Cipher.2.16.840.1.101.3.4.1.6;AES_128/GCM/NoPadding",
+          "Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.6;AES_128/GCM/NoPadding",
+          "Cipher.AES_192/GCM/NoPadding;com.oracle.security.ucrypto.NativeGCMCipher$Aes192GcmNoPadding",
+          "Alg.Alias.Cipher.2.16.840.1.101.3.4.1.26;AES_192/GCM/NoPadding",
+          "Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.26;AES_192/GCM/NoPadding",
+          "Cipher.AES_256/GCM/NoPadding;com.oracle.security.ucrypto.NativeGCMCipher$Aes256GcmNoPadding",
+          "Alg.Alias.Cipher.2.16.840.1.101.3.4.1.46;AES_256/GCM/NoPadding",
+          "Alg.Alias.Cipher.OID.2.16.840.1.101.3.4.1.46;AES_256/GCM/NoPadding",
+        }),
+    CRYPTO_AES_GMAC(7, null), // No support from Solaris yet
+    CRYPTO_AES_CFB128(8, new String[]
+        { "Cipher.AES/CFB128/NoPadding;com.oracle.security.ucrypto.NativeCipher$AesCfb128NoPadding",
+          "Cipher.AES/CFB128/PKCS5Padding;com.oracle.security.ucrypto.NativeCipherWithJavaPadding$AesCfb128PKCS5" }),
+    CRYPTO_RSA_PKCS(31, new String[]
+        { "Cipher.RSA/ECB/PKCS1Padding;com.oracle.security.ucrypto.NativeRSACipher$PKCS1Padding" }),
+    CRYPTO_RSA_X_509(32, new String[]
+        { "Cipher.RSA/ECB/NoPadding;com.oracle.security.ucrypto.NativeRSACipher$NoPadding" }),
+    CRYPTO_MD5_RSA_PKCS(33, new String[]
+        { "Signature.MD5withRSA;com.oracle.security.ucrypto.NativeRSASignature$MD5",
+          "Alg.Alias.Signature.1.2.840.113549.1.1.4;MD5withRSA",
+          "Alg.Alias.Signature.OID.1.2.840.113549.1.1.4;MD5withRSA" }),
+    CRYPTO_SHA1_RSA_PKCS(34, new String[]
+        { "Signature.SHA1withRSA;com.oracle.security.ucrypto.NativeRSASignature$SHA1",
+          "Alg.Alias.Signature.1.2.840.113549.1.1.5;SHA1withRSA",
+          "Alg.Alias.Signature.OID.1.2.840.113549.1.1.5;SHA1withRSA",
+          "Alg.Alias.Signature.1.3.14.3.2.29;SHA1withRSA" }),
+    CRYPTO_SHA256_RSA_PKCS(35, new String[]
+        { "Signature.SHA256withRSA;com.oracle.security.ucrypto.NativeRSASignature$SHA256",
+          "Alg.Alias.Signature.1.2.840.113549.1.1.11;SHA256withRSA",
+          "Alg.Alias.Signature.OID.1.2.840.113549.1.1.11;SHA256withRSA" }),
+    CRYPTO_SHA384_RSA_PKCS(36, new String[]
+        { "Signature.SHA384withRSA;com.oracle.security.ucrypto.NativeRSASignature$SHA384",
+          "Alg.Alias.Signature.1.2.840.113549.1.1.12;SHA384withRSA",
+          "Alg.Alias.Signature.OID.1.2.840.113549.1.1.12;SHA384withRSA" }),
+    CRYPTO_SHA512_RSA_PKCS(37, new String[]
+        { "Signature.SHA512withRSA;com.oracle.security.ucrypto.NativeRSASignature$SHA512",
+          "Alg.Alias.Signature.1.2.840.113549.1.1.13;SHA512withRSA",
+          "Alg.Alias.Signature.OID.1.2.840.113549.1.1.13;SHA512withRSA" });
+
+    private int mech;
+    private String[] jceProps;
+
+    UcryptoMech(int mech, String[] jceProps) {
+        this.mech = mech;
+        this.jceProps = jceProps;
+    }
+
+    public int value() { return mech; }
+    public String[] jceProperties() { return jceProps; }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/classes/com/oracle/security/ucrypto/UcryptoProvider.java	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,179 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package com.oracle.security.ucrypto;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.StringTokenizer;
+import java.security.*;
+import sun.security.action.PutAllAction;
+import sun.security.action.GetPropertyAction;
+
+/**
+ * OracleUcrypto provider main class.
+ *
+ * @since 1.9
+ */
+public final class UcryptoProvider extends Provider {
+
+    private static final long serialVersionUID = 351251234302833L;
+
+    private static boolean DEBUG;
+    private static HashMap<String, String> provProp;
+
+    static {
+        try {
+            DEBUG = Boolean.parseBoolean(AccessController.doPrivileged
+                (new GetPropertyAction("com.oracle.security.ucrypto.debug")));
+
+            // cannot use LoadLibraryAction because that would make the native
+            // library available to the bootclassloader, but we run in the
+            // extension classloader.
+            provProp = AccessController.doPrivileged
+                (new PrivilegedAction<HashMap<String, String>>() {
+                    public HashMap<String, String> run() {
+                        try {
+                            System.loadLibrary("j2ucrypto");
+                            String osname = System.getProperty("os.name");
+                            if (osname.startsWith("SunOS")) {
+                                return new HashMap<String, String>();
+                            } else return null;
+                        } catch (Error err) {
+                            return null;
+                        } catch (SecurityException se) {
+                            return null;
+                        }
+                    }
+                });
+            if (provProp != null) {
+                boolean[] result = loadLibraries();
+                if (result.length == 2) {
+                    if (result[0]) { // successfully loaded libmd
+                        provProp.put("MessageDigest.MD5",
+                                     "com.oracle.security.ucrypto.NativeDigest$MD5");
+                        provProp.put("MessageDigest.SHA",
+                                     "com.oracle.security.ucrypto.NativeDigest$SHA1");
+                        provProp.put("Alg.Alias.MessageDigest.SHA-1", "SHA");
+                        provProp.put("Alg.Alias.MessageDigest.SHA1", "SHA");
+                        provProp.put("MessageDigest.SHA-256",
+                                     "com.oracle.security.ucrypto.NativeDigest$SHA256");
+                        provProp.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.1", "SHA-256");
+                        provProp.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.1", "SHA-256");
+
+                        provProp.put("MessageDigest.SHA-384",
+                                     "com.oracle.security.ucrypto.NativeDigest$SHA384");
+                        provProp.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.2", "SHA-384");
+                        provProp.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.2", "SHA-384");
+
+                        provProp.put("MessageDigest.SHA-512",
+                                     "com.oracle.security.ucrypto.NativeDigest$SHA512");
+                        provProp.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.3", "SHA-512");
+                        provProp.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.3", "SHA-512");
+
+                    }
+                    if (result[1]) { // successfully loaded libsoftcrypto
+                        String supportedMechs = getMechList();
+                        debug("Prov: supported mechs = " + supportedMechs);
+                        for (UcryptoMech m : UcryptoMech.values()) {
+                            if (supportedMechs.indexOf(m.name() + ",") != -1) {
+                                String[] jceProps = m.jceProperties();
+                                // skip unsupported UcryptoMech
+                                if (jceProps == null) continue;
+                                for (int p = 0; p < jceProps.length; p++) {
+                                    StringTokenizer st =
+                                        new StringTokenizer(jceProps[p], ";");
+                                    if (st.countTokens() != 2) {
+                                        throw new RuntimeException("Wrong format: " + jceProps[p]);
+                                    }
+                                    provProp.put(st.nextToken(), st.nextToken());
+                                }
+                            }
+                        }
+                        // NOTE: GCM support is only available since jdk 7
+                        provProp.put("AlgorithmParameters.GCM",
+                                     "com.oracle.security.ucrypto.GCMParameters");
+                    }
+                } else {
+                    debug("Prov: unexpected ucrypto library loading error, got " + result.length);
+                }
+            }
+        } catch (AccessControlException ace) {
+            // disable Ucrypto provider
+            DEBUG = false;
+            provProp = null;
+        }
+    }
+
+    static Provider provider = null;
+    private static native boolean[] loadLibraries();
+    private static native String getMechList();
+
+    static void debug(String msg) {
+        if (DEBUG) {
+            System.out.println("UCrypto/" + msg);
+        }
+    }
+
+    public UcryptoProvider() {
+        super("OracleUcrypto", 1.9d, "Provider using Oracle Ucrypto API");
+        if (provProp != null) {
+            AccessController.doPrivileged(new PutAllAction(this, provProp));
+        }
+        if (provider == null) provider = this;
+    }
+
+    public UcryptoProvider(String configName) {
+        super("OracleUcrypto", 1.9d, "Provider using Oracle Ucrypto API");
+        try {
+            if (provProp != null) {
+                HashMap<String, String> customProvProp =
+                    new HashMap<String, String>(provProp);
+                Config c = new Config(configName);
+                String[] disabledServices = c.getDisabledServices();
+                for (int i = 0; i < disabledServices.length; i++) {
+                    if (customProvProp.remove(disabledServices[i]) != null) {
+                        debug("Prov: remove config-disabled service " + disabledServices[i]);
+                    } else {
+                        debug("Prov: ignore unsupported config-disabled service " +
+                              disabledServices[i]);
+                    }
+                }
+                AccessController.doPrivileged(new PutAllAction(this, customProvProp));
+            }
+        } catch (IOException ioe) { // thrown by Config
+            throw new UcryptoException("Error parsing Config", ioe);
+        }
+        if (provider == null) provider = this;
+    }
+
+    public boolean equals(Object obj) {
+        return this == obj;
+    }
+
+    public int hashCode() {
+        return System.identityHashCode(this);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/conf/security/ucrypto-solaris.cfg	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,9 @@
+#
+# Configuration file for the OracleUcrypto provider
+#
+disabledServices = {
+  # disabled due to Solaris bug 7121679
+  Cipher.AES/CFB128/PKCS5Padding
+  Cipher.AES/CFB128/NoPadding
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/libsoftcrypto.h	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,183 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#ifndef _LIBSOFTCRYPTO_H
+#define _LIBSOFTCRYPTO_H
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <unistd.h>
+#include <strings.h>
+
+typedef enum ucrypto_mech {
+    CRYPTO_AES_ECB = 1,
+    CRYPTO_AES_CBC,
+    CRYPTO_AES_CBC_PAD,
+    CRYPTO_AES_CTR,
+    CRYPTO_AES_CCM,
+    CRYPTO_AES_GCM,
+    CRYPTO_AES_GMAC,
+    CRYPTO_AES_CFB128,
+    CRYPTO_RSA_PKCS = 31,
+    CRYPTO_RSA_X_509,
+    CRYPTO_MD5_RSA_PKCS,
+    CRYPTO_SHA1_RSA_PKCS,
+    CRYPTO_SHA256_RSA_PKCS,
+    CRYPTO_SHA384_RSA_PKCS,
+    CRYPTO_SHA512_RSA_PKCS
+} ucrypto_mech_t;
+
+typedef struct crypto_ctx {
+    void *cc_provider;
+    uint_t    cc_session;
+    void            *cc_provider_private;    /* owned by provider */
+    void            *cc_framework_private;    /* owned by framework */
+    uint32_t        cc_flags;        /* flags */
+    void            *cc_opstate;        /* state */
+} crypto_ctx_t;
+
+extern int ucrypto_encrypt_init(crypto_ctx_t *context,
+    ucrypto_mech_t mech_type, uchar_t *key_str, size_t key_len,
+    void *iv, size_t iv_len);
+
+extern int ucrypto_encrypt_update(crypto_ctx_t *context, uchar_t *in,
+    size_t in_len, uchar_t *out, size_t *out_len);
+
+extern int ucrypto_encrypt_final(crypto_ctx_t *context, uchar_t *out,
+    size_t *out_len);
+
+/* Encrypt atomic */
+extern int ucrypto_encrypt(ucrypto_mech_t mech_type, uchar_t *key_str,
+    size_t key_len, void *iv, size_t iv_len, uchar_t *in,
+    size_t in_len, uchar_t *out, size_t *out_len);
+
+/* Decrypt multi-part */
+extern int ucrypto_decrypt_init(crypto_ctx_t *context,
+    ucrypto_mech_t mech_type, uchar_t *key_str, size_t key_len,
+    void *iv, size_t iv_len);
+
+extern int ucrypto_decrypt_update(crypto_ctx_t *context, uchar_t *in,
+    size_t in_len, uchar_t *out, size_t *out_len);
+
+extern int ucrypto_decrypt_final(crypto_ctx_t *context, uchar_t *out,
+    size_t *out_len);
+
+/* Decrypt atomic */
+extern int ucrypto_decrypt(ucrypto_mech_t mech_type, uchar_t *key_str,
+    size_t key_len, void *iv, size_t iv_len, uchar_t *in,
+    size_t in_len, uchar_t *out, size_t *out_len);
+
+/* Sign multi-part */
+extern int ucrypto_sign_init(crypto_ctx_t *context, ucrypto_mech_t mech_type,
+    uchar_t *key_str, size_t key_len, void *iv, size_t iv_len);
+
+extern int ucrypto_sign_update(crypto_ctx_t *context,
+    uchar_t *data_str, size_t data_len);
+
+extern int ucrypto_sign_final(crypto_ctx_t *context,
+    uchar_t *sig_str, size_t *sig_len);
+
+/* Sign atomic */
+extern int ucrypto_sign(ucrypto_mech_t mech_type,
+    uchar_t *key_str, size_t key_len, void *iv, size_t iv_len,
+    uchar_t *data_str, size_t data_len, uchar_t *sig_str, size_t *sig_len);
+
+/* Verify multi-part */
+extern int ucrypto_verify_init(crypto_ctx_t *context, ucrypto_mech_t mech_type,
+    uchar_t *key_str, size_t key_len, void *iv, size_t iv_len);
+
+extern int ucrypto_verify_update(crypto_ctx_t *context,
+    uchar_t *data_str, size_t data_len);
+
+extern int ucrypto_verify_final(crypto_ctx_t *context,
+    uchar_t *sig_str, size_t *sig_len);
+
+/* Verify atomic */
+extern int ucrypto_verify(ucrypto_mech_t mech_type,
+    uchar_t *key_str, size_t key_len, void *iv, size_t iv_len,
+    uchar_t *data_str, size_t data_len, uchar_t *sig, size_t *sig_len);
+
+extern int ucrypto_get_mechlist(char *str);
+
+extern const char *ucrypto_id2mech(ucrypto_mech_t mech_type);
+
+extern ucrypto_mech_t ucrypto_mech2id(const char *str);
+
+extern int ucrypto_version();
+
+typedef struct CK_AES_CTR_PARAMS {
+    ulong_t    ulCounterBits;
+    uint8_t cb[16];
+} CK_AES_CTR_PARAMS;
+
+typedef struct CK_AES_GCM_PARAMS {
+    uchar_t *pIv;
+    ulong_t ulIvLen;
+    ulong_t ulIvBits;
+    uchar_t *pAAD;
+    ulong_t ulAADLen;
+    ulong_t ulTagBits;
+} CK_AES_GCM_PARAMS;
+
+typedef struct crypto_object_attribute {
+    uint64_t    oa_type;    /* attribute type */
+    caddr_t            oa_value;    /* attribute value */
+    ssize_t            oa_value_len;    /* length of attribute value */
+} crypto_object_attribute_t;
+
+/* Attribute types to use for passing a RSA public key or a private key. */
+#define    SUN_CKA_MODULUS            0x00000120
+#define    SUN_CKA_MODULUS_BITS        0x00000121
+#define    SUN_CKA_PUBLIC_EXPONENT        0x00000122
+#define    SUN_CKA_PRIVATE_EXPONENT    0x00000123
+#define    SUN_CKA_PRIME_1            0x00000124
+#define    SUN_CKA_PRIME_2            0x00000125
+#define    SUN_CKA_EXPONENT_1        0x00000126
+#define    SUN_CKA_EXPONENT_2        0x00000127
+#define    SUN_CKA_COEFFICIENT        0x00000128
+#define    SUN_CKA_PRIME            0x00000130
+#define    SUN_CKA_SUBPRIME        0x00000131
+#define    SUN_CKA_BASE            0x00000132
+
+#define    CKK_EC            0x00000003
+#define    CKK_GENERIC_SECRET    0x00000010
+#define    CKK_RC4            0x00000012
+#define    CKK_AES            0x0000001F
+#define    CKK_DES            0x00000013
+#define    CKK_DES2        0x00000014
+#define    CKK_DES3        0x00000015
+
+#define    CKO_PUBLIC_KEY        0x00000002
+#define    CKO_PRIVATE_KEY        0x00000003
+#define    CKA_CLASS        0x00000000
+#define    CKA_VALUE        0x00000011
+#define    CKA_KEY_TYPE        0x00000100
+#define    CKA_VALUE_LEN        0x00000161
+#define    CKA_EC_PARAMS        0x00000180
+#define    CKA_EC_POINT        0x00000181
+
+#endif /* _LIBSOFTCRYPTO_H */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCrypto.c	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,1250 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <strings.h>
+#include <jni.h>
+#include <libsoftcrypto.h>
+#include "nativeCrypto.h"
+#include "nativeFunc.h"
+
+/*
+ * Dumps out byte array in hex with and name and length info
+ */
+void printBytes(char* header, unsigned char* bytes, int len) {
+  int i;
+
+  printf("%s", header);
+  printf("len=%d {", len);
+  for (i = 0; i < len; i++) {
+    if (i > 0) printf(":");
+    printf("%02X", bytes[i]);
+  }
+  printf("}\n");
+}
+
+/*
+ * Throws java.lang.OutOfMemoryError
+ */
+void throwOutOfMemoryError(JNIEnv *env, const char *msg)
+{
+  jclass jExClass = (*env)->FindClass(env, "java/lang/OutOfMemoryError");
+  if (jExClass != 0) /* Otherwise an exception has already been thrown */ {
+    (*env)->ThrowNew(env, jExClass, msg);
+  }
+  /* free the local ref */
+  (*env)->DeleteLocalRef(env, jExClass);
+}
+
+JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM *vm, void *reserved) {
+    return JNI_VERSION_1_4;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_UcryptoProvider
+ * Method:    loadLibraries
+ * Signature: ()[Z
+ */
+JNIEXPORT jbooleanArray JNICALL Java_com_oracle_security_ucrypto_UcryptoProvider_loadLibraries
+(JNIEnv *env, jclass jcls) {
+  jbooleanArray jResult;
+  jboolean *result;
+  jResult = (*env)->NewBooleanArray(env, 2);
+
+  if (jResult != NULL) {
+    result = loadNative();
+    (*env)->SetBooleanArrayRegion(env, jResult, 0, 2, result);
+    free(result);
+  }
+  return jResult;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_UcryptoProvider
+ * Method:    getMechList
+ * Signature: ()Ljava/lang/String;
+ */
+JNIEXPORT jstring JNICALL Java_com_oracle_security_ucrypto_UcryptoProvider_getMechList
+(JNIEnv *env, jclass jcls) {
+  jstring jResult;
+  char* result;
+  int length;
+
+  jResult = NULL;
+  if (ftab->ucryptoVersion != NULL && ftab->ucryptoGetMechList != NULL) {
+      length = (*ftab->ucryptoGetMechList)(NULL);
+      if (DEBUG) printf("mech list length: %d\n", length);
+      result = malloc(length);
+      if (result == NULL) {
+        throwOutOfMemoryError(env, NULL);
+        return NULL;
+      }
+      length = (*ftab->ucryptoGetMechList)(result);
+      if (DEBUG) printf("mech list: %s\n", result);
+      jResult = (*env)->NewStringUTF(env, result);
+      free(result);
+  } else {
+      // version 0 on Solaris 10
+      result = "CRYPTO_AES_ECB,CRYPTO_AES_CBC,CRYPTO_AES_CFB128,";
+      jResult = (*env)->NewStringUTF(env, result);
+  }
+  return jResult;
+}
+
+/*
+ * Utility function for throwing a UcryptoException when rv is not CRYPTO_OK(0)
+ */
+void throwUCExceptionUsingRV(JNIEnv *env, int rv) {
+  jclass jExClass;
+  jmethodID jConstructor;
+  jthrowable jException;
+
+  if ((*env)->ExceptionCheck(env)) return;
+
+  jExClass = (*env)->FindClass(env, "com/oracle/security/ucrypto/UcryptoException");
+  /* if jExClass is NULL, an exception has already been thrown */
+  if (jExClass != NULL) {
+    jConstructor = (*env)->GetMethodID(env, jExClass, "<init>", "(I)V");
+    if (jConstructor != NULL) {
+      jException = (jthrowable) (*env)->NewObject(env, jExClass, jConstructor, rv);
+      if (jException != NULL) {
+        (*env)->Throw(env, jException);
+      }
+    }
+  }
+  /* free the local ref */
+  (*env)->DeleteLocalRef(env, jExClass);
+}
+
+/*
+ * Utility function for duplicating a byte array from jbyteArray
+ * If anything went wrong, no memory will be allocated.
+ * NOTE: caller is responsible for freeing the allocated memory
+ * once this method returned successfully.
+ */
+jbyte* getBytes(JNIEnv *env, jbyteArray bytes, int offset, int len) {
+  jbyte* result = NULL;
+
+  if (!(*env)->ExceptionCheck(env)) {
+    result = (jbyte*) calloc(len, sizeof(char));
+    if (result == NULL) {
+      throwOutOfMemoryError(env, NULL);
+      return NULL;
+    }
+    (*env)->GetByteArrayRegion(env, bytes, offset, len, result);
+    if ((*env)->ExceptionCheck(env)) {
+        // free allocated memory if error occurred
+        free(result);
+        return NULL;
+    }
+  }
+  return result;
+}
+
+
+int
+CipherInit(crypto_ctx_t *context, int encrypt, ucrypto_mech_t mech,
+           unsigned char *jKey, int jKeyLen, unsigned char *jIv, int jIvLen,
+           int tagLen, unsigned char *jAad, int jAadLen)
+
+{
+  int rv = 0;
+  void *iv;
+  size_t ivLen;
+
+  if (DEBUG) printf("CipherInit: mech %i, key %i(%i), iv %i(%i) tagLen %i, aad %i(%i)\n",
+                    mech, jKey, jKeyLen, jIv, jIvLen, tagLen, jAad, jAadLen);
+  if (mech == CRYPTO_AES_CTR) {
+    ivLen = sizeof(CK_AES_CTR_PARAMS);
+    iv = (CK_AES_CTR_PARAMS*) malloc(ivLen);
+    if (iv == NULL) return -1;
+
+    ((CK_AES_CTR_PARAMS*)iv)->ulCounterBits = 32;
+    memcpy(((CK_AES_CTR_PARAMS*)iv)->cb, jIv, 16);
+  } else if (mech == CRYPTO_AES_GCM) {
+    ivLen = sizeof(CK_AES_GCM_PARAMS);
+    iv = (CK_AES_GCM_PARAMS*) malloc(ivLen);
+    if (iv == NULL) return -1;
+
+    ((CK_AES_GCM_PARAMS*)iv)->pIv = (uchar_t *)jIv;
+    ((CK_AES_GCM_PARAMS*)iv)->ulIvLen = (ulong_t)jIvLen;
+    ((CK_AES_GCM_PARAMS*)iv)->ulIvBits = 96;
+    ((CK_AES_GCM_PARAMS*)iv)->pAAD = (uchar_t *)jAad;
+    ((CK_AES_GCM_PARAMS*)iv)->ulAADLen = (ulong_t)jAadLen;
+    ((CK_AES_GCM_PARAMS*)iv)->ulTagBits = (ulong_t)tagLen;
+  } else {
+    // normal bytes
+    iv = jIv;
+    ivLen = jIvLen;
+  }
+  if (encrypt) {
+    rv = (*ftab->ucryptoEncryptInit)(context, mech, jKey, (size_t)jKeyLen, iv, ivLen);
+    if (rv != 0 && DEBUG) printf("ucryptoEncryptInit: ret = 0x%x\n", rv);
+  } else {
+    rv =(*ftab->ucryptoDecryptInit)(context, mech, jKey, (size_t)jKeyLen, iv, ivLen);
+    if (rv != 0 && DEBUG) printf("ucryptoDecryptInit: ret = 0x%x\n", rv);
+  }
+
+  if (iv != jIv) {
+    if (mech == CRYPTO_AES_CTR) {
+      free((CK_AES_CTR_PARAMS*)iv);
+    } else {
+      free((CK_AES_GCM_PARAMS*)iv);
+    }
+  }
+
+  return rv;
+}
+
+int
+CipherUpdate(crypto_ctx_t *context, int encrypt, unsigned char *bufIn, int inOfs,
+             int inLen, unsigned char *bufOut, int outOfs, int *outLen)
+{
+  int rv = 0;
+  size_t outLength;
+
+  outLength = (size_t) *outLen;
+  if (DEBUG) {
+    printf("CipherUpdate: Inofs %i, InLen %i, OutOfs %i, OutLen %i\n", inOfs, inLen, outOfs, *outLen);
+    printBytes("BufIn=", (unsigned char*)(bufIn+inOfs), inLen);
+  }
+  if (encrypt) {
+    rv = (*ftab->ucryptoEncryptUpdate)(context, (unsigned char*)(bufIn+inOfs), (size_t)inLen, (unsigned char*)(bufOut+outOfs), &outLength);
+    if (rv != 0) {
+      if (DEBUG) printf("ucryptoEncryptUpdate: ret = 0x%x\n", rv);
+    } else {
+      *outLen = (int)outLength;
+    }
+  } else {
+    rv = (*ftab->ucryptoDecryptUpdate)(context, (unsigned char*)(bufIn+inOfs), (size_t)inLen, (unsigned char*)(bufOut+outOfs), &outLength);
+    if (rv != 0) {
+      if (DEBUG) printf("ucryptoDecryptUpdate: ret = 0x%x\n", rv);
+    } else {
+      if (DEBUG) printBytes("BufOut=", (unsigned char*)(bufOut+outOfs), outLength);
+      *outLen = (int)outLength;
+    }
+  }
+
+  return rv;
+}
+
+int
+CipherFinal(crypto_ctx_t *context, int encrypt, unsigned char *bufOut, int outOfs, int *outLen)
+{
+  int rv = 0;
+  size_t outLength;
+
+  outLength = (size_t)*outLen;
+
+  if (DEBUG) printf("CipherFinal: OutOfs %i, outLen %i\n", outOfs, *outLen);
+  if (encrypt) {
+    rv = (*ftab->ucryptoEncryptFinal)(context, (unsigned char*)(bufOut+outOfs), &outLength);
+    if (rv != 0) {
+      if (DEBUG) printf("ucryptoDecryptFinal: ret = 0x%x\n", rv);
+    } else {
+      if (DEBUG) printBytes("BufOut=", (unsigned char*)(bufOut+outOfs), outLength);
+      *outLen = (int)outLength;
+    }
+  } else {
+    rv = (*ftab->ucryptoDecryptFinal)(context, (unsigned char*)(bufOut+outOfs), &outLength);
+    if (rv != 0) {
+      if (DEBUG) printf("ucryptoDecryptFinal: ret = 0x%x\n", rv);
+    } else {
+      if (DEBUG) printBytes("BufOut=", (unsigned char*)(bufOut+outOfs), outLength);
+      *outLen = (int)outLength;
+    }
+  }
+  return rv;
+}
+
+////////////////////////////////////////////////////////
+// SPECIAL ENTRIES FOR JVM JNI-BYPASSING OPTIMIZATION
+////////////////////////////////////////////////////////
+jlong JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeInit(jint mech) {
+  void *pContext = NULL;
+
+  switch (mech) {
+  case com_oracle_security_ucrypto_NativeDigest_MECH_SHA1:
+    pContext = (SHA1_CTX *) malloc(sizeof(SHA1_CTX));
+    if (pContext != NULL) {
+      (*ftab->sha1Init)((SHA1_CTX *)pContext);
+    }
+    break;
+  case com_oracle_security_ucrypto_NativeDigest_MECH_MD5:
+    pContext = (MD5_CTX *) malloc(sizeof(MD5_CTX));
+    if (pContext != NULL) {
+      (*ftab->md5Init)((MD5_CTX *)pContext);
+    }
+    break;
+  case com_oracle_security_ucrypto_NativeDigest_MECH_SHA256:
+    pContext = (SHA2_CTX *) malloc(sizeof(SHA2_CTX));
+    if (pContext != NULL) {
+      (*ftab->sha2Init)(SHA256, (SHA2_CTX *)pContext);
+    }
+    break;
+  case com_oracle_security_ucrypto_NativeDigest_MECH_SHA384:
+    pContext = (SHA2_CTX *) malloc(sizeof(SHA2_CTX));
+    if (pContext != NULL) {
+      (*ftab->sha2Init)(SHA384, (SHA2_CTX *)pContext);
+    }
+    break;
+  case com_oracle_security_ucrypto_NativeDigest_MECH_SHA512:
+    pContext = (SHA2_CTX *) malloc(sizeof(SHA2_CTX));
+    if (pContext != NULL) {
+      (*ftab->sha2Init)(SHA512, (SHA2_CTX *)pContext);
+    }
+    break;
+  default:
+    if (DEBUG) printf("ERROR: Unsupported mech %i\n", mech);
+  }
+  return (jlong) pContext;
+}
+
+jint JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeUpdate
+  (jint mech, jlong pContext, int notUsed, unsigned char* in, jint ofs, jint len) {
+  if (mech == com_oracle_security_ucrypto_NativeDigest_MECH_SHA1) {
+    (*ftab->sha1Update)((SHA1_CTX*)pContext, (unsigned char*)(in+ofs), len);
+  } else if (mech == com_oracle_security_ucrypto_NativeDigest_MECH_MD5) {
+    (*ftab->md5Update)((MD5_CTX*)pContext, (unsigned char*)(in+ofs), len);
+  } else { // SHA-2 family
+    (*ftab->sha2Update)((SHA2_CTX*)pContext, (unsigned char*)(in+ofs), len);
+  }
+  return 0;
+}
+
+// Do digest and free the context immediately
+jint JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeDigest
+  (jint mech, jlong pContext, int notUsed, unsigned char* out, jint ofs, jint digestLen) {
+
+  if (mech == com_oracle_security_ucrypto_NativeDigest_MECH_SHA1) {
+    (*ftab->sha1Final)((unsigned char*)(out + ofs), (SHA1_CTX *)pContext);
+    free((SHA1_CTX *)pContext);
+  } else if (mech == com_oracle_security_ucrypto_NativeDigest_MECH_MD5) {
+    (*ftab->md5Final)((unsigned char*)(out + ofs), (MD5_CTX *)pContext);
+    free((MD5_CTX *)pContext);
+  } else { // SHA-2 family
+    (*ftab->sha2Final)((unsigned char*)(out + ofs), (SHA2_CTX *)pContext);
+    free((SHA2_CTX *)pContext);
+  }
+  return 0;
+}
+
+jlong JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeClone
+  (jint mech, jlong pContext) {
+  void *copy = NULL;
+  size_t len = 0;
+
+  if (mech == com_oracle_security_ucrypto_NativeDigest_MECH_SHA1) {
+    len = sizeof(SHA1_CTX);
+  } else if (mech == com_oracle_security_ucrypto_NativeDigest_MECH_MD5) {
+    len = sizeof(MD5_CTX);
+  } else { // SHA-2 family
+    len = sizeof(SHA2_CTX);
+  }
+  copy = (void*) malloc(len);
+  if (copy != NULL) {
+    bcopy((void *)pContext, copy, len);
+  }
+  return (jlong) copy;
+}
+
+void JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeFree
+  (jint mech, jlong pContext) {
+  if (mech == com_oracle_security_ucrypto_NativeDigest_MECH_SHA1) {
+    free((SHA1_CTX*) pContext);
+  } else if (mech == com_oracle_security_ucrypto_NativeDigest_MECH_MD5) {
+    free((MD5_CTX*) pContext);
+  } else { // SHA-2 family
+    free((SHA2_CTX*) pContext);
+  }
+}
+
+// AES
+jlong JavaCritical_com_oracle_security_ucrypto_NativeCipher_nativeInit
+  (jint mech, jboolean encrypt, int keyLen, unsigned char* bufKey,
+   int ivLen, unsigned char* bufIv, jint tagLen, int aadLen, unsigned char* bufAad) {
+  crypto_ctx_t *context = NULL;
+  int rv;
+
+  context = malloc(sizeof(crypto_ctx_t));
+  if (context != NULL) {
+    rv = CipherInit(context, encrypt, (ucrypto_mech_t) mech, bufKey, keyLen,
+                    bufIv, ivLen, tagLen, bufAad, aadLen);
+    if (rv) {
+      free(context);
+      return 0L;
+    }
+  }
+  return (jlong)context;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeCipher
+ * Method:    nativeUpdate
+ * Signature: (JZ[BII[BI)I
+ */
+jint JavaCritical_com_oracle_security_ucrypto_NativeCipher_nativeUpdate
+  (jlong pContext, jboolean encrypt, int notUsed, jbyte* bufIn, jint inOfs, jint inLen,
+   int outCapacity, jbyte* bufOut, jint outOfs) {
+  crypto_ctx_t *context;
+  int rv = 0;
+  int outLen = outCapacity - outOfs; // recalculate the real out length
+
+  context = (crypto_ctx_t *) pContext;
+  rv = CipherUpdate(context, encrypt, (unsigned char*)bufIn, inOfs, inLen, (unsigned char*)bufOut, outOfs, &outLen);
+  if (rv) {
+    free(context);
+    context = 0;
+    return -rv; // use negative value to indicate error!
+  }
+
+  return outLen;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeCipher
+ * Method:    nativeFinal
+ * Signature: (JZ[BI)I
+ */
+jint JavaCritical_com_oracle_security_ucrypto_NativeCipher_nativeFinal
+  (jlong pContext, jboolean encrypt, int outLen, jbyte* bufOut, jint outOfs) {
+  crypto_ctx_t *context;
+  int rv = 0;
+
+  context = (crypto_ctx_t *) pContext;
+  rv = CipherFinal(context, encrypt, (unsigned char*)bufOut, outOfs, &outLen);
+  free(context);
+  if (rv) {
+     return -rv; // use negative value to indicate error!
+  }
+
+  return outLen;
+}
+
+
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeDigest
+ * Method:    nativeInit
+ * Signature: (I)J
+ */
+JNIEXPORT jlong JNICALL Java_com_oracle_security_ucrypto_NativeDigest_nativeInit
+  (JNIEnv *env, jclass jcls, jint mech) {
+  jlong result = JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeInit(mech);
+  if (result == NULL) {
+     throwOutOfMemoryError(env, NULL);
+  }
+  return result;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeDigest
+ * Method:    nativeUpdate
+ * Signature: (IJ[BII)I
+ */
+JNIEXPORT jint JNICALL Java_com_oracle_security_ucrypto_NativeDigest_nativeUpdate
+  (JNIEnv *env, jclass jcls, jint mech, jlong pContext, jbyteArray jIn, jint jOfs, jint jLen) {
+  unsigned char *bufIn;
+
+  bufIn = (unsigned char *) getBytes(env, jIn, jOfs, jLen);
+  if (!(*env)->ExceptionCheck(env)) {
+    JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeUpdate(mech, pContext, jLen, bufIn, 0, jLen);
+    free(bufIn);
+  }
+  return 0;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeDigest
+ * Method:    nativeDigest
+ * Signature: (IJ[BII)I
+ */
+JNIEXPORT jint JNICALL Java_com_oracle_security_ucrypto_NativeDigest_nativeDigest
+  (JNIEnv *env, jclass jcls, jint mech, jlong pContext, jbyteArray jOut, jint jOutOfs, jint digestLen) {
+  unsigned char *bufOut;
+
+  bufOut = (unsigned char *) malloc(digestLen);
+  if (bufOut == NULL) {
+    throwOutOfMemoryError(env, NULL);
+    return 0;
+  }
+
+  JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeDigest(mech, pContext, digestLen, bufOut, 0, digestLen);
+
+  (*env)->SetByteArrayRegion(env, jOut, jOutOfs, digestLen, (jbyte *) bufOut);
+  free(bufOut);
+  return 0;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeDigest
+ * Method:    nativeClone
+ * Signature: (IJ)J
+ */
+JNIEXPORT jlong JNICALL Java_com_oracle_security_ucrypto_NativeDigest_nativeClone
+  (JNIEnv *env, jclass jcls, jint mech, jlong pContext) {
+  return JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeClone(mech, pContext);
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeDigest
+ * Method:    nativeFree
+ * Signature: (IJ)V
+ */
+JNIEXPORT void JNICALL Java_com_oracle_security_ucrypto_NativeDigest_nativeFree
+  (JNIEnv *env, jclass jcls, jint mech, jlong pContext) {
+  JavaCritical_com_oracle_security_ucrypto_NativeDigest_nativeFree(mech, pContext);
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeCipher
+ * Method:    nativeInit
+ * Signature: (IZ[B[BI[B)J
+ */
+JNIEXPORT jlong JNICALL Java_com_oracle_security_ucrypto_NativeCipher_nativeInit
+(JNIEnv *env, jclass jcls, jint mech, jboolean encrypt, jbyteArray jKey,
+ jbyteArray jIv, jint tagLen, jbyteArray jAad) {
+
+  crypto_ctx_t *context;
+  unsigned char *bufKey;
+  unsigned char *bufIv;
+  unsigned char *bufAad;
+  int keyLen, ivLen, aadLen, rv = 0;
+  jlong result = 0L;
+
+  bufKey = bufIv = bufAad = NULL;
+  keyLen = ivLen = aadLen = 0;
+  context = malloc(sizeof(crypto_ctx_t));
+  if (context == NULL) {
+    throwOutOfMemoryError(env, NULL);
+    return 0L;
+  }
+
+  // jKey MUST NOT BE NULL;
+  keyLen = (*env)->GetArrayLength(env, jKey);
+  bufKey = (unsigned char *) (*env)->GetByteArrayElements(env, jKey, NULL);
+  if (bufKey == NULL) {
+    goto cleanup;
+  }
+
+  if (jIv != NULL) {
+    ivLen = (*env)->GetArrayLength(env, jIv);
+    bufIv = (unsigned char *) (*env)->GetByteArrayElements(env, jIv, NULL);
+    if (bufIv == NULL) {
+      goto cleanup;
+    }
+  }
+
+  if (jAad != NULL) {
+    aadLen = (*env)->GetArrayLength(env, jAad);
+    bufAad = (unsigned char *) (*env)->GetByteArrayElements(env, jAad, NULL);
+    if (bufAad == NULL) {
+      goto cleanup;
+    }
+  }
+
+  rv = CipherInit(context, encrypt, mech, bufKey, keyLen, bufIv, ivLen, tagLen, bufAad, aadLen);
+  if (rv != 0) {
+    throwUCExceptionUsingRV(env, rv);
+  } else {
+     result = (jlong) context;
+  }
+
+cleanup:
+  if ((result == 0L) && (context != NULL)) {
+    free(context);
+  }
+  if (bufKey != NULL) {
+    (*env)->ReleaseByteArrayElements(env, jKey, (jbyte *)bufKey, 0);
+  }
+  if (bufIv != NULL) {
+    (*env)->ReleaseByteArrayElements(env, jIv, (jbyte *)bufIv, 0);
+  }
+  if (bufAad != NULL) {
+    (*env)->ReleaseByteArrayElements(env, jAad, (jbyte *)bufAad, 0);
+  }
+
+  return result;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeCipher
+ * Method:    nativeUpdate
+ * Signature: (JZ[BII[BI)I
+ */
+JNIEXPORT jint JNICALL Java_com_oracle_security_ucrypto_NativeCipher_nativeUpdate
+  (JNIEnv *env, jclass jcls, jlong contextID, jboolean encrypt,
+    jbyteArray jIn, jint inOfs, jint inLen, jbyteArray jOut, jint outOfs) {
+  crypto_ctx_t *context;
+  unsigned char *bufIn;
+  unsigned char *bufOut;
+  int outLen, rv = 0;
+
+  context = (crypto_ctx_t *) contextID;
+  bufIn = (unsigned char *) getBytes(env, jIn, inOfs, inLen);
+  if ((*env)->ExceptionCheck(env)) {
+    return 0;
+  }
+
+  outLen = (*env)->GetArrayLength(env, jOut) - outOfs;
+  bufOut = calloc(outLen, sizeof(char));
+  if (bufOut == NULL) {
+    free(bufIn);
+    throwOutOfMemoryError(env, NULL);
+    return 0;
+  }
+
+  rv = CipherUpdate(context, encrypt, bufIn, 0, inLen, bufOut, 0, &outLen);
+  if (rv) {
+    free(context);
+    free(bufIn);
+    free(bufOut);
+    return -rv;
+  } else {
+    (*env)->SetByteArrayRegion(env, jOut, outOfs, outLen, (jbyte *)bufOut);
+    free(bufIn);
+    free(bufOut);
+    return outLen;
+  }
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeCipher
+ * Method:    nativeFinal
+ * Signature: (JZ[BI)I
+ */
+JNIEXPORT jint JNICALL Java_com_oracle_security_ucrypto_NativeCipher_nativeFinal
+  (JNIEnv *env, jclass jCls, jlong contextID, jboolean encrypt,
+   jbyteArray out, jint outOfs) {
+  crypto_ctx_t *context;
+  unsigned char *bufIn;
+  unsigned char *bufOut;
+  int outLen, rv = 0;
+
+  context = (crypto_ctx_t *) contextID;
+
+  // out is null when nativeFinal() is called solely for resource clean up
+  if (out == NULL) {
+    bufOut = NULL;
+    outLen = 0;
+  } else {
+    outLen = (*env)->GetArrayLength(env, out) - outOfs;
+    bufOut = calloc(outLen, sizeof(char));
+    if (bufOut == NULL) {
+      throwOutOfMemoryError(env, NULL);
+      return 0;
+    }
+  }
+  rv = CipherFinal(context, encrypt, bufOut, 0, &outLen);
+  if (rv) {
+    free(context);
+    free(bufOut);
+    return -rv;
+  } else {
+    if (bufOut != NULL) {
+      (*env)->SetByteArrayRegion(env, out, outOfs, outLen, (jbyte *)bufOut);
+      free(bufOut);
+    }
+    free(context);
+    return outLen;
+  }
+}
+
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeKey
+ * Method:    nativeFree
+ * Signature: (JI)V
+ */
+void JavaCritical_com_oracle_security_ucrypto_NativeKey_nativeFree
+  (jlong id, jint numOfComponents) {
+  crypto_object_attribute_t* pKey;
+  int i;
+
+  pKey = (crypto_object_attribute_t*) id;
+  for (i = 0; i < numOfComponents; i++) {
+    free(pKey[i].oa_value);
+  }
+  free(pKey);
+}
+
+JNIEXPORT void JNICALL Java_com_oracle_security_ucrypto_NativeKey_nativeFree
+  (JNIEnv *env, jclass jCls, jlong id, jint numOfComponents) {
+  JavaCritical_com_oracle_security_ucrypto_NativeKey_nativeFree(id, numOfComponents);
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeKey_RSAPrivateCrt
+ * Method:    nativeInit
+ * Signature: ([B[B[B[B[B[B[B[B)J
+ */
+jlong JavaCritical_com_oracle_security_ucrypto_NativeKey_00024RSAPrivateCrt_nativeInit
+(int modLen, jbyte* jMod, int pubLen, jbyte* jPub, int privLen, jbyte* jPriv,
+ int pLen, jbyte* jP, int qLen, jbyte* jQ, int expPLen, jbyte* jExpP,
+ int expQLen, jbyte* jExpQ, int crtCoeffLen, jbyte* jCrtCoeff) {
+
+  unsigned char *mod, *pub, *priv, *p, *q, *expP, *expQ, *crtCoeff;
+  crypto_object_attribute_t* pKey = NULL;
+
+  pKey = calloc(8, sizeof(crypto_object_attribute_t));
+  if (pKey == NULL) {
+    return 0L;
+  }
+  mod = pub = priv = p = q = expP = expQ = crtCoeff = NULL;
+  mod = malloc(modLen);
+  pub = malloc(pubLen);
+  priv = malloc(privLen);
+  p = malloc(pLen);
+  q = malloc(qLen);
+  expP = malloc(expPLen);
+  expQ = malloc(expQLen);
+  crtCoeff = malloc(crtCoeffLen);
+  if (mod == NULL || pub == NULL || priv == NULL || p == NULL ||
+      q == NULL || expP == NULL || expQ == NULL || crtCoeff == NULL) {
+    free(pKey);
+    free(mod);
+    free(pub);
+    free(priv);
+    free(p);
+    free(q);
+    free(expP);
+    free(expQ);
+    free(crtCoeff);
+    return 0L;
+  } else {
+    memcpy(mod, jMod, modLen);
+    memcpy(pub, jPub, pubLen);
+    memcpy(priv, jPriv, privLen);
+    memcpy(p, jP, pLen);
+    memcpy(q, jQ, qLen);
+    memcpy(expP, jExpP, expPLen);
+    memcpy(expQ, jExpQ, expQLen);
+    memcpy(crtCoeff, jCrtCoeff, crtCoeffLen);
+  }
+
+  // NOTE: numOfComponents should be 8
+  pKey[0].oa_type = SUN_CKA_MODULUS;
+  pKey[0].oa_value = (char*) mod;
+  pKey[0].oa_value_len = (size_t) modLen;
+  pKey[1].oa_type = SUN_CKA_PUBLIC_EXPONENT;
+  pKey[1].oa_value = (char*) pub;
+  pKey[1].oa_value_len = (size_t) pubLen;
+  pKey[2].oa_type = SUN_CKA_PRIVATE_EXPONENT;
+  pKey[2].oa_value = (char*) priv;
+  pKey[2].oa_value_len = (size_t) privLen;
+  pKey[3].oa_type = SUN_CKA_PRIME_1;
+  pKey[3].oa_value = (char*) p;
+  pKey[3].oa_value_len = (size_t) pLen;
+  pKey[4].oa_type = SUN_CKA_PRIME_2;
+  pKey[4].oa_value = (char*) q;
+  pKey[4].oa_value_len = (size_t) qLen;
+  pKey[5].oa_type = SUN_CKA_EXPONENT_1;
+  pKey[5].oa_value = (char*) expP;
+  pKey[5].oa_value_len = (size_t) expPLen;
+  pKey[6].oa_type = SUN_CKA_EXPONENT_2;
+  pKey[6].oa_value = (char*) expQ;
+  pKey[6].oa_value_len = (size_t) expQLen;
+  pKey[7].oa_type = SUN_CKA_COEFFICIENT;
+  pKey[7].oa_value = (char*) crtCoeff;
+  pKey[7].oa_value_len = (size_t) crtCoeffLen;
+
+  return (jlong) pKey;
+}
+
+
+JNIEXPORT jlong JNICALL
+Java_com_oracle_security_ucrypto_NativeKey_00024RSAPrivateCrt_nativeInit
+  (JNIEnv *env, jclass jCls, jbyteArray jMod, jbyteArray jPub, jbyteArray jPriv,
+   jbyteArray jP, jbyteArray jQ, jbyteArray jExpP, jbyteArray jExpQ,
+   jbyteArray jCrtCoeff) {
+
+  int modLen, pubLen, privLen, pLen, qLen, expPLen, expQLen, crtCoeffLen;
+  jbyte *bufMod, *bufPub, *bufPriv, *bufP, *bufQ, *bufExpP, *bufExpQ, *bufCrtCoeff;
+  crypto_object_attribute_t* pKey = NULL;
+
+  bufMod = bufPub = bufPriv = bufP = bufQ = bufExpP = bufExpQ = bufCrtCoeff = NULL;
+
+  modLen = (*env)->GetArrayLength(env, jMod);
+  bufMod = getBytes(env, jMod, 0, modLen);
+  if ((*env)->ExceptionCheck(env)) goto cleanup;
+
+  pubLen = (*env)->GetArrayLength(env, jPub);
+  bufPub = getBytes(env, jPub, 0, pubLen);
+  if ((*env)->ExceptionCheck(env)) goto cleanup;
+
+  privLen = (*env)->GetArrayLength(env, jPriv);
+  bufPriv = getBytes(env, jPriv, 0, privLen);
+  if ((*env)->ExceptionCheck(env)) goto cleanup;
+
+  pLen = (*env)->GetArrayLength(env, jP);
+  bufP = getBytes(env, jP, 0, pLen);
+  if ((*env)->ExceptionCheck(env)) goto cleanup;
+
+  qLen = (*env)->GetArrayLength(env, jQ);
+  bufQ = getBytes(env, jQ, 0, qLen);
+  if ((*env)->ExceptionCheck(env)) goto cleanup;
+
+  expPLen = (*env)->GetArrayLength(env, jExpP);
+  bufExpP = getBytes(env, jExpP, 0, expPLen);
+  if ((*env)->ExceptionCheck(env)) goto cleanup;
+
+  expQLen = (*env)->GetArrayLength(env, jExpQ);
+  bufExpQ = getBytes(env, jExpQ, 0, expQLen);
+  if ((*env)->ExceptionCheck(env)) goto cleanup;
+
+  crtCoeffLen = (*env)->GetArrayLength(env, jCrtCoeff);
+  bufCrtCoeff = getBytes(env, jCrtCoeff, 0, crtCoeffLen);
+  if ((*env)->ExceptionCheck(env)) goto cleanup;
+
+  // proceed if no error; otherwise free allocated memory
+  pKey = calloc(8, sizeof(crypto_object_attribute_t));
+  if (pKey == NULL) {
+    throwOutOfMemoryError(env, NULL);
+    goto cleanup;
+  }
+
+  // NOTE: numOfComponents should be 8
+  pKey[0].oa_type = SUN_CKA_MODULUS;
+  pKey[0].oa_value = (char*) bufMod;
+  pKey[0].oa_value_len = (size_t) modLen;
+  pKey[1].oa_type = SUN_CKA_PUBLIC_EXPONENT;
+  pKey[1].oa_value = (char*) bufPub;
+  pKey[1].oa_value_len = (size_t) pubLen;
+  pKey[2].oa_type = SUN_CKA_PRIVATE_EXPONENT;
+  pKey[2].oa_value = (char*) bufPriv;
+  pKey[2].oa_value_len = (size_t) privLen;
+  pKey[3].oa_type = SUN_CKA_PRIME_1;
+  pKey[3].oa_value = (char*) bufP;
+  pKey[3].oa_value_len = (size_t) pLen;
+  pKey[4].oa_type = SUN_CKA_PRIME_2;
+  pKey[4].oa_value = (char*) bufQ;
+  pKey[4].oa_value_len = (size_t) qLen;
+  pKey[5].oa_type = SUN_CKA_EXPONENT_1;
+  pKey[5].oa_value = (char*) bufExpP;
+  pKey[5].oa_value_len = (size_t) expPLen;
+  pKey[6].oa_type = SUN_CKA_EXPONENT_2;
+  pKey[6].oa_value = (char*) bufExpQ;
+  pKey[6].oa_value_len = (size_t) expQLen;
+  pKey[7].oa_type = SUN_CKA_COEFFICIENT;
+  pKey[7].oa_value = (char*) bufCrtCoeff;
+  pKey[7].oa_value_len = (size_t) crtCoeffLen;
+  return (jlong) pKey;
+
+cleanup:
+  free(bufMod);
+  free(bufPub);
+  free(bufPriv);
+  free(bufP);
+  free(bufQ);
+  free(bufExpP);
+  free(bufExpQ);
+  free(bufCrtCoeff);
+
+  return 0L;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeKey_RSAPublic
+ * Method:    nativeInit
+ * Signature: ([B[B)J
+ */
+
+jlong JavaCritical_com_oracle_security_ucrypto_NativeKey_00024RSAPublic_nativeInit
+(int modLen, jbyte* jMod, int pubLen, jbyte* jPub) {
+  unsigned char *mod, *pub;
+  crypto_object_attribute_t* pKey = NULL;
+
+  pKey = calloc(2, sizeof(crypto_object_attribute_t));
+  if (pKey == NULL) {
+    return 0L;
+  }
+  mod = pub = NULL;
+  mod = malloc(modLen);
+  pub = malloc(pubLen);
+  if (mod == NULL || pub == NULL) {
+    free(pKey);
+    free(mod);
+    free(pub);
+    return 0L;
+  } else {
+    memcpy(mod, jMod, modLen);
+    memcpy(pub, jPub, pubLen);
+  }
+
+  if (DEBUG) {
+    printf("RSAPublicKey Init: keyValue=%ld, keyLen=2\n", pKey);
+    printBytes("RSA PublicKey mod: ", (unsigned char*) mod, modLen);
+    printBytes("RSA PublicKey pubExp: ", (unsigned char*) pub, pubLen);
+  }
+
+  pKey[0].oa_type = SUN_CKA_MODULUS;
+  pKey[0].oa_value = (char*) mod;
+  pKey[0].oa_value_len = (size_t) modLen;
+  pKey[1].oa_type = SUN_CKA_PUBLIC_EXPONENT;
+  pKey[1].oa_value = (char*) pub;
+  pKey[1].oa_value_len = (size_t) pubLen;
+
+  return (jlong) pKey;
+}
+
+JNIEXPORT jlong JNICALL
+Java_com_oracle_security_ucrypto_NativeKey_00024RSAPublic_nativeInit
+(JNIEnv *env, jclass jCls, jbyteArray jMod, jbyteArray jPub) {
+  int modLen, pubLen;
+  jbyte *bufMod, *bufPub;
+  crypto_object_attribute_t* pKey = NULL;
+
+  bufMod = bufPub = NULL;
+
+  modLen = (*env)->GetArrayLength(env, jMod);
+  bufMod = getBytes(env, jMod, 0, modLen);
+  if ((*env)->ExceptionCheck(env)) {
+    return 0L;
+  }
+
+  pubLen = (*env)->GetArrayLength(env, jPub);
+  bufPub = getBytes(env, jPub, 0, pubLen);
+  if ((*env)->ExceptionCheck(env)) {
+    free(bufMod);
+    return 0L;
+  }
+
+  // proceed if no error; otherwise free allocated memory
+  pKey = calloc(2, sizeof(crypto_object_attribute_t));
+  if (pKey != NULL) {
+    // NOTE: numOfComponents should be 2
+    pKey[0].oa_type = SUN_CKA_MODULUS;
+    pKey[0].oa_value = (char*) bufMod;
+    pKey[0].oa_value_len = (size_t) modLen;
+    pKey[1].oa_type = SUN_CKA_PUBLIC_EXPONENT;
+    pKey[1].oa_value = (char*) bufPub;
+    pKey[1].oa_value_len = (size_t) pubLen;
+    return (jlong) pKey;
+  } else {
+    free(bufMod);
+    free(bufPub);
+    throwOutOfMemoryError(env, NULL);
+    return 0L;
+  }
+}
+
+////////////////////////
+// NativeRSASignature
+////////////////////////
+
+int
+SignatureInit(crypto_ctx_t *context, jint mechVal, jboolean sign,
+              uchar_t *pKey, size_t keyLength) {
+  ucrypto_mech_t mech;
+  int rv = 0;
+
+  mech = (ucrypto_mech_t) mechVal;
+
+  if (sign) {
+    rv = (*ftab->ucryptoSignInit)(context, mech, pKey, keyLength,
+                                  NULL, 0);
+  } else {
+    rv = (*ftab->ucryptoVerifyInit)(context, mech, pKey, keyLength,
+                                    NULL, 0);
+  }
+  if (DEBUG) {
+    printf("SignatureInit: context=%ld, mech=%d, sign=%d, keyValue=%ld, keyLength=%d\n",
+           context, mech, sign, pKey, keyLength);
+    printf("SignatureInit, ret =>  0x%x\n", rv);
+  }
+  return rv;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeRSASignature
+ * Method:    nativeInit
+ * Signature: (IZJI[B)J
+ */
+jlong JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeInit
+(jint mech, jboolean sign, jlong jKey, jint keyLength) {
+  crypto_ctx_t *context;
+  int rv;
+  uchar_t *pKey;
+
+  context = malloc(sizeof(crypto_ctx_t));
+  if (context != NULL) {
+    pKey = (uchar_t *) jKey;
+    rv = SignatureInit(context, mech, sign, pKey, (size_t)keyLength);
+    if (rv) {
+      free(context);
+      return 0L;
+    }
+  }
+  return (jlong)context;
+}
+
+JNIEXPORT jlong JNICALL Java_com_oracle_security_ucrypto_NativeRSASignature_nativeInit
+(JNIEnv *env, jclass jCls, jint mech, jboolean sign, jlong jKey, jint keyLength) {
+  crypto_ctx_t *context;
+  int rv = 0;
+  uchar_t *pKey;
+
+  context = malloc(sizeof(crypto_ctx_t));
+  if (context == NULL) {
+    throwOutOfMemoryError(env, NULL);
+    return 0L;
+  }
+
+  pKey = (uchar_t *) jKey;
+  rv = SignatureInit(context, mech, sign, pKey, (size_t)keyLength);
+  if (rv) {
+    free(context);
+    throwUCExceptionUsingRV(env, rv);
+    return 0L;
+  }
+
+  return (jlong)context;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeRSASignature
+ * Method:    nativeUpdate
+ * Signature: (JZ[BII)I
+ */
+jint JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZ_3BII
+(jlong pCtxt, jboolean sign, int notUsed, jbyte* jIn, jint jInOfs, jint jInLen) {
+  crypto_ctx_t *context;
+  int rv = 0;
+
+  context = (crypto_ctx_t *) pCtxt;
+  if (DEBUG) {
+    printf("Signature update: context=%ld, sign=%d, jIn=%ld, jInOfs=%d, jInLen=%d\n",
+           context, sign, jIn, jInOfs, jInLen);
+  }
+  if (sign) {
+    rv = (*ftab->ucryptoSignUpdate)(context, (uchar_t *) (jIn + jInOfs), (size_t) jInLen);
+  } else {
+    rv = (*ftab->ucryptoVerifyUpdate)(context, (uchar_t *) (jIn + jInOfs), (size_t) jInLen);
+  }
+  if (DEBUG) printf("Signature update, ret =>  0x%x\n", rv);
+  if (rv) {
+    free(context);
+    return -rv; // use negative value to indicate error!
+  }
+
+  return 0;
+}
+
+JNIEXPORT jint JNICALL Java_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZ_3BII
+(JNIEnv *env, jclass jCls, jlong pCtxt, jboolean sign, jbyteArray jIn, jint inOfs, jint inLen) {
+  int rv = 0;
+  jbyte* bufIn;
+
+  bufIn = getBytes(env, jIn, inOfs, inLen);
+  if ((*env)->ExceptionCheck(env)) {
+    return -1; // use negative value to indicate error!
+  }
+
+  if (DEBUG) printBytes("Update w/ data: ", (unsigned char*)bufIn, (size_t) inLen);
+
+  rv = JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZ_3BII
+    (pCtxt, sign, inLen, bufIn, 0, inLen);
+
+  free(bufIn);
+  return rv;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeRSASignature
+ * Method:    nativeUpdate
+ * Signature: (JZJI)I
+ */
+jint JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZJI
+(jlong pCtxt, jboolean sign, jlong inAddr, jint inLen) {
+
+  return JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZ_3BII
+    (pCtxt, sign, inLen, (jbyte*)inAddr, 0, inLen);
+}
+
+JNIEXPORT jint JNICALL Java_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZJI
+(JNIEnv *env, jclass jCls, jlong pCtxt, jboolean sign, jlong inAddr, jint inLen) {
+
+  return JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeUpdate__JZ_3BII
+    (pCtxt, sign, inLen, (jbyte*)inAddr, 0, inLen);
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeRSASignature
+ * Method:    nativeFinal
+ * Signature: (JZ[BII)I
+ */
+jint JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeFinal
+(jlong pCtxt, jboolean sign, int notUsed, jbyte* bufSig, jint sigOfs, jint jSigLen) {
+
+  crypto_ctx_t *context;
+  int rv = 0;
+  size_t sigLength = (size_t) jSigLen;
+
+  context = (crypto_ctx_t *) pCtxt;
+  if (DEBUG) {
+      printf("Signature final: context=%ld, sign=%d, bufSig=%ld, sigOfs=%d, sigLen=%d\n",
+             context, sign, bufSig, sigOfs, jSigLen);
+      printBytes("Before Final: SigBytes ", (unsigned char*) (bufSig + sigOfs), jSigLen);
+  }
+  if (sign) {
+    rv = (*ftab->ucryptoSignFinal)(context, (uchar_t *) (bufSig + sigOfs), &sigLength);
+  } else {
+    rv = (*ftab->ucryptoVerifyFinal)(context, (uchar_t *) (bufSig + sigOfs), &sigLength);
+  }
+
+  if (DEBUG) {
+    printf("Signature nativeFinal, ret =>  0x%x\n", rv);
+    if (sigLength != jSigLen) {
+      printf("SIG actual output len=%d\n", sigLength);
+    }
+    if (sign) {
+      printBytes("After nativeFinal: ", (unsigned char*) (bufSig + sigOfs), jSigLen);
+    }
+  }
+
+  free(context);
+  if (rv) {
+    return -rv;
+  } else return 0;
+}
+
+JNIEXPORT jint JNICALL Java_com_oracle_security_ucrypto_NativeRSASignature_nativeFinal
+(JNIEnv *env, jclass jCls, jlong pCtxt, jboolean sign, jbyteArray jSig, jint jSigOfs, jint jSigLen) {
+  int rv = 0;
+  jbyte* bufSig = NULL;
+
+  if (jSigLen != 0) {
+    bufSig = calloc(jSigLen, sizeof(char));
+    if (bufSig == NULL) {
+      throwOutOfMemoryError(env, NULL);
+      return 0;
+    }
+    if (!sign) {
+      // need to copy over the to-be-verified signature bytes
+      (*env)->GetByteArrayRegion(env, jSig, jSigOfs, jSigLen, (jbyte *)bufSig);
+    }
+  }
+
+  if (!(*env)->ExceptionCheck(env)) {
+    // Frees context + converts rv to negative if error occurred
+    rv = JavaCritical_com_oracle_security_ucrypto_NativeRSASignature_nativeFinal
+      (pCtxt, sign, jSigLen, bufSig, 0, jSigLen);
+
+    if (rv == 0 && sign) {
+      // need to copy the generated signature bytes to the java bytearray
+      (*env)->SetByteArrayRegion(env, jSig, jSigOfs, jSigLen, (jbyte *)bufSig);
+    }
+  } else {
+    // set rv to negative to indicate error
+    rv = -1;
+  }
+
+  free(bufSig);
+
+  return rv;
+}
+
+/*
+ * Class:     com_oracle_security_ucrypto_NativeRSACipher
+ * Method:    nativeAtomic
+ * Signature: (IZJI[BI[BII)I
+ */
+jint JavaCritical_com_oracle_security_ucrypto_NativeRSACipher_nativeAtomic
+  (jint mech, jboolean encrypt, jlong keyValue, jint keyLength,
+   int notUsed1, jbyte* bufIn, jint jInLen,
+   int notUsed2, jbyte* bufOut, jint jOutOfs, jint jOutLen) {
+
+  uchar_t *pKey;
+  crypto_object_attribute_t* pKey2;
+  int rv = 0;
+  size_t outLength = (size_t) jOutLen;
+
+  pKey = (uchar_t *) keyValue;
+  if (DEBUG) {
+    printf("Cipher nativeAtomic: mech=%d, encrypt=%d, pKey=%ld, keyLength=%d\n",
+           mech, encrypt, pKey, keyLength);
+    printBytes("Before nativeAtomic: in: ", (unsigned char*) bufIn, jInLen);
+    printBytes("Before nativeAtomic: out: ", (unsigned char*) (bufOut + jOutOfs), jOutLen);
+  }
+
+  if (encrypt) {
+    rv = (*ftab->ucryptoEncrypt)((ucrypto_mech_t)mech, pKey, (size_t)keyLength,
+      NULL, 0, (uchar_t *)bufIn, (size_t)jInLen,
+      (uchar_t *)(bufOut + jOutOfs), &outLength);
+  } else {
+    rv = (*ftab->ucryptoDecrypt)((ucrypto_mech_t)mech, pKey, (size_t)keyLength,
+      NULL, 0, (uchar_t *)bufIn, (size_t)jInLen,
+      (uchar_t *)(bufOut + jOutOfs), &outLength);
+  }
+  if (DEBUG) {
+    printf("Cipher nativeAtomic, ret =>  0x%x\n", rv);
+    if (outLength != jOutLen) {
+      printf("CIP actual output len=%d\n", outLength);
+    }
+    printBytes("After nativeAtomic: ", (unsigned char*) (bufOut + jOutOfs), outLength);
+  }
+
+  if (rv) {
+    return -rv;
+  } else return outLength;
+}
+
+JNIEXPORT jint JNICALL Java_com_oracle_security_ucrypto_NativeRSACipher_nativeAtomic
+  (JNIEnv *env, jclass jCls, jint mech, jboolean encrypt,
+   jlong keyValue, jint keyLength, jbyteArray jIn, jint jInLen,
+   jbyteArray jOut, jint jOutOfs, jint jOutLen) {
+  int rv = 0;
+  jbyte *bufIn = NULL;
+  jbyte *bufOut = NULL;
+
+  if (jInLen != 0) {
+    bufIn = (*env)->GetByteArrayElements(env, jIn, NULL);
+    if (bufIn == NULL) {
+      return 0;
+    }
+  }
+  bufOut = calloc(jOutLen, sizeof(jbyte));
+  if (bufOut == NULL) {
+    (*env)->ReleaseByteArrayElements(env, jIn, bufIn, 0);
+    throwOutOfMemoryError(env, NULL);
+    return 0;
+  }
+
+  // rv: output length or error code (if negative)
+  rv = JavaCritical_com_oracle_security_ucrypto_NativeRSACipher_nativeAtomic
+    (mech, encrypt, keyValue, keyLength, jInLen, bufIn, jInLen,
+     jOutLen, bufOut, 0, jOutLen);
+
+  if (rv > 0) {
+    (*env)->SetByteArrayRegion(env, jOut, jOutOfs, rv, (jbyte *)bufOut);
+  }
+
+  if (bufIn != NULL) {
+    (*env)->ReleaseByteArrayElements(env, jIn, bufIn, 0);
+  }
+  free(bufOut);
+  return rv;
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeCrypto.h	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#ifndef _Included_com_oracle_security_ucrypto_NativeCrypto
+#define _Included_com_oracle_security_ucrypto_NativeCrypto
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#undef com_oracle_security_ucrypto_NativeDigest_MECH_MD5
+#define com_oracle_security_ucrypto_NativeDigest_MECH_MD5 1L
+#undef com_oracle_security_ucrypto_NativeDigest_MECH_SHA1
+#define com_oracle_security_ucrypto_NativeDigest_MECH_SHA1 2L
+#undef com_oracle_security_ucrypto_NativeDigest_MECH_SHA256
+#define com_oracle_security_ucrypto_NativeDigest_MECH_SHA256 3L
+#undef com_oracle_security_ucrypto_NativeDigest_MECH_SHA224
+#define com_oracle_security_ucrypto_NativeDigest_MECH_SHA224 4L
+#undef com_oracle_security_ucrypto_NativeDigest_MECH_SHA384
+#define com_oracle_security_ucrypto_NativeDigest_MECH_SHA384 5L
+#undef com_oracle_security_ucrypto_NativeDigest_MECH_SHA512
+#define com_oracle_security_ucrypto_NativeDigest_MECH_SHA512 6L
+
+#define DEBUG 0
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeFunc.c	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,153 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <jni.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <dlfcn.h>
+#include <link.h>
+#include "nativeFunc.h"
+
+/* standard md5/md/softcrypto method names (ordering is from mapfile) */
+static const char MD5_INIT[]                     = "MD5Init";
+static const char MD5_UPDATE[]                   = "MD5Update";
+static const char MD5_FINAL[]                    = "MD5Final";
+static const char SHA1_INIT[]                    = "SHA1Init";
+static const char SHA1_UPDATE[]                  = "SHA1Update";
+static const char SHA1_FINAL[]                   = "SHA1Final";
+static const char SHA2_INIT[]                    = "SHA2Init";
+static const char SHA2_UPDATE[]                  = "SHA2Update";
+static const char SHA2_FINAL[]                   = "SHA2Final";
+static const char UCRYPTO_VERSION[]              = "ucrypto_version";
+static const char UCRYPTO_GET_MECHLIST[]         = "ucrypto_get_mechlist";
+static const char UCRYPTO_ENCRYPT_INIT[]         = "ucrypto_encrypt_init";
+static const char UCRYPTO_ENCRYPT_UPDATE[]       = "ucrypto_encrypt_update";
+static const char UCRYPTO_ENCRYPT_FINAL[]        = "ucrypto_encrypt_final";
+static const char UCRYPTO_ENCRYPT[]              = "ucrypto_encrypt";
+static const char UCRYPTO_DECRYPT_INIT[]         = "ucrypto_decrypt_init";
+static const char UCRYPTO_DECRYPT_UPDATE[]       = "ucrypto_decrypt_update";
+static const char UCRYPTO_DECRYPT_FINAL[]        = "ucrypto_decrypt_final";
+static const char UCRYPTO_DECRYPT[]              = "ucrypto_decrypt";
+static const char UCRYPTO_SIGN_INIT[]            = "ucrypto_sign_init";
+static const char UCRYPTO_SIGN_UPDATE[]          = "ucrypto_sign_update";
+static const char UCRYPTO_SIGN_FINAL[]           = "ucrypto_sign_final";
+static const char UCRYPTO_VERIFY_INIT[]          = "ucrypto_verify_init";
+static const char UCRYPTO_VERIFY_UPDATE[]        = "ucrypto_verify_update";
+static const char UCRYPTO_VERIFY_FINAL[]         = "ucrypto_verify_final";
+
+/**
+ * Initialize native T4 crypto function pointers
+ */
+jboolean* loadNative() {
+
+  jboolean* buf;
+  void *lib;
+
+  buf = malloc(2 * sizeof(jboolean));
+  buf[0] = buf[1] = JNI_FALSE;
+  ftab = (T4CRYPTO_FUNCTION_TABLE_PTR) calloc(1, sizeof(T4CRYPTO_FUNCTION_TABLE));
+  if (ftab == NULL) {
+    free(buf);
+    return NULL;
+  }
+
+  lib = dlopen("libmd.so", RTLD_NOW);
+  if (lib != NULL) {
+    ftab->md5Init = (MD5INIT_FN_PTR) dlsym(lib, MD5_INIT);
+    ftab->md5Update = (MD5UPDATE_FN_PTR) dlsym(lib, MD5_UPDATE);
+    ftab->md5Final = (MD5FINAL_FN_PTR) dlsym(lib, MD5_FINAL);
+    ftab->sha1Init = (SHA1INIT_FN_PTR) dlsym(lib, SHA1_INIT);
+    ftab->sha1Update = (SHA1UPDATE_FN_PTR) dlsym(lib, SHA1_UPDATE);
+    ftab->sha1Final = (SHA1FINAL_FN_PTR) dlsym(lib, SHA1_FINAL);
+    ftab->sha2Init = (SHA2INIT_FN_PTR) dlsym(lib, SHA2_INIT);
+    ftab->sha2Update = (SHA2UPDATE_FN_PTR) dlsym(lib, SHA2_UPDATE);
+    ftab->sha2Final = (SHA2FINAL_FN_PTR) dlsym(lib, SHA2_FINAL);
+    if (ftab->md5Init != NULL && ftab->md5Update != NULL &&
+        ftab->md5Final != NULL && ftab->sha1Init != NULL &&
+        ftab->sha1Update != NULL && ftab->sha1Final != NULL &&
+        ftab->sha2Init != NULL && ftab->sha2Update != NULL &&
+        ftab->sha2Final != NULL) {
+      buf[0] = JNI_TRUE;
+    } else {
+      dlclose(lib);
+    }
+  }
+
+  lib = dlopen("libsoftcrypto.so", RTLD_NOW);
+  if (lib != NULL) {
+    // These APIs aren't available for v0 lib on Solaris 10
+    ftab->ucryptoVersion = (UCRYPTO_VERSION_FN_PTR)
+      dlsym(lib, UCRYPTO_VERSION);
+    ftab->ucryptoGetMechList = (UCRYPTO_GET_MECHLIST_FN_PTR)
+      dlsym(lib, UCRYPTO_GET_MECHLIST);
+    //??
+    ftab->ucryptoSignInit = (UCRYPTO_SIGN_INIT_FN_PTR)
+      dlsym(lib, UCRYPTO_SIGN_INIT);
+    ftab->ucryptoSignUpdate = (UCRYPTO_SIGN_UPDATE_FN_PTR)
+      dlsym(lib, UCRYPTO_SIGN_UPDATE);
+    ftab->ucryptoSignFinal = (UCRYPTO_SIGN_FINAL_FN_PTR)
+      dlsym(lib, UCRYPTO_SIGN_FINAL);
+    ftab->ucryptoVerifyInit = (UCRYPTO_VERIFY_INIT_FN_PTR)
+      dlsym(lib, UCRYPTO_VERIFY_INIT);
+    ftab->ucryptoVerifyUpdate = (UCRYPTO_VERIFY_UPDATE_FN_PTR)
+      dlsym(lib, UCRYPTO_VERIFY_UPDATE);
+    ftab->ucryptoVerifyFinal = (UCRYPTO_VERIFY_FINAL_FN_PTR)
+      dlsym(lib, UCRYPTO_VERIFY_FINAL);
+
+    // These should be avilable for all libsoftcrypto libs
+    ftab->ucryptoEncryptInit = (UCRYPTO_ENCRYPT_INIT_FN_PTR)
+      dlsym(lib, UCRYPTO_ENCRYPT_INIT);
+    ftab->ucryptoEncryptUpdate = (UCRYPTO_ENCRYPT_UPDATE_FN_PTR)
+      dlsym(lib, UCRYPTO_ENCRYPT_UPDATE);
+    ftab->ucryptoEncryptFinal = (UCRYPTO_ENCRYPT_FINAL_FN_PTR)
+      dlsym(lib, UCRYPTO_ENCRYPT_FINAL);
+    ftab->ucryptoEncrypt = (UCRYPTO_ENCRYPT_FN_PTR)
+      dlsym(lib, UCRYPTO_ENCRYPT);
+
+    ftab->ucryptoDecryptInit = (UCRYPTO_DECRYPT_INIT_FN_PTR)
+      dlsym(lib, UCRYPTO_DECRYPT_INIT);
+    ftab->ucryptoDecryptUpdate = (UCRYPTO_DECRYPT_UPDATE_FN_PTR)
+      dlsym(lib, UCRYPTO_DECRYPT_UPDATE);
+    ftab->ucryptoDecryptFinal = (UCRYPTO_DECRYPT_FINAL_FN_PTR)
+      dlsym(lib, UCRYPTO_DECRYPT_FINAL);
+    ftab->ucryptoDecrypt = (UCRYPTO_DECRYPT_FN_PTR)
+      dlsym(lib, UCRYPTO_DECRYPT);
+
+    if (ftab->ucryptoEncryptInit != NULL &&
+        ftab->ucryptoEncryptUpdate != NULL &&
+        ftab->ucryptoEncryptFinal != NULL &&
+        ftab->ucryptoEncrypt != NULL &&
+        ftab->ucryptoDecryptInit != NULL &&
+        ftab->ucryptoDecryptUpdate != NULL &&
+        ftab->ucryptoDecryptFinal != NULL &&
+        ftab->ucryptoDecrypt != NULL) {
+      buf[1] = JNI_TRUE;
+    } else {
+      dlclose(lib);
+    }
+  }
+
+  return buf;
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/jdk.crypto.ucrypto/solaris/native/libj2ucrypto/nativeFunc.h	Tue Oct 28 11:38:00 2014 -0700
@@ -0,0 +1,163 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#ifndef SPARCT4_NATIVE_FUNC_H
+#define SPARCT4_NATIVE_FUNC_H
+#include <md5.h>
+#include <sha1.h>
+#include <sha2.h>
+#include <libsoftcrypto.h>
+
+jboolean* loadNative();
+
+/* function pointer definitions */
+
+typedef void (*MD5INIT_FN_PTR)(MD5_CTX *context);
+
+typedef void (*MD5UPDATE_FN_PTR)
+     (MD5_CTX *context, unsigned char *input,
+      unsigned int inlen);
+
+typedef void (*MD5FINAL_FN_PTR)
+     (unsigned char *output, MD5_CTX *context);
+
+typedef void (*SHA1INIT_FN_PTR)(SHA1_CTX *context);
+
+typedef void (*SHA1UPDATE_FN_PTR)
+     (SHA1_CTX *context, unsigned char *input,
+      unsigned int inlen);
+
+typedef void (*SHA1FINAL_FN_PTR)
+     (unsigned char *output, SHA1_CTX *context);
+
+typedef void (*SHA2INIT_FN_PTR)(uint64_t mech, SHA2_CTX *context);
+
+typedef void (*SHA2UPDATE_FN_PTR)
+     (SHA2_CTX *context, unsigned char *input,
+      unsigned int inlen);
+
+typedef void (*SHA2FINAL_FN_PTR)
+     (unsigned char *output, SHA2_CTX *context);
+
+typedef int (*UCRYPTO_VERSION_FN_PTR)();
+
+typedef int (*UCRYPTO_GET_MECHLIST_FN_PTR)(char *str);
+
+typedef int (*UCRYPTO_ENCRYPT_INIT_FN_PTR)
+     (crypto_ctx_t *context, ucrypto_mech_t mech_type,
+      uchar_t *key_str, size_t key_len,
+      void *iv, size_t iv_len);
+
+typedef int (*UCRYPTO_ENCRYPT_UPDATE_FN_PTR)
+     (crypto_ctx_t *context, uchar_t *in,
+      size_t in_len, uchar_t *out, size_t *out_len);
+
+typedef int (*UCRYPTO_ENCRYPT_FINAL_FN_PTR)
+     (crypto_ctx_t *context, uchar_t *out,
+      size_t *out_len);
+
+typedef int (*UCRYPTO_ENCRYPT_FN_PTR)
+     (ucrypto_mech_t mech_type, uchar_t *key_str,
+      size_t key_len, void *iv, size_t iv_len, uchar_t *in,
+      size_t in_len, uchar_t *out, size_t *out_len);
+
+typedef int (*UCRYPTO_DECRYPT_INIT_FN_PTR)
+     (crypto_ctx_t *context,
+      ucrypto_mech_t mech_type, uchar_t *key_str, size_t key_len,
+      void *iv, size_t iv_len);
+
+typedef int (*UCRYPTO_DECRYPT_UPDATE_FN_PTR)
+     (crypto_ctx_t *context, uchar_t *in,
+      size_t in_len, uchar_t *out, size_t *out_len);
+
+typedef int (*UCRYPTO_DECRYPT_FINAL_FN_PTR)
+     (crypto_ctx_t *context, uchar_t *out,
+      size_t *out_len);
+
+typedef int (*UCRYPTO_DECRYPT_FN_PTR)
+     (ucrypto_mech_t mech_type, uchar_t *key_str,
+      size_t key_len, void *iv, size_t iv_len, uchar_t *in,
+      size_t in_len, uchar_t *out, size_t *out_len);
+
+typedef int (*UCRYPTO_SIGN_INIT_FN_PTR)
+     (crypto_ctx_t *context, ucrypto_mech_t mech_type,
+      uchar_t *key_str, size_t key_len,
+      void *iv, size_t iv_len);
+
+typedef int (*UCRYPTO_SIGN_UPDATE_FN_PTR)
+     (crypto_ctx_t *context, uchar_t *data_str, size_t data_len);