changeset 5416:b88fc3359dc7 jdk8-b40

Merge
author lana
date Mon, 21 May 2012 11:44:01 -0700
parents 5b2095d7a60b 0a1ef7e07e01
children 7def50698e78 edb02bee325e
files
diffstat 111 files changed, 2775 insertions(+), 962 deletions(-) [+]
line wrap: on
line diff
--- a/make/com/oracle/security/ucrypto/Makefile	Mon May 21 11:41:33 2012 -0700
+++ b/make/com/oracle/security/ucrypto/Makefile	Mon May 21 11:44:01 2012 -0700
@@ -139,7 +139,7 @@
   #
   CLASSDESTDIR = $(TEMPDIR)/classes
   JAVAHFLAGS = -bootclasspath \
-    "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)"
+    "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)$(JCE_PATH)"
 
   include $(BUILDDIR)/common/Mapfile-vers.gmk
   include $(BUILDDIR)/common/Library.gmk
--- a/make/common/shared/Defs-java.gmk	Mon May 21 11:41:33 2012 -0700
+++ b/make/common/shared/Defs-java.gmk	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -139,7 +139,7 @@
 # built implicitly/explicitly.
 #
 ifeq ($(wildcard $(SHARE_SRC)/classes/javax/crypto/Cipher.java),)
-  JCEFLAGS = $(CLASSPATH_SEPARATOR)$(LIBDIR)/jce.jar
+  JCE_PATH = $(CLASSPATH_SEPARATOR)$(LIBDIR)/jce.jar
 endif
 
 # Add the source level
@@ -152,11 +152,11 @@
 CLASS_VERSION = -target $(TARGET_CLASS_VERSION)
 JAVACFLAGS  += $(CLASS_VERSION)
 JAVACFLAGS  += -encoding ascii
-JAVACFLAGS  += "-Xbootclasspath:$(CLASSBINDIR)$(JCEFLAGS)"
+JAVACFLAGS  += "-Xbootclasspath:$(CLASSBINDIR)$(JCE_PATH)"
 JAVACFLAGS  += $(OTHER_JAVACFLAGS)
 
 # Needed for javah
-JAVAHFLAGS += -bootclasspath "$(CLASSBINDIR)$(JCEFLAGS)"
+JAVAHFLAGS += -bootclasspath "$(CLASSBINDIR)$(JCE_PATH)"
 
 # Needed for javadoc to ensure it builds documentation
 # against the newly built classes
--- a/make/java/redist/Makefile	Mon May 21 11:41:33 2012 -0700
+++ b/make/java/redist/Makefile	Mon May 21 11:44:01 2012 -0700
@@ -261,8 +261,7 @@
     ifeq ($(ZIP_DEBUGINFO_FILES),1)
       # the import JDK may not contain the target of the symlink
       ifneq ($(wildcard $(HOTSPOT_IMPORT_PATH)/$(ARCH_VM_SUBDIR)/$(LIBJSIG_DIZ_NAME)),)
-        # check for the .diz file, but create the .debuginfo link
-        IMPORT_LIST += $(LIB_LOCATION)/$(SERVER_LOCATION)/$(LIBJSIG_DEBUGINFO_NAME)
+        IMPORT_LIST += $(LIB_LOCATION)/$(SERVER_LOCATION)/$(LIBJSIG_DIZ_NAME)
       endif
     else
       # the import JDK may not contain the target of the symlink
@@ -319,8 +318,7 @@
   ifeq ($(ZIP_DEBUGINFO_FILES),1)
     # the import JDK may not contain the target of the symlink
     ifneq ($(wildcard $(HOTSPOT_IMPORT_PATH)/$(ARCH_VM_SUBDIR)/$(LIBJSIG_DIZ_NAME)),)
-      # check for the .diz file, but create the .debuginfo link
-      IMPORT_LIST += $(LIB_LOCATION)/$(CLIENT_LOCATION)/$(LIBJSIG_DEBUGINFO_NAME)
+      IMPORT_LIST += $(LIB_LOCATION)/$(CLIENT_LOCATION)/$(LIBJSIG_DIZ_NAME)
     endif
   else
     # the import JDK may not contain the target of the symlink
@@ -472,11 +470,24 @@
 	$(call install-sym-link, ../$(LIBJSIG_NAME))
 
   ifeq ($(ENABLE_FULL_DEBUG_SYMBOLS),1)
-# we don't create a symlink to a libjsig.diz file
+# We don't create a symlink to a libjsig.diz file, but we do put
+# the libjsig.debuginfo symlink into a libjsig.diz file. The aurora
+# system does not like dangling symlinks.
+    ifeq ($(ZIP_DEBUGINFO_FILES),1)
+$(LIB_LOCATION)/$(CLIENT_LOCATION)/$(LIBJSIG_DIZ_NAME) \
+$(LIB_LOCATION)/$(SERVER_LOCATION)/$(LIBJSIG_DIZ_NAME):
+	@$(prep-target)
+	$(LN) -s ../$(LIBJSIG_DEBUGINFO_NAME) $(@D)/$(LIBJSIG_DEBUGINFO_NAME)
+	( $(CD) $(@D) ; \
+	 $(ZIPEXE) -y $(LIBJSIG_DIZ_NAME) $(LIBJSIG_DEBUGINFO_NAME) ; \
+	 $(RM) $(LIBJSIG_DEBUGINFO_NAME) ; \
+	)
+    else
 $(LIB_LOCATION)/$(CLIENT_LOCATION)/$(LIBJSIG_DEBUGINFO_NAME) \
 $(LIB_LOCATION)/$(SERVER_LOCATION)/$(LIBJSIG_DEBUGINFO_NAME):
 	@$(prep-target)
 	$(call install-sym-link, ../$(LIBJSIG_DEBUGINFO_NAME))
+    endif
   endif
 else
 $(LIB_LOCATION)/$(CLIENT_LOCATION)/$(LIBJSIG_NAME):
@@ -484,10 +495,22 @@
 	$(call install-sym-link, ../$(LIBJSIG_NAME))
 
   ifeq ($(ENABLE_FULL_DEBUG_SYMBOLS),1)
-# we don't create a symlink to a libjsig.diz file
+# We don't create a symlink to a libjsig.diz file, but we do put
+# the libjsig.debuginfo symlink into a libjsig.diz file. The aurora
+# system does not like dangling symlinks.
+    ifeq ($(ZIP_DEBUGINFO_FILES),1)
+$(LIB_LOCATION)/$(CLIENT_LOCATION)/$(LIBJSIG_DIZ_NAME):
+	@$(prep-target)
+	$(LN) -s ../$(LIBJSIG_DEBUGINFO_NAME) $(@D)/$(LIBJSIG_DEBUGINFO_NAME)
+	( $(CD) $(@D) ; \
+	 $(ZIPEXE) -y $(LIBJSIG_DIZ_NAME) $(LIBJSIG_DEBUGINFO_NAME) ; \
+	 $(RM) $(LIBJSIG_DEBUGINFO_NAME) ; \
+	)
+    else
 $(LIB_LOCATION)/$(CLIENT_LOCATION)/$(LIBJSIG_DEBUGINFO_NAME):
 	@$(prep-target)
 	$(call install-sym-link, ../$(LIBJSIG_DEBUGINFO_NAME))
+    endif
   endif
 endif
 
--- a/make/sun/security/ec/Makefile	Mon May 21 11:41:33 2012 -0700
+++ b/make/sun/security/ec/Makefile	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -160,7 +160,7 @@
       $(PKGDIR)/ECKeyPairGenerator.java
 
   JAVAHFLAGS = -bootclasspath \
-      "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)"
+      "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)$(JCE_PATH)"
 
 
   #
--- a/make/sun/security/mscapi/Makefile	Mon May 21 11:41:33 2012 -0700
+++ b/make/sun/security/mscapi/Makefile	Mon May 21 11:44:01 2012 -0700
@@ -150,7 +150,7 @@
 #
 CLASSDESTDIR = $(TEMPDIR)/classes
 JAVAHFLAGS = -bootclasspath \
-  "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)"
+  "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)$(JCE_PATH)"
 
 include $(BUILDDIR)/common/Mapfile-vers.gmk
 
--- a/make/sun/security/pkcs11/Makefile	Mon May 21 11:41:33 2012 -0700
+++ b/make/sun/security/pkcs11/Makefile	Mon May 21 11:44:01 2012 -0700
@@ -151,7 +151,7 @@
 #
 CLASSDESTDIR = $(TEMPDIR)/classes
 JAVAHFLAGS = -bootclasspath \
-    "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)"
+    "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)$(JCE_PATH)"
 
 include $(BUILDDIR)/common/Mapfile-vers.gmk
 
--- a/makefiles/com/oracle/security/ucrypto/Makefile	Mon May 21 11:41:33 2012 -0700
+++ b/makefiles/com/oracle/security/ucrypto/Makefile	Mon May 21 11:44:01 2012 -0700
@@ -139,7 +139,7 @@
   #
   CLASSDESTDIR = $(TEMPDIR)/classes
   JAVAHFLAGS = -bootclasspath \
-    "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)"
+    "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)$(JCE_PATH)"
 
   include $(BUILDDIR)/common/Mapfile-vers.gmk
   include $(BUILDDIR)/common/Library.gmk
--- a/makefiles/common/shared/Defs-java.gmk	Mon May 21 11:41:33 2012 -0700
+++ b/makefiles/common/shared/Defs-java.gmk	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -141,7 +141,7 @@
 # built implicitly/explicitly.
 #
 ifeq ($(wildcard $(SHARE_SRC)/classes/javax/crypto/Cipher.java),)
-  JCEFLAGS = $(CLASSPATH_SEPARATOR)$(LIBDIR)/jce.jar
+  JCE_PATH = $(CLASSPATH_SEPARATOR)$(LIBDIR)/jce.jar
 endif
 
 # Add the source level
@@ -154,11 +154,11 @@
 CLASS_VERSION = -target $(TARGET_CLASS_VERSION)
 JAVACFLAGS  += $(CLASS_VERSION)
 JAVACFLAGS  += -encoding ascii
-JAVACFLAGS  += "-Xbootclasspath:$(CLASSBINDIR)$(JCEFLAGS)"
+JAVACFLAGS  += "-Xbootclasspath:$(CLASSBINDIR)$(JCE_PATH)"
 JAVACFLAGS  += $(OTHER_JAVACFLAGS)
 
 # Needed for javah
-JAVAHFLAGS += -bootclasspath "$(CLASSBINDIR)$(JCEFLAGS)"
+JAVAHFLAGS += -bootclasspath "$(CLASSBINDIR)$(JCE_PATH)"
 
 # Needed for javadoc to ensure it builds documentation
 # against the newly built classes
--- a/makefiles/sun/security/ec/Makefile	Mon May 21 11:41:33 2012 -0700
+++ b/makefiles/sun/security/ec/Makefile	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -159,7 +159,8 @@
       $(PKGDIR)/ECDSASignature.java \
       $(PKGDIR)/ECKeyPairGenerator.java
 
-  JAVAHFLAGS += -Xbootclasspath/p:$(CLASSDESTDIR)
+  JAVAHFLAGS = -bootclasspath \
+    "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)$(JCE_PATH)"
 
   #
   # C and C++ files
--- a/makefiles/sun/security/mscapi/Makefile	Mon May 21 11:41:33 2012 -0700
+++ b/makefiles/sun/security/mscapi/Makefile	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -149,7 +149,8 @@
 # Rules
 #
 CLASSDESTDIR = $(TEMPDIR)/classes
-JAVAHFLAGS += -Xbootclasspath/p:$(CLASSDESTDIR)
+JAVAHFLAGS = -bootclasspath \
+  "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)$(JCE_PATH)"
 
 include $(BUILDDIR)/common/Mapfile-vers.gmk
 
--- a/makefiles/sun/security/pkcs11/Makefile	Mon May 21 11:41:33 2012 -0700
+++ b/makefiles/sun/security/pkcs11/Makefile	Mon May 21 11:44:01 2012 -0700
@@ -150,7 +150,8 @@
 # Rules
 #
 CLASSDESTDIR = $(TEMPDIR)/classes
-JAVAHFLAGS = -bootclasspath "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)"
+JAVAHFLAGS = -bootclasspath \
+  "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)$(JCE_PATH)"
 
 include $(BUILDDIR)/common/Mapfile-vers.gmk
 
--- a/src/macosx/classes/java/util/prefs/MacOSXPreferences.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/macosx/classes/java/util/prefs/MacOSXPreferences.java	Mon May 21 11:44:01 2012 -0700
@@ -135,18 +135,21 @@
 
 
     // AbstractPreferences implementation
+    @Override
     protected void putSpi(String key, String value)
     {
         file.addKeyToNode(path, key, value);
     }
 
     // AbstractPreferences implementation
+    @Override
     protected String getSpi(String key)
     {
         return file.getKeyFromNode(path, key);
     }
 
     // AbstractPreferences implementation
+    @Override
     protected void removeSpi(String key)
     {
         Objects.requireNonNull(key, "Specified key cannot be null");
@@ -155,6 +158,7 @@
 
 
     // AbstractPreferences implementation
+    @Override
     protected void removeNodeSpi()
         throws BackingStoreException
     {
@@ -174,6 +178,7 @@
 
 
     // AbstractPreferences implementation
+    @Override
     protected String[] childrenNamesSpi()
         throws BackingStoreException
     {
@@ -183,6 +188,7 @@
     }
 
     // AbstractPreferences implementation
+    @Override
     protected String[] keysSpi()
         throws BackingStoreException
     {
@@ -192,6 +198,7 @@
     }
 
     // AbstractPreferences implementation
+    @Override
     protected AbstractPreferences childSpi(String name)
     {
         // Add to parent's child list here and disallow sync
@@ -203,6 +210,7 @@
     }
 
     // AbstractPreferences override
+    @Override
     public void flush()
         throws BackingStoreException
     {
@@ -217,6 +225,7 @@
     }
 
     // AbstractPreferences implementation
+    @Override
     protected void flushSpi()
         throws BackingStoreException
     {
@@ -224,6 +233,7 @@
     }
 
     // AbstractPreferences override
+    @Override
     public void sync()
         throws BackingStoreException
     {
@@ -244,6 +254,7 @@
     }
 
     // AbstractPreferences implementation
+    @Override
     protected void syncSpi()
         throws BackingStoreException
     {
--- a/src/macosx/classes/java/util/prefs/MacOSXPreferencesFactory.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/macosx/classes/java/util/prefs/MacOSXPreferencesFactory.java	Mon May 21 11:44:01 2012 -0700
@@ -26,10 +26,12 @@
 package java.util.prefs;
 
 class MacOSXPreferencesFactory implements PreferencesFactory {
+    @Override
     public Preferences userRoot() {
         return MacOSXPreferences.getUserRoot();
     }
 
+    @Override
     public Preferences systemRoot() {
         return MacOSXPreferences.getSystemRoot();
     }
--- a/src/macosx/classes/java/util/prefs/MacOSXPreferencesFile.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/macosx/classes/java/util/prefs/MacOSXPreferencesFile.java	Mon May 21 11:44:01 2012 -0700
@@ -101,9 +101,10 @@
     }
 
     // Maps string -> weak reference to MacOSXPreferencesFile
-    private static HashMap cachedFiles = null;
+    private static HashMap<String, WeakReference<MacOSXPreferencesFile>>
+            cachedFiles;
     // Files that may have unflushed changes
-    private static HashSet changedFiles = null;
+    private static HashSet<MacOSXPreferencesFile> changedFiles;
 
 
     // Timer and pending sync and flush tasks (which are both scheduled
@@ -136,13 +137,14 @@
     {
         MacOSXPreferencesFile result = null;
 
-        if (cachedFiles == null) cachedFiles = new HashMap();
+        if (cachedFiles == null)
+            cachedFiles = new HashMap<>();
 
         String hashkey =
             newName + String.valueOf(isUser);
-        WeakReference hashvalue = (WeakReference)cachedFiles.get(hashkey);
+        WeakReference<MacOSXPreferencesFile> hashvalue = cachedFiles.get(hashkey);
         if (hashvalue != null) {
-            result = (MacOSXPreferencesFile)hashvalue.get();
+            result = hashvalue.get();
         }
         if (result == null) {
             // Java user node == CF current user, any host
@@ -150,7 +152,7 @@
             result = new MacOSXPreferencesFile(newName,
                                          isUser ? cfCurrentUser : cfAnyUser,
                                          isUser ? cfAnyHost : cfCurrentHost);
-            cachedFiles.put(hashkey, new WeakReference(result));
+            cachedFiles.put(hashkey, new WeakReference<MacOSXPreferencesFile>(result));
         }
 
         // Don't schedule this file for flushing until some nodes or
@@ -171,10 +173,11 @@
         boolean ok = true;
 
         if (cachedFiles != null  &&  !cachedFiles.isEmpty()) {
-            Iterator iter = cachedFiles.values().iterator();
+            Iterator<WeakReference<MacOSXPreferencesFile>> iter =
+                    cachedFiles.values().iterator();
             while (iter.hasNext()) {
-                WeakReference ref = (WeakReference)iter.next();
-                MacOSXPreferencesFile f = (MacOSXPreferencesFile)ref.get();
+                WeakReference<MacOSXPreferencesFile> ref = iter.next();
+                MacOSXPreferencesFile f = ref.get();
                 if (f != null) {
                     if (!f.synchronize()) ok = false;
                 } else {
@@ -202,10 +205,11 @@
     static synchronized boolean syncUser() {
         boolean ok = true;
         if (cachedFiles != null  &&  !cachedFiles.isEmpty()) {
-            Iterator<WeakReference> iter = cachedFiles.values().iterator();
+            Iterator<WeakReference<MacOSXPreferencesFile>> iter =
+                    cachedFiles.values().iterator();
             while (iter.hasNext()) {
-                WeakReference ref = iter.next();
-                MacOSXPreferencesFile f = (MacOSXPreferencesFile)ref.get();
+                WeakReference<MacOSXPreferencesFile> ref = iter.next();
+                MacOSXPreferencesFile f = ref.get();
                 if (f != null && f.user == cfCurrentUser) {
                     if (!f.synchronize()) {
                         ok = false;
@@ -240,12 +244,10 @@
         boolean ok = true;
 
         if (changedFiles != null  &&  !changedFiles.isEmpty()) {
-            Iterator iter = changedFiles.iterator();
-            while (iter.hasNext()) {
-                MacOSXPreferencesFile f = (MacOSXPreferencesFile)iter.next();
-                if (!f.synchronize()) ok = false;
+            for (MacOSXPreferencesFile f : changedFiles) {
+                if (!f.synchronize())
+                    ok = false;
             }
-
             changedFiles.clear();
         }
 
@@ -263,7 +265,8 @@
     private void markChanged()
     {
         // Add this file to the changed file list
-        if (changedFiles == null) changedFiles = new HashSet();
+        if (changedFiles == null)
+            changedFiles = new HashSet<>();
         changedFiles.add(this);
 
         // Schedule a new flush and a shutdown hook, if necessary
@@ -309,7 +312,9 @@
 
             if (syncInterval > 0) {
                 timer().schedule(new TimerTask() {
-                        public void run() { MacOSXPreferencesFile.syncWorld();}
+                    @Override
+                    public void run() {
+                        MacOSXPreferencesFile.syncWorld();}
                     }, syncInterval * 1000, syncInterval * 1000);
             } else {
                 // syncInterval property not set. No sync timer ever.
@@ -323,6 +328,7 @@
         if (timer == null) {
             timer = new Timer(true); // daemon
             Thread flushThread = new Thread() {
+                @Override
                 public void run() {
                     flushWorld();
                 }
--- a/src/share/classes/com/sun/crypto/provider/HmacCore.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/com/sun/crypto/provider/HmacCore.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -38,16 +38,16 @@
  * This class constitutes the core of HMAC-<MD> algorithms, where
  * <MD> can be SHA1 or MD5, etc. See RFC 2104 for spec.
  *
- * It also contains the implementation classes for the SHA-256,
+ * It also contains the implementation classes for SHA-224, SHA-256,
  * SHA-384, and SHA-512 HMACs.
  *
  * @author Jan Luehe
  */
-final class HmacCore implements Cloneable {
+abstract class HmacCore extends MacSpi implements Cloneable {
 
-    private final MessageDigest md;
-    private final byte[] k_ipad; // inner padding - key XORd with ipad
-    private final byte[] k_opad; // outer padding - key XORd with opad
+    private MessageDigest md;
+    private byte[] k_ipad; // inner padding - key XORd with ipad
+    private byte[] k_opad; // outer padding - key XORd with opad
     private boolean first;       // Is this the first data to be processed?
 
     private final int blockLen;
@@ -73,22 +73,11 @@
     }
 
     /**
-     * Constructor used for cloning.
-     */
-    private HmacCore(HmacCore other) throws CloneNotSupportedException {
-        this.md = (MessageDigest)other.md.clone();
-        this.blockLen = other.blockLen;
-        this.k_ipad = other.k_ipad.clone();
-        this.k_opad = other.k_opad.clone();
-        this.first = other.first;
-    }
-
-    /**
      * Returns the length of the HMAC in bytes.
      *
      * @return the HMAC length in bytes.
      */
-    int getDigestLength() {
+    protected int engineGetMacLength() {
         return this.md.getDigestLength();
     }
 
@@ -103,9 +92,8 @@
      * @exception InvalidAlgorithmParameterException if the given algorithm
      * parameters are inappropriate for this MAC.
      */
-    void init(Key key, AlgorithmParameterSpec params)
+    protected void engineInit(Key key, AlgorithmParameterSpec params)
             throws InvalidKeyException, InvalidAlgorithmParameterException {
-
         if (params != null) {
             throw new InvalidAlgorithmParameterException
                 ("HMAC does not use parameters");
@@ -140,7 +128,7 @@
         Arrays.fill(secret, (byte)0);
         secret = null;
 
-        reset();
+        engineReset();
     }
 
     /**
@@ -148,7 +136,7 @@
      *
      * @param input the input byte to be processed.
      */
-    void update(byte input) {
+    protected void engineUpdate(byte input) {
         if (first == true) {
             // compute digest for 1st pass; start with inner pad
             md.update(k_ipad);
@@ -167,7 +155,7 @@
      * @param offset the offset in <code>input</code> where the input starts.
      * @param len the number of bytes to process.
      */
-    void update(byte input[], int offset, int len) {
+    protected void engineUpdate(byte input[], int offset, int len) {
         if (first == true) {
             // compute digest for 1st pass; start with inner pad
             md.update(k_ipad);
@@ -178,7 +166,13 @@
         md.update(input, offset, len);
     }
 
-    void update(ByteBuffer input) {
+    /**
+     * Processes the <code>input.remaining()</code> bytes in the ByteBuffer
+     * <code>input</code>.
+     *
+     * @param input the input byte buffer.
+     */
+    protected void engineUpdate(ByteBuffer input) {
         if (first == true) {
             // compute digest for 1st pass; start with inner pad
             md.update(k_ipad);
@@ -194,7 +188,7 @@
      *
      * @return the HMAC result.
      */
-    byte[] doFinal() {
+    protected byte[] engineDoFinal() {
         if (first == true) {
             // compute digest for 1st pass; start with inner pad
             md.update(k_ipad);
@@ -223,7 +217,7 @@
      * Resets the HMAC for further use, maintaining the secret key that the
      * HMAC was initialized with.
      */
-    void reset() {
+    protected void engineReset() {
         if (first == false) {
             md.reset();
             first = true;
@@ -234,115 +228,38 @@
      * Clones this object.
      */
     public Object clone() throws CloneNotSupportedException {
-        return new HmacCore(this);
+        HmacCore copy = (HmacCore) super.clone();
+        copy.md = (MessageDigest) md.clone();
+        copy.k_ipad = k_ipad.clone();
+        copy.k_opad = k_opad.clone();
+        return copy;
+    }
+
+    // nested static class for the HmacSHA224 implementation
+    public static final class HmacSHA224 extends HmacCore {
+        public HmacSHA224() throws NoSuchAlgorithmException {
+            super("SHA-224", 64);
+        }
     }
 
     // nested static class for the HmacSHA256 implementation
-    public static final class HmacSHA256 extends MacSpi implements Cloneable {
-        private final HmacCore core;
+    public static final class HmacSHA256 extends HmacCore {
         public HmacSHA256() throws NoSuchAlgorithmException {
-            core = new HmacCore("SHA-256", 64);
-        }
-        private HmacSHA256(HmacSHA256 base) throws CloneNotSupportedException {
-            core = (HmacCore)base.core.clone();
-        }
-        protected int engineGetMacLength() {
-            return core.getDigestLength();
-        }
-        protected void engineInit(Key key, AlgorithmParameterSpec params)
-                throws InvalidKeyException, InvalidAlgorithmParameterException {
-            core.init(key, params);
-        }
-        protected void engineUpdate(byte input) {
-            core.update(input);
-        }
-        protected void engineUpdate(byte input[], int offset, int len) {
-            core.update(input, offset, len);
-        }
-        protected void engineUpdate(ByteBuffer input) {
-            core.update(input);
-        }
-        protected byte[] engineDoFinal() {
-            return core.doFinal();
-        }
-        protected void engineReset() {
-            core.reset();
-        }
-        public Object clone() throws CloneNotSupportedException {
-            return new HmacSHA256(this);
+            super("SHA-256", 64);
         }
     }
 
     // nested static class for the HmacSHA384 implementation
-    public static final class HmacSHA384 extends MacSpi implements Cloneable {
-        private final HmacCore core;
+    public static final class HmacSHA384 extends HmacCore {
         public HmacSHA384() throws NoSuchAlgorithmException {
-            core = new HmacCore("SHA-384", 128);
-        }
-        private HmacSHA384(HmacSHA384 base) throws CloneNotSupportedException {
-            core = (HmacCore)base.core.clone();
-        }
-        protected int engineGetMacLength() {
-            return core.getDigestLength();
-        }
-        protected void engineInit(Key key, AlgorithmParameterSpec params)
-                throws InvalidKeyException, InvalidAlgorithmParameterException {
-            core.init(key, params);
-        }
-        protected void engineUpdate(byte input) {
-            core.update(input);
-        }
-        protected void engineUpdate(byte input[], int offset, int len) {
-            core.update(input, offset, len);
-        }
-        protected void engineUpdate(ByteBuffer input) {
-            core.update(input);
-        }
-        protected byte[] engineDoFinal() {
-            return core.doFinal();
-        }
-        protected void engineReset() {
-            core.reset();
-        }
-        public Object clone() throws CloneNotSupportedException {
-            return new HmacSHA384(this);
+            super("SHA-384", 128);
         }
     }
 
     // nested static class for the HmacSHA512 implementation
-    public static final class HmacSHA512 extends MacSpi implements Cloneable {
-        private final HmacCore core;
+    public static final class HmacSHA512 extends HmacCore {
         public HmacSHA512() throws NoSuchAlgorithmException {
-            core = new HmacCore("SHA-512", 128);
-        }
-        private HmacSHA512(HmacSHA512 base) throws CloneNotSupportedException {
-            core = (HmacCore)base.core.clone();
-        }
-        protected int engineGetMacLength() {
-            return core.getDigestLength();
-        }
-        protected void engineInit(Key key, AlgorithmParameterSpec params)
-                throws InvalidKeyException, InvalidAlgorithmParameterException {
-            core.init(key, params);
-        }
-        protected void engineUpdate(byte input) {
-            core.update(input);
-        }
-        protected void engineUpdate(byte input[], int offset, int len) {
-            core.update(input, offset, len);
-        }
-        protected void engineUpdate(ByteBuffer input) {
-            core.update(input);
-        }
-        protected byte[] engineDoFinal() {
-            return core.doFinal();
-        }
-        protected void engineReset() {
-            core.reset();
-        }
-        public Object clone() throws CloneNotSupportedException {
-            return new HmacSHA512(this);
+            super("SHA-512", 128);
         }
     }
-
 }
--- a/src/share/classes/com/sun/crypto/provider/HmacMD5.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/com/sun/crypto/provider/HmacMD5.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -37,97 +37,11 @@
  *
  * @author Jan Luehe
  */
-public final class HmacMD5 extends MacSpi implements Cloneable {
-
-    private HmacCore hmac;
-    private static final int MD5_BLOCK_LENGTH = 64;
-
+public final class HmacMD5 extends HmacCore {
     /**
      * Standard constructor, creates a new HmacMD5 instance.
      */
     public HmacMD5() throws NoSuchAlgorithmException {
-        hmac = new HmacCore(MessageDigest.getInstance("MD5"),
-                            MD5_BLOCK_LENGTH);
-    }
-
-    /**
-     * Returns the length of the HMAC in bytes.
-     *
-     * @return the HMAC length in bytes.
-     */
-    protected int engineGetMacLength() {
-        return hmac.getDigestLength();
-    }
-
-    /**
-     * Initializes the HMAC with the given secret key and algorithm parameters.
-     *
-     * @param key the secret key.
-     * @param params the algorithm parameters.
-     *
-     * @exception InvalidKeyException if the given key is inappropriate for
-     * initializing this MAC.
-     * @exception InvalidAlgorithmParameterException if the given algorithm
-     * parameters are inappropriate for this MAC.
-     */
-    protected void engineInit(Key key, AlgorithmParameterSpec params)
-        throws InvalidKeyException, InvalidAlgorithmParameterException {
-        hmac.init(key, params);
-    }
-
-    /**
-     * Processes the given byte.
-     *
-     * @param input the input byte to be processed.
-     */
-    protected void engineUpdate(byte input) {
-        hmac.update(input);
-    }
-
-    /**
-     * Processes the first <code>len</code> bytes in <code>input</code>,
-     * starting at <code>offset</code>.
-     *
-     * @param input the input buffer.
-     * @param offset the offset in <code>input</code> where the input starts.
-     * @param len the number of bytes to process.
-     */
-    protected void engineUpdate(byte input[], int offset, int len) {
-        hmac.update(input, offset, len);
-    }
-
-    protected void engineUpdate(ByteBuffer input) {
-        hmac.update(input);
-    }
-
-    /**
-     * Completes the HMAC computation and resets the HMAC for further use,
-     * maintaining the secret key that the HMAC was initialized with.
-     *
-     * @return the HMAC result.
-     */
-    protected byte[] engineDoFinal() {
-        return hmac.doFinal();
-    }
-
-    /**
-     * Resets the HMAC for further use, maintaining the secret key that the
-     * HMAC was initialized with.
-     */
-    protected void engineReset() {
-        hmac.reset();
-    }
-
-    /*
-     * Clones this object.
-     */
-    public Object clone() {
-        HmacMD5 that = null;
-        try {
-            that = (HmacMD5) super.clone();
-            that.hmac = (HmacCore) this.hmac.clone();
-        } catch (CloneNotSupportedException e) {
-        }
-        return that;
+        super("MD5", 64);
     }
 }
--- a/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -41,26 +41,13 @@
  *
  * @author Valerie Peng
  */
-public final class HmacPKCS12PBESHA1 extends MacSpi implements Cloneable {
-
-    private HmacCore hmac = null;
-    private static final int SHA1_BLOCK_LENGTH = 64;
+public final class HmacPKCS12PBESHA1 extends HmacCore {
 
     /**
      * Standard constructor, creates a new HmacSHA1 instance.
      */
     public HmacPKCS12PBESHA1() throws NoSuchAlgorithmException {
-        this.hmac = new HmacCore(MessageDigest.getInstance("SHA1"),
-                                 SHA1_BLOCK_LENGTH);
-    }
-
-    /**
-     * Returns the length of the HMAC in bytes.
-     *
-     * @return the HMAC length in bytes.
-     */
-    protected int engineGetMacLength() {
-        return hmac.getDigestLength();
+        super("SHA1", 64);
     }
 
     /**
@@ -71,7 +58,7 @@
      *
      * @exception InvalidKeyException if the given key is inappropriate for
      * initializing this MAC.
-     u* @exception InvalidAlgorithmParameterException if the given algorithm
+     * @exception InvalidAlgorithmParameterException if the given algorithm
      * parameters are inappropriate for this MAC.
      */
     protected void engineInit(Key key, AlgorithmParameterSpec params)
@@ -140,64 +127,8 @@
                 ("IterationCount must be a positive number");
         }
         byte[] derivedKey = PKCS12PBECipherCore.derive(passwdChars, salt,
-            iCount, hmac.getDigestLength(), PKCS12PBECipherCore.MAC_KEY);
+            iCount, engineGetMacLength(), PKCS12PBECipherCore.MAC_KEY);
         SecretKey cipherKey = new SecretKeySpec(derivedKey, "HmacSHA1");
-        hmac.init(cipherKey, null);
-    }
-
-    /**
-     * Processes the given byte.
-     *
-     * @param input the input byte to be processed.
-     */
-    protected void engineUpdate(byte input) {
-        hmac.update(input);
-    }
-
-    /**
-     * Processes the first <code>len</code> bytes in <code>input</code>,
-     * starting at <code>offset</code>.
-     *
-     * @param input the input buffer.
-     * @param offset the offset in <code>input</code> where the input starts.
-     * @param len the number of bytes to process.
-     */
-    protected void engineUpdate(byte input[], int offset, int len) {
-        hmac.update(input, offset, len);
-    }
-
-    protected void engineUpdate(ByteBuffer input) {
-        hmac.update(input);
-    }
-
-    /**
-     * Completes the HMAC computation and resets the HMAC for further use,
-     * maintaining the secret key that the HMAC was initialized with.
-     *
-     * @return the HMAC result.
-     */
-    protected byte[] engineDoFinal() {
-        return hmac.doFinal();
-    }
-
-    /**
-     * Resets the HMAC for further use, maintaining the secret key that the
-     * HMAC was initialized with.
-     */
-    protected void engineReset() {
-        hmac.reset();
-    }
-
-    /*
-     * Clones this object.
-     */
-    public Object clone() {
-        HmacPKCS12PBESHA1 that = null;
-        try {
-            that = (HmacPKCS12PBESHA1)super.clone();
-            that.hmac = (HmacCore)this.hmac.clone();
-        } catch (CloneNotSupportedException e) {
-        }
-        return that;
+        super.engineInit(cipherKey, null);
     }
 }
--- a/src/share/classes/com/sun/crypto/provider/HmacSHA1.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/com/sun/crypto/provider/HmacSHA1.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -37,97 +37,11 @@
  *
  * @author Jan Luehe
  */
-public final class HmacSHA1 extends MacSpi implements Cloneable {
-
-    private HmacCore hmac = null;
-    private static final int SHA1_BLOCK_LENGTH = 64;
-
+public final class HmacSHA1 extends HmacCore {
     /**
      * Standard constructor, creates a new HmacSHA1 instance.
      */
     public HmacSHA1() throws NoSuchAlgorithmException {
-        this.hmac = new HmacCore(MessageDigest.getInstance("SHA1"),
-                                 SHA1_BLOCK_LENGTH);
-    }
-
-    /**
-     * Returns the length of the HMAC in bytes.
-     *
-     * @return the HMAC length in bytes.
-     */
-    protected int engineGetMacLength() {
-        return hmac.getDigestLength();
-    }
-
-    /**
-     * Initializes the HMAC with the given secret key and algorithm parameters.
-     *
-     * @param key the secret key.
-     * @param params the algorithm parameters.
-     *
-     * @exception InvalidKeyException if the given key is inappropriate for
-     * initializing this MAC.
-     * @exception InvalidAlgorithmParameterException if the given algorithm
-     * parameters are inappropriate for this MAC.
-     */
-    protected void engineInit(Key key, AlgorithmParameterSpec params)
-        throws InvalidKeyException, InvalidAlgorithmParameterException {
-        hmac.init(key, params);
-    }
-
-    /**
-     * Processes the given byte.
-     *
-     * @param input the input byte to be processed.
-     */
-    protected void engineUpdate(byte input) {
-        hmac.update(input);
-    }
-
-    /**
-     * Processes the first <code>len</code> bytes in <code>input</code>,
-     * starting at <code>offset</code>.
-     *
-     * @param input the input buffer.
-     * @param offset the offset in <code>input</code> where the input starts.
-     * @param len the number of bytes to process.
-     */
-    protected void engineUpdate(byte input[], int offset, int len) {
-        hmac.update(input, offset, len);
-    }
-
-    protected void engineUpdate(ByteBuffer input) {
-        hmac.update(input);
-    }
-
-    /**
-     * Completes the HMAC computation and resets the HMAC for further use,
-     * maintaining the secret key that the HMAC was initialized with.
-     *
-     * @return the HMAC result.
-     */
-    protected byte[] engineDoFinal() {
-        return hmac.doFinal();
-    }
-
-    /**
-     * Resets the HMAC for further use, maintaining the secret key that the
-     * HMAC was initialized with.
-     */
-    protected void engineReset() {
-        hmac.reset();
-    }
-
-    /*
-     * Clones this object.
-     */
-    public Object clone() {
-        HmacSHA1 that = null;
-        try {
-            that = (HmacSHA1)super.clone();
-            that.hmac = (HmacCore)this.hmac.clone();
-        } catch (CloneNotSupportedException e) {
-        }
-        return that;
+        super("SHA1", 64);
     }
 }
--- a/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -105,11 +105,11 @@
         return new SecretKeySpec(b, name);
     }
 
-    // nested static class for the HmacSHA256 key generator
-    public static final class HmacSHA256KG extends KeyGeneratorSpi {
+    // nested static classes for the HmacSHA-2 family of key generator
+    abstract static class HmacSHA2KG extends KeyGeneratorSpi {
         private final KeyGeneratorCore core;
-        public HmacSHA256KG() {
-            core = new KeyGeneratorCore("HmacSHA256", 256);
+        protected HmacSHA2KG(String algoName, int len) {
+            core = new KeyGeneratorCore(algoName, len);
         }
         protected void engineInit(SecureRandom random) {
             core.implInit(random);
@@ -124,47 +124,26 @@
         protected SecretKey engineGenerateKey() {
             return core.implGenerateKey();
         }
-    }
 
-    // nested static class for the HmacSHA384 key generator
-    public static final class HmacSHA384KG extends KeyGeneratorSpi {
-        private final KeyGeneratorCore core;
-        public HmacSHA384KG() {
-            core = new KeyGeneratorCore("HmacSHA384", 384);
+        public static final class SHA224 extends HmacSHA2KG {
+            public SHA224() {
+                super("HmacSHA224", 224);
+            }
         }
-        protected void engineInit(SecureRandom random) {
-            core.implInit(random);
+        public static final class SHA256 extends HmacSHA2KG {
+            public SHA256() {
+                super("HmacSHA256", 256);
+            }
         }
-        protected void engineInit(AlgorithmParameterSpec params,
-                SecureRandom random) throws InvalidAlgorithmParameterException {
-            core.implInit(params, random);
+        public static final class SHA384 extends HmacSHA2KG {
+            public SHA384() {
+                super("HmacSHA384", 384);
+            }
         }
-        protected void engineInit(int keySize, SecureRandom random) {
-            core.implInit(keySize, random);
-        }
-        protected SecretKey engineGenerateKey() {
-            return core.implGenerateKey();
-        }
-    }
-
-    // nested static class for the HmacSHA384 key generator
-    public static final class HmacSHA512KG extends KeyGeneratorSpi {
-        private final KeyGeneratorCore core;
-        public HmacSHA512KG() {
-            core = new KeyGeneratorCore("HmacSHA512", 512);
-        }
-        protected void engineInit(SecureRandom random) {
-            core.implInit(random);
-        }
-        protected void engineInit(AlgorithmParameterSpec params,
-                SecureRandom random) throws InvalidAlgorithmParameterException {
-            core.implInit(params, random);
-        }
-        protected void engineInit(int keySize, SecureRandom random) {
-            core.implInit(keySize, random);
-        }
-        protected SecretKey engineGenerateKey() {
-            return core.implGenerateKey();
+        public static final class SHA512 extends HmacSHA2KG {
+            public SHA512() {
+                super("HmacSHA512", 512);
+            }
         }
     }
 
--- a/src/share/classes/com/sun/crypto/provider/OAEPParameters.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/com/sun/crypto/provider/OAEPParameters.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -108,6 +108,8 @@
     private static String convertToStandardName(String internalName) {
         if (internalName.equals("SHA")) {
             return "SHA-1";
+        } else if (internalName.equals("SHA224")) {
+            return "SHA-224";
         } else if (internalName.equals("SHA256")) {
             return "SHA-256";
         } else if (internalName.equals("SHA384")) {
@@ -143,6 +145,8 @@
                 String mgfDigestName = convertToStandardName(params.getName());
                 if (mgfDigestName.equals("SHA-1")) {
                     mgfSpec = MGF1ParameterSpec.SHA1;
+                } else if (mgfDigestName.equals("SHA-224")) {
+                    mgfSpec = MGF1ParameterSpec.SHA224;
                 } else if (mgfDigestName.equals("SHA-256")) {
                     mgfSpec = MGF1ParameterSpec.SHA256;
                 } else if (mgfDigestName.equals("SHA-384")) {
--- a/src/share/classes/com/sun/crypto/provider/SunJCE.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/com/sun/crypto/provider/SunJCE.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -65,7 +65,7 @@
  *
  * - Diffie-Hellman Key Agreement
  *
- * - HMAC-MD5, HMAC-SHA1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512
+ * - HMAC-MD5, HMAC-SHA1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512
  *
  */
 
@@ -113,6 +113,7 @@
                             "NOPADDING|PKCS1PADDING|OAEPWITHMD5ANDMGF1PADDING"
                             + "|OAEPWITHSHA1ANDMGF1PADDING"
                             + "|OAEPWITHSHA-1ANDMGF1PADDING"
+                            + "|OAEPWITHSHA-224ANDMGF1PADDING"
                             + "|OAEPWITHSHA-256ANDMGF1PADDING"
                             + "|OAEPWITHSHA-384ANDMGF1PADDING"
                             + "|OAEPWITHSHA-512ANDMGF1PADDING");
@@ -221,12 +222,25 @@
                     put("KeyGenerator.HmacSHA1",
                         "com.sun.crypto.provider.HmacSHA1KeyGenerator");
 
+                    put("KeyGenerator.HmacSHA224",
+                        "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA224");
+                    put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.8", "HmacSHA224");
+                    put("Alg.Alias.KeyGenerator.1.2.840.113549.2.8", "HmacSHA224");
+
                     put("KeyGenerator.HmacSHA256",
-                        "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA256KG");
+                        "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA256");
+                    put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.9", "HmacSHA256");
+                    put("Alg.Alias.KeyGenerator.1.2.840.113549.2.9", "HmacSHA256");
+
                     put("KeyGenerator.HmacSHA384",
-                        "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA384KG");
+                        "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA384");
+                    put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.10", "HmacSHA384");
+                    put("Alg.Alias.KeyGenerator.1.2.840.113549.2.10", "HmacSHA384");
+
                     put("KeyGenerator.HmacSHA512",
-                        "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA512KG");
+                        "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA512");
+                    put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.11", "HmacSHA512");
+                    put("Alg.Alias.KeyGenerator.1.2.840.113549.2.11", "HmacSHA512");
 
                     put("KeyPairGenerator.DiffieHellman",
                         "com.sun.crypto.provider.DHKeyPairGenerator");
@@ -389,12 +403,23 @@
                      */
                     put("Mac.HmacMD5", "com.sun.crypto.provider.HmacMD5");
                     put("Mac.HmacSHA1", "com.sun.crypto.provider.HmacSHA1");
+                    put("Mac.HmacSHA224",
+                        "com.sun.crypto.provider.HmacCore$HmacSHA224");
+                    put("Alg.Alias.Mac.OID.1.2.840.113549.2.8", "HmacSHA224");
+                    put("Alg.Alias.Mac.1.2.840.113549.2.8", "HmacSHA224");
                     put("Mac.HmacSHA256",
                         "com.sun.crypto.provider.HmacCore$HmacSHA256");
+                    put("Alg.Alias.Mac.OID.1.2.840.113549.2.9", "HmacSHA256");
+                    put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA256");
                     put("Mac.HmacSHA384",
                         "com.sun.crypto.provider.HmacCore$HmacSHA384");
+                    put("Alg.Alias.Mac.OID.1.2.840.113549.2.10", "HmacSHA384");
+                    put("Alg.Alias.Mac.1.2.840.113549.2.10", "HmacSHA384");
                     put("Mac.HmacSHA512",
                         "com.sun.crypto.provider.HmacCore$HmacSHA512");
+                    put("Alg.Alias.Mac.OID.1.2.840.113549.2.11", "HmacSHA512");
+                    put("Alg.Alias.Mac.1.2.840.113549.2.11", "HmacSHA512");
+
                     put("Mac.HmacPBESHA1",
                         "com.sun.crypto.provider.HmacPKCS12PBESHA1");
 
@@ -405,6 +430,7 @@
 
                     put("Mac.HmacMD5 SupportedKeyFormats", "RAW");
                     put("Mac.HmacSHA1 SupportedKeyFormats", "RAW");
+                    put("Mac.HmacSHA224 SupportedKeyFormats", "RAW");
                     put("Mac.HmacSHA256 SupportedKeyFormats", "RAW");
                     put("Mac.HmacSHA384 SupportedKeyFormats", "RAW");
                     put("Mac.HmacSHA512 SupportedKeyFormats", "RAW");
--- a/src/share/classes/com/sun/rowset/FilteredRowSetImpl.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/com/sun/rowset/FilteredRowSetImpl.java	Mon May 21 11:44:01 2012 -0700
@@ -128,7 +128,7 @@
          for(int rows=this.getRow(); rows<=this.size();rows++) {
              bool = super.internalNext();
 
-             if( p == null) {
+             if( !bool || p == null) {
                return bool;
              }
              if(p.evaluate(this)){
--- a/src/share/classes/java/lang/Integer.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/lang/Integer.java	Mon May 21 11:44:01 2012 -0700
@@ -780,6 +780,9 @@
             int j = low;
             for(int k = 0; k < cache.length; k++)
                 cache[k] = new Integer(j++);
+
+            // range [-128, 127] must be interned (JLS7 5.1.7)
+            assert IntegerCache.high >= 127;
         }
 
         private IntegerCache() {}
@@ -801,7 +804,6 @@
      * @since  1.5
      */
     public static Integer valueOf(int i) {
-        assert IntegerCache.high >= 127;
         if (i >= IntegerCache.low && i <= IntegerCache.high)
             return IntegerCache.cache[i + (-IntegerCache.low)];
         return new Integer(i);
--- a/src/share/classes/java/nio/MappedByteBuffer.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/nio/MappedByteBuffer.java	Mon May 21 11:44:01 2012 -0700
@@ -139,6 +139,9 @@
         return isLoaded0(mappingAddress(offset), length, Bits.pageCount(length));
     }
 
+    // not used, but a potential target for a store, see load() for details.
+    private static byte unused;
+
     /**
      * Loads this buffer's content into physical memory.
      *
@@ -157,15 +160,20 @@
         long length = mappingLength(offset);
         load0(mappingAddress(offset), length);
 
-        // touch each page
+        // Read a byte from each page to bring it into memory. A checksum
+        // is computed as we go along to prevent the compiler from otherwise
+        // considering the loop as dead code.
         Unsafe unsafe = Unsafe.getUnsafe();
         int ps = Bits.pageSize();
         int count = Bits.pageCount(length);
         long a = mappingAddress(offset);
+        byte x = 0;
         for (int i=0; i<count; i++) {
-            unsafe.getByte(a);
+            x ^= unsafe.getByte(a);
             a += ps;
         }
+        if (unused != 0)
+            unused = x;
 
         return this;
     }
--- a/src/share/classes/java/security/spec/MGF1ParameterSpec.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/security/spec/MGF1ParameterSpec.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -42,6 +42,7 @@
  * <pre>
  * OAEP-PSSDigestAlgorithms    ALGORITHM-IDENTIFIER ::= {
  *   { OID id-sha1 PARAMETERS NULL   }|
+ *   { OID id-sha224 PARAMETERS NULL   }|
  *   { OID id-sha256 PARAMETERS NULL }|
  *   { OID id-sha384 PARAMETERS NULL }|
  *   { OID id-sha512 PARAMETERS NULL },
@@ -63,6 +64,11 @@
     public static final MGF1ParameterSpec SHA1 =
         new MGF1ParameterSpec("SHA-1");
     /**
+     * The MGF1ParameterSpec which uses "SHA-224" message digest.
+     */
+    public static final MGF1ParameterSpec SHA224 =
+        new MGF1ParameterSpec("SHA-224");
+    /**
      * The MGF1ParameterSpec which uses "SHA-256" message digest.
      */
     public static final MGF1ParameterSpec SHA256 =
--- a/src/share/classes/java/security/spec/PSSParameterSpec.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/security/spec/PSSParameterSpec.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -47,6 +47,7 @@
  * <pre>
  * OAEP-PSSDigestAlgorithms    ALGORITHM-IDENTIFIER ::= {
  *   { OID id-sha1 PARAMETERS NULL   }|
+ *   { OID id-sha224 PARAMETERS NULL   }|
  *   { OID id-sha256 PARAMETERS NULL }|
  *   { OID id-sha384 PARAMETERS NULL }|
  *   { OID id-sha512 PARAMETERS NULL },
--- a/src/share/classes/java/util/NoSuchElementException.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/util/NoSuchElementException.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1994, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,13 +26,12 @@
 package java.util;
 
 /**
- * Thrown by the <code>nextElement</code> method of an
- * <code>Enumeration</code> to indicate that there are no more
- * elements in the enumeration.
+ * Thrown by various accessor methods to indicate that the element being requested
+ * does not exist.
  *
  * @author  unascribed
- * @see     java.util.Enumeration
  * @see     java.util.Enumeration#nextElement()
+ * @see     java.util.Iterator#next()
  * @since   JDK1.0
  */
 public
--- a/src/share/classes/java/util/UUID.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/util/UUID.java	Mon May 21 11:44:01 2012 -0700
@@ -90,9 +90,11 @@
 
     /*
      * The random number generator used by this class to create random
-     * based UUIDs.
+     * based UUIDs. In a holder class to defer initialization until needed.
      */
-    private static volatile SecureRandom numberGenerator = null;
+    private static class Holder {
+        static final SecureRandom numberGenerator = new SecureRandom();
+    }
 
     // Constructors and Factories
 
@@ -137,10 +139,7 @@
      * @return  A randomly generated {@code UUID}
      */
     public static UUID randomUUID() {
-        SecureRandom ng = numberGenerator;
-        if (ng == null) {
-            numberGenerator = ng = new SecureRandom();
-        }
+        SecureRandom ng = Holder.numberGenerator;
 
         byte[] randomBytes = new byte[16];
         ng.nextBytes(randomBytes);
@@ -255,7 +254,8 @@
      * The variant number has the following meaning:
      * <p><ul>
      * <li>0    Reserved for NCS backward compatibility
-     * <li>2    The Leach-Salz variant (used by this class)
+     * <li>2    <a href="http://www.ietf.org/rfc/rfc4122.txt">IETF&nbsp;RFC&nbsp;4122</a>
+     * (Leach-Salz), used by this class
      * <li>6    Reserved, Microsoft Corporation backward compatibility
      * <li>7    Reserved for future definition
      * </ul>
@@ -265,7 +265,7 @@
     public int variant() {
         // This field is composed of a varying number of bits.
         // 0    -    -    Reserved for NCS backward compatibility
-        // 1    0    -    The Leach-Salz variant (used by this class)
+        // 1    0    -    The IETF aka Leach-Salz variant (used by this class)
         // 1    1    0    Reserved, Microsoft backward compatibility
         // 1    1    1    Reserved for future definition.
         return (int) ((leastSigBits >>> (64 - (leastSigBits >>> 62)))
--- a/src/share/classes/java/util/concurrent/atomic/AtomicIntegerFieldUpdater.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/util/concurrent/atomic/AtomicIntegerFieldUpdater.java	Mon May 21 11:44:01 2012 -0700
@@ -35,7 +35,11 @@
 
 package java.util.concurrent.atomic;
 import sun.misc.Unsafe;
-import java.lang.reflect.*;
+import java.lang.reflect.Field;
+import java.lang.reflect.Modifier;
+import java.security.AccessController;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
 
 /**
  * A reflection-based utility that enables atomic updates to
@@ -67,7 +71,9 @@
      * @throws IllegalArgumentException if the field is not a
      * volatile integer type
      * @throws RuntimeException with a nested reflection-based
-     * exception if the class does not hold field or is the wrong type
+     * exception if the class does not hold field or is the wrong type,
+     * or the field is inaccessible to the caller according to Java language
+     * access control
      */
     public static <U> AtomicIntegerFieldUpdater<U> newUpdater(Class<U> tclass, String fieldName) {
         return new AtomicIntegerFieldUpdaterImpl<U>(tclass, fieldName);
@@ -267,17 +273,29 @@
         private final Class<T> tclass;
         private final Class<?> cclass;
 
-        AtomicIntegerFieldUpdaterImpl(Class<T> tclass, String fieldName) {
+        AtomicIntegerFieldUpdaterImpl(final Class<T> tclass, final String fieldName) {
             Field field = null;
             Class<?> caller = null;
             int modifiers = 0;
             try {
-                field = tclass.getDeclaredField(fieldName);
+                field = AccessController.doPrivileged(
+                    new PrivilegedExceptionAction<Field>() {
+                        public Field run() throws NoSuchFieldException {
+                            return tclass.getDeclaredField(fieldName);
+                        }
+                    });
                 caller = sun.reflect.Reflection.getCallerClass(3);
                 modifiers = field.getModifiers();
                 sun.reflect.misc.ReflectUtil.ensureMemberAccess(
                     caller, tclass, null, modifiers);
-                sun.reflect.misc.ReflectUtil.checkPackageAccess(tclass);
+                ClassLoader cl = tclass.getClassLoader();
+                ClassLoader ccl = caller.getClassLoader();
+                if ((ccl != null) && (ccl != cl) &&
+                    ((cl == null) || !isAncestor(cl, ccl))) {
+                  sun.reflect.misc.ReflectUtil.checkPackageAccess(tclass);
+                }
+            } catch (PrivilegedActionException pae) {
+                throw new RuntimeException(pae.getException());
             } catch (Exception ex) {
                 throw new RuntimeException(ex);
             }
@@ -295,6 +313,22 @@
             offset = unsafe.objectFieldOffset(field);
         }
 
+        /**
+         * Returns true if the second classloader can be found in the first
+         * classloader's delegation chain.
+         * Equivalent to the inaccessible: first.isAncestor(second).
+         */
+        private static boolean isAncestor(ClassLoader first, ClassLoader second) {
+            ClassLoader acl = first;
+            do {
+                acl = acl.getParent();
+                if (second == acl) {
+                    return true;
+                }
+            } while (acl != null);
+            return false;
+        }
+
         private void fullCheck(T obj) {
             if (!tclass.isInstance(obj))
                 throw new ClassCastException();
--- a/src/share/classes/java/util/concurrent/atomic/AtomicLongFieldUpdater.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/util/concurrent/atomic/AtomicLongFieldUpdater.java	Mon May 21 11:44:01 2012 -0700
@@ -35,7 +35,11 @@
 
 package java.util.concurrent.atomic;
 import sun.misc.Unsafe;
-import java.lang.reflect.*;
+import java.lang.reflect.Field;
+import java.lang.reflect.Modifier;
+import java.security.AccessController;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
 
 /**
  * A reflection-based utility that enables atomic updates to
@@ -67,7 +71,9 @@
      * @throws IllegalArgumentException if the field is not a
      * volatile long type.
      * @throws RuntimeException with a nested reflection-based
-     * exception if the class does not hold field or is the wrong type.
+     * exception if the class does not hold field or is the wrong type,
+     * or the field is inaccessible to the caller according to Java language
+     * access control
      */
     public static <U> AtomicLongFieldUpdater<U> newUpdater(Class<U> tclass, String fieldName) {
         if (AtomicLong.VM_SUPPORTS_LONG_CAS)
@@ -267,17 +273,29 @@
         private final Class<T> tclass;
         private final Class<?> cclass;
 
-        CASUpdater(Class<T> tclass, String fieldName) {
+        CASUpdater(final Class<T> tclass, final String fieldName) {
             Field field = null;
             Class<?> caller = null;
             int modifiers = 0;
             try {
-                field = tclass.getDeclaredField(fieldName);
+                field = AccessController.doPrivileged(
+                    new PrivilegedExceptionAction<Field>() {
+                        public Field run() throws NoSuchFieldException {
+                            return tclass.getDeclaredField(fieldName);
+                        }
+                    });
                 caller = sun.reflect.Reflection.getCallerClass(3);
                 modifiers = field.getModifiers();
                 sun.reflect.misc.ReflectUtil.ensureMemberAccess(
                     caller, tclass, null, modifiers);
-                sun.reflect.misc.ReflectUtil.checkPackageAccess(tclass);
+                ClassLoader cl = tclass.getClassLoader();
+                ClassLoader ccl = caller.getClassLoader();
+                if ((ccl != null) && (ccl != cl) &&
+                    ((cl == null) || !isAncestor(cl, ccl))) {
+                  sun.reflect.misc.ReflectUtil.checkPackageAccess(tclass);
+                }
+            } catch (PrivilegedActionException pae) {
+                throw new RuntimeException(pae.getException());
             } catch (Exception ex) {
                 throw new RuntimeException(ex);
             }
@@ -350,17 +368,29 @@
         private final Class<T> tclass;
         private final Class<?> cclass;
 
-        LockedUpdater(Class<T> tclass, String fieldName) {
+        LockedUpdater(final Class<T> tclass, final String fieldName) {
             Field field = null;
             Class<?> caller = null;
             int modifiers = 0;
             try {
-                field = tclass.getDeclaredField(fieldName);
+                field = AccessController.doPrivileged(
+                    new PrivilegedExceptionAction<Field>() {
+                        public Field run() throws NoSuchFieldException {
+                            return tclass.getDeclaredField(fieldName);
+                        }
+                    });
                 caller = sun.reflect.Reflection.getCallerClass(3);
                 modifiers = field.getModifiers();
                 sun.reflect.misc.ReflectUtil.ensureMemberAccess(
                     caller, tclass, null, modifiers);
-                sun.reflect.misc.ReflectUtil.checkPackageAccess(tclass);
+                ClassLoader cl = tclass.getClassLoader();
+                ClassLoader ccl = caller.getClassLoader();
+                if ((ccl != null) && (ccl != cl) &&
+                    ((cl == null) || !isAncestor(cl, ccl))) {
+                  sun.reflect.misc.ReflectUtil.checkPackageAccess(tclass);
+                }
+            } catch (PrivilegedActionException pae) {
+                throw new RuntimeException(pae.getException());
             } catch (Exception ex) {
                 throw new RuntimeException(ex);
             }
@@ -433,4 +463,20 @@
             );
         }
     }
+
+    /**
+     * Returns true if the second classloader can be found in the first
+     * classloader's delegation chain.
+     * Equivalent to the inaccessible: first.isAncestor(second).
+     */
+    private static boolean isAncestor(ClassLoader first, ClassLoader second) {
+        ClassLoader acl = first;
+        do {
+            acl = acl.getParent();
+            if (second == acl) {
+                return true;
+            }
+        } while (acl != null);
+        return false;
+    }
 }
--- a/src/share/classes/java/util/concurrent/atomic/AtomicReferenceFieldUpdater.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/util/concurrent/atomic/AtomicReferenceFieldUpdater.java	Mon May 21 11:44:01 2012 -0700
@@ -35,7 +35,11 @@
 
 package java.util.concurrent.atomic;
 import sun.misc.Unsafe;
-import java.lang.reflect.*;
+import java.lang.reflect.Field;
+import java.lang.reflect.Modifier;
+import java.security.AccessController;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
 
 /**
  * A reflection-based utility that enables atomic updates to
@@ -86,7 +90,9 @@
      * @return the updater
      * @throws IllegalArgumentException if the field is not a volatile reference type.
      * @throws RuntimeException with a nested reflection-based
-     * exception if the class does not hold field or is the wrong type.
+     * exception if the class does not hold field or is the wrong type,
+     * or the field is inaccessible to the caller according to Java language
+     * access control
      */
     public static <U, W> AtomicReferenceFieldUpdater<U,W> newUpdater(Class<U> tclass, Class<W> vclass, String fieldName) {
         return new AtomicReferenceFieldUpdaterImpl<U,W>(tclass,
@@ -197,21 +203,33 @@
          * screenings fail.
          */
 
-        AtomicReferenceFieldUpdaterImpl(Class<T> tclass,
+        AtomicReferenceFieldUpdaterImpl(final Class<T> tclass,
                                         Class<V> vclass,
-                                        String fieldName) {
+                                        final String fieldName) {
             Field field = null;
             Class<?> fieldClass = null;
             Class<?> caller = null;
             int modifiers = 0;
             try {
-                field = tclass.getDeclaredField(fieldName);
+                field = AccessController.doPrivileged(
+                    new PrivilegedExceptionAction<Field>() {
+                        public Field run() throws NoSuchFieldException {
+                            return tclass.getDeclaredField(fieldName);
+                        }
+                    });
                 caller = sun.reflect.Reflection.getCallerClass(3);
                 modifiers = field.getModifiers();
                 sun.reflect.misc.ReflectUtil.ensureMemberAccess(
-                    caller, tclass, null, modifiers);
-                sun.reflect.misc.ReflectUtil.checkPackageAccess(tclass);
+                                                                caller, tclass, null, modifiers);
+                ClassLoader cl = tclass.getClassLoader();
+                ClassLoader ccl = caller.getClassLoader();
+                if ((ccl != null) && (ccl != cl) &&
+                    ((cl == null) || !isAncestor(cl, ccl))) {
+                    sun.reflect.misc.ReflectUtil.checkPackageAccess(tclass);
+                }
                 fieldClass = field.getType();
+            } catch (PrivilegedActionException pae) {
+                throw new RuntimeException(pae.getException());
             } catch (Exception ex) {
                 throw new RuntimeException(ex);
             }
@@ -232,6 +250,22 @@
             offset = unsafe.objectFieldOffset(field);
         }
 
+        /**
+         * Returns true if the second classloader can be found in the first
+         * classloader's delegation chain.
+         * Equivalent to the inaccessible: first.isAncestor(second).
+         */
+        private static boolean isAncestor(ClassLoader first, ClassLoader second) {
+            ClassLoader acl = first;
+            do {
+                acl = acl.getParent();
+                if (second == acl) {
+                    return true;
+                }
+            } while (acl != null);
+            return false;
+        }
+
         void targetCheck(T obj) {
             if (!tclass.isInstance(obj))
                 throw new ClassCastException();
@@ -281,7 +315,7 @@
         }
 
         @SuppressWarnings("unchecked")
-        public V get(T obj) {
+            public V get(T obj) {
             if (obj == null || obj.getClass() != tclass || cclass != null)
                 targetCheck(obj);
             return (V)unsafe.getObjectVolatile(obj, offset);
@@ -292,14 +326,14 @@
                 return;
             }
             throw new RuntimeException(
-                new IllegalAccessException("Class " +
-                    cclass.getName() +
-                    " can not access a protected member of class " +
-                    tclass.getName() +
-                    " using an instance of " +
-                    obj.getClass().getName()
-                )
-            );
+                                       new IllegalAccessException("Class " +
+                                                                  cclass.getName() +
+                                                                  " can not access a protected member of class " +
+                                                                  tclass.getName() +
+                                                                  " using an instance of " +
+                                                                  obj.getClass().getName()
+                                                                  )
+                                       );
         }
     }
 }
--- a/src/share/classes/java/util/prefs/AbstractPreferences.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/util/prefs/AbstractPreferences.java	Mon May 21 11:44:01 2012 -0700
@@ -305,8 +305,10 @@
      * @param key key whose mapping is to be removed from the preference node.
      * @throws IllegalStateException if this node (or an ancestor) has been
      *         removed with the {@link #removeNode()} method.
+     * @throws NullPointerException {@inheritDoc}.
      */
     public void remove(String key) {
+        Objects.requireNonNull(key, "Specified key cannot be null");
         synchronized(lock) {
             if (removed)
                 throw new IllegalStateException("Node has been removed.");
--- a/src/share/classes/java/util/regex/Pattern.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/java/util/regex/Pattern.java	Mon May 21 11:44:01 2012 -0700
@@ -152,15 +152,24 @@
  *     <td headers="matches">A digit: <tt>[0-9]</tt></td></tr>
  * <tr><td valign="top" headers="construct predef"><tt>\D</tt></td>
  *     <td headers="matches">A non-digit: <tt>[^0-9]</tt></td></tr>
+ * <tr><td valign="top" headers="construct predef"><tt>\h</tt></td>
+ *     <td headers="matches">A horizontal whitespace character:
+ *     <tt>[ \t\xA0&#92;u1680&#92;u180e&#92;u2000-&#92;u200a&#92;u202f&#92;u205f&#92;u3000]</tt></td></tr>
+ * <tr><td valign="top" headers="construct predef"><tt>\H</tt></td>
+ *     <td headers="matches">A non-horizontal whitespace character: <tt>[^\h]</tt></td></tr>
  * <tr><td valign="top" headers="construct predef"><tt>\s</tt></td>
  *     <td headers="matches">A whitespace character: <tt>[ \t\n\x0B\f\r]</tt></td></tr>
  * <tr><td valign="top" headers="construct predef"><tt>\S</tt></td>
  *     <td headers="matches">A non-whitespace character: <tt>[^\s]</tt></td></tr>
+ * <tr><td valign="top" headers="construct predef"><tt>\v</tt></td>
+ *     <td headers="matches">A vertical whitespace character: <tt>[\n\x0B\f\r\x85&#92;u2028&#92;u2029]</tt>
+ *     </td></tr>
+ * <tr><td valign="top" headers="construct predef"><tt>\V</tt></td>
+ *     <td headers="matches">A non-vertical whitespace character: <tt>[^\v]</tt></td></tr>
  * <tr><td valign="top" headers="construct predef"><tt>\w</tt></td>
  *     <td headers="matches">A word character: <tt>[a-zA-Z_0-9]</tt></td></tr>
  * <tr><td valign="top" headers="construct predef"><tt>\W</tt></td>
  *     <td headers="matches">A non-word character: <tt>[^\w]</tt></td></tr>
- *
  * <tr><th>&nbsp;</th></tr>
  * <tr align="left"><th colspan="2" id="posix">POSIX character classes</b> (US-ASCII only)<b></th></tr>
  *
@@ -244,6 +253,13 @@
  *     <td headers="matches">The end of the input</td></tr>
  *
  * <tr><th>&nbsp;</th></tr>
+ * <tr align="left"><th colspan="2" id="lineending">Linebreak matcher</th></tr>
+ * <tr><td valign="top" headers="construct lineending"><tt>\R</tt></td>
+ *     <td headers="matches">Any Unicode linebreak sequence, is equivalent to
+ *     <tt>&#92;u000D&#92;u000A|[&#92;u000A&#92;u000B&#92;u000C&#92;u000D&#92;u0085&#92;u2028&#92;u2029]
+ *     </tt></td></tr>
+ *
+ * <tr><th>&nbsp;</th></tr>
  * <tr align="left"><th colspan="2" id="greedy">Greedy quantifiers</th></tr>
  *
  * <tr><td valign="top" headers="construct greedy"><i>X</i><tt>?</tt></td>
@@ -599,11 +615,9 @@
  *   <li> Noncharacter_Code_Point
  *   <li> Assigned
  * </ul>
-
-
  * <p>
- * <b>Predefined Character classes</b> and <b>POSIX character classes</b> are in
- * conformance with the recommendation of <i>Annex C: Compatibility Properties</i>
+ * The following <b>Predefined Character classes</b> and <b>POSIX character classes</b>
+ * are in conformance with the recommendation of <i>Annex C: Compatibility Properties</i>
  * of <a href="http://www.unicode.org/reports/tr18/"><i>Unicode Regular Expression
  * </i></a>, when {@link #UNICODE_CHARACTER_CLASS} flag is specified.
  * <p>
@@ -668,12 +682,6 @@
  *
  * <ul>
  *    <li><p> Predefined character classes (Unicode character)
- *    <p><tt>\h&nbsp;&nbsp;&nbsp;&nbsp;</tt>A horizontal whitespace
- *    <p><tt>\H&nbsp;&nbsp;&nbsp;&nbsp;</tt>A non horizontal whitespace
- *    <p><tt>\v&nbsp;&nbsp;&nbsp;&nbsp;</tt>A vertical whitespace
- *    <p><tt>\V&nbsp;&nbsp;&nbsp;&nbsp;</tt>A non vertical whitespace
- *    <p><tt>\R&nbsp;&nbsp;&nbsp;&nbsp;</tt>Any Unicode linebreak sequence
- *    <tt>\u005cu000D\u005cu000A|[\u005cu000A\u005cu000B\u005cu000C\u005cu000D\u005cu0085\u005cu2028\u005cu2029]</tt>
  *    <p><tt>\X&nbsp;&nbsp;&nbsp;&nbsp;</tt>Match Unicode
  *    <a href="http://www.unicode.org/reports/tr18/#Default_Grapheme_Clusters">
  *    <i>extended grapheme cluster</i></a>
@@ -2178,7 +2186,7 @@
                 }
                 unread();
                 prev = cursor;
-                ch = escape(false, first == 0);
+                ch = escape(false, first == 0, false);
                 if (ch >= 0) {
                     append(ch, first);
                     first++;
@@ -2276,7 +2284,7 @@
      * If the returned value is greater than zero, it is the value that
      * matches the escape sequence.
      */
-    private int escape(boolean inclass, boolean create) {
+    private int escape(boolean inclass, boolean create, boolean isrange) {
         int ch = skip();
         switch (ch) {
         case '0':
@@ -2318,6 +2326,8 @@
             if (create) root = new LastMatch();
             return -1;
         case 'H':
+            if (create) root = new HorizWS().complement();
+            return -1;
         case 'I':
         case 'J':
         case 'K':
@@ -2327,8 +2337,11 @@
         case 'O':
         case 'P':
         case 'Q':
+            break;
         case 'R':
-            break;
+            if (inclass) break;
+            if (create) root = new LineEnding();
+            return -1;
         case 'S':
             if (create) root = has(UNICODE_CHARACTER_CLASS)
                                ? new Utype(UnicodeProp.WHITE_SPACE).complement()
@@ -2336,8 +2349,10 @@
             return -1;
         case 'T':
         case 'U':
+            break;
         case 'V':
-            break;
+            if (create) root = new VertWS().complement();
+            return -1;
         case 'W':
             if (create) root = has(UNICODE_CHARACTER_CLASS)
                                ? new Utype(UnicodeProp.WORD).complement()
@@ -2373,7 +2388,10 @@
         case 'f':
             return '\f';
         case 'g':
+            break;
         case 'h':
+            if (create) root = new HorizWS();
+            return -1;
         case 'i':
         case 'j':
             break;
@@ -2413,7 +2431,18 @@
         case 'u':
             return u();
         case 'v':
-            return '\013';
+            // '\v' was implemented as VT/0x0B in releases < 1.8 (though
+            // undocumented). In JDK8 '\v' is specified as a predefined
+            // character class for all vertical whitespace characters.
+            // So [-1, root=VertWS node] pair is returned (instead of a
+            // single 0x0B). This breaks the range if '\v' is used as
+            // the start or end value, such as [\v-...] or [...-\v], in
+            // which a single definite value (0x0B) is expected. For
+            // compatiblity concern '\013'/0x0B is returned if isrange.
+            if (isrange)
+                return '\013';
+            if (create) root = new VertWS();
+            return -1;
         case 'w':
             if (create) root = has(UNICODE_CHARACTER_CLASS)
                                ? new Utype(UnicodeProp.WORD)
@@ -2590,13 +2619,14 @@
                     oneLetter = false;
                 return family(oneLetter, comp);
             } else { // ordinary escape
+                boolean isrange = temp[cursor+1] == '-';
                 unread();
-                ch = escape(true, true);
+                ch = escape(true, true, isrange);
                 if (ch == -1)
                     return (CharProperty) root;
             }
         } else {
-            ch = single();
+            next();
         }
         if (ch >= 0) {
             if (peek() == '-') {
@@ -2606,9 +2636,15 @@
                 }
                 if (endRange != ']') {
                     next();
-                    int m = single();
-                    if (m < ch)
+                    int m = peek();
+                    if (m == '\\') {
+                        m = escape(true, false, true);
+                    } else {
+                        next();
+                    }
+                    if (m < ch) {
                         throw error("Illegal character range");
+                    }
                     if (has(CASE_INSENSITIVE))
                         return caseInsensitiveRangeFor(ch, m);
                     else
@@ -2620,17 +2656,6 @@
         throw error("Unexpected character '"+((char)ch)+"'");
     }
 
-    private int single() {
-        int ch = peek();
-        switch (ch) {
-        case '\\':
-            return escape(true, false);
-        default:
-            next();
-            return ch;
-        }
-    }
-
     /**
      * Parses a Unicode character family and returns its representative node.
      */
@@ -3695,6 +3720,35 @@
     }
 
     /**
+     * Node class that matches a Unicode line ending '\R'
+     */
+    static final class LineEnding extends Node {
+        boolean match(Matcher matcher, int i, CharSequence seq) {
+            // (u+000Du+000A|[u+000Au+000Bu+000Cu+000Du+0085u+2028u+2029])
+            if (i < matcher.to) {
+                int ch = seq.charAt(i);
+                if (ch == 0x0A || ch == 0x0B || ch == 0x0C ||
+                    ch == 0x85 || ch == 0x2028 || ch == 0x2029)
+                    return next.match(matcher, i + 1, seq);
+                if (ch == 0x0D) {
+                    i++;
+                    if (i < matcher.to && seq.charAt(i) == 0x0A)
+                        i++;
+                    return next.match(matcher, i, seq);
+                }
+            } else {
+                matcher.hitEnd = true;
+            }
+            return false;
+        }
+        boolean study(TreeInfo info) {
+            info.minLength++;
+            info.maxLength += 2;
+            return next.study(info);
+        }
+    }
+
+    /**
      * Abstract node class to match one character satisfying some
      * boolean property.
      */
@@ -3789,7 +3843,6 @@
         }
     }
 
-
     /**
      * Node class that matches a Unicode block.
      */
@@ -3838,7 +3891,6 @@
         }
     }
 
-
     /**
      * Node class that matches a POSIX type.
      */
@@ -3851,6 +3903,28 @@
     }
 
     /**
+     * Node class that matches a Perl vertical whitespace
+     */
+    static final class VertWS extends BmpCharProperty {
+        boolean isSatisfiedBy(int cp) {
+            return (cp >= 0x0A && cp <= 0x0D) ||
+                   cp == 0x85 || cp == 0x2028 || cp == 0x2029;
+        }
+    }
+
+    /**
+     * Node class that matches a Perl horizontal whitespace
+     */
+    static final class HorizWS extends BmpCharProperty {
+        boolean isSatisfiedBy(int cp) {
+            return cp == 0x09 || cp == 0x20 || cp == 0xa0 ||
+                   cp == 0x1680 || cp == 0x180e ||
+                   cp >= 0x2000 && cp <= 0x200a ||
+                   cp == 0x202f || cp == 0x205f || cp == 0x3000;
+        }
+    }
+
+    /**
      * Base class for all Slice nodes
      */
     static class SliceNode extends Node {
--- a/src/share/classes/sun/management/Agent.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/management/Agent.java	Mon May 21 11:44:01 2012 -0700
@@ -168,7 +168,10 @@
 
         // management properties can be overridden by system properties
         // which take precedence
-        configProps.putAll(System.getProperties());
+        Properties sysProps = System.getProperties();
+        synchronized(sysProps){
+            configProps.putAll(sysProps);
+        }
 
         // if user specifies config file into command line for either
         // jcmd utilities or attach command it overrides properties set in
@@ -264,7 +267,10 @@
 
         // management properties can be overridden by system properties
         // which take precedence
-        props.putAll(System.getProperties());
+        Properties sysProps = System.getProperties();
+        synchronized(sysProps){
+            props.putAll(sysProps);
+        }
 
         return props;
    }
--- a/src/share/classes/sun/nio/ch/SocketChannelImpl.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/nio/ch/SocketChannelImpl.java	Mon May 21 11:44:01 2012 -0700
@@ -629,17 +629,6 @@
                                 break;
                             }
 
-                            synchronized (stateLock) {
-                                if (isOpen() && (localAddress == null) ||
-                                    ((InetSocketAddress)localAddress)
-                                        .getAddress().isAnyLocalAddress())
-                                {
-                                    // Socket was not bound before connecting or
-                                    // Socket was bound with an "anyLocalAddress"
-                                    localAddress = Net.localAddress(fd);
-                                }
-                            }
-
                         } finally {
                             readerCleanup();
                             end((n > 0) || (n == IOStatus.UNAVAILABLE));
@@ -659,6 +648,8 @@
                             // Connection succeeded; disallow further
                             // invocation
                             state = ST_CONNECTED;
+                            if (isOpen())
+                                localAddress = Net.localAddress(fd);
                             return true;
                         }
                         // If nonblocking and no exception then connection
@@ -747,6 +738,8 @@
                 if (n > 0) {
                     synchronized (stateLock) {
                         state = ST_CONNECTED;
+                        if (isOpen())
+                            localAddress = Net.localAddress(fd);
                     }
                     return true;
                 }
--- a/src/share/classes/sun/security/ec/ECDSASignature.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/ec/ECDSASignature.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -41,6 +41,7 @@
  *
  *   . "NONEwithECDSA"
  *   . "SHA1withECDSA"
+ *   . "SHA224withECDSA"
  *   . "SHA256withECDSA"
  *   . "SHA384withECDSA"
  *   . "SHA512withECDSA"
@@ -162,6 +163,13 @@
         }
     }
 
+    // Nested class for SHA224withECDSA signatures
+    public static final class SHA224 extends ECDSASignature {
+        public SHA224() {
+           super("SHA-224");
+        }
+    }
+
     // Nested class for SHA256withECDSA signatures
     public static final class SHA256 extends ECDSASignature {
         public SHA256() {
--- a/src/share/classes/sun/security/ec/SunECEntries.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/ec/SunECEntries.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -133,17 +133,31 @@
             "sun.security.ec.ECDSASignature$Raw");
         map.put("Signature.SHA1withECDSA",
             "sun.security.ec.ECDSASignature$SHA1");
+        map.put("Signature.SHA224withECDSA",
+            "sun.security.ec.ECDSASignature$SHA224");
+        map.put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.1", "SHA224withECDSA");
+        map.put("Alg.Alias.Signature.1.2.840.10045.4.3.1", "SHA224withECDSA");
+
         map.put("Signature.SHA256withECDSA",
             "sun.security.ec.ECDSASignature$SHA256");
+        map.put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.2", "SHA256withECDSA");
+        map.put("Alg.Alias.Signature.1.2.840.10045.4.3.2", "SHA256withECDSA");
+
         map.put("Signature.SHA384withECDSA",
             "sun.security.ec.ECDSASignature$SHA384");
+        map.put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.3", "SHA384withECDSA");
+        map.put("Alg.Alias.Signature.1.2.840.10045.4.3.3", "SHA384withECDSA");
+
         map.put("Signature.SHA512withECDSA",
             "sun.security.ec.ECDSASignature$SHA512");
+        map.put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.4", "SHA512withECDSA");
+        map.put("Alg.Alias.Signature.1.2.840.10045.4.3.4", "SHA512withECDSA");
 
         String ecKeyClasses = "java.security.interfaces.ECPublicKey" +
                 "|java.security.interfaces.ECPrivateKey";
         map.put("Signature.NONEwithECDSA SupportedKeyClasses", ecKeyClasses);
         map.put("Signature.SHA1withECDSA SupportedKeyClasses", ecKeyClasses);
+        map.put("Signature.SHA224withECDSA SupportedKeyClasses", ecKeyClasses);
         map.put("Signature.SHA256withECDSA SupportedKeyClasses", ecKeyClasses);
         map.put("Signature.SHA384withECDSA SupportedKeyClasses", ecKeyClasses);
         map.put("Signature.SHA512withECDSA SupportedKeyClasses", ecKeyClasses);
@@ -152,6 +166,7 @@
 
         map.put("Signature.NONEwithECDSA ImplementedIn", "Software");
         map.put("Signature.SHA1withECDSA ImplementedIn", "Software");
+        map.put("Signature.SHA224withECDSA ImplementedIn", "Software");
         map.put("Signature.SHA256withECDSA ImplementedIn", "Software");
         map.put("Signature.SHA384withECDSA ImplementedIn", "Software");
         map.put("Signature.SHA512withECDSA ImplementedIn", "Software");
--- a/src/share/classes/sun/security/pkcs11/P11Digest.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/pkcs11/P11Digest.java	Mon May 21 11:44:01 2012 -0700
@@ -39,7 +39,7 @@
 
 /**
  * MessageDigest implementation class. This class currently supports
- * MD2, MD5, SHA-1, SHA-256, SHA-384, and SHA-512.
+ * MD2, MD5, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.
  *
  * Note that many digest operations are on fairly small amounts of data
  * (less than 100 bytes total). For example, the 2nd hashing in HMAC or
@@ -99,6 +99,9 @@
         case (int)CKM_SHA_1:
             digestLength = 20;
             break;
+        case (int)CKM_SHA224:
+            digestLength = 28;
+            break;
         case (int)CKM_SHA256:
             digestLength = 32;
             break;
--- a/src/share/classes/sun/security/pkcs11/P11Mac.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/pkcs11/P11Mac.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -40,8 +40,8 @@
 
 /**
  * MAC implementation class. This class currently supports HMAC using
- * MD5, SHA-1, SHA-256, SHA-384, and SHA-512 and the SSL3 MAC using MD5
- * and SHA-1.
+ * MD5, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 and the SSL3 MAC
+ * using MD5 and SHA-1.
  *
  * Note that unlike other classes (e.g. Signature), this does not
  * composite various operations if the token only supports part of the
@@ -107,6 +107,9 @@
         case (int)CKM_SHA_1_HMAC:
             macLength = 20;
             break;
+        case (int)CKM_SHA224_HMAC:
+            macLength = 28;
+            break;
         case (int)CKM_SHA256_HMAC:
             macLength = 32;
             break;
--- a/src/share/classes/sun/security/pkcs11/P11Signature.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/pkcs11/P11Signature.java	Mon May 21 11:44:01 2012 -0700
@@ -53,12 +53,14 @@
  *   . MD2withRSA
  *   . MD5withRSA
  *   . SHA1withRSA
+ *   . SHA224withRSA
  *   . SHA256withRSA
  *   . SHA384withRSA
  *   . SHA512withRSA
  * . ECDSA
  *   . NONEwithECDSA
  *   . SHA1withECDSA
+ *   . SHA224withECDSA
  *   . SHA256withECDSA
  *   . SHA384withECDSA
  *   . SHA512withECDSA
@@ -143,6 +145,7 @@
         case (int)CKM_MD2_RSA_PKCS:
         case (int)CKM_MD5_RSA_PKCS:
         case (int)CKM_SHA1_RSA_PKCS:
+        case (int)CKM_SHA224_RSA_PKCS:
         case (int)CKM_SHA256_RSA_PKCS:
         case (int)CKM_SHA384_RSA_PKCS:
         case (int)CKM_SHA512_RSA_PKCS:
@@ -181,6 +184,8 @@
                 String digestAlg;
                 if (algorithm.equals("SHA1withECDSA")) {
                     digestAlg = "SHA-1";
+                } else if (algorithm.equals("SHA224withECDSA")) {
+                    digestAlg = "SHA-224";
                 } else if (algorithm.equals("SHA256withECDSA")) {
                     digestAlg = "SHA-256";
                 } else if (algorithm.equals("SHA384withECDSA")) {
@@ -207,6 +212,9 @@
             } else if (algorithm.equals("MD2withRSA")) {
                 md = MessageDigest.getInstance("MD2");
                 digestOID = AlgorithmId.MD2_oid;
+            } else if (algorithm.equals("SHA224withRSA")) {
+                md = MessageDigest.getInstance("SHA-224");
+                digestOID = AlgorithmId.SHA224_oid;
             } else if (algorithm.equals("SHA256withRSA")) {
                 md = MessageDigest.getInstance("SHA-256");
                 digestOID = AlgorithmId.SHA256_oid;
@@ -332,6 +340,8 @@
             encodedLength = 34;
         } else if (algorithm.equals("SHA1withRSA")) {
             encodedLength = 35;
+        } else if (algorithm.equals("SHA224withRSA")) {
+            encodedLength = 47;
         } else if (algorithm.equals("SHA256withRSA")) {
             encodedLength = 51;
         } else if (algorithm.equals("SHA384withRSA")) {
--- a/src/share/classes/sun/security/pkcs11/SunPKCS11.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/pkcs11/SunPKCS11.java	Mon May 21 11:44:01 2012 -0700
@@ -342,6 +342,7 @@
                 System.out.println("Library info:");
                 System.out.println(p11Info);
             }
+
             if ((slotID < 0) || showInfo) {
                 long[] slots = p11.C_GetSlotList(false);
                 if (showInfo) {
@@ -520,24 +521,37 @@
                 m(CKM_MD2));
         d(MD, "MD5",            P11Digest,
                 m(CKM_MD5));
-        d(MD, "SHA1",           P11Digest,              s("SHA", "SHA-1"),
+        d(MD, "SHA1",           P11Digest, s("SHA", "SHA-1"),
                 m(CKM_SHA_1));
+
+        d(MD, "SHA-224",        P11Digest,
+                s("2.16.840.1.101.3.4.2.4", "OID.2.16.840.1.101.3.4.2.4"),
+                m(CKM_SHA224));
         d(MD, "SHA-256",        P11Digest,
+                s("2.16.840.1.101.3.4.2.1", "OID.2.16.840.1.101.3.4.2.1"),
                 m(CKM_SHA256));
         d(MD, "SHA-384",        P11Digest,
+                s("2.16.840.1.101.3.4.2.2", "OID.2.16.840.1.101.3.4.2.2"),
                 m(CKM_SHA384));
         d(MD, "SHA-512",        P11Digest,
+                s("2.16.840.1.101.3.4.2.3", "OID.2.16.840.1.101.3.4.2.3"),
                 m(CKM_SHA512));
 
         d(MAC, "HmacMD5",       P11MAC,
                 m(CKM_MD5_HMAC));
         d(MAC, "HmacSHA1",      P11MAC,
                 m(CKM_SHA_1_HMAC));
+        d(MAC, "HmacSHA224",    P11MAC,
+                s("1.2.840.113549.2.8", "OID.1.2.840.113549.2.8"),
+                m(CKM_SHA224_HMAC));
         d(MAC, "HmacSHA256",    P11MAC,
+                s("1.2.840.113549.2.9", "OID.1.2.840.113549.2.9"),
                 m(CKM_SHA256_HMAC));
         d(MAC, "HmacSHA384",    P11MAC,
+                s("1.2.840.113549.2.10", "OID.1.2.840.113549.2.10"),
                 m(CKM_SHA384_HMAC));
         d(MAC, "HmacSHA512",    P11MAC,
+                s("1.2.840.113549.2.11", "OID.1.2.840.113549.2.11"),
                 m(CKM_SHA512_HMAC));
         d(MAC, "SslMacMD5",     P11MAC,
                 m(CKM_SSL3_MD5_MAC));
@@ -648,11 +662,17 @@
                 m(CKM_ECDSA));
         d(SIG, "SHA1withECDSA", P11Signature,           s("ECDSA"),
                 m(CKM_ECDSA_SHA1, CKM_ECDSA));
+        d(SIG, "SHA224withECDSA",       P11Signature,
+                s("1.2.840.10045.4.3.1", "OID.1.2.840.10045.4.3.1"),
+                m(CKM_ECDSA));
         d(SIG, "SHA256withECDSA",       P11Signature,
+                s("1.2.840.10045.4.3.2", "OID.1.2.840.10045.4.3.2"),
                 m(CKM_ECDSA));
         d(SIG, "SHA384withECDSA",       P11Signature,
+                s("1.2.840.10045.4.3.3", "OID.1.2.840.10045.4.3.3"),
                 m(CKM_ECDSA));
         d(SIG, "SHA512withECDSA",       P11Signature,
+                s("1.2.840.10045.4.3.4", "OID.1.2.840.10045.4.3.4"),
                 m(CKM_ECDSA));
         d(SIG, "MD2withRSA",    P11Signature,
                 m(CKM_MD2_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
@@ -660,11 +680,17 @@
                 m(CKM_MD5_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
         d(SIG, "SHA1withRSA",   P11Signature,
                 m(CKM_SHA1_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
+        d(SIG, "SHA224withRSA", P11Signature,
+                s("1.2.840.113549.1.1.14", "OID.1.2.840.113549.1.1.14"),
+                m(CKM_SHA224_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
         d(SIG, "SHA256withRSA", P11Signature,
+                s("1.2.840.113549.1.1.11", "OID.1.2.840.113549.1.1.11"),
                 m(CKM_SHA256_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
         d(SIG, "SHA384withRSA", P11Signature,
+                s("1.2.840.113549.1.1.12", "OID.1.2.840.113549.1.1.12"),
                 m(CKM_SHA384_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
         d(SIG, "SHA512withRSA", P11Signature,
+                s("1.2.840.113549.1.1.13", "OID.1.2.840.113549.1.1.13"),
                 m(CKM_SHA512_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
 
         /*
--- a/src/share/classes/sun/security/pkcs11/wrapper/Functions.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/pkcs11/wrapper/Functions.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  */
 
 /* Copyright  (c) 2002 Graz University of Technology. All rights reserved.
@@ -630,6 +630,7 @@
         addMech(CKM_X9_42_DH_DERIVE,            "CKM_X9_42_DH_DERIVE");
         addMech(CKM_X9_42_DH_HYBRID_DERIVE,     "CKM_X9_42_DH_HYBRID_DERIVE");
         addMech(CKM_X9_42_MQV_DERIVE,           "CKM_X9_42_MQV_DERIVE");
+        addMech(CKM_SHA224_RSA_PKCS,            "CKM_SHA224_RSA_PKCS");
         addMech(CKM_SHA256_RSA_PKCS,            "CKM_SHA256_RSA_PKCS");
         addMech(CKM_SHA384_RSA_PKCS,            "CKM_SHA384_RSA_PKCS");
         addMech(CKM_SHA512_RSA_PKCS,            "CKM_SHA512_RSA_PKCS");
@@ -675,6 +676,9 @@
         addMech(CKM_RIPEMD160,                  "CKM_RIPEMD160");
         addMech(CKM_RIPEMD160_HMAC,             "CKM_RIPEMD160_HMAC");
         addMech(CKM_RIPEMD160_HMAC_GENERAL,     "CKM_RIPEMD160_HMAC_GENERAL");
+        addMech(CKM_SHA224,                     "CKM_SHA224");
+        addMech(CKM_SHA224_HMAC,                "CKM_SHA224_HMAC");
+        addMech(CKM_SHA224_HMAC_GENERAL,        "CKM_SHA224_HMAC_GENERAL");
         addMech(CKM_SHA256,                     "CKM_SHA256");
         addMech(CKM_SHA256_HMAC,                "CKM_SHA256_HMAC");
         addMech(CKM_SHA256_HMAC_GENERAL,        "CKM_SHA256_HMAC_GENERAL");
@@ -734,6 +738,7 @@
         addMech(CKM_MD5_KEY_DERIVATION,         "CKM_MD5_KEY_DERIVATION");
         addMech(CKM_MD2_KEY_DERIVATION,         "CKM_MD2_KEY_DERIVATION");
         addMech(CKM_SHA1_KEY_DERIVATION,        "CKM_SHA1_KEY_DERIVATION");
+        addMech(CKM_SHA224_KEY_DERIVATION,      "CKM_SHA224_KEY_DERIVATION");
         addMech(CKM_SHA256_KEY_DERIVATION,      "CKM_SHA256_KEY_DERIVATION");
         addMech(CKM_SHA384_KEY_DERIVATION,      "CKM_SHA384_KEY_DERIVATION");
         addMech(CKM_SHA512_KEY_DERIVATION,      "CKM_SHA512_KEY_DERIVATION");
--- a/src/share/classes/sun/security/provider/DigestBase.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/provider/DigestBase.java	Mon May 21 11:44:01 2012 -0700
@@ -39,7 +39,6 @@
  *  . abstract void implCompress(byte[] b, int ofs);
  *  . abstract void implDigest(byte[] out, int ofs);
  *  . abstract void implReset();
- *  . public abstract Object clone();
  *
  * See the inline documentation for details.
  *
@@ -61,7 +60,7 @@
     // buffer to store partial blocks, blockSize bytes large
     // Subclasses should not access this array directly except possibly in their
     // implDigest() method. See MD5.java as an example.
-    final byte[] buffer;
+    byte[] buffer;
     // offset into buffer
     private int bufOfs;
 
@@ -83,18 +82,6 @@
         buffer = new byte[blockSize];
     }
 
-    /**
-     * Constructor for cloning. Replicates common data.
-     */
-    DigestBase(DigestBase base) {
-        this.algorithm = base.algorithm;
-        this.digestLength = base.digestLength;
-        this.blockSize = base.blockSize;
-        this.buffer = base.buffer.clone();
-        this.bufOfs = base.bufOfs;
-        this.bytesProcessed = base.bytesProcessed;
-    }
-
     // return digest length. See JCA doc.
     protected final int engineGetDigestLength() {
         return digestLength;
@@ -206,12 +193,11 @@
      */
     abstract void implReset();
 
-    /**
-     * Clone this digest. Should be implemented as "return new MyDigest(this)".
-     * That constructor should first call "super(baseDigest)" and then copy
-     * subclass specific data.
-     */
-    public abstract Object clone();
+    public Object clone() throws CloneNotSupportedException {
+        DigestBase copy = (DigestBase) super.clone();
+        copy.buffer = copy.buffer.clone();
+        return copy;
+    }
 
     // padding used for the MD5, and SHA-* message digests
     static final byte[] padding;
@@ -223,5 +209,4 @@
         padding = new byte[136];
         padding[0] = (byte)0x80;
     }
-
 }
--- a/src/share/classes/sun/security/provider/MD2.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/provider/MD2.java	Mon May 21 11:44:01 2012 -0700
@@ -39,14 +39,14 @@
 public final class MD2 extends DigestBase {
 
     // state, 48 ints
-    private final int[] X;
+    private int[] X;
 
     // checksum, 16 ints. they are really bytes, but byte arithmetic in
     // the JVM is much slower that int arithmetic.
-    private final int[] C;
+    private int[] C;
 
     // temporary store for checksum C during final digest
-    private final byte[] cBytes;
+    private byte[] cBytes;
 
     /**
      * Create a new MD2 digest. Called by the JCA framework
@@ -58,15 +58,12 @@
         cBytes = new byte[16];
     }
 
-    private MD2(MD2 base) {
-        super(base);
-        this.X = base.X.clone();
-        this.C = base.C.clone();
-        cBytes = new byte[16];
-    }
-
-    public Object clone() {
-        return new MD2(this);
+    public Object clone() throws CloneNotSupportedException {
+        MD2 copy = (MD2) super.clone();
+        copy.X = copy.X.clone();
+        copy.C = copy.C.clone();
+        copy.cBytes = new byte[16];
+        return copy;
     }
 
     // reset state and checksum
--- a/src/share/classes/sun/security/provider/MD4.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/provider/MD4.java	Mon May 21 11:44:01 2012 -0700
@@ -44,9 +44,9 @@
 public final class MD4 extends DigestBase {
 
     // state of this object
-    private final int[] state;
+    private int[] state;
     // temporary buffer, used by implCompress()
-    private final int[] x;
+    private int[] x;
 
     // rotation constants
     private static final int S11 = 3;
@@ -93,16 +93,12 @@
         implReset();
     }
 
-    // Cloning constructor
-    private MD4(MD4 base) {
-        super(base);
-        this.state = base.state.clone();
-        this.x = new int[16];
-    }
-
     // clone this object
-    public Object clone() {
-        return new MD4(this);
+    public Object clone() throws CloneNotSupportedException {
+        MD4 copy = (MD4) super.clone();
+        copy.state = copy.state.clone();
+        copy.x = new int[16];
+        return copy;
     }
 
     /**
--- a/src/share/classes/sun/security/provider/MD5.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/provider/MD5.java	Mon May 21 11:44:01 2012 -0700
@@ -39,9 +39,9 @@
 public final class MD5 extends DigestBase {
 
     // state of this object
-    private final int[] state;
+    private int[] state;
     // temporary buffer, used by implCompress()
-    private final int[] x;
+    private int[] x;
 
     // rotation constants
     private static final int S11 = 7;
@@ -69,16 +69,12 @@
         implReset();
     }
 
-    // Cloning constructor
-    private MD5(MD5 base) {
-        super(base);
-        this.state = base.state.clone();
-        this.x = new int[16];
-    }
-
     // clone this object
-    public Object clone() {
-        return new MD5(this);
+    public Object clone() throws CloneNotSupportedException {
+        MD5 copy = (MD5) super.clone();
+        copy.state = copy.state.clone();
+        copy.x = new int[16];
+        return copy;
     }
 
     /**
--- a/src/share/classes/sun/security/provider/SHA.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/provider/SHA.java	Mon May 21 11:44:01 2012 -0700
@@ -47,10 +47,10 @@
     // 64 bytes are included in each hash block so the low order
     // bits of count are used to know how to pack the bytes into ints
     // and to know when to compute the block and start the next one.
-    private final int[] W;
+    private int[] W;
 
     // state of this
-    private final int[] state;
+    private int[] state;
 
     /**
      * Creates a new SHA object.
@@ -62,19 +62,14 @@
         implReset();
     }
 
-    /**
-     * Creates a SHA object.with state (for cloning) */
-    private SHA(SHA base) {
-        super(base);
-        this.state = base.state.clone();
-        this.W = new int[80];
-    }
-
     /*
      * Clones this object.
      */
-    public Object clone() {
-        return new SHA(this);
+    public Object clone() throws CloneNotSupportedException {
+        SHA copy = (SHA) super.clone();
+        copy.state = copy.state.clone();
+        copy.W = new int[80];
+        return copy;
     }
 
     /**
--- a/src/share/classes/sun/security/provider/SHA2.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/provider/SHA2.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -40,7 +40,7 @@
  * @author      Valerie Peng
  * @author      Andreas Sterbenz
  */
-public final class SHA2 extends DigestBase {
+abstract class SHA2 extends DigestBase {
 
     private static final int ITERATION = 64;
     // Constants for each round
@@ -64,46 +64,30 @@
     };
 
     // buffer used by implCompress()
-    private final int[] W;
+    private int[] W;
 
     // state of this object
-    private final int[] state;
+    private int[] state;
+
+    // initial state value. different between SHA-224 and SHA-256
+    private final int[] initialHashes;
 
     /**
      * Creates a new SHA object.
      */
-    public SHA2() {
-        super("SHA-256", 32, 64);
+    SHA2(String name, int digestLength, int[] initialHashes) {
+        super(name, digestLength, 64);
+        this.initialHashes = initialHashes;
         state = new int[8];
         W = new int[64];
         implReset();
     }
 
     /**
-     * Creates a SHA2 object.with state (for cloning)
-     */
-    private SHA2(SHA2 base) {
-        super(base);
-        this.state = base.state.clone();
-        this.W = new int[64];
-    }
-
-    public Object clone() {
-        return new SHA2(this);
-    }
-
-    /**
      * Resets the buffers and hash value to start a new hash.
      */
     void implReset() {
-        state[0] = 0x6a09e667;
-        state[1] = 0xbb67ae85;
-        state[2] = 0x3c6ef372;
-        state[3] = 0xa54ff53a;
-        state[4] = 0x510e527f;
-        state[5] = 0x9b05688c;
-        state[6] = 0x1f83d9ab;
-        state[7] = 0x5be0cd19;
+        System.arraycopy(initialHashes, 0, state, 0, state.length);
     }
 
     void implDigest(byte[] out, int ofs) {
@@ -242,4 +226,38 @@
         state[7] += h;
     }
 
+    public Object clone() throws CloneNotSupportedException {
+        SHA2 copy = (SHA2) super.clone();
+        copy.state = copy.state.clone();
+        copy.W = new int[64];
+        return copy;
+    }
+
+    /**
+     * SHA-224 implementation class.
+     */
+    public static final class SHA224 extends SHA2 {
+        private static final int[] INITIAL_HASHES = {
+            0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
+            0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4
+        };
+
+        public SHA224() {
+            super("SHA-224", 28, INITIAL_HASHES);
+        }
+    }
+
+    /**
+     * SHA-256 implementation class.
+     */
+    public static final class SHA256 extends SHA2 {
+        private static final int[] INITIAL_HASHES = {
+            0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
+            0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
+        };
+
+        public SHA256() {
+            super("SHA-256", 32, INITIAL_HASHES);
+        }
+    }
 }
--- a/src/share/classes/sun/security/provider/SHA5.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/provider/SHA5.java	Mon May 21 11:44:01 2012 -0700
@@ -82,10 +82,10 @@
     };
 
     // buffer used by implCompress()
-    private final long[] W;
+    private long[] W;
 
     // state of this object
-    private final long[] state;
+    private long[] state;
 
     // initial state value. different between SHA-384 and SHA-512
     private final long[] initialHashes;
@@ -101,16 +101,6 @@
         implReset();
     }
 
-    /**
-     * Creates a SHA object with state (for cloning)
-     */
-    SHA5(SHA5 base) {
-        super(base);
-        this.initialHashes = base.initialHashes;
-        this.state = base.state.clone();
-        this.W = new long[80];
-    }
-
     final void implReset() {
         System.arraycopy(initialHashes, 0, state, 0, state.length);
     }
@@ -255,6 +245,13 @@
         state[7] += h;
     }
 
+    public Object clone() throws CloneNotSupportedException {
+        SHA5 copy = (SHA5) super.clone();
+        copy.state = copy.state.clone();
+        copy.W = new long[80];
+        return copy;
+    }
+
     /**
      * SHA-512 implementation class.
      */
@@ -270,14 +267,6 @@
         public SHA512() {
             super("SHA-512", 64, INITIAL_HASHES);
         }
-
-        private SHA512(SHA512 base) {
-            super(base);
-        }
-
-        public Object clone() {
-            return new SHA512(this);
-        }
     }
 
     /**
@@ -295,14 +284,5 @@
         public SHA384() {
             super("SHA-384", 48, INITIAL_HASHES);
         }
-
-        private SHA384(SHA384 base) {
-            super(base);
-        }
-
-        public Object clone() {
-            return new SHA384(this);
-        }
     }
-
 }
--- a/src/share/classes/sun/security/provider/SecureRandom.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/provider/SecureRandom.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -102,7 +102,7 @@
         try {
             digest = MessageDigest.getInstance ("SHA");
         } catch (NoSuchAlgorithmException e) {
-            throw new InternalError("internal error: SHA-1 not available.");
+            throw new InternalError("internal error: SHA-1 not available.", e);
         }
 
         if (seed != null) {
--- a/src/share/classes/sun/security/provider/SunEntries.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/provider/SunEntries.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -43,6 +43,10 @@
  *   identifier strings "OID.1.3.14.3.2.13", "OID.1.3.14.3.2.27" and
  *   "OID.1.2.840.10040.4.3".
  *
+ * - SHA-2 is a set of message digest schemes described in FIPS 180-2.
+ *   SHA-2 family of hash functions includes SHA-224, SHA-256, SHA-384,
+ *   and SHA-512.
+ *
  * - DSA is the key generation scheme as described in FIPS 186.
  *   Aliases for DSA include the OID strings "OID.1.3.14.3.2.12"
  *   and "OID.1.2.840.10040.4.1".
@@ -140,9 +144,19 @@
         map.put("Alg.Alias.MessageDigest.SHA-1", "SHA");
         map.put("Alg.Alias.MessageDigest.SHA1", "SHA");
 
-        map.put("MessageDigest.SHA-256", "sun.security.provider.SHA2");
+        map.put("MessageDigest.SHA-224", "sun.security.provider.SHA2$SHA224");
+        map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.4", "SHA-224");
+        map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.4", "SHA-224");
+
+        map.put("MessageDigest.SHA-256", "sun.security.provider.SHA2$SHA256");
+        map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.1", "SHA-256");
+        map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.1", "SHA-256");
         map.put("MessageDigest.SHA-384", "sun.security.provider.SHA5$SHA384");
+        map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.2", "SHA-384");
+        map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.2", "SHA-384");
         map.put("MessageDigest.SHA-512", "sun.security.provider.SHA5$SHA512");
+        map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.3", "SHA-512");
+        map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.3", "SHA-512");
 
         /*
          * Algorithm Parameter Generator engines
--- a/src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java	Mon May 21 11:44:01 2012 -0700
@@ -318,7 +318,9 @@
             }
 
             // break out of loop if search is successful
-            break;
+            if (pathCompleted) {
+                break;
+            }
         }
 
         if (debug != null) {
--- a/src/share/classes/sun/security/rsa/RSASignature.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/rsa/RSASignature.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -39,8 +39,8 @@
  * PKCS#1 RSA signatures with the various message digest algorithms.
  * This file contains an abstract base class with all the logic plus
  * a nested static class for each of the message digest algorithms
- * (see end of the file). We support MD2, MD5, SHA-1, SHA-256, SHA-384,
- * and SHA-512.
+ * (see end of the file). We support MD2, MD5, SHA-1, SHA-224, SHA-256,
+ * SHA-384, and SHA-512.
  *
  * @since   1.5
  * @author  Andreas Sterbenz
@@ -276,6 +276,13 @@
         }
     }
 
+    // Nested class for SHA224withRSA signatures
+    public static final class SHA224withRSA extends RSASignature {
+        public SHA224withRSA() {
+            super("SHA-224", AlgorithmId.SHA224_oid, 11);
+        }
+    }
+
     // Nested class for SHA256withRSA signatures
     public static final class SHA256withRSA extends RSASignature {
         public SHA256withRSA() {
--- a/src/share/classes/sun/security/rsa/SunRsaSignEntries.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/rsa/SunRsaSignEntries.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -52,6 +52,8 @@
                 "sun.security.rsa.RSASignature$MD5withRSA");
         map.put("Signature.SHA1withRSA",
                 "sun.security.rsa.RSASignature$SHA1withRSA");
+        map.put("Signature.SHA224withRSA",
+                "sun.security.rsa.RSASignature$SHA224withRSA");
         map.put("Signature.SHA256withRSA",
                 "sun.security.rsa.RSASignature$SHA256withRSA");
         map.put("Signature.SHA384withRSA",
@@ -66,6 +68,7 @@
         map.put("Signature.MD2withRSA SupportedKeyClasses", rsaKeyClasses);
         map.put("Signature.MD5withRSA SupportedKeyClasses", rsaKeyClasses);
         map.put("Signature.SHA1withRSA SupportedKeyClasses", rsaKeyClasses);
+        map.put("Signature.SHA224withRSA SupportedKeyClasses", rsaKeyClasses);
         map.put("Signature.SHA256withRSA SupportedKeyClasses", rsaKeyClasses);
         map.put("Signature.SHA384withRSA SupportedKeyClasses", rsaKeyClasses);
         map.put("Signature.SHA512withRSA SupportedKeyClasses", rsaKeyClasses);
@@ -88,6 +91,9 @@
         map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5", "SHA1withRSA");
         map.put("Alg.Alias.Signature.1.3.14.3.2.29",            "SHA1withRSA");
 
+        map.put("Alg.Alias.Signature.1.2.840.113549.1.1.14",     "SHA224withRSA");
+        map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.14", "SHA224withRSA");
+
         map.put("Alg.Alias.Signature.1.2.840.113549.1.1.11",     "SHA256withRSA");
         map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA");
 
--- a/src/share/classes/sun/security/ssl/SSLContextImpl.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/ssl/SSLContextImpl.java	Mon May 21 11:44:01 2012 -0700
@@ -267,36 +267,42 @@
 
     // Get suported CipherSuiteList.
     CipherSuiteList getSuportedCipherSuiteList() {
-        // Clear cache of available ciphersuites.
-        clearAvailableCache();
+        // The maintenance of cipher suites needs to be synchronized.
+        synchronized (this) {
+            // Clear cache of available ciphersuites.
+            clearAvailableCache();
 
-        if (supportedCipherSuiteList == null) {
-            supportedCipherSuiteList =
-                getApplicableCipherSuiteList(getSuportedProtocolList(), false);
+            if (supportedCipherSuiteList == null) {
+                supportedCipherSuiteList = getApplicableCipherSuiteList(
+                        getSuportedProtocolList(), false);
+            }
+
+            return supportedCipherSuiteList;
         }
-
-        return supportedCipherSuiteList;
     }
 
     // Get default CipherSuiteList.
     CipherSuiteList getDefaultCipherSuiteList(boolean roleIsServer) {
-        // Clear cache of available ciphersuites.
-        clearAvailableCache();
+        // The maintenance of cipher suites needs to be synchronized.
+        synchronized (this) {
+            // Clear cache of available ciphersuites.
+            clearAvailableCache();
 
-        if (roleIsServer) {
-            if (defaultServerCipherSuiteList == null) {
-                defaultServerCipherSuiteList = getApplicableCipherSuiteList(
+            if (roleIsServer) {
+                if (defaultServerCipherSuiteList == null) {
+                    defaultServerCipherSuiteList = getApplicableCipherSuiteList(
                         getDefaultProtocolList(true), true);
+                }
+
+                return defaultServerCipherSuiteList;
+            } else {
+                if (defaultClientCipherSuiteList == null) {
+                    defaultClientCipherSuiteList = getApplicableCipherSuiteList(
+                        getDefaultProtocolList(false), true);
+                }
+
+                return defaultClientCipherSuiteList;
             }
-
-            return defaultServerCipherSuiteList;
-        } else {
-            if (defaultClientCipherSuiteList == null) {
-                defaultClientCipherSuiteList = getApplicableCipherSuiteList(
-                        getDefaultProtocolList(false), true);
-            }
-
-            return defaultClientCipherSuiteList;
         }
     }
 
@@ -364,8 +370,11 @@
      * Clear cache of available ciphersuites. If we support all ciphers
      * internally, there is no need to clear the cache and calling this
      * method has no effect.
+     *
+     * Note that every call to clearAvailableCache() and the maintenance of
+     * cipher suites need to be synchronized with this instance.
      */
-    synchronized void clearAvailableCache() {
+    private void clearAvailableCache() {
         if (CipherSuite.DYNAMIC_AVAILABILITY) {
             supportedCipherSuiteList = null;
             defaultServerCipherSuiteList = null;
--- a/src/share/classes/sun/security/validator/SimpleValidator.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/validator/SimpleValidator.java	Mon May 21 11:44:01 2012 -0700
@@ -311,7 +311,7 @@
         // if the certificate is self-issued, ignore the pathLenConstraint
         // checking.
         if (!X509CertImpl.isSelfIssued(cert)) {
-            if (maxPathLen <= 1) {   // reserved one for end-entity certificate
+            if (maxPathLen <= 0) {
                 throw new ValidatorException("Violated path length constraints",
                     ValidatorException.T_CA_EXTENSIONS, cert);
             }
--- a/src/share/classes/sun/security/x509/AlgorithmId.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/security/x509/AlgorithmId.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -175,9 +175,9 @@
             // it's NULL. They are ---
             // rfc3370 2.1: Implementations SHOULD generate SHA-1
             // AlgorithmIdentifiers with absent parameters.
-            // rfc3447 C1: When id-sha1, id-sha256, id-sha384 and id-sha512
-            // are used in an AlgorithmIdentifier the parameters (which are
-            // optional) SHOULD be omitted.
+            // rfc3447 C1: When id-sha1, id-sha224, id-sha256, id-sha384 and
+            // id-sha512 are used in an AlgorithmIdentifier the parameters
+            // (which are optional) SHOULD be omitted.
             // rfc3279 2.3.2: The id-dsa algorithm syntax includes optional
             // domain parameters... When omitted, the parameters component
             // MUST be omitted entirely
@@ -185,6 +185,7 @@
             // is used, the AlgorithmIdentifier parameters field MUST be absent.
             /*if (
                 algid.equals((Object)SHA_oid) ||
+                algid.equals((Object)SHA224_oid) ||
                 algid.equals((Object)SHA256_oid) ||
                 algid.equals((Object)SHA384_oid) ||
                 algid.equals((Object)SHA512_oid) ||
@@ -488,7 +489,10 @@
             name.equalsIgnoreCase("SHA512")) {
             return AlgorithmId.SHA512_oid;
         }
-
+        if (name.equalsIgnoreCase("SHA-224") ||
+            name.equalsIgnoreCase("SHA224")) {
+            return AlgorithmId.SHA224_oid;
+        }
 
         // Various public key algorithms
         if (name.equalsIgnoreCase("RSA")) {
@@ -625,6 +629,9 @@
     public static final ObjectIdentifier SHA_oid =
     ObjectIdentifier.newInternal(new int[] {1, 3, 14, 3, 2, 26});
 
+    public static final ObjectIdentifier SHA224_oid =
+    ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 4});
+
     public static final ObjectIdentifier SHA256_oid =
     ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 1});
 
@@ -664,6 +671,8 @@
                                        { 1, 2, 840, 113549, 1, 1, 5 };
     private static final int sha1WithRSAEncryption_OIW_data[] =
                                        { 1, 3, 14, 3, 2, 29 };
+    private static final int sha224WithRSAEncryption_data[] =
+                                       { 1, 2, 840, 113549, 1, 1, 14 };
     private static final int sha256WithRSAEncryption_data[] =
                                        { 1, 2, 840, 113549, 1, 1, 11 };
     private static final int sha384WithRSAEncryption_data[] =
@@ -681,6 +690,7 @@
     public static final ObjectIdentifier md5WithRSAEncryption_oid;
     public static final ObjectIdentifier sha1WithRSAEncryption_oid;
     public static final ObjectIdentifier sha1WithRSAEncryption_OIW_oid;
+    public static final ObjectIdentifier sha224WithRSAEncryption_oid;
     public static final ObjectIdentifier sha256WithRSAEncryption_oid;
     public static final ObjectIdentifier sha384WithRSAEncryption_oid;
     public static final ObjectIdentifier sha512WithRSAEncryption_oid;
@@ -810,6 +820,14 @@
             ObjectIdentifier.newInternal(sha1WithRSAEncryption_OIW_data);
 
     /**
+     * Identifies a signing algorithm where a SHA224 digest is
+     * encrypted using an RSA private key; defined by PKCS #1.
+     * OID = 1.2.840.113549.1.1.14
+     */
+        sha224WithRSAEncryption_oid =
+            ObjectIdentifier.newInternal(sha224WithRSAEncryption_data);
+
+    /**
      * Identifies a signing algorithm where a SHA256 digest is
      * encrypted using an RSA private key; defined by PKCS #1.
      * OID = 1.2.840.113549.1.1.11
@@ -859,6 +877,7 @@
         nameTable.put(MD5_oid, "MD5");
         nameTable.put(MD2_oid, "MD2");
         nameTable.put(SHA_oid, "SHA");
+        nameTable.put(SHA224_oid, "SHA224");
         nameTable.put(SHA256_oid, "SHA256");
         nameTable.put(SHA384_oid, "SHA384");
         nameTable.put(SHA512_oid, "SHA512");
@@ -881,6 +900,7 @@
         nameTable.put(shaWithDSA_OIW_oid, "SHA1withDSA");
         nameTable.put(sha1WithRSAEncryption_oid, "SHA1withRSA");
         nameTable.put(sha1WithRSAEncryption_OIW_oid, "SHA1withRSA");
+        nameTable.put(sha224WithRSAEncryption_oid, "SHA224withRSA");
         nameTable.put(sha256WithRSAEncryption_oid, "SHA256withRSA");
         nameTable.put(sha384WithRSAEncryption_oid, "SHA384withRSA");
         nameTable.put(sha512WithRSAEncryption_oid, "SHA512withRSA");
--- a/src/share/classes/sun/tools/jcmd/JCmd.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/classes/sun/tools/jcmd/JCmd.java	Mon May 21 11:44:01 2012 -0700
@@ -142,8 +142,11 @@
         // Cast to HotSpotVirtualMachine as this is an
         // implementation specific method.
         HotSpotVirtualMachine hvm = (HotSpotVirtualMachine) vm;
-        String lines[] = command .split("\\n");
+        String lines[] = command.split("\\n");
         for (String line : lines) {
+            if (line.trim().equals("stop")) {
+                break;
+            }
             try (InputStream in = hvm.executeJCmd(line);) {
                 // read to EOF and just print output
                 byte b[] = new byte[256];
--- a/src/share/demo/management/MemoryMonitor/README.txt	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/demo/management/MemoryMonitor/README.txt	Mon May 21 11:44:01 2012 -0700
@@ -38,7 +38,7 @@
 
 To run the MemoryMonitor demo
 
-   java -jar <JDK_HOME>/demo/management/MemoryMonitor.jar 
+   java -jar <JDK_HOME>/demo/management/MemoryMonitor/MemoryMonitor.jar 
 
 These instructions assume that this installation's version of the java
 command is in your path.  If it isn't, then you should either
--- a/src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/demo/nio/zipfs/src/com/sun/nio/zipfs/ZipFileSystem.java	Mon May 21 11:44:01 2012 -0700
@@ -651,7 +651,11 @@
                     }
 
                     public int read(ByteBuffer dst) throws IOException {
-                        return rbc.read(dst);
+                        int n = rbc.read(dst);
+                        if (n > 0) {
+                            read += n;
+                        }
+                        return n;
                     }
 
                     public SeekableByteChannel truncate(long size)
--- a/src/share/native/com/sun/java/util/jar/pack/jni.cpp	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/native/com/sun/java/util/jar/pack/jni.cpp	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -82,7 +82,11 @@
 static unpacker* get_unpacker() {
   //fprintf(stderr, "get_unpacker()\n");
   JavaVM* vm = null;
-  JNI_GetCreatedJavaVMs(&vm, 1, null);
+  jsize nVM = 0;
+  jint retval = JNI_GetCreatedJavaVMs(&vm, 1, &nVM);
+  // other VM implements may differ, thus for correctness, we need these checks
+  if (retval != JNI_OK || nVM != 1)
+    return null;
   void* envRaw = null;
   vm->GetEnv(&envRaw, JNI_VERSION_1_1);
   JNIEnv* env = (JNIEnv*) envRaw;
--- a/src/share/native/java/net/net_util.h	Mon May 21 11:41:33 2012 -0700
+++ b/src/share/native/java/net/net_util.h	Mon May 21 11:44:01 2012 -0700
@@ -139,6 +139,9 @@
 int
 NET_IsEqual(jbyte* caddr1, jbyte* caddr2);
 
+int
+NET_IsZeroAddr(jbyte* caddr);
+
 /* Socket operations
  *
  * These work just like the JVM_* procedures, except that they may do some
--- a/src/solaris/native/java/net/Inet4AddressImpl.c	Mon May 21 11:41:33 2012 -0700
+++ b/src/solaris/native/java/net/Inet4AddressImpl.c	Mon May 21 11:44:01 2012 -0700
@@ -671,12 +671,19 @@
            * We did receive something, but is it what we were expecting?
            * I.E.: A ICMP_ECHOREPLY packet with the proper PID.
            */
-          if (icmplen >= 8 && icmp->icmp_type == ICMP_ECHOREPLY &&
-               (ntohs(icmp->icmp_id) == pid) &&
-               (him->sin_addr.s_addr == sa_recv.sin_addr.s_addr)) {
-            close(fd);
-            return JNI_TRUE;
-          }
+          if (icmplen >= 8 && icmp->icmp_type == ICMP_ECHOREPLY
+               && (ntohs(icmp->icmp_id) == pid)) {
+            if ((him->sin_addr.s_addr == sa_recv.sin_addr.s_addr)) {
+              close(fd);
+              return JNI_TRUE;
+            }
+
+            if (him->sin_addr.s_addr == 0) {
+              close(fd);
+              return JNI_TRUE;
+            }
+         }
+
         }
       } while (tmout2 > 0);
       timeout -= 1000;
--- a/src/solaris/native/java/net/Inet6AddressImpl.c	Mon May 21 11:41:33 2012 -0700
+++ b/src/solaris/native/java/net/Inet6AddressImpl.c	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -73,7 +73,7 @@
     } else {
         // ensure null-terminated
         hostname[NI_MAXHOST] = '\0';
-#if defined(__linux__) && defined(_ALLBSD_SOURCE)
+#if defined(__linux__) || defined(_ALLBSD_SOURCE)
         /* On Linux/FreeBSD gethostname() says "host.domain.sun.com".  On
          * Solaris gethostname() says "host", so extra work is needed.
          */
@@ -532,10 +532,15 @@
            *       from the host that we are trying to determine is reachable.
            */
           if (n >= 8 && icmp6->icmp6_type == ICMP6_ECHO_REPLY &&
-              (ntohs(icmp6->icmp6_id) == pid) &&
-              NET_IsEqual(caddr, recv_caddr)) {
-            close(fd);
-            return JNI_TRUE;
+              (ntohs(icmp6->icmp6_id) == pid)) {
+            if (NET_IsEqual(caddr, recv_caddr)) {
+              close(fd);
+              return JNI_TRUE;
+            }
+            if (NET_IsZeroAddr(caddr)) {
+              close(fd);
+              return JNI_TRUE;
+            }
           }
         }
       } while (tmout2 > 0);
--- a/src/solaris/native/java/net/net_util_md.c	Mon May 21 11:41:33 2012 -0700
+++ b/src/solaris/native/java/net/net_util_md.c	Mon May 21 11:44:01 2012 -0700
@@ -961,6 +961,16 @@
     return 1;
 }
 
+int NET_IsZeroAddr(jbyte* caddr) {
+    int i;
+    for (i = 0; i < 16; i++) {
+        if (caddr[i] != 0) {
+            return 0;
+        }
+    }
+    return 1;
+}
+
 /*
  * Map the Java level socket option to the platform specific
  * level and option name.
--- a/src/solaris/native/java/util/TimeZone_md.c	Mon May 21 11:41:33 2012 -0700
+++ b/src/solaris/native/java/util/TimeZone_md.c	Mon May 21 11:44:01 2012 -0700
@@ -651,7 +651,7 @@
     }
 
 #ifdef __solaris__
-    if (strcmp(tz, "localtime") == 0) {
+    if (tz != NULL && strcmp(tz, "localtime") == 0) {
         tz = getSolarisDefaultZoneID();
         freetz = tz;
     }
--- a/src/solaris/native/sun/nio/ch/EPollArrayWrapper.c	Mon May 21 11:41:33 2012 -0700
+++ b/src/solaris/native/sun/nio/ch/EPollArrayWrapper.c	Mon May 21 11:44:01 2012 -0700
@@ -30,40 +30,10 @@
 
 #include "sun_nio_ch_EPollArrayWrapper.h"
 
-#include <dlfcn.h>
 #include <unistd.h>
 #include <sys/resource.h>
 #include <sys/time.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* epoll_wait(2) man page */
-
-typedef union epoll_data {
-    void *ptr;
-    int fd;
-    __uint32_t u32;
-    __uint64_t u64;
-} epoll_data_t;
-
-
-/* x86-64 has same alignment as 32-bit */
-#ifdef __x86_64__
-#define EPOLL_PACKED __attribute__((packed))
-#else
-#define EPOLL_PACKED
-#endif
-
-struct epoll_event {
-    __uint32_t events;  /* Epoll events */
-    epoll_data_t data;  /* User data variable */
-} EPOLL_PACKED;
-
-#ifdef  __cplusplus
-}
-#endif
+#include <sys/epoll.h>
 
 #define RESTARTABLE(_cmd, _result) do { \
   do { \
@@ -71,18 +41,6 @@
   } while((_result == -1) && (errno == EINTR)); \
 } while(0)
 
-/*
- * epoll event notification is new in 2.6 kernel. As the offical build
- * platform for the JDK is on a 2.4-based distribution then we must
- * obtain the addresses of the epoll functions dynamically.
- */
-typedef int (*epoll_create_t)(int size);
-typedef int (*epoll_ctl_t)   (int epfd, int op, int fd, struct epoll_event *event);
-typedef int (*epoll_wait_t)  (int epfd, struct epoll_event *events, int maxevents, int timeout);
-
-static epoll_create_t epoll_create_func;
-static epoll_ctl_t    epoll_ctl_func;
-static epoll_wait_t   epoll_wait_func;
 
 static int
 iepoll(int epfd, struct epoll_event *events, int numfds, jlong timeout)
@@ -96,7 +54,7 @@
     start = t.tv_sec * 1000 + t.tv_usec / 1000;
 
     for (;;) {
-        int res = (*epoll_wait_func)(epfd, events, numfds, timeout);
+        int res = epoll_wait(epfd, events, numfds, timeout);
         if (res < 0 && errno == EINTR) {
             if (remaining >= 0) {
                 gettimeofday(&t, NULL);
@@ -117,14 +75,6 @@
 JNIEXPORT void JNICALL
 Java_sun_nio_ch_EPollArrayWrapper_init(JNIEnv *env, jclass this)
 {
-    epoll_create_func = (epoll_create_t) dlsym(RTLD_DEFAULT, "epoll_create");
-    epoll_ctl_func    = (epoll_ctl_t)    dlsym(RTLD_DEFAULT, "epoll_ctl");
-    epoll_wait_func   = (epoll_wait_t)   dlsym(RTLD_DEFAULT, "epoll_wait");
-
-    if ((epoll_create_func == NULL) || (epoll_ctl_func == NULL) ||
-        (epoll_wait_func == NULL)) {
-        JNU_ThrowInternalError(env, "unable to get address of epoll functions, pre-2.6 kernel?");
-    }
 }
 
 JNIEXPORT jint JNICALL
@@ -134,7 +84,7 @@
      * epoll_create expects a size as a hint to the kernel about how to
      * dimension internal structures. We can't predict the size in advance.
      */
-    int epfd = (*epoll_create_func)(256);
+    int epfd = epoll_create(256);
     if (epfd < 0) {
        JNU_ThrowIOExceptionWithLastError(env, "epoll_create failed");
     }
@@ -173,7 +123,7 @@
     event.events = events;
     event.data.fd = fd;
 
-    RESTARTABLE((*epoll_ctl_func)(epfd, (int)opcode, (int)fd, &event), res);
+    RESTARTABLE(epoll_ctl(epfd, (int)opcode, (int)fd, &event), res);
 
     /*
      * A channel may be registered with several Selectors. When each Selector
@@ -199,7 +149,7 @@
     int res;
 
     if (timeout <= 0) {           /* Indefinite or no wait */
-        RESTARTABLE((*epoll_wait_func)(epfd, events, numfds, timeout), res);
+        RESTARTABLE(epoll_wait(epfd, events, numfds, timeout), res);
     } else {                      /* Bounded wait; bounded restarts */
         res = iepoll(epfd, events, numfds, timeout);
     }
--- a/src/windows/classes/sun/security/mscapi/RSASignature.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/windows/classes/sun/security/mscapi/RSASignature.java	Mon May 21 11:44:01 2012 -0700
@@ -57,8 +57,8 @@
  *
  * NOTE: NONEwithRSA must be supplied with a pre-computed message digest.
  *       Only the following digest algorithms are supported: MD5, SHA-1,
- *       SHA-256, SHA-384, SHA-512 and a special-purpose digest algorithm
- *       which is a concatenation of SHA-1 and MD5 digests.
+ *       SHA-256, SHA-384, SHA-512 and a special-purpose digest
+ *       algorithm which is a concatenation of SHA-1 and MD5 digests.
  *
  * @since   1.6
  * @author  Stanley Man-Kit Ho
--- a/src/windows/classes/sun/security/mscapi/SunMSCAPI.java	Mon May 21 11:41:33 2012 -0700
+++ b/src/windows/classes/sun/security/mscapi/SunMSCAPI.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -81,18 +81,26 @@
          */
         // NONEwithRSA must be supplied with a pre-computed message digest.
         // Only the following digest algorithms are supported: MD5, SHA-1,
-        // SHA-256, SHA-384, SHA-512 and a special-purpose digest algorithm
-        // which is a concatenation of SHA-1 and MD5 digests.
+        // SHA-256, SHA-384, SHA-512 and a special-purpose digest
+        // algorithm which is a concatenation of SHA-1 and MD5 digests.
         map.put("Signature.NONEwithRSA",
             "sun.security.mscapi.RSASignature$Raw");
         map.put("Signature.SHA1withRSA",
             "sun.security.mscapi.RSASignature$SHA1");
         map.put("Signature.SHA256withRSA",
             "sun.security.mscapi.RSASignature$SHA256");
+        map.put("Alg.Alias.Signature.1.2.840.113549.1.1.11",     "SHA256withRSA");
+        map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA");
         map.put("Signature.SHA384withRSA",
             "sun.security.mscapi.RSASignature$SHA384");
+        map.put("Alg.Alias.Signature.1.2.840.113549.1.1.12",     "SHA384withRSA");
+        map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.12", "SHA384withRSA");
+
         map.put("Signature.SHA512withRSA",
             "sun.security.mscapi.RSASignature$SHA512");
+        map.put("Alg.Alias.Signature.1.2.840.113549.1.1.13",     "SHA512withRSA");
+        map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.13", "SHA512withRSA");
+
         map.put("Signature.MD5withRSA",
             "sun.security.mscapi.RSASignature$MD5");
         map.put("Signature.MD2withRSA",
--- a/src/windows/native/sun/tools/attach/WindowsVirtualMachine.c	Mon May 21 11:41:33 2012 -0700
+++ b/src/windows/native/sun/tools/attach/WindowsVirtualMachine.c	Mon May 21 11:44:01 2012 -0700
@@ -466,7 +466,17 @@
         }
         CloseHandle(hThread);
     } else {
-        JNU_ThrowIOExceptionWithLastError(env, "CreateRemoteThread failed");
+        if (GetLastError() == ERROR_NOT_ENOUGH_MEMORY) {
+            //
+            // This error will occur when attaching to a process belonging to
+            // another terminal session. See "Remarks":
+            // http://msdn.microsoft.com/en-us/library/ms682437%28VS.85%29.aspx
+            //
+            JNU_ThrowIOException(env,
+                "Insufficient memory or insufficient privileges to attach");
+        } else {
+            JNU_ThrowIOExceptionWithLastError(env, "CreateRemoteThread failed");
+        }
     }
 
     VirtualFreeEx(hProcess, pCode, 0, MEM_RELEASE);
--- a/test/com/sun/crypto/provider/Cipher/RSA/TestOAEP.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/com/sun/crypto/provider/Cipher/RSA/TestOAEP.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -58,6 +58,7 @@
         Cipher.getInstance("RSA/ECB/OAEPwithMD5andMGF1Padding");
         Cipher.getInstance("RSA/ECB/OAEPwithSHA1andMGF1Padding");
         Cipher.getInstance("RSA/ECB/OAEPwithSHA-1andMGF1Padding");
+        Cipher.getInstance("RSA/ECB/OAEPwithSHA-224andMGF1Padding");
         Cipher.getInstance("RSA/ECB/OAEPwithSHA-256andMGF1Padding");
         Cipher.getInstance("RSA/ECB/OAEPwithSHA-384andMGF1Padding");
         Cipher.getInstance("RSA/ECB/OAEPwithSHA-512andMGF1Padding");
@@ -88,6 +89,18 @@
         // tests alias works
         testEncryptDecrypt("SHA-1", 16);
 
+        // basic test using SHA-224
+        testEncryptDecrypt("SHA-224", 0);
+        testEncryptDecrypt("SHA-224", 16);
+        testEncryptDecrypt("SHA-224", 38);
+        try {
+            testEncryptDecrypt("SHA-224", 39);
+            throw new Exception("Unexpectedly completed call");
+        } catch (IllegalBlockSizeException e) {
+            // ok
+            System.out.println(e);
+        }
+
         // basic test using SHA-256
         testEncryptDecrypt("SHA-256", 0);
         testEncryptDecrypt("SHA-256", 16);
@@ -195,6 +208,7 @@
         System.out.println("Done (" + (stop - start) + " ms).");
     }
 
+    // NOTE: OAEP can process up to (modLen - 2*digestLen - 2) bytes of data
     private static void testEncryptDecrypt(String hashAlg, int dataLength) throws Exception {
         System.out.println("Testing OAEP with hash " + hashAlg + ", " + dataLength + " bytes");
         Cipher c = Cipher.getInstance("RSA/ECB/OAEPwith" + hashAlg + "andMGF1Padding", cp);
--- a/test/com/sun/crypto/provider/Cipher/RSA/TestOAEPParameterSpec.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/com/sun/crypto/provider/Cipher/RSA/TestOAEPParameterSpec.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -121,6 +121,7 @@
     public static void main(String[] argv) throws Exception {
         boolean status = true;
         byte[] p = { (byte) 0x01, (byte) 0x02, (byte) 0x03, (byte) 0x04 };
+        status &= runTest("SHA-224", MGF1ParameterSpec.SHA224, p);
         status &= runTest("SHA-256", MGF1ParameterSpec.SHA256, p);
         status &= runTest("SHA-384", MGF1ParameterSpec.SHA384, p);
         status &= runTest("SHA-512", MGF1ParameterSpec.SHA512, p);
--- a/test/com/sun/crypto/provider/Cipher/RSA/TestOAEPWithParams.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/com/sun/crypto/provider/Cipher/RSA/TestOAEPWithParams.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -47,10 +47,10 @@
     private static Random random = new Random();
 
     private static String MD[] = {
-        "MD5", "SHA1", "SHA-256"
+        "MD5", "SHA1", "SHA-224", "SHA-256"
     };
     private static int DATA_LENGTH[] = {
-        62, 54, 30
+        62, 54, 34, 30
     };
     public static void main(String[] args) throws Exception {
         long start = System.currentTimeMillis();
--- a/test/com/sun/crypto/provider/KeyGenerator/Test4628062.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/com/sun/crypto/provider/KeyGenerator/Test4628062.java	Mon May 21 11:44:01 2012 -0700
@@ -23,7 +23,7 @@
 
 /*
  * @test
- * @bug 4628062
+ * @bug 4628062 4963723
  * @summary Verify that AES KeyGenerator supports default initialization
  *      when init is not called
  * @author Valerie Peng
@@ -34,39 +34,45 @@
 
 public class Test4628062 {
 
-    private static final String ALGO = "AES";
-    private static final int[] KEYSIZES =
-        { 16, 24, 32 }; // in bytes
+    private static final int[] AES_SIZES = { 16, 24, 32 }; // in bytes
+    private static final int[] HMACSHA224_SIZES = { 28 };
+    private static final int[] HMACSHA256_SIZES = { 32 };
+    private static final int[] HMACSHA384_SIZES = { 48 };
+    private static final int[] HMACSHA512_SIZES = { 64 };
 
-    public boolean execute() throws Exception {
-        KeyGenerator kg = KeyGenerator.getInstance(ALGO, "SunJCE");
+    public boolean execute(String algo, int[] keySizes) throws Exception {
+        KeyGenerator kg = KeyGenerator.getInstance(algo, "SunJCE");
 
         // TEST FIX 4628062
         Key keyWithDefaultSize = kg.generateKey();
         byte[] encoding = keyWithDefaultSize.getEncoded();
-        if (encoding.length == 0) {
+        int defKeyLen = encoding.length ;
+        if (defKeyLen == 0) {
             throw new Exception("default key length is 0!");
+        } else if (defKeyLen != keySizes[0]) {
+            throw new Exception("default key length mismatch!");
         }
 
         // BONUS TESTS
-        // 1. call init(int keysize) with various valid key sizes
-        // and see if the generated key is the right size.
-        for (int i=0; i<KEYSIZES.length; i++) {
-            kg.init(KEYSIZES[i]*8); // in bits
-            Key key = kg.generateKey();
-            if (key.getEncoded().length != KEYSIZES[i]) {
-                throw new Exception("key is generated with the wrong length!");
+        if (keySizes.length > 1) {
+            // 1. call init(int keysize) with various valid key sizes
+            // and see if the generated key is the right size.
+            for (int i=0; i<keySizes.length; i++) {
+                kg.init(keySizes[i]*8); // in bits
+                Key key = kg.generateKey();
+                if (key.getEncoded().length != keySizes[i]) {
+                    throw new Exception("key is generated with the wrong length!");
+                }
+            }
+            // 2. call init(int keysize) with invalid key size and see
+            // if the expected InvalidParameterException is thrown.
+            try {
+                kg.init(keySizes[0]*8+1);
+            } catch (InvalidParameterException ex) {
+            } catch (Exception ex) {
+                throw new Exception("wrong exception is thrown for invalid key size!");
             }
         }
-        // 2. call init(int keysize) with invalid key size and see
-        // if the expected InvalidParameterException is thrown.
-        try {
-            kg.init(KEYSIZES[0]*8+1);
-        } catch (InvalidParameterException ex) {
-        } catch (Exception ex) {
-            throw new Exception("wrong exception is thrown for invalid key size!");
-        }
-
         // passed all tests...hooray!
         return true;
     }
@@ -76,8 +82,20 @@
 
         Test4628062 test = new Test4628062();
         String testName = test.getClass().getName();
-        if (test.execute()) {
-            System.out.println(testName + ": Passed!");
+        if (test.execute("AES", AES_SIZES)) {
+            System.out.println(testName + ": AES Passed!");
+        }
+        if (test.execute("HmacSHA224", HMACSHA224_SIZES)) {
+            System.out.println(testName + ": HmacSHA224 Passed!");
+        }
+        if (test.execute("HmacSHA256", HMACSHA256_SIZES)) {
+            System.out.println(testName + ": HmacSHA256 Passed!");
+        }
+        if (test.execute("HmacSHA384", HMACSHA384_SIZES)) {
+            System.out.println(testName + ": HmacSHA384 Passed!");
+        }
+        if (test.execute("HmacSHA512", HMACSHA512_SIZES)) {
+            System.out.println(testName + ": HmacSHA512 Passed!");
         }
     }
 }
--- a/test/com/sun/crypto/provider/Mac/MacClone.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/com/sun/crypto/provider/Mac/MacClone.java	Mon May 21 11:44:01 2012 -0700
@@ -28,15 +28,33 @@
  * @author Jan Luehe
  */
 import javax.crypto.*;
+import javax.crypto.spec.SecretKeySpec;
 
 public class MacClone {
 
     public static void main(String[] args) throws Exception {
 
+        String[] algos = { "HmacMD5", "HmacSHA1", "HmacSHA224", "HmacSHA256",
+                           "HmacSHA384", "HmacSHA512" };
+        KeyGenerator kgen = KeyGenerator.getInstance("DES");
+        SecretKey skey = kgen.generateKey();
+        for (String algo : algos) {
+            doTest(algo, skey);
+        }
+
+        String[] algos2 = { "HmacPBESHA1" };
+        skey = new SecretKeySpec("whatever".getBytes(), "PBE");
+        for (String algo : algos2) {
+            doTest(algo, skey);
+        }
+        System.out.println("Test Passed");
+    }
+
+    private static void doTest(String algo, SecretKey skey) throws Exception {
         //
-        // Clone uninitialized Mac object
+        // Clone an uninitialized Mac object
         //
-        Mac mac = Mac.getInstance("HmacSHA1", "SunJCE");
+        Mac mac = Mac.getInstance(algo, "SunJCE");
         Mac macClone = (Mac)mac.clone();
         System.out.println(macClone.getProvider().toString());
         System.out.println(macClone.getAlgorithm());
@@ -51,12 +69,9 @@
         }
 
         //
-        // Clone initialized Mac object
+        // Clone an initialized Mac object
         //
-        KeyGenerator kgen = KeyGenerator.getInstance("DES");
-        SecretKey skey = kgen.generateKey();
-
-        mac = Mac.getInstance("HmacSHA1", "SunJCE");
+        mac = Mac.getInstance(algo, "SunJCE");
         mac.init(skey);
         macClone = (Mac)mac.clone();
         System.out.println(macClone.getProvider().toString());
@@ -66,7 +81,20 @@
         byte[] macFinal = mac.doFinal();
         byte[] macCloneFinal = macClone.doFinal();
         if (!java.util.Arrays.equals(macFinal, macCloneFinal)) {
-            throw new Exception("MAC results are different");
-        }
+            throw new Exception("ERROR: MAC result of init clone is different");
+        } else System.out.println("MAC check#1 passed");
+
+        //
+        // Clone an updated Mac object
+        //
+        mac.update((byte)0x12);
+        macClone = (Mac)mac.clone();
+        mac.update((byte)0x34);
+        macClone.update((byte)0x34);
+        macFinal = mac.doFinal();
+        macCloneFinal = macClone.doFinal();
+        if (!java.util.Arrays.equals(macFinal, macCloneFinal)) {
+            throw new Exception("ERROR: MAC result of updated clone is different");
+        } else System.out.println("MAC check#2 passed");
     }
 }
--- a/test/com/sun/crypto/provider/Mac/MacKAT.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/com/sun/crypto/provider/Mac/MacKAT.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 4846410 6313661
+ * @bug 4846410 6313661 4963723
  * @summary Basic known-answer-test for Hmac and SslMac algorithms
  * @author Andreas Sterbenz
  */
@@ -147,7 +147,9 @@
     private static Test t(String alg, String input, String macvalue, String key) {
         return new MacTest(alg, b(input), b(macvalue), b(key));
     }
-
+    private static Test t(String alg, String input, String macvalue, byte[] key) {
+        return new MacTest(alg, b(input), b(macvalue), key);
+    }
     private static Test t(String alg, byte[] input, String macvalue, String key) {
         return new MacTest(alg, input, b(macvalue), b(key));
     }
@@ -155,8 +157,8 @@
     private static Test t(String alg, byte[] input, String macvalue, byte[] key) {
         return new MacTest(alg, input, b(macvalue), key);
     }
-
     private final static byte[] ALONG, BLONG, BKEY;
+    private final static byte[] BKEY_20, DDDATA_50, AAKEY_20, CDDATA_50, AAKEY_131;
 
     static {
         ALONG = new byte[1024 * 128];
@@ -166,6 +168,16 @@
         random.nextBytes(BLONG);
         BKEY = new byte[128];
         random.nextBytes(BKEY);
+        BKEY_20 = new byte[20];
+        Arrays.fill(BKEY_20, (byte) 0x0b);
+        DDDATA_50 = new byte[50];
+        Arrays.fill(DDDATA_50, (byte) 0xdd);
+        AAKEY_20 = new byte[20];
+        Arrays.fill(AAKEY_20, (byte) 0xaa);
+        CDDATA_50 = new byte[50];
+        Arrays.fill(CDDATA_50, (byte) 0xcd);
+        AAKEY_131 = new byte[131];
+        Arrays.fill(AAKEY_131, (byte) 0xaa);
     }
 
     private final static Test[] tests = {
@@ -203,15 +215,24 @@
                 "1b:34:61:29:05:0d:73:db:25:d0:dd:64:06:29:f6:8a"),
         t("HmacSHA512", BLONG, "fb:cf:4b:c6:d5:49:5a:5b:0b:d9:2a:32:f5:fa:68:d2:68:a4:0f:ae:53:fc:49:12:e6:1d:53:cf:b2:cb:c5:c5:f2:2d:86:bd:14:61:30:c3:a6:6f:44:1f:77:9b:aa:a1:22:48:a9:dd:d0:45:86:d1:a1:82:53:13:c4:03:06:a3",
                 BKEY),
+        // Test vectors From RFC4231
+        t("HmacSHA224", s("Hi There"), "89:6f:b1:12:8a:bb:df:19:68:32:10:7c:d4:9d:f3:3f:47:b4:b1:16:99:12:ba:4f:53:68:4b:22", BKEY_20),
+        t("HmacSHA224", s("what do ya want for nothing?"), "a3:0e:01:09:8b:c6:db:bf:45:69:0f:3a:7e:9e:6d:0f:8b:be:a2:a3:9e:61:48:00:8f:d0:5e:44", s("Jefe")),
+        t("HmacSHA224", DDDATA_50, "7f:b3:cb:35:88:c6:c1:f6:ff:a9:69:4d:7d:6a:d2:64:93:65:b0:c1:f6:5d:69:d1:ec:83:33:ea", AAKEY_20),
+        t("HmacSHA224", CDDATA_50, "6c:11:50:68:74:01:3c:ac:6a:2a:bc:1b:b3:82:62:7c:ec:6a:90:d8:6e:fc:01:2d:e7:af:ec:5a", "01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f:10:11:12:13:14:15:16:17:18:19"),
+        t("HmacSHA224", s("Test Using Larger Than Block-Size Key - Hash Key First"), "95:e9:a0:db:96:20:95:ad:ae:be:9b:2d:6f:0d:bc:e2:d4:99:f1:12:f2:d2:b7:27:3f:a6:87:0e", AAKEY_131),
+        t("HmacSHA224", s("This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."), "3a:85:41:66:ac:5d:9f:02:3f:54:d5:17:d0:b3:9d:bd:94:67:70:db:9c:2b:95:c9:f6:f5:65:d1", AAKEY_131),
     };
 
     static void runTests(Test[] tests) throws Exception {
         long start = System.currentTimeMillis();
         Provider p = Security.getProvider("SunJCE");
         System.out.println("Testing provider " + p.getName() + "...");
+        Mac.getInstance("HmacSHA224", p);
         Mac.getInstance("HmacSHA256", p);
         Mac.getInstance("HmacSHA384", p);
         Mac.getInstance("HmacSHA512", p);
+        KeyGenerator.getInstance("HmacSHA224", p);
         KeyGenerator.getInstance("HmacSHA256", p);
         KeyGenerator.getInstance("HmacSHA384", p);
         KeyGenerator.getInstance("HmacSHA512", p);
--- a/test/demo/zipfs/ZipFSTester.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/demo/zipfs/ZipFSTester.java	Mon May 21 11:44:01 2012 -0700
@@ -540,6 +540,20 @@
                 bbSrc.flip();
                 bbDst.flip();
             }
+
+            // Check if source read position is at the end
+            if (chSrc.position() != chSrc.size()) {
+                System.out.printf("src[%s]: size=%d, position=%d%n",
+                                  chSrc.toString(), chSrc.size(), chSrc.position());
+                throw new RuntimeException("CHECK FAILED!");
+            }
+
+            // Check if destination read position is at the end
+            if (chDst.position() != chDst.size()) {
+                System.out.printf("dst[%s]: size=%d, position=%d%n",
+                                  chDst.toString(), chDst.size(), chDst.position());
+                throw new RuntimeException("CHECK FAILED!");
+            }
         } catch (IOException x) {
             x.printStackTrace();
         }
@@ -587,6 +601,20 @@
                 dstCh.write(bb);
                 bb.clear();
             }
+
+            // Check if source read position is at the end
+            if (srcCh.position() != srcCh.size()) {
+                System.out.printf("src[%s]: size=%d, position=%d%n",
+                                  srcCh.toString(), srcCh.size(), srcCh.position());
+                throw new RuntimeException("CHECK FAILED!");
+            }
+
+            // Check if destination write position is at the end
+            if (dstCh.position() != dstCh.size()) {
+                System.out.printf("dst[%s]: size=%d, position=%d%n",
+                                  dstCh.toString(), dstCh.size(), dstCh.position());
+                throw new RuntimeException("CHECK FAILED!");
+            }
         }
     }
 
@@ -616,10 +644,17 @@
 
         try (SeekableByteChannel sbc = Files.newByteChannel(path)) {
             System.out.printf("   sbc[0]: pos=%d, size=%d%n", sbc.position(), sbc.size());
+            if (sbc.position() != 0) {
+                throw new RuntimeException("CHECK FAILED!");
+            }
+
             bb = ByteBuffer.allocate((int)sbc.size());
             n = sbc.read(bb);
             System.out.printf("   sbc[1]: read=%d, pos=%d, size=%d%n",
                               n, sbc.position(), sbc.size());
+            if (sbc.position() != sbc.size()) {
+                throw new RuntimeException("CHECK FAILED!");
+            }
             bb2 = ByteBuffer.allocate((int)sbc.size());
         }
 
@@ -629,10 +664,16 @@
             sbc.position(N);
             System.out.printf("   sbc[2]: pos=%d, size=%d%n",
                               sbc.position(), sbc.size());
+            if (sbc.position() != N) {
+                throw new RuntimeException("CHECK FAILED!");
+            }
             bb2.limit(100);
             n = sbc.read(bb2);
             System.out.printf("   sbc[3]: read=%d, pos=%d, size=%d%n",
                               n, sbc.position(), sbc.size());
+            if (n < 0 || sbc.position() != (N + n)) {
+                throw new RuntimeException("CHECK FAILED!");
+            }
             System.out.printf("   sbc[4]: bb[%d]=%d, bb1[0]=%d%n",
                               N, bb.get(N) & 0xff, bb2.get(0) & 0xff);
         }
--- a/test/demo/zipfs/basic.sh	Mon May 21 11:41:33 2012 -0700
+++ b/test/demo/zipfs/basic.sh	Mon May 21 11:44:01 2012 -0700
@@ -22,6 +22,7 @@
 #
 # @test
 # @bug 6990846 7009092 7009085 7015391 7014948 7005986 7017840 7007596
+# 7157656
 # @summary Test ZipFileSystem demo
 # @build Basic PathOps ZipFSTester
 # @run shell basic.sh
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/net/Inet4Address/PingThis.java	Mon May 21 11:44:01 2012 -0700
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 2012 Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * Portions Copyright (c) 2012 IBM Corporation
+ */
+
+/* @test
+ * @bug 7163874
+ * @summary InetAddress.isReachable is returning false
+ *          for InetAdress 0.0.0.0 and ::0
+ * @run main PingThis
+ * @run main/othervm -Djava.net.preferIPv4Stack=true PingThis
+ */
+
+import java.net.Inet6Address;
+import java.net.InetAddress;
+import java.net.NetworkInterface;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+
+public class PingThis {
+    private static boolean hasIPv6() throws Exception {
+        List<NetworkInterface> nics = Collections.list(NetworkInterface
+                .getNetworkInterfaces());
+        for (NetworkInterface nic : nics) {
+            List<InetAddress> addrs = Collections.list(nic.getInetAddresses());
+            for (InetAddress addr : addrs) {
+                if (addr instanceof Inet6Address)
+                    return true;
+            }
+        }
+
+        return false;
+    }
+
+    public static void main(String args[]) throws Exception {
+        if (System.getProperty("os.name").startsWith("Windows")) {
+            return;
+        }
+
+        boolean preferIPv4Stack = "true".equals(System
+                .getProperty("java.net.preferIPv4Stack"));
+        List<String> addrs = new ArrayList<String>();
+        InetAddress inetAddress = null;
+
+        addrs.add("0.0.0.0");
+        if (!preferIPv4Stack) {
+            if (hasIPv6()) {
+                addrs.add("::0");
+            }
+        }
+
+        for (String addr : addrs) {
+            inetAddress = InetAddress.getByName(addr);
+            System.out.println("The target ip is "
+                    + inetAddress.getHostAddress());
+            boolean isReachable = inetAddress.isReachable(3000);
+            System.out.println("the target is reachable: " + isReachable);
+            if (isReachable) {
+                System.out.println("Test passed ");
+            } else {
+                System.out.println("Test failed ");
+                throw new Exception("address " + inetAddress.getHostAddress()
+                        + " can not be reachable!");
+            }
+        }
+    }
+}
--- a/test/java/nio/MappedByteBuffer/Truncate.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/java/nio/MappedByteBuffer/Truncate.java	Mon May 21 11:44:01 2012 -0700
@@ -88,6 +88,11 @@
             }
         };
         Thread t = new Thread(r);
+        t.setUncaughtExceptionHandler(new Thread.UncaughtExceptionHandler() {
+            public void uncaughtException(Thread t, Throwable e) {
+                e.printStackTrace();
+            }
+        });
         t.start();
         try { t.join(); } catch (InterruptedException ignore) { }
     }
--- a/test/java/rmi/activation/checkusage/CheckUsage.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/java/rmi/activation/checkusage/CheckUsage.java	Mon May 21 11:44:01 2012 -0700
@@ -53,12 +53,9 @@
             rmidVM.start();
 
             // wait for registry exit
+            int rmidVMExitStatus = rmidVM.getVM().waitFor();
             System.err.println("rmid exited with status: " +
-                               rmidVM.getVM().waitFor());
-            try {
-                Thread.sleep(7000);
-            } catch (InterruptedException ie) {
-            }
+                               rmidVMExitStatus);
 
             String usage = new String(berr.toByteArray());
 
--- a/test/java/rmi/testlibrary/ActivationLibrary.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/java/rmi/testlibrary/ActivationLibrary.java	Mon May 21 11:44:01 2012 -0700
@@ -63,19 +63,30 @@
      */
     public static void deactivate(Remote remote,
                                   ActivationID id) {
-        for (int i = 0; i < 5; i ++) {
+        // We do as much as 50 deactivation trials, each separated by
+        // at least 100 milliseconds sleep time (max sleep time of 5 secs).
+        final long deactivateSleepTime = 100;
+        for (int i = 0; i < 50; i ++) {
             try {
                 if (Activatable.inactive(id) == true) {
                     mesg("inactive successful");
                     return;
                 } else {
-                    Thread.sleep(1000);
+                    mesg("inactive trial failed. Sleeping " +
+                         deactivateSleepTime +
+                         " milliseconds before next trial");
+                    Thread.sleep(deactivateSleepTime);
                 }
             } catch (InterruptedException e) {
-                continue;
+                Thread.currentThread().interrupt();
+                mesg("Thread interrupted while trying to deactivate activatable. Exiting deactivation");
+                return;
             } catch (Exception e) {
                 try {
                     // forcibly unexport the object
+                    mesg("Unexpected exception. Have to forcibly unexport the object." +
+                         " Exception was :");
+                    e.printStackTrace();
                     Activatable.unexportObject(remote, true);
                 } catch (NoSuchObjectException ex) {
                 }
@@ -99,37 +110,61 @@
      * activation system.
      */
     public static boolean rmidRunning(int port) {
-        int allowedNotReady = 10;
+        int allowedNotReady = 50;
         int connectionRefusedExceptions = 0;
 
-        for (int i = 0; i < 15 ; i++) {
+        /* We wait as much as a total of 7.5 secs trying to see Rmid running.
+         * We do this by pausing steps of 100 milliseconds (so up to 75 steps),
+         * right after trying to lookup and find RMID running in the other vm.
+         */
+        final long rmidWaitingStepTime = 100;
+        for (int i = 0; i <= 74; i++) {
 
             try {
-                Thread.sleep(500);
                 LocateRegistry.getRegistry(port).lookup(SYSTEM_NAME);
+                mesg("Activation System available after " +
+                     (i * rmidWaitingStepTime) + " milliseconds");
                 return true;
 
             } catch (java.rmi.ConnectException e) {
+                mesg("Remote connection refused after " +
+                     (i * rmidWaitingStepTime) + " milliseconds");
+
                 // ignore connect exceptions until we decide rmid is not up
-
                 if ((connectionRefusedExceptions ++) >= allowedNotReady) {
                     return false;
                 }
 
+            } catch (java.rmi.NoSuchObjectException nsoe) {
+                /* Activation System still unavailable.
+                 * Ignore this since we are just waiting for its availibility.
+                 * Just signal unavailibility.
+                 */
+                mesg("Activation System still unavailable after more than " +
+                     (i * rmidWaitingStepTime) + " milliseconds");
+
             } catch (NotBoundException e) {
-
                 return false;
 
             } catch (Exception e) {
-                // print out other types of exceptions as an FYI.
-                // test should not fail as rmid is likely to be in an
-                // undetermined state at this point.
-
+                /* print out other types of exceptions as an FYI.
+                 * test should not fail as rmid is likely to be in an
+                 * undetermined state at this point.
+                 */
                 mesg("caught an exception trying to" +
                      " start rmid, last exception was: " +
                      e.getMessage());
                 e.printStackTrace();
             }
+
+            // Waiting for another 100 milliseconds.
+            try {
+                Thread.sleep(100);
+            } catch (InterruptedException e) {
+                Thread.currentThread().interrupt();
+                mesg("Thread interrupted while checking if Activation System is running. Exiting check");
+                return false;
+            }
         }
         return false;
     }
--- a/test/java/rmi/testlibrary/JavaVM.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/java/rmi/testlibrary/JavaVM.java	Mon May 21 11:44:01 2012 -0700
@@ -36,7 +36,6 @@
  */
 public class JavaVM {
 
-    // need to
     protected Process vm = null;
 
     private String classname = "";
@@ -46,6 +45,10 @@
     private OutputStream errorStream = System.err;
     private String policyFileName = null;
 
+    // This is used to shorten waiting time at startup.
+    private volatile boolean started = false;
+    private boolean forcesOutput = true; // default behavior
+
     private static void mesg(Object mesg) {
         System.err.println("JAVAVM: " + mesg.toString());
     }
@@ -79,6 +82,25 @@
         this.errorStream = err;
     }
 
+    /* This constructor will instantiate a JavaVM object for which caller
+     * can ask for forcing initial version output on child vm process
+     * (if forcesVersionOutput is true), or letting the started vm behave freely
+     * (when forcesVersionOutput is false).
+     */
+    public JavaVM(String classname,
+                  String options, String args,
+                  OutputStream out, OutputStream err,
+                  boolean forcesVersionOutput) {
+        this(classname, options, args, out, err);
+        this.forcesOutput = forcesVersionOutput;
+    }
+
+
+    public void setStarted() {
+        started = true;
+    }
+
+    // Prepends passed opts array to current options
     public void addOptions(String[] opts) {
         String newOpts = "";
         for (int i = 0 ; i < opts.length ; i ++) {
@@ -87,6 +109,8 @@
         newOpts += " ";
         options = newOpts + options;
     }
+
+    // Prepends passed arguments array to current args
     public void addArguments(String[] arguments) {
         String newArgs = "";
         for (int i = 0 ; i < arguments.length ; i ++) {
@@ -127,6 +151,18 @@
 
         addOptions(new String[] { getCodeCoverageOptions() });
 
+        /*
+         * If forcesOutput is true :
+         *  We force the new starting vm to output something so that we can know
+         *  when it is effectively started by redirecting standard output through
+         *  the next StreamPipe call (the vm is considered started when a first
+         *  output has been streamed out).
+         *  We do this by prepnding a "-showversion" option in the command line.
+         */
+        if (forcesOutput) {
+            addOptions(new String[] {"-showversion"});
+        }
+
         StringTokenizer optionsTokenizer = new StringTokenizer(options);
         StringTokenizer argsTokenizer = new StringTokenizer(args);
         int optionsCount = optionsTokenizer.countTokens();
@@ -150,15 +186,43 @@
         vm = Runtime.getRuntime().exec(javaCommand);
 
         /* output from the execed process may optionally be captured. */
-        StreamPipe.plugTogether(vm.getInputStream(), this.outputStream);
-        StreamPipe.plugTogether(vm.getErrorStream(), this.errorStream);
+        StreamPipe.plugTogether(this, vm.getInputStream(), this.outputStream);
+        StreamPipe.plugTogether(this, vm.getErrorStream(), this.errorStream);
 
         try {
-            Thread.sleep(2000);
-        } catch (Exception ignore) {
+            if (forcesOutput) {
+                // Wait distant vm to start, by using waiting time slices of 100 ms.
+                // Wait at most for 2secs, after it considers the vm to be started.
+                final long vmStartSleepTime = 100;
+                final int maxTrials = 20;
+                int numTrials = 0;
+                while (!started && numTrials < maxTrials) {
+                    numTrials++;
+                    Thread.sleep(vmStartSleepTime);
+                }
+
+                // Outputs running status of distant vm
+                String message =
+                    "after " + (numTrials * vmStartSleepTime) + " milliseconds";
+                if (started) {
+                    mesg("distant vm process running, " + message);
+                }
+                else {
+                    mesg("unknown running status of distant vm process, " + message);
+                }
+            }
+            else {
+                // Since we have no way to know if the distant vm is started,
+                // we just consider the vm to be started after a 2secs waiting time.
+                Thread.sleep(2000);
+                mesg("distant vm considered to be started after a waiting time of 2 secs");
+            }
+        } catch (InterruptedException e) {
+            Thread.currentThread().interrupt();
+            mesg("Thread interrupted while checking if distant vm is started. Giving up check.");
+            mesg("Distant vm state unknown");
+            return;
         }
-
-        mesg("finished starting vm.");
     }
 
     public void destroy() {
--- a/test/java/rmi/testlibrary/RMID.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/java/rmi/testlibrary/RMID.java	Mon May 21 11:44:01 2012 -0700
@@ -218,20 +218,30 @@
         } catch (NumberFormatException ignore) {}
         waitTime = waitTime * slopFactor;
 
-        // give rmid time to come up
+        // We check several times (as many as provides passed waitTime) to
+        // see if Rmid is currently running. Waiting steps last 100 msecs.
+        final long rmidStartSleepTime = 100;
         do {
+            // Sleeping for another rmidStartSleepTime time slice.
             try {
-                Thread.sleep(Math.min(waitTime, 10000));
+                Thread.sleep(Math.min(waitTime, rmidStartSleepTime));
             } catch (InterruptedException ie) {
                 Thread.currentThread().interrupt();
+                mesg("Thread interrupted while checking for start of Activation System. Giving up check.");
+                mesg("Activation System state unknown");
+                return;
             }
-            waitTime -= 10000;
+            waitTime -= rmidStartSleepTime;
 
-            // is rmid present?
+            // Checking if rmid is present
             if (ActivationLibrary.rmidRunning(port)) {
                 mesg("finished starting rmid.");
                 return;
             }
+            else {
+                mesg("rmid still not started");
+            }
+
         } while (waitTime > 0);
         TestLibrary.bomb("start rmid failed... giving up", null);
     }
@@ -264,6 +274,8 @@
                     port +
                     "/java.rmi.activation.ActivationSystem");
                 mesg("obtained a reference to the activation system");
+            } catch (RemoteException re) {
+                mesg("could not contact registry while trying to shutdown activation system");
             } catch (java.net.MalformedURLException mue) {
             }
 
@@ -272,19 +284,14 @@
             }
             system.shutdown();
 
+        } catch (RemoteException re) {
+            mesg("shutting down the activation daemon failed");
         } catch (Exception e) {
             mesg("caught exception trying to shutdown rmid");
             mesg(e.getMessage());
             e.printStackTrace();
         }
 
-        try {
-            // wait for the shutdown to happen
-            Thread.sleep(5000);
-        } catch (InterruptedException ie) {
-            Thread.currentThread().interrupt();
-        }
-
         mesg("testlibrary finished shutting down rmid");
     }
 
@@ -301,18 +308,47 @@
 
         if (vm != null) {
             try {
-                // destroy rmid if it is still running...
-                try {
-                    vm.exitValue();
-                    mesg("rmid exited on shutdown request");
-                } catch (IllegalThreadStateException illegal) {
-                    mesg("Had to destroy RMID's process " +
-                         "using Process.destroy()");
+                /* Waiting for distant RMID process to shutdown.
+                 * Waiting is bounded at a hardcoded max of 60 secs (1 min).
+                 * Waiting by steps of 200 msecs, thus at most 300 such attempts
+                 * for termination of distant RMID process. If process is not
+                 * known to be terminated properly after that time,
+                 * we give up for a gracefull termination, and thus go for
+                 * forcibly destroying the process.
+                 */
+                boolean vmEnded = false;
+                int waitingTrials = 0;
+                final int maxTrials = 300;
+                final long vmProcessEndWaitInterval = 200;
+                int vmExitValue;
+                do {
+                    try {
+                        Thread.sleep(vmProcessEndWaitInterval);
+                        waitingTrials++;
+                        vmExitValue = vm.exitValue();
+                        mesg("rmid exited on shutdown request");
+                        vmEnded = true;
+                    } catch (IllegalThreadStateException illegal) {
+                        mesg("RMID's process still not terminated after more than " +
+                             (waitingTrials * vmProcessEndWaitInterval) + " milliseconds");
+                    }
+                }
+                while (!vmEnded &&
+                       (waitingTrials < maxTrials));
+
+                if (waitingTrials >= maxTrials) {
+                    mesg("RMID's process still not terminated after more than " +
+                         (waitingTrials * vmProcessEndWaitInterval) + " milliseconds." +
+                         "Givinp up gracefull termination...");
+                    mesg("destroying RMID's process using Process.destroy()");
                     super.destroy();
                 }
 
+            } catch (InterruptedException ie) {
+                Thread.currentThread().interrupt();
+                mesg("Thread interrupted while checking for termination of distant rmid vm. Giving up check.");
             } catch (Exception e) {
-                mesg("caught exception trying to destroy rmid: " +
+                mesg("caught unexpected exception trying to destroy rmid: " +
                      e.getMessage());
                 e.printStackTrace();
             }
--- a/test/java/rmi/testlibrary/StreamPipe.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/java/rmi/testlibrary/StreamPipe.java	Mon May 21 11:44:01 2012 -0700
@@ -35,46 +35,89 @@
     private InputStream in;
     private OutputStream out;
     private String preamble;
+    private JavaVM javaVM;
     private static Object lock = new Object();
     private static int count = 0;
 
-    public StreamPipe(InputStream in, OutputStream out, String name) {
+
+    /* StreamPipe constructor : should only be called by plugTogether() method !!
+     * If passed vm is not null :
+     * -  This is StreamPipe usage when streams to pipe come from a given
+     *    vm (JavaVM) process (the vm process must be started with a prefixed
+     *    "-showversion" option to be able to determine as soon as possible when
+     *    the vm process is started through the redirection of the streams).
+     *    There must be a close connection between the StreamPipe instance and
+     *    the JavaVM object on which a start() call has been done.
+     *    run() method will flag distant JavaVM as started.
+     * If passed vm is null :
+     * -  We don't have control on the process which we want to redirect the passed
+     *    streams.
+     *    run() method will ignore distant process.
+     */
+    private StreamPipe(JavaVM vm, InputStream in, OutputStream out, String name) {
         super(name);
         this.in  = in;
         this.out = out;
         this.preamble = "# ";
+        this.javaVM = vm;
     }
 
+    // Install redirection of passed InputStream and OutputStream from passed JavaVM
+    // to this vm standard output and input streams.
+    public static void plugTogether(JavaVM vm, InputStream in, OutputStream out) {
+        String name = null;
+
+        synchronized (lock) {
+            name = "TestLibrary: StreamPipe-" + (count ++ );
+        }
+
+        Thread pipe = new StreamPipe(vm, in, out, name);
+        pipe.setDaemon(true);
+        pipe.start();
+    }
+
+    /* Redirects the InputStream and OutputStream passed by caller to this
+     * vm standard output and input streams.
+     * (we just have to use fully parametered plugTogether() call with a null
+     *  JavaVM input to do this).
+     */
+    public static void plugTogether(InputStream in, OutputStream out) {
+        plugTogether(null, in, out);
+    }
+
+    // Starts redirection of streams.
     public void run() {
         BufferedReader r = new BufferedReader(new InputStreamReader(in), 1);
         BufferedWriter w = new BufferedWriter(new OutputStreamWriter(out));
         byte[] buf = new byte[256];
-        boolean bol = true;     // beginning-of-line
-        int count;
 
         try {
             String line;
-            while ((line = r.readLine()) != null) {
+
+            /* This is to check that the distant vm has started,
+             * if such a vm has been provided at construction :
+             * - As soon as we can read something from r BufferedReader,
+             *   that means the distant vm is already started.
+             * Thus we signal associated JavaVM object that it is now started.
+             */
+            if (((line = r.readLine()) != null) &&
+                (javaVM != null)) {
+                javaVM.setStarted();
+            }
+
+            // Redirects r on w.
+            while (line != null) {
                 w.write(preamble);
                 w.write(line);
                 w.newLine();
                 w.flush();
+                line = r.readLine();
             }
+
         } catch (IOException e) {
             System.err.println("*** IOException in StreamPipe.run:");
             e.printStackTrace();
         }
     }
 
-    public static void plugTogether(InputStream in, OutputStream out) {
-        String name = null;
-
-        synchronized (lock) {
-            name = "TestLibrary: StreamPipe-" + (count ++ );
-        }
-
-        Thread pipe = new StreamPipe(in, out, name);
-        pipe.setDaemon(true);
-        pipe.start();
-    }
 }
--- a/test/java/util/UUID/UUIDTest.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/java/util/UUID/UUIDTest.java	Mon May 21 11:44:01 2012 -0700
@@ -58,6 +58,12 @@
         List list = new LinkedList();
         for (int i=0; i<100; i++) {
             UUID u1 = UUID.randomUUID();
+            if (4 != u1.version()) {
+                throw new Exception("bad version");
+            }
+            if (2 != u1.variant()) {
+                throw new Exception("bad variant");
+            }
             if (list.contains(u1))
                 throw new Exception("random UUID collision very unlikely");
             list.add(u1);
@@ -70,10 +76,16 @@
         List list = new LinkedList();
         for (int i=0; i<100; i++) {
             byteSource.nextBytes(someBytes);
-            UUID test = UUID.nameUUIDFromBytes(someBytes);
-            if (list.contains(test))
+            UUID u1 = UUID.nameUUIDFromBytes(someBytes);
+            if (3 != u1.version()) {
+                throw new Exception("bad version");
+            }
+            if (2 != u1.variant()) {
+                throw new Exception("bad variant");
+            }
+            if (list.contains(u1))
                 throw new Exception("byte UUID collision very unlikely");
-            list.add(test);
+            list.add(u1);
         }
     }
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/util/concurrent/atomic/AtomicUpdaters.java	Mon May 21 11:44:01 2012 -0700
@@ -0,0 +1,189 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7103570
+ * @author David Holmes
+ * @run main/othervm AtomicUpdaters
+ * @run main/othervm AtomicUpdaters UseSM
+ * @summary Checks the (in)ability to create field updaters for differently
+ *          accessible fields in different locations with/without a security
+ *          manager
+ */
+import java.util.concurrent.atomic.*;
+import java.lang.reflect.*;
+import java.security.AccessControlException;
+
+public class  AtomicUpdaters {
+    enum TYPE { INT, LONG, REF }
+
+    static class Config {
+        final Class<?> clazz;
+        final String field;
+        final String access;
+        final boolean reflectOk;
+        final boolean updaterOk;
+        final String desc;
+        final TYPE type;
+
+        Config(Class<?> clazz, String field, String access,
+               boolean reflectOk, boolean updaterOk, String desc, TYPE type) {
+            this.clazz = clazz;
+            this.field = field;
+            this.access = access;
+            this.reflectOk = reflectOk;
+            this.updaterOk = updaterOk;
+            this.desc = desc;
+            this.type =type;
+        }
+
+        public String toString() {
+            return desc + ": " + access + " " + clazz.getName() + "." + field;
+        }
+    }
+
+    static Config[] tests;
+
+    static void initTests(boolean hasSM) {
+        tests = new Config[] {
+            new Config(AtomicUpdaters.class, "pub_int", "public", true, true, "public int field of current class", TYPE.INT),
+            new Config(AtomicUpdaters.class, "priv_int", "private", true, true, "private int field of current class", TYPE.INT),
+            new Config(AtomicUpdaters.class, "pub_long", "public", true, true, "public long field of current class", TYPE.LONG),
+            new Config(AtomicUpdaters.class, "priv_long", "private", true, true, "private long field of current class", TYPE.LONG),
+            new Config(AtomicUpdaters.class, "pub_ref", "public", true, true, "public ref field of current class", TYPE.REF),
+            new Config(AtomicUpdaters.class, "priv_ref", "private", true, true, "private ref field of current class", TYPE.REF),
+
+            // Would like to test a public volatile in a class in another
+            // package - but of course there aren't any
+            new Config(java.util.concurrent.atomic.AtomicInteger.class, "value", "private", hasSM ? false : true, false, "private int field of class in different package", TYPE.INT),
+            new Config(java.util.concurrent.atomic.AtomicLong.class, "value", "private", hasSM ? false : true, false, "private long field of class in different package", TYPE.LONG),
+            new Config(java.util.concurrent.atomic.AtomicReference.class, "value", "private", hasSM ? false : true, false, "private reference field of class in different package", TYPE.REF),
+        };
+    }
+
+    public volatile int pub_int;
+    private volatile int priv_int;
+    public volatile long pub_long;
+    private volatile long priv_long;
+    public volatile Object pub_ref;
+    private volatile Object priv_ref;
+
+
+    // This should be set dynamically at runtime using a System property, but
+    // ironically we get a SecurityException if we try to do that with a
+    // SecurityManager installed
+    static boolean verbose;
+
+    public static void main(String[] args) throws Throwable {
+        boolean hasSM = false;
+        for (String arg : args) {
+            if ("-v".equals(arg)) {
+                verbose = true;
+            }
+            else if ("UseSM".equals(arg)) {
+                SecurityManager m = System.getSecurityManager();
+                if (m != null)
+                    throw new RuntimeException("No security manager should initially be installed");
+                System.setSecurityManager(new java.lang.SecurityManager());
+                hasSM = true;
+            }
+            else {
+                throw new IllegalArgumentException("Unexpected option: " + arg);
+            }
+        }
+        initTests(hasSM);
+
+        int failures = 0;
+
+        System.out.printf("Testing with%s a SecurityManager present\n", hasSM ? "" : "out");
+        for (Config c : tests) {
+            System.out.println("Testing: " + c);
+            Error reflectionFailure = null;
+            Error updaterFailure = null;
+            Class<?> clazz = c.clazz;
+            // See if we can reflectively access the field
+            System.out.println(" - testing getDeclaredField");
+            try {
+                Field f = clazz.getDeclaredField(c.field);
+                if (!c.reflectOk)
+                    reflectionFailure = new Error("Unexpected reflective access: " + c);
+            }
+            catch (AccessControlException e) {
+                if (c.reflectOk)
+                    reflectionFailure = new Error("Unexpected reflective access failure: " + c, e);
+                else if (verbose) {
+                    System.out.println("Got expected reflection exception: " + e);
+                    e.printStackTrace(System.out);
+                }
+            }
+
+            if (reflectionFailure != null) {
+                reflectionFailure.printStackTrace(System.out);
+            }
+
+            // see if we can create an atomic updater for the field
+            Object u = null;
+            try {
+                switch (c.type) {
+                case INT:
+                    System.out.println(" - testing AtomicIntegerFieldUpdater");
+                    u = AtomicIntegerFieldUpdater.newUpdater(clazz, c.field);
+                    break;
+                case LONG:
+                    System.out.println(" - testing AtomicLongFieldUpdater");
+                    u = AtomicLongFieldUpdater.newUpdater(clazz, c.field);
+                    break;
+                case REF:
+                    System.out.println(" - testing AtomicReferenceFieldUpdater");
+                    u = AtomicReferenceFieldUpdater.newUpdater(clazz, Object.class, c.field);
+                    break;
+                }
+
+                if (!c.updaterOk)
+                    updaterFailure =  new Error("Unexpected updater access: " + c);
+            }
+            catch (Exception e) {
+                if (c.updaterOk)
+                    updaterFailure = new Error("Unexpected updater access failure: " + c, e);
+                else if (verbose) {
+                    System.out.println("Got expected updater exception: " + e);
+                    e.printStackTrace(System.out);
+                }
+            }
+
+            if (updaterFailure != null) {
+                updaterFailure.printStackTrace(System.out);
+            }
+
+            if (updaterFailure != null || reflectionFailure != null) {
+                failures++;
+
+            }
+        }
+
+        if (failures > 0) {
+            throw new Error("Some tests failed - see previous stacktraces");
+        }
+    }
+}
--- a/test/java/util/prefs/RemoveNullKeyCheck.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/java/util/prefs/RemoveNullKeyCheck.java	Mon May 21 11:44:01 2012 -0700
@@ -22,23 +22,77 @@
  */
 
 /* @test
- * @bug 7160242
+ * @bug 7160242 7165118
  * @summary Check if NullPointerException is thrown if the key passed
  *          to remove() is null.
  */
 
 import java.util.prefs.Preferences;
+import java.util.prefs.AbstractPreferences;
+import java.util.prefs.BackingStoreException;
 
 public class RemoveNullKeyCheck {
 
+    private static boolean failed = false;
+
     public static void main(String[] args) throws Exception {
-       try {
-           Preferences node = Preferences.userRoot().node("N1");
-           node.remove(null);
-           throw new RuntimeException("Expected NullPointerException " +
-                                      "not thrown");
-       } catch (NullPointerException npe) {
-           System.out.println("NullPointerException thrown");
-       }
+        checkPreferencesRemove();
+        checkAbstractPreferencesRemove();
+        if (failed) {
+            throw new RuntimeException("Expected NullPointerException " +
+                                       "not thrown");
+        }
+    }
+
+    public static void checkPreferencesRemove() {
+        try {
+            Preferences node = Preferences.userRoot().node("N1");
+            node.remove(null);
+            failed = true;
+        } catch (NullPointerException npe) {
+        }
+    }
+
+    public static void checkAbstractPreferencesRemove() {
+
+        Preferences abstrPrefs = new AbstractPreferences(null, "") {
+            @Override
+            protected void putSpi(String key, String value) {
+            }
+            @Override
+            protected String getSpi(String key) {
+                return null;
+            }
+            @Override
+            protected void removeSpi(String key) {
+            }
+            @Override
+            protected void removeNodeSpi() throws BackingStoreException {
+            }
+            @Override
+            protected String[] keysSpi() throws BackingStoreException {
+                return new String[0];
+            }
+            @Override
+            protected String[] childrenNamesSpi() throws BackingStoreException {
+                return new String[0];
+            }
+            @Override
+            protected AbstractPreferences childSpi(String name) {
+                return null;
+            }
+            @Override
+            protected void syncSpi() throws BackingStoreException {
+            }
+            @Override
+            protected void flushSpi() throws BackingStoreException {
+            }
+        };
+
+        try {
+            abstrPrefs.remove(null);
+            failed = true;
+        } catch(NullPointerException npe) {
+        }
     }
 }
--- a/test/java/util/regex/RegExTest.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/java/util/regex/RegExTest.java	Mon May 21 11:44:01 2012 -0700
@@ -33,7 +33,7 @@
  * 5013885 5003322 4988891 5098443 5110268 6173522 4829857 5027748 6376940
  * 6358731 6178785 6284152 6231989 6497148 6486934 6233084 6504326 6635133
  * 6350801 6676425 6878475 6919132 6931676 6948903 6990617 7014645 7039066
- * 7067045
+ * 7067045 7014640
  */
 
 import java.util.regex.*;
@@ -141,6 +141,8 @@
         unicodePropertiesTest();
         unicodeHexNotationTest();
         unicodeClassesTest();
+        horizontalAndVerticalWSTest();
+        linebreakTest();
         if (failure) {
             throw new
                 RuntimeException("RegExTest failed, 1st failure: " +
@@ -857,13 +859,18 @@
         // in replacement string
         try {
             "\uac00".replaceAll("\uac00", "$");
-            "\uac00".replaceAll("\uac00", "\\");
             failCount++;
         } catch (IllegalArgumentException iie) {
         } catch (Exception e) {
             failCount++;
         }
-
+        try {
+            "\uac00".replaceAll("\uac00", "\\");
+            failCount++;
+        } catch (IllegalArgumentException iie) {
+        } catch (Exception e) {
+            failCount++;
+        }
         report("Literal replacement");
     }
 
@@ -3838,4 +3845,77 @@
             failCount++;
         report("unicodePredefinedClasses");
     }
+
+    private static void horizontalAndVerticalWSTest() throws Exception {
+        String hws = new String (new char[] {
+                                     0x09, 0x20, 0xa0, 0x1680, 0x180e,
+                                     0x2000, 0x2001, 0x2002, 0x2003, 0x2004, 0x2005,
+                                     0x2006, 0x2007, 0x2008, 0x2009, 0x200a,
+                                     0x202f, 0x205f, 0x3000 });
+        String vws = new String (new char[] {
+                                     0x0a, 0x0b, 0x0c, 0x0d, 0x85, 0x2028, 0x2029 });
+        if (!Pattern.compile("\\h+").matcher(hws).matches() ||
+            !Pattern.compile("[\\h]+").matcher(hws).matches())
+            failCount++;
+        if (Pattern.compile("\\H").matcher(hws).find() ||
+            Pattern.compile("[\\H]").matcher(hws).find())
+            failCount++;
+        if (!Pattern.compile("\\v+").matcher(vws).matches() ||
+            !Pattern.compile("[\\v]+").matcher(vws).matches())
+            failCount++;
+        if (Pattern.compile("\\V").matcher(vws).find() ||
+            Pattern.compile("[\\V]").matcher(vws).find())
+            failCount++;
+        String prefix = "abcd";
+        String suffix = "efgh";
+        String ng = "A";
+        for (int i = 0; i < hws.length(); i++) {
+            String c = String.valueOf(hws.charAt(i));
+            Matcher m = Pattern.compile("\\h").matcher(prefix + c + suffix);
+            if (!m.find() || !c.equals(m.group()))
+                failCount++;
+            m = Pattern.compile("[\\h]").matcher(prefix + c + suffix);
+            if (!m.find() || !c.equals(m.group()))
+                failCount++;
+
+            m = Pattern.compile("\\H").matcher(hws.substring(0, i) + ng + hws.substring(i));
+            if (!m.find() || !ng.equals(m.group()))
+                failCount++;
+            m = Pattern.compile("[\\H]").matcher(hws.substring(0, i) + ng + hws.substring(i));
+            if (!m.find() || !ng.equals(m.group()))
+                failCount++;
+        }
+        for (int i = 0; i < vws.length(); i++) {
+            String c = String.valueOf(vws.charAt(i));
+            Matcher m = Pattern.compile("\\v").matcher(prefix + c + suffix);
+            if (!m.find() || !c.equals(m.group()))
+                failCount++;
+            m = Pattern.compile("[\\v]").matcher(prefix + c + suffix);
+            if (!m.find() || !c.equals(m.group()))
+                failCount++;
+
+            m = Pattern.compile("\\V").matcher(vws.substring(0, i) + ng + vws.substring(i));
+            if (!m.find() || !ng.equals(m.group()))
+                failCount++;
+            m = Pattern.compile("[\\V]").matcher(vws.substring(0, i) + ng + vws.substring(i));
+            if (!m.find() || !ng.equals(m.group()))
+                failCount++;
+        }
+        // \v in range is interpreted as 0x0B. This is the undocumented behavior
+        if (!Pattern.compile("[\\v-\\v]").matcher(String.valueOf((char)0x0B)).matches())
+            failCount++;
+        report("horizontalAndVerticalWSTest");
+    }
+
+    private static void linebreakTest() throws Exception {
+        String linebreaks = new String (new char[] {
+            0x0A, 0x0B, 0x0C, 0x0D, 0x85, 0x2028, 0x2029 });
+        String crnl = "\r\n";
+        if (!Pattern.compile("\\R+").matcher(linebreaks).matches() ||
+            !Pattern.compile("\\R").matcher(crnl).matches() ||
+            Pattern.compile("\\R\\R").matcher(crnl).matches())
+            failCount++;
+        report("linebreakTest");
+    }
+
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/management/AgentCMETest.java	Mon May 21 11:44:01 2012 -0700
@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) 2012 Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * Portions Copyright (c) 2012 IBM Corporation
+ */
+
+/**
+ * @test
+ * @bug 7164191
+ * @summary properties.putAll API may fail with ConcurrentModifcationException on multi-thread scenario
+ * @author Deven You
+ */
+
+import java.util.Properties;
+import sun.management.Agent;
+
+public class AgentCMETest {
+    static Class<?> agentClass;
+
+    /**
+     * In sun.management.Agent.loadManagementProperties(), call
+     * properties.putAll API may fail with ConcurrentModifcationException if the
+     * system properties are modified simultaneously by another thread
+     *
+     * @param args
+     * @throws Exception
+     */
+    public static void main(String[] args) throws Exception {
+        System.out.println("Start...");
+
+        final Properties properties = System.getProperties();
+        Thread t1 = new Thread(new Runnable() {
+            public void run() {
+                for (int i = 0; i < 100; i++) {
+                    properties.put(String.valueOf(i), "");
+                    try {
+                        Thread.sleep(1);
+                    } catch (InterruptedException e) {
+                        // do nothing
+                    }
+                }
+            }
+        });
+        t1.start();
+
+        for (int i = 0; i < 10000; i++) {
+            Agent.loadManagementProperties();
+        }
+
+        System.out.println("Finished...");
+    }
+}
--- a/test/sun/rmi/runtime/Log/6409194/NoConsoleOutput.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/rmi/runtime/Log/6409194/NoConsoleOutput.java	Mon May 21 11:44:01 2012 -0700
@@ -60,9 +60,12 @@
             File.separatorChar + "logging.properties";
         ByteArrayOutputStream out = new ByteArrayOutputStream();
         ByteArrayOutputStream err = new ByteArrayOutputStream();
+
+        // We instantiate a JavaVM that should not produce any console output
+        // (neither on standard output, nor on standard err streams).
         JavaVM vm = new JavaVM(DoRMIStuff.class.getName(),
             "-Djava.util.logging.config.file=" + loggingPropertiesFile,
-                               "", out, err);
+                               "", out, err, false);
         vm.start();
         vm.getVM().waitFor();
 
--- a/test/sun/security/krb5/auto/SSL.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/krb5/auto/SSL.java	Mon May 21 11:44:01 2012 -0700
@@ -53,6 +53,9 @@
     private static volatile String server;
     private static volatile int port;
 
+    // 0-Not started, 1-Start OK, 2-Failure
+    private static volatile int serverState = 0;
+
     public static void main(String[] args) throws Exception {
 
         krb5Cipher = args[0];
@@ -109,14 +112,20 @@
                     s.doAs(new JsseServerAction(), null);
                 } catch (Exception e) {
                     e.printStackTrace();
+                    serverState = 2;
                 }
             }
         });
         server.setDaemon(true);
         server.start();
 
-        // Warm the server
-        Thread.sleep(2000);
+        while (serverState == 0) {
+            Thread.sleep(50);
+        }
+
+        if (serverState == 2) {
+            throw new Exception("Server already failed");
+        }
 
         // Now create the keytab
 
@@ -214,6 +223,7 @@
                 (SSLServerSocket) sslssf.createServerSocket(0); // any port
             port = sslServerSocket.getLocalPort();
             System.out.println("Listening on " + port);
+            serverState = 1;
 
             // Enable only a KRB5 cipher suite.
             String enabledSuites[] = {krb5Cipher};
--- a/test/sun/security/mscapi/ShortRSAKey1024.sh	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/mscapi/ShortRSAKey1024.sh	Mon May 21 11:44:01 2012 -0700
@@ -47,10 +47,19 @@
 
 OS=`uname -s`
 case "$OS" in
+  SunOS | Linux | Darwin | CYGWIN* )
+    FS="/"
+    ;;
+  Windows_* )
+    FS="\\"
+    ;;
+esac
+
+case "$OS" in
     Windows* | CYGWIN* )
 
         echo "Creating a temporary RSA keypair in the Windows-My store..."
-        ${TESTJAVA}/bin/keytool \
+        ${TESTJAVA}${FS}bin${FS}keytool \
             -genkeypair \
             -storetype Windows-My \
             -keyalg RSA \
@@ -59,22 +68,28 @@
             -dname "cn=localhost,c=US" \
             -noprompt
 
+        if [ "$?" -ne "0" ]; then
+            echo "Unable to generate key pair in Windows-My keystore"
+            exit 1
+        fi
+
         echo
         echo "Running the test..."
-        ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\ShortRSAKeyWithinTLS.java
-        ${TESTJAVA}/bin/java ShortRSAKeyWithinTLS 7106773.1024 1024 \
+        ${TESTJAVA}${FS}bin${FS}javac -d . \
+            ${TESTSRC}${FS}ShortRSAKeyWithinTLS.java
+        ${TESTJAVA}${FS}bin${FS}java ShortRSAKeyWithinTLS 7106773.1024 1024 \
             TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 
         rc=$?
 
         echo
         echo "Removing the temporary RSA keypair from the Windows-My store..."
-        ${TESTJAVA}/bin/keytool \
+        ${TESTJAVA}${FS}bin${FS}keytool \
             -delete \
             -storetype Windows-My \
             -alias 7106773.1024
 
-        echo done.
+        echo "Done".
         exit $rc
         ;;
 
--- a/test/sun/security/mscapi/ShortRSAKey512.sh	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/mscapi/ShortRSAKey512.sh	Mon May 21 11:44:01 2012 -0700
@@ -47,10 +47,19 @@
 
 OS=`uname -s`
 case "$OS" in
+  SunOS | Linux | Darwin | CYGWIN* )
+    FS="/"
+    ;;
+  Windows_* )
+    FS="\\"
+    ;;
+esac
+
+case "$OS" in
     Windows* | CYGWIN* )
 
         echo "Creating a temporary RSA keypair in the Windows-My store..."
-        ${TESTJAVA}/bin/keytool \
+        ${TESTJAVA}${FS}bin${FS}keytool \
             -genkeypair \
             -storetype Windows-My \
             -keyalg RSA \
@@ -59,10 +68,16 @@
             -dname "cn=localhost,c=US" \
             -noprompt
 
+        if [ "$?" -ne "0" ]; then
+            echo "Unable to generate key pair in Windows-My keystore"
+            exit 1
+        fi
+
         echo
         echo "Running the test..."
-        ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\ShortRSAKeyWithinTLS.java
-        ${TESTJAVA}/bin/java ShortRSAKeyWithinTLS 7106773.512 512 \
+        ${TESTJAVA}${FS}bin${FS}javac -d . \
+            ${TESTSRC}${FS}ShortRSAKeyWithinTLS.java
+        ${TESTJAVA}${FS}bin${FS}java ShortRSAKeyWithinTLS 7106773.512 512 \
             TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 
 
@@ -70,12 +85,12 @@
 
         echo
         echo "Removing the temporary RSA keypair from the Windows-My store..."
-        ${TESTJAVA}/bin/keytool \
+        ${TESTJAVA}${FS}bin${FS}keytool \
             -delete \
             -storetype Windows-My \
             -alias 7106773.512
 
-        echo done.
+        echo "Done".
         exit $rc
         ;;
 
--- a/test/sun/security/mscapi/ShortRSAKey768.sh	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/mscapi/ShortRSAKey768.sh	Mon May 21 11:44:01 2012 -0700
@@ -47,10 +47,19 @@
 
 OS=`uname -s`
 case "$OS" in
+  SunOS | Linux | Darwin | CYGWIN* )
+    FS="/"
+    ;;
+  Windows_* )
+    FS="\\"
+    ;;
+esac
+
+case "$OS" in
     Windows* | CYGWIN* )
 
         echo "Creating a temporary RSA keypair in the Windows-My store..."
-        ${TESTJAVA}/bin/keytool \
+        ${TESTJAVA}${FS}bin${FS}keytool \
             -genkeypair \
             -storetype Windows-My \
             -keyalg RSA \
@@ -59,22 +68,28 @@
             -dname "cn=localhost,c=US" \
             -noprompt
 
+        if [ "$?" -ne "0" ]; then
+            echo "Unable to generate key pair in Windows-My keystore"
+            exit 1
+        fi
+
         echo
         echo "Running the test..."
-        ${TESTJAVA}/bin/javac -d . ${TESTSRC}\\ShortRSAKeyWithinTLS.java
-        ${TESTJAVA}/bin/java ShortRSAKeyWithinTLS 7106773.768 768 \
+        ${TESTJAVA}${FS}bin${FS}javac -d . \
+            ${TESTSRC}${FS}ShortRSAKeyWithinTLS.java
+        ${TESTJAVA}${FS}bin${FS}java ShortRSAKeyWithinTLS 7106773.768 768 \
             TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 
         rc=$?
 
         echo
         echo "Removing the temporary RSA keypair from the Windows-My store..."
-        ${TESTJAVA}/bin/keytool \
+        ${TESTJAVA}${FS}bin${FS}keytool \
             -delete \
             -storetype Windows-My \
             -alias 7106773.768
 
-        echo done.
+        echo "Done".
         exit $rc
         ;;
 
--- a/test/sun/security/mscapi/SignUsingNONEwithRSA.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/mscapi/SignUsingNONEwithRSA.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
--- a/test/sun/security/mscapi/SignUsingSHA2withRSA.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/mscapi/SignUsingSHA2withRSA.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
--- a/test/sun/security/pkcs11/MessageDigest/DigestKAT.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/pkcs11/MessageDigest/DigestKAT.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -174,6 +174,12 @@
         t("SHA1", s("12345678901234567890123456789012345678901234567890123456789012345678901234567890"), "50:ab:f5:70:6a:15:09:90:a0:8b:2c:5e:a4:0f:a0:e5:85:55:47:32"),
         t("SHA1", ALONG, "ce:56:53:59:08:04:ba:a9:36:9f:72:d4:83:ed:9e:ba:72:f0:4d:29"),
 
+        t("SHA-224", s(""), "d1:4a:02:8c:2a:3a:2b:c9:47:61:02:bb:28:82:34:c4:15:a2:b0:1f:82:8e:a6:2a:c5:b3:e4:2f"),
+        t("SHA-224", s("abc"), "23:09:7d:22:34:05:d8:22:86:42:a4:77:bd:a2:55:b3:2a:ad:bc:e4:bd:a0:b3:f7:e3:6c:9d:a7"),
+        t("SHA-224", s("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"), "75:38:8b:16:51:27:76:cc:5d:ba:5d:a1:fd:89:01:50:b0:c6:45:5c:b4:f5:8b:19:52:52:25:25"),
+        t("SHA-224", s("The quick brown fox jumps over the lazy dog"), "73:0e:10:9b:d7:a8:a3:2b:1c:b9:d9:a0:9a:a2:32:5d:24:30:58:7d:db:c0:c3:8b:ad:91:15:25"),
+        t("SHA-224", s("The quick brown fox jumps over the lazy dog."), "61:9c:ba:8e:8e:05:82:6e:9b:8c:51:9c:0a:5c:68:f4:fb:65:3e:8a:3d:8a:a0:4b:b2:c8:cd:4c"),
+
         t("SHA-256", s(""), "e3:b0:c4:42:98:fc:1c:14:9a:fb:f4:c8:99:6f:b9:24:27:ae:41:e4:64:9b:93:4c:a4:95:99:1b:78:52:b8:55"),
         t("SHA-256", s("a"), "ca:97:81:12:ca:1b:bd:ca:fa:c2:31:b3:9a:23:dc:4d:a7:86:ef:f8:14:7c:4e:72:b9:80:77:85:af:ee:48:bb"),
         t("SHA-256", s("abc"), "ba:78:16:bf:8f:01:cf:ea:41:41:40:de:5d:ae:22:23:b0:03:61:a3:96:17:7a:9c:b4:10:ff:61:f2:00:15:ad"),
--- a/test/sun/security/pkcs11/MessageDigest/TestCloning.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/pkcs11/MessageDigest/TestCloning.java	Mon May 21 11:44:01 2012 -0700
@@ -36,7 +36,7 @@
 public class TestCloning extends PKCS11Test {
 
     private static final String[] ALGOS = {
-        "MD2", "MD5", "SHA1", "SHA-256", "SHA-384", "SHA-512"
+        "MD2", "MD5", "SHA1", "SHA-224", "SHA-256", "SHA-384", "SHA-512"
     };
 
     public static void main(String[] args) throws Exception {
--- a/test/sun/security/pkcs11/Signature/TestRSAKeyLength.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/pkcs11/Signature/TestRSAKeyLength.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -37,7 +37,7 @@
     }
     public void main(Provider p) throws Exception {
         boolean isValidKeyLength[] = { true, true, false, false };
-        String algos[] = { "SHA1withRSA", "SHA256withRSA",
+        String algos[] = { "SHA1withRSA", "SHA224withRSA", "SHA256withRSA",
                            "SHA384withRSA", "SHA512withRSA" };
         KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", p);
         kpg.initialize(512);
--- a/test/sun/security/pkcs11/ec/TestCurves.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/pkcs11/ec/TestCurves.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2006, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -68,6 +68,7 @@
             kp2 = kpg.generateKeyPair();
 
             testSigning(p, "SHA1withECDSA", data, kp1, kp2);
+            testSigning(p, "SHA224withECDSA", data, kp1, kp2);
             testSigning(p, "SHA256withECDSA", data, kp1, kp2);
             testSigning(p, "SHA384withECDSA", data, kp1, kp2);
             testSigning(p, "SHA512withECDSA", data, kp1, kp2);
--- a/test/sun/security/pkcs11/rsa/TestKeyPairGenerator.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/pkcs11/rsa/TestKeyPairGenerator.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -61,6 +61,7 @@
         testSignature("MD2withRSA", privateKey, publicKey);
         testSignature("MD5withRSA", privateKey, publicKey);
         testSignature("SHA1withRSA", privateKey, publicKey);
+        testSignature("SHA224withRSA", privateKey, publicKey);
         testSignature("SHA256withRSA", privateKey, publicKey);
         RSAPublicKey rsaKey = (RSAPublicKey)publicKey;
         if (rsaKey.getModulus().bitLength() > 512) {
--- a/test/sun/security/pkcs11/rsa/TestSignatures.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/pkcs11/rsa/TestSignatures.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -81,6 +81,7 @@
         testSignature("MD2withRSA", privateKey, publicKey);
         testSignature("MD5withRSA", privateKey, publicKey);
         testSignature("SHA1withRSA", privateKey, publicKey);
+        testSignature("SHA224withRSA", privateKey, publicKey);
         testSignature("SHA256withRSA", privateKey, publicKey);
         RSAPublicKey rsaKey = (RSAPublicKey)publicKey;
         if (rsaKey.getModulus().bitLength() > 512) {
--- a/test/sun/security/provider/MessageDigest/DigestKAT.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/provider/MessageDigest/DigestKAT.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 4819771 4834179 5008306
+ * @bug 4819771 4834179 5008306 4963723
  * @summary Basic known-answer-test for all our MessageDigest algorithms
  * @author Andreas Sterbenz
  */
@@ -190,6 +190,12 @@
         t("SHA1", ALONG, "ce:56:53:59:08:04:ba:a9:36:9f:72:d4:83:ed:9e:ba:72:f0:4d:29"),
         t("SHA1", BLONG, "1d:a8:1a:de:8d:1e:d0:82:ba:12:13:e2:56:26:30:fc:05:b8:8d:a6"),
 
+        t("SHA-224", s(""), "d1:4a:02:8c:2a:3a:2b:c9:47:61:02:bb:28:82:34:c4:15:a2:b0:1f:82:8e:a6:2a:c5:b3:e4:2f"),
+        t("SHA-224", s("abc"), "23:09:7d:22:34:05:d8:22:86:42:a4:77:bd:a2:55:b3:2a:ad:bc:e4:bd:a0:b3:f7:e3:6c:9d:a7"),
+        t("SHA-224", s("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"), "75:38:8b:16:51:27:76:cc:5d:ba:5d:a1:fd:89:01:50:b0:c6:45:5c:b4:f5:8b:19:52:52:25:25"),
+        t("SHA-224", s("The quick brown fox jumps over the lazy dog"), "73:0e:10:9b:d7:a8:a3:2b:1c:b9:d9:a0:9a:a2:32:5d:24:30:58:7d:db:c0:c3:8b:ad:91:15:25"),
+        t("SHA-224", s("The quick brown fox jumps over the lazy dog."), "61:9c:ba:8e:8e:05:82:6e:9b:8c:51:9c:0a:5c:68:f4:fb:65:3e:8a:3d:8a:a0:4b:b2:c8:cd:4c"),
+
         t("SHA-256", s(""), "e3:b0:c4:42:98:fc:1c:14:9a:fb:f4:c8:99:6f:b9:24:27:ae:41:e4:64:9b:93:4c:a4:95:99:1b:78:52:b8:55"),
         t("SHA-256", s("a"), "ca:97:81:12:ca:1b:bd:ca:fa:c2:31:b3:9a:23:dc:4d:a7:86:ef:f8:14:7c:4e:72:b9:80:77:85:af:ee:48:bb"),
         t("SHA-256", s("abc"), "ba:78:16:bf:8f:01:cf:ea:41:41:40:de:5d:ae:22:23:b0:03:61:a3:96:17:7a:9c:b4:10:ff:61:f2:00:15:ad"),
--- a/test/sun/security/provider/MessageDigest/Offsets.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/provider/MessageDigest/Offsets.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -80,6 +80,7 @@
         test("MD2", 0, 64, 0, 128);
         test("MD5", 0, 64, 0, 128);
         test("SHA1", 0, 64, 0, 128);
+        test("SHA-224", 0, 64, 0, 128);
         test("SHA-256", 0, 64, 0, 128);
         test("SHA-384", 0, 128, 0, 256);
         test("SHA-512", 0, 128, 0, 256);
--- a/test/sun/security/provider/MessageDigest/TestSHAClone.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/provider/MessageDigest/TestSHAClone.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,7 +24,7 @@
 /**
  * @test
  * @bug 4775971
- * @summary test the clone implementation of SHA, SHA-256,
+ * @summary test the clone implementation of SHA, SHA-224, SHA-256,
  *          SHA-384, SHA-512 MessageDigest implementation.
  */
 import java.security.*;
@@ -33,7 +33,7 @@
 public class TestSHAClone {
 
     private static final String[] ALGOS = {
-        "SHA", "SHA-256", "SHA-512", "SHA-384"
+        "SHA", "SHA-224", "SHA-256", "SHA-512", "SHA-384"
     };
 
     private static byte[] input1 = {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/provider/certpath/ReverseBuilder/ReverseBuild.java	Mon May 21 11:44:01 2012 -0700
@@ -0,0 +1,345 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7167988
+ * @summary PKIX CertPathBuilder in reverse mode doesn't work if more than
+ *          one trust anchor is specified
+ */
+import java.io.*;
+import java.util.*;
+import java.security.cert.*;
+
+import sun.security.provider.certpath.SunCertPathBuilderParameters;
+
+public class ReverseBuild {
+    // Certificate information:
+    // Issuer: C=US, ST=Some-State, L=Some-City, O=Some-Org
+    // Validity
+    //     Not Before: Dec  8 02:43:36 2008 GMT
+    //     Not After : Aug 25 02:43:36 2028 GMT
+    // Subject: C=US, ST=Some-State, L=Some-City, O=Some-Org
+    // X509v3 Subject Key Identifier:
+    //     FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14
+    // X509v3 Authority Key Identifier:
+    //     keyid:FA:B9:51:BF:4C:E7:D9:86:98:33:F9:E7:CB:1E:F1:33:49:F7:A8:14
+    //     DirName:/C=US/ST=Some-State/L=Some-City/O=Some-Org
+    //     serial:00
+    static String NoiceTrusedCertStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICrDCCAhWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzET\n" +
+        "MBEGA1UECBMKU29tZS1TdGF0ZTESMBAGA1UEBxMJU29tZS1DaXR5MREwDwYDVQQK\n" +
+        "EwhTb21lLU9yZzAeFw0wODEyMDgwMjQzMzZaFw0yODA4MjUwMjQzMzZaMEkxCzAJ\n" +
+        "BgNVBAYTAlVTMRMwEQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21lLUNp\n" +
+        "dHkxETAPBgNVBAoTCFNvbWUtT3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" +
+        "gQDLxDggB76Ip5OwoUNRLdeOha9U3a2ieyNbz5kTU5lFfe5tui2/461uPZ8a+QOX\n" +
+        "4BdVrhEmV94BKY4FPyH35zboLjfXSKxT1mAOx1Bt9sWF94umxZE1cjyU7vEX8HHj\n" +
+        "7BvOyk5AQrBt7moO1uWtPA/JuoJPePiJl4kqlRJM2Akq6QIDAQABo4GjMIGgMB0G\n" +
+        "A1UdDgQWBBT6uVG/TOfZhpgz+efLHvEzSfeoFDBxBgNVHSMEajBogBT6uVG/TOfZ\n" +
+        "hpgz+efLHvEzSfeoFKFNpEswSTELMAkGA1UEBhMCVVMxEzARBgNVBAgTClNvbWUt\n" +
+        "U3RhdGUxEjAQBgNVBAcTCVNvbWUtQ2l0eTERMA8GA1UEChMIU29tZS1PcmeCAQAw\n" +
+        "DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBcIm534U123Hz+rtyYO5uA\n" +
+        "ofd81G6FnTfEAV8Kw9fGyyEbQZclBv34A9JsFKeMvU4OFIaixD7nLZ/NZ+IWbhmZ\n" +
+        "LovmJXyCkOufea73pNiZ+f/4/ScZaIlM/PRycQSqbFNd4j9Wott+08qxHPLpsf3P\n" +
+        "6Mvf0r1PNTY2hwTJLJmKtg==\n" +
+        "-----END CERTIFICATE-----";
+
+    // Certificate information:
+    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce
+    // Validity
+    //     Not Before: Aug 19 01:52:19 2011 GMT
+    //     Not After : Jul 29 01:52:19 2032 GMT
+    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce
+
+    // X509v3 Subject Key Identifier:
+    //     B9:7C:D5:D9:DF:A7:4C:03:AE:FD:0E:27:5B:31:95:6C:C7:F3:75:E1
+    // X509v3 Authority Key Identifier:
+    //     keyid:B9:7C:D5:D9:DF:A7:4C:03:AE:FD:0E:27:5B:31:95:6C:C7:F3:75:E1
+    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
+    //     serial:00
+    static String NoiceTrusedCertStr_2nd =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICkjCCAfugAwIBAgIBADANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
+        "MTEwODE5MDE1MjE5WhcNMzIwNzI5MDE1MjE5WjA7MQswCQYDVQQGEwJVUzENMAsG\n" +
+        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwgZ8wDQYJ\n" +
+        "KoZIhvcNAQEBBQADgY0AMIGJAoGBAM8orG08DtF98TMSscjGsidd1ZoN4jiDpi8U\n" +
+        "ICz+9dMm1qM1d7O2T+KH3/mxyox7Rc2ZVSCaUD0a3CkhPMnlAx8V4u0H+E9sqso6\n" +
+        "iDW3JpOyzMExvZiRgRG/3nvp55RMIUV4vEHOZ1QbhuqG4ebN0Vz2DkRft7+flthf\n" +
+        "vDld6f5JAgMBAAGjgaUwgaIwHQYDVR0OBBYEFLl81dnfp0wDrv0OJ1sxlWzH83Xh\n" +
+        "MGMGA1UdIwRcMFqAFLl81dnfp0wDrv0OJ1sxlWzH83XhoT+kPTA7MQswCQYDVQQG\n" +
+        "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" +
+        "Y2WCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEE\n" +
+        "BQADgYEALlgaH1gWtoBZ84EW8Hu6YtGLQ/L9zIFmHonUPZwn3Pr//icR9Sqhc3/l\n" +
+        "pVTxOINuFHLRz4BBtEylzRIOPzK3tg8XwuLb1zd0db90x3KBCiAL6E6cklGEPwLe\n" +
+        "XYMHDn9eDsaq861Tzn6ZwzMgw04zotPMoZN0mVd/3Qca8UJFucE=\n" +
+        "-----END CERTIFICATE-----";
+
+
+    // Certificate information:
+    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce
+    // Validity
+    //     Not Before: May  5 02:40:50 2012 GMT
+    //     Not After : Apr 15 02:40:50 2033 GMT
+    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce
+    // X509v3 Subject Key Identifier:
+    //     DD:4E:8D:2A:11:C0:83:03:F0:AC:EB:A2:BF:F9:F2:7D:C8:69:1F:9B
+    // X509v3 Authority Key Identifier:
+    //     keyid:DD:4E:8D:2A:11:C0:83:03:F0:AC:EB:A2:BF:F9:F2:7D:C8:69:1F:9B
+    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
+    //     serial:00
+    static String trustedCertStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICkjCCAfugAwIBAgIBADANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
+        "MTIwNTA1MDI0MDUwWhcNMzMwNDE1MDI0MDUwWjA7MQswCQYDVQQGEwJVUzENMAsG\n" +
+        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwgZ8wDQYJ\n" +
+        "KoZIhvcNAQEBBQADgY0AMIGJAoGBANtiq0AIJK+iVRwFrqcD7fYXTCbMYC5Qz/k6\n" +
+        "AXBy7/1rI8wDhEJLE3m/+NSqiJwZcmdq2dNh/1fJFrwvzuURbc9+paOBWeHbN+Sc\n" +
+        "x3huw91oPZme385VpoK3G13rSE114S/rF4DM9mz4EStFhSHXATjtdbskNOAYGLTV\n" +
+        "x8uEy9GbAgMBAAGjgaUwgaIwHQYDVR0OBBYEFN1OjSoRwIMD8Kzror/58n3IaR+b\n" +
+        "MGMGA1UdIwRcMFqAFN1OjSoRwIMD8Kzror/58n3IaR+boT+kPTA7MQswCQYDVQQG\n" +
+        "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" +
+        "Y2WCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEC\n" +
+        "BQADgYEAjjkJesQrkbr36N40egybaIxw7RcqT6iy5fkAGS1JYlBDk8uSCK1o6bCH\n" +
+        "ls5EpYcGeEoabSS73WRdkO1lgeyWDduO4ef8cCCSpmpT6/YdZG0QS1PtcREeVig+\n" +
+        "Zr25jNemS4ADHX0aaXP4kiV/G80cR7nX5t5XCUm4bYdbwM07NgI=\n" +
+        "-----END CERTIFICATE-----";
+    static String trustedPrivateKey = // Private key in the format of PKCS#8
+        "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANtiq0AIJK+iVRwF\n" +
+        "rqcD7fYXTCbMYC5Qz/k6AXBy7/1rI8wDhEJLE3m/+NSqiJwZcmdq2dNh/1fJFrwv\n" +
+        "zuURbc9+paOBWeHbN+Scx3huw91oPZme385VpoK3G13rSE114S/rF4DM9mz4EStF\n" +
+        "hSHXATjtdbskNOAYGLTVx8uEy9GbAgMBAAECgYEA2VjHkIiA0ABjkX+PqKeb+VLb\n" +
+        "fxS7tSca5C8zfdRhLxAWRui0/3ihst0eCJNrBDuxvAOACovsDWyLuaUjtI2v2ysz\n" +
+        "vz6SPyGy82PhQOFzyKQuQ814N6EpothpiZzF0yFchfKIGhUsdY89UrGs9nM7m6NT\n" +
+        "rztYvgIu4avg2VPR2AECQQD+pFAqipR2BplQRIuuRSZfHRxvoEyDjT1xnHJsC6WP\n" +
+        "I5hCLghL91MhQGWbP4EJMKYQOTRVukWlcp2Kycpf+P5hAkEA3I43gmVUAPEdyZdY\n" +
+        "fatW7OaLlbbYJb6qEtpCZ1Rwe/BIvm6H6E3qSi/lpz7Ia7WDulpbF6BawHH3pRFq\n" +
+        "CUY5ewJBAP3pUDqrRpBN0jB0uSeDslhjSciQ+dqvSpZv3rSYBHUvlBJhnkpJiy37\n" +
+        "7ZUZhIxqYxyIPgRBolLwb+FFh7OdL+ECQCtldDic9WVmC+VheRDpCKZ+SlK/8lGi\n" +
+        "7VXeShiIvcU1JysJFoa35fSI7hf1O3wt7+hX5PqGG7Un94EsJwACKEcCQQC1TWt6\n" +
+        "ArKH6tRxKjOxFtqfs8fgEVYUaOr3j1jF4KBUuX2mtQtddZe3VfJ2wPsuKMMxmhkB\n" +
+        "e7xWWZnJsErt2e+E";
+
+    // Certificate information:
+    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce
+    // Validity
+    //     Not Before: May  5 02:40:53 2012 GMT
+    //     Not After : Jan 21 02:40:53 2032 GMT
+    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce, CN=casigner
+    // X509v3 Subject Key Identifier:
+    //     13:07:E0:11:07:DB:EB:33:23:87:31:D0:DB:7E:16:56:BE:11:90:0A
+    // X509v3 Authority Key Identifier:
+    //     keyid:DD:4E:8D:2A:11:C0:83:03:F0:AC:EB:A2:BF:F9:F2:7D:C8:69:1F:9B
+    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
+    //     serial:00
+    static String caSignerStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICqDCCAhGgAwIBAgIBAjANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
+        "MTIwNTA1MDI0MDUzWhcNMzIwMTIxMDI0MDUzWjBOMQswCQYDVQQGEwJVUzENMAsG\n" +
+        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxETAPBgNV\n" +
+        "BAMTCGNhc2lnbmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+x8+o7oM0\n" +
+        "ct/LZmZLXBL4CQ8jrULD5P7NtEW0hg/zxBFZfBHf+44Oo2eMPYZj+7xaREOH5BmV\n" +
+        "KRYlzRtONAaC5Ng4Mrm5UKNPcMIIUjUOvm7vWM4oSTMSfoEcSX+vp99uUAkw3w7Z\n" +
+        "+frYDm1M4At/j0b+lLij71GFN2L8drpgPQIDAQABo4GoMIGlMB0GA1UdDgQWBBQT\n" +
+        "B+ARB9vrMyOHMdDbfhZWvhGQCjBjBgNVHSMEXDBagBTdTo0qEcCDA/Cs66K/+fJ9\n" +
+        "yGkfm6E/pD0wOzELMAkGA1UEBhMCVVMxDTALBgNVBAoTBEphdmExHTAbBgNVBAsT\n" +
+        "FFN1bkpTU0UgVGVzdCBTZXJpdmNlggEAMBIGA1UdEwEB/wQIMAYBAf8CAQEwCwYD\n" +
+        "VR0PBAQDAgEGMA0GCSqGSIb3DQEBBAUAA4GBAI+LXA/UCPkTANablUkt80JNPWsl\n" +
+        "pS4XLNgPxWaN0bkRDs5oI4ooWAz1rwpeJ/nfetOvWlpmrVjSeovBFja5Hl+dUHTf\n" +
+        "VfuyzkxXbhuNiJIpo1mVBpNsjwu9YRxuwX6UA2LTUQpgvtVJEE012x3zRvxBCbu2\n" +
+        "Y/v1R5fZ4c+hXDfC\n" +
+        "-----END CERTIFICATE-----";
+    static String caSignerPrivateKey = // Private key in the format of PKCS#8
+        "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAL7Hz6jugzRy38tm\n" +
+        "ZktcEvgJDyOtQsPk/s20RbSGD/PEEVl8Ed/7jg6jZ4w9hmP7vFpEQ4fkGZUpFiXN\n" +
+        "G040BoLk2DgyublQo09wwghSNQ6+bu9YzihJMxJ+gRxJf6+n325QCTDfDtn5+tgO\n" +
+        "bUzgC3+PRv6UuKPvUYU3Yvx2umA9AgMBAAECgYBYvu30cW8LONyt62Zua9hPFTe7\n" +
+        "qt9B7QYyfkdmoG5PQMepTrOp84SzfoOukvgvDm0huFuJnSvhXQl2cCDhkgXskvFj\n" +
+        "Hh7KBCFViVXokGdq5YoS0/KYMyQV0TZfJUvILBl51uc4/siQ2tClC/N4sa+1JhgW\n" +
+        "a6dFGfRjiUKSSlmMwQJBAPWpIz3Q/c+DYMvoQr5OD8EaYwYIevlTdXb97RnJJh2b\n" +
+        "UnhB9jrqesJiHYVzPmP0ukyPOXOwlp2T5Am4Kw0LFOkCQQDGz150NoHOp28Mvyc4\n" +
+        "CTqz/zYzUhy2eCJESl196uyP4N65Y01VYQ3JDww4DlsXiU17tVSbgA9TCcfTYOzy\n" +
+        "vyw1AkARUky+1hafZCcWGZljK8PmnMKwsTZikCTvL/Zg5BMA8Wu+OQBwpQnk3OAy\n" +
+        "Aa87gw0DyvGFG8Vy9POWT9sRP1/JAkBqP0hrMvYMSs6+MSn0eHo2151PsAJIQcuO\n" +
+        "U2/Da1khSzu8N6WMi2GiobgV/RYRbf9KrY2ZzMZjykZQYOxAjopBAkEAghCu38cN\n" +
+        "aOsW6ueo24uzsWI1FTdE+qWNVEi3RSP120xXBCyhaBjIq4WVSlJK9K2aBaJpit3j\n" +
+        "iQ5tl6zrLlxQhg==";
+
+    // Certificate information:
+    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce, CN=casigner
+    // Validity
+    //     Not Before: May  5 02:40:57 2012 GMT
+    //     Not After : Jan 21 02:40:57 2032 GMT
+    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce, CN=certissuer
+    // X509v3 Subject Key Identifier:
+    //     39:0E:C6:33:B1:50:BC:73:07:31:E5:D8:04:F7:BB:97:55:CF:9B:C8
+    // X509v3 Authority Key Identifier:
+    //     keyid:13:07:E0:11:07:DB:EB:33:23:87:31:D0:DB:7E:16:56:BE:11:90:0A
+    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
+    //     serial:02
+    static String certIssuerStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICvjCCAiegAwIBAgIBAzANBgkqhkiG9w0BAQQFADBOMQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxETAP\n" +
+        "BgNVBAMTCGNhc2lnbmVyMB4XDTEyMDUwNTAyNDA1N1oXDTMyMDEyMTAyNDA1N1ow\n" +
+        "UDELMAkGA1UEBhMCVVMxDTALBgNVBAoTBEphdmExHTAbBgNVBAsTFFN1bkpTU0Ug\n" +
+        "VGVzdCBTZXJpdmNlMRMwEQYDVQQDEwpjZXJ0aXNzdWVyMIGfMA0GCSqGSIb3DQEB\n" +
+        "AQUAA4GNADCBiQKBgQCyz55zinU6kNL/LeiTNiBI0QWYmDG0YTotuC4D75liBNqs\n" +
+        "7Mmladsh2mTtQUAwmuGaGzaZV25a+cUax0DXZoyBwdbTI09u1bUYsZcaUUKbPoCC\n" +
+        "HH26e4jLFL4olW13Sv4ZAd57tIYevMw+Fp5f4fLPFGegCJTFlv2Qjpmic/cuvQID\n" +
+        "AQABo4GpMIGmMB0GA1UdDgQWBBQ5DsYzsVC8cwcx5dgE97uXVc+byDBjBgNVHSME\n" +
+        "XDBagBQTB+ARB9vrMyOHMdDbfhZWvhGQCqE/pD0wOzELMAkGA1UEBhMCVVMxDTAL\n" +
+        "BgNVBAoTBEphdmExHTAbBgNVBAsTFFN1bkpTU0UgVGVzdCBTZXJpdmNlggECMBMG\n" +
+        "A1UdEwEB/wQJMAcBAf8CAgQAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQQFAAOB\n" +
+        "gQCQTagenCdClT98C+oTJGJrw/dUBD9K3tE6ZJKPMc/2bUia8G5ei1C0eXj4mWG2\n" +
+        "lu9umR6C90/A6qB050QB2h50qtqxSrkpu+ym1yypauZpg7U3nUY9wZWJNI1vqrQZ\n" +
+        "pqUMRcXY3iQIVKx+Qj+4/Za1wwFQzpEoGmqRW31V1SdMEw==\n" +
+        "-----END CERTIFICATE-----";
+    static String certIssuerPrivateKey = // Private key in the format of PKCS#8
+        "MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBALLPnnOKdTqQ0v8t\n" +
+        "6JM2IEjRBZiYMbRhOi24LgPvmWIE2qzsyaVp2yHaZO1BQDCa4ZobNplXblr5xRrH\n" +
+        "QNdmjIHB1tMjT27VtRixlxpRQps+gIIcfbp7iMsUviiVbXdK/hkB3nu0hh68zD4W\n" +
+        "nl/h8s8UZ6AIlMWW/ZCOmaJz9y69AgMBAAECgYEAjtew2tgm4gxDojqIauF4VPM1\n" +
+        "pzsdqd1p3pAdomNLgrQiBLZ8N7oiph6TNb1EjA+OXc+ThFgF/oM9ZDD8qZZwcvjN\n" +
+        "qDZlpTkFs2TaGcyEZfUaMB45NHVs6Nn+pSkagSNwwy3xeyAct7sQEzGNTDlEwVv5\n" +
+        "7V9LQutQtBd6xT48KzkCQQDpNRfv2OFNG/6GtzJoO68oJhpnpl2MsYNi4ntRkre/\n" +
+        "6uXpiCYaDskcrPMRwOOs0m7mxG+Ev+uKnLnSoEMm1GCbAkEAxEmDtiD0Psb8Z9BL\n" +
+        "ZRb83Jqho3xe2MCAh3xUfz9b/Mhae9dZ44o4OCgQZuwvW1mczF0NtpgZl93BmYa2\n" +
+        "hTwHhwJBAKHrEj6ep/fA6x0gD2idoATRR94VfbiU+7NpqtO9ecVP0+gsdr/66hn1\n" +
+        "3yLBeZLh3MxvMTrLgkAQh1i9m0JXjOcCQQClLXAHHegrw+u3uNMZeKTFR+Lp3sk6\n" +
+        "AZSnbvr0Me9I45kxSeG81x3ENALJecvIRbrrRws5MvmmkNhQR8rkh8WVAkEAk6b+\n" +
+        "aVtmBgUaTS5+FFlHGHJY9HFrfT1a1C/dwyMuqlmbC3YsBmZaMOlKli5TXNybLff8\n" +
+        "5KMeGEpXMzgC7AscGA==";
+
+    // Certificate information:
+    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce, CN=certissuer
+    // Validity
+    //     Not Before: May  5 02:41:01 2012 GMT
+    //     Not After : Jan 21 02:41:01 2032 GMT
+    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce, CN=localhost
+    // X509v3 Subject Key Identifier:
+    //     AD:C0:2C:4C:E4:C2:2E:A1:BB:5D:92:BE:66:E0:4E:E0:0D:2F:11:EF
+    // X509v3 Authority Key Identifier:
+    //     keyid:39:0E:C6:33:B1:50:BC:73:07:31:E5:D8:04:F7:BB:97:55:CF:9B:C8
+    static String targetCertStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICjTCCAfagAwIBAgIBBDANBgkqhkiG9w0BAQQFADBQMQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxEzAR\n" +
+        "BgNVBAMTCmNlcnRpc3N1ZXIwHhcNMTIwNTA1MDI0MTAxWhcNMzIwMTIxMDI0MTAx\n" +
+        "WjBPMQswCQYDVQQGEwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNT\n" +
+        "RSBUZXN0IFNlcml2Y2UxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B\n" +
+        "AQEFAAOBjQAwgYkCgYEAvwaUd7wmBSKqycEstYLWD26vkU08DM39EtaT8wL9HnQ0\n" +
+        "fgPblwBFI4zdLa2cuYXRZcFUb04N8nrkcpR0D6kkE+AlFAoRWrrZF80B7JTbtEK4\n" +
+        "1PIeurihXvUT+4MpzGLOojIihMfvM4ufelblD56SInso4WFHm7t4qCln88J1gjkC\n" +
+        "AwEAAaN4MHYwCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBStwCxM5MIuobtdkr5m4E7g\n" +
+        "DS8R7zAfBgNVHSMEGDAWgBQ5DsYzsVC8cwcx5dgE97uXVc+byDAnBgNVHSUEIDAe\n" +
+        "BggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBAUAA4GB\n" +
+        "AGfwcfdvEG/nSCiAn2MGbYHp34mgF3OA1SJLWUW0LvWJhwm2cn4AXlSoyvbwrkaB\n" +
+        "IDDCwhJvvc0vUyL2kTx7sqVaFTq3mDs+ktlB/FfH0Pb+i8FE+g+7T42Iw/j0qxHL\n" +
+        "YmgbrjBQf5WYN1AvBE/rrPt9aOtS3UsqtVGW574b0shW\n" +
+        "-----END CERTIFICATE-----";
+    static String targetPrivateKey = // Private key in the format of PKCS#8
+        "MIICdAIBADANBgkqhkiG9w0BAQEFAASCAl4wggJaAgEAAoGBAL8GlHe8JgUiqsnB\n" +
+        "LLWC1g9ur5FNPAzN/RLWk/MC/R50NH4D25cARSOM3S2tnLmF0WXBVG9ODfJ65HKU\n" +
+        "dA+pJBPgJRQKEVq62RfNAeyU27RCuNTyHrq4oV71E/uDKcxizqIyIoTH7zOLn3pW\n" +
+        "5Q+ekiJ7KOFhR5u7eKgpZ/PCdYI5AgMBAAECf3CscOYvFD3zNMnMJ5LomVqA7w3F\n" +
+        "gKYM2jlCWAH+wU41PMEXhW6Lujw92jgXL1o+lERwxFzirVdZJWZwKgUSvzP1G0h3\n" +
+        "fkucq1/UWnToK+8NSXNM/yS8hXbBgSEoJo5f7LKcIi1Ev6doBVofMxs+njzyWKbM\n" +
+        "Nb7rOLHadghoon0CQQDgQzbzzSN8Dc1YmmylhI5v+0sQRHH0DL7D24k4Weh4vInG\n" +
+        "EAbt4x8M7ZKEo8/dv0s4hbmNmAnJl93/RRxIyEqLAkEA2g87DiswSQam2pZ8GlrO\n" +
+        "+w4Qg9mH8uxx8ou2rl0XlHzH1XiTNbkjfY0EZoL7L31BHFk9n11Fb2P85g6ws+Hy\n" +
+        "ywJAM/xgyLNM/nzUlS128geAXUULaYH0SHaL4isJ7B4rXZGW/mrIsGxtzjlkNYsj\n" +
+        "rGujrD6TfNc5rZmexIXowJZtcQJBAIww+pCzZ4mrgx5JXWQ8OZHiiu+ZrPOa2+9J\n" +
+        "r5sOMpi+WGN/73S8oHqZbNjTINZ5OqEVJq8MchWZPQBTNXuQql0CQHEjUzzkCQa3\n" +
+        "j6JTa2KAdqyvLOx0XF9zcc1gA069uNQI2gPUHS8V215z57f/gMGnDNhVfLs/vMKz\n" +
+        "sFkVZ3zg7As=";
+
+
+    public static void main(String args[]) throws Exception {
+
+        // generate certificate from cert string
+        CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+        // create a set of trust anchors
+        LinkedHashSet<TrustAnchor> trustAnchors = new LinkedHashSet<>();
+
+        ByteArrayInputStream is =
+            new ByteArrayInputStream(NoiceTrusedCertStr.getBytes());
+        Certificate trustedCert = cf.generateCertificate(is);
+        is.close();
+        TrustAnchor anchor =
+            new TrustAnchor((X509Certificate)trustedCert, null);
+        trustAnchors.add(anchor);
+
+        is = new ByteArrayInputStream(trustedCertStr.getBytes());
+        trustedCert = cf.generateCertificate(is);
+        is.close();
+        anchor = new TrustAnchor((X509Certificate)trustedCert, null);
+        trustAnchors.add(anchor);
+
+        is = new ByteArrayInputStream(NoiceTrusedCertStr_2nd.getBytes());
+        trustedCert = cf.generateCertificate(is);
+        is.close();
+        anchor = new TrustAnchor((X509Certificate)trustedCert, null);
+        trustAnchors.add(anchor);
+
+        // create a list of certificates
+        List<Certificate> chainList = new ArrayList<>();
+
+        is = new ByteArrayInputStream(targetCertStr.getBytes());
+        Certificate cert = cf.generateCertificate(is);
+        is.close();
+        chainList.add(cert);
+
+        is = new ByteArrayInputStream(certIssuerStr.getBytes());
+        cert = cf.generateCertificate(is);
+        is.close();
+        chainList.add(cert);
+
+        is = new ByteArrayInputStream(caSignerStr.getBytes());
+        cert = cf.generateCertificate(is);
+        is.close();
+        chainList.add(cert);
+
+        // create a certificate selector
+        X509CertSelector xcs = new X509CertSelector();
+        X509Certificate eeCert = (X509Certificate)chainList.get(0);
+        xcs.setSubject(eeCert.getSubjectX500Principal());
+
+        // reverse build
+        SunCertPathBuilderParameters params =
+            new SunCertPathBuilderParameters(trustAnchors, xcs);
+        params.setBuildForward(false);
+        params.setRevocationEnabled(false);
+
+        CollectionCertStoreParameters ccsp =
+            new CollectionCertStoreParameters(chainList);
+        params.addCertStore(CertStore.getInstance("Collection", ccsp));
+
+        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
+        CertPathBuilderResult res = cpb.build(params);
+    }
+}
--- a/test/sun/security/rsa/TestKeyPairGenerator.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/rsa/TestKeyPairGenerator.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 4853305 4865198 4888410
+ * @bug 4853305 4865198 4888410 4963723
  * @summary Verify that the RSA KeyPairGenerator works
  * @author Andreas Sterbenz
  */
@@ -60,6 +60,7 @@
         testSignature("MD2withRSA", privateKey, publicKey);
         testSignature("MD5withRSA", privateKey, publicKey);
         testSignature("SHA1withRSA", privateKey, publicKey);
+        testSignature("SHA224withRSA", privateKey, publicKey);
         testSignature("SHA256withRSA", privateKey, publicKey);
         RSAPublicKey rsaKey = (RSAPublicKey)publicKey;
         if (rsaKey.getModulus().bitLength() > 512) {
--- a/test/sun/security/rsa/TestSignatures.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/sun/security/rsa/TestSignatures.java	Mon May 21 11:44:01 2012 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
 
 /**
  * @test
- * @bug 4853305
+ * @bug 4853305 4963723
  * @summary Test signing/verifying using all the signature algorithms
  * @author Andreas Sterbenz
  */
@@ -80,6 +80,7 @@
         testSignature("MD2withRSA", privateKey, publicKey);
         testSignature("MD5withRSA", privateKey, publicKey);
         testSignature("SHA1withRSA", privateKey, publicKey);
+        testSignature("SHA224withRSA", privateKey, publicKey);
         testSignature("SHA256withRSA", privateKey, publicKey);
         RSAPublicKey rsaKey = (RSAPublicKey)publicKey;
         if (rsaKey.getModulus().bitLength() > 512) {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ssl/com/sun/net/ssl/internal/ssl/X509TrustManagerImpl/BasicConstraints.java	Mon May 21 11:44:01 2012 -0700
@@ -0,0 +1,555 @@
+/*
+ * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 7166570
+ * @summary JSSE certificate validation has started to fail for
+ *     certificate chains
+ *
+ *     SunJSSE does not support dynamic system properties, no way to re-use
+ *     system properties in samevm/agentvm mode.
+ * @run main/othervm BasicConstraints PKIX
+ * @run main/othervm BasicConstraints SunX509
+ */
+
+import java.net.*;
+import java.util.*;
+import java.io.*;
+import javax.net.ssl.*;
+import java.security.KeyStore;
+import java.security.KeyFactory;
+import java.security.cert.*;
+import java.security.spec.*;
+import java.security.interfaces.*;
+import java.math.BigInteger;
+
+import sun.misc.BASE64Decoder;
+
+public class BasicConstraints {
+
+    /*
+     * =============================================================
+     * Set the various variables needed for the tests, then
+     * specify what tests to run on each side.
+     */
+
+    /*
+     * Should we run the client or server in a separate thread?
+     * Both sides can throw exceptions, but do you have a preference
+     * as to which side should be the main thread.
+     */
+    static boolean separateServerThread = true;
+
+    /*
+     * Where do we find the keystores?
+     */
+    // Certificate information:
+    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce
+    // Validity
+    //     Not Before: May  5 02:40:50 2012 GMT
+    //     Not After : Apr 15 02:40:50 2033 GMT
+    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce
+    // X509v3 Subject Key Identifier:
+    //     DD:4E:8D:2A:11:C0:83:03:F0:AC:EB:A2:BF:F9:F2:7D:C8:69:1F:9B
+    // X509v3 Authority Key Identifier:
+    //     keyid:DD:4E:8D:2A:11:C0:83:03:F0:AC:EB:A2:BF:F9:F2:7D:C8:69:1F:9B
+    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
+    //     serial:00
+    static String trusedCertStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICkjCCAfugAwIBAgIBADANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
+        "MTIwNTA1MDI0MDUwWhcNMzMwNDE1MDI0MDUwWjA7MQswCQYDVQQGEwJVUzENMAsG\n" +
+        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwgZ8wDQYJ\n" +
+        "KoZIhvcNAQEBBQADgY0AMIGJAoGBANtiq0AIJK+iVRwFrqcD7fYXTCbMYC5Qz/k6\n" +
+        "AXBy7/1rI8wDhEJLE3m/+NSqiJwZcmdq2dNh/1fJFrwvzuURbc9+paOBWeHbN+Sc\n" +
+        "x3huw91oPZme385VpoK3G13rSE114S/rF4DM9mz4EStFhSHXATjtdbskNOAYGLTV\n" +
+        "x8uEy9GbAgMBAAGjgaUwgaIwHQYDVR0OBBYEFN1OjSoRwIMD8Kzror/58n3IaR+b\n" +
+        "MGMGA1UdIwRcMFqAFN1OjSoRwIMD8Kzror/58n3IaR+boT+kPTA7MQswCQYDVQQG\n" +
+        "EwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2\n" +
+        "Y2WCAQAwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEC\n" +
+        "BQADgYEAjjkJesQrkbr36N40egybaIxw7RcqT6iy5fkAGS1JYlBDk8uSCK1o6bCH\n" +
+        "ls5EpYcGeEoabSS73WRdkO1lgeyWDduO4ef8cCCSpmpT6/YdZG0QS1PtcREeVig+\n" +
+        "Zr25jNemS4ADHX0aaXP4kiV/G80cR7nX5t5XCUm4bYdbwM07NgI=\n" +
+        "-----END CERTIFICATE-----";
+    static String trustedPrivateKey = // Private key in the format of PKCS#8
+        "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBANtiq0AIJK+iVRwF\n" +
+        "rqcD7fYXTCbMYC5Qz/k6AXBy7/1rI8wDhEJLE3m/+NSqiJwZcmdq2dNh/1fJFrwv\n" +
+        "zuURbc9+paOBWeHbN+Scx3huw91oPZme385VpoK3G13rSE114S/rF4DM9mz4EStF\n" +
+        "hSHXATjtdbskNOAYGLTVx8uEy9GbAgMBAAECgYEA2VjHkIiA0ABjkX+PqKeb+VLb\n" +
+        "fxS7tSca5C8zfdRhLxAWRui0/3ihst0eCJNrBDuxvAOACovsDWyLuaUjtI2v2ysz\n" +
+        "vz6SPyGy82PhQOFzyKQuQ814N6EpothpiZzF0yFchfKIGhUsdY89UrGs9nM7m6NT\n" +
+        "rztYvgIu4avg2VPR2AECQQD+pFAqipR2BplQRIuuRSZfHRxvoEyDjT1xnHJsC6WP\n" +
+        "I5hCLghL91MhQGWbP4EJMKYQOTRVukWlcp2Kycpf+P5hAkEA3I43gmVUAPEdyZdY\n" +
+        "fatW7OaLlbbYJb6qEtpCZ1Rwe/BIvm6H6E3qSi/lpz7Ia7WDulpbF6BawHH3pRFq\n" +
+        "CUY5ewJBAP3pUDqrRpBN0jB0uSeDslhjSciQ+dqvSpZv3rSYBHUvlBJhnkpJiy37\n" +
+        "7ZUZhIxqYxyIPgRBolLwb+FFh7OdL+ECQCtldDic9WVmC+VheRDpCKZ+SlK/8lGi\n" +
+        "7VXeShiIvcU1JysJFoa35fSI7hf1O3wt7+hX5PqGG7Un94EsJwACKEcCQQC1TWt6\n" +
+        "ArKH6tRxKjOxFtqfs8fgEVYUaOr3j1jF4KBUuX2mtQtddZe3VfJ2wPsuKMMxmhkB\n" +
+        "e7xWWZnJsErt2e+E";
+
+    // Certificate information:
+    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce
+    // Validity
+    //     Not Before: May  5 02:40:53 2012 GMT
+    //     Not After : Jan 21 02:40:53 2032 GMT
+    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce, CN=casigner
+    // X509v3 Subject Key Identifier:
+    //     13:07:E0:11:07:DB:EB:33:23:87:31:D0:DB:7E:16:56:BE:11:90:0A
+    // X509v3 Authority Key Identifier:
+    //     keyid:DD:4E:8D:2A:11:C0:83:03:F0:AC:EB:A2:BF:F9:F2:7D:C8:69:1F:9B
+    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
+    //     serial:00
+    static String caSignerStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICqDCCAhGgAwIBAgIBAjANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UwHhcN\n" +
+        "MTIwNTA1MDI0MDUzWhcNMzIwMTIxMDI0MDUzWjBOMQswCQYDVQQGEwJVUzENMAsG\n" +
+        "A1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxETAPBgNV\n" +
+        "BAMTCGNhc2lnbmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+x8+o7oM0\n" +
+        "ct/LZmZLXBL4CQ8jrULD5P7NtEW0hg/zxBFZfBHf+44Oo2eMPYZj+7xaREOH5BmV\n" +
+        "KRYlzRtONAaC5Ng4Mrm5UKNPcMIIUjUOvm7vWM4oSTMSfoEcSX+vp99uUAkw3w7Z\n" +
+        "+frYDm1M4At/j0b+lLij71GFN2L8drpgPQIDAQABo4GoMIGlMB0GA1UdDgQWBBQT\n" +
+        "B+ARB9vrMyOHMdDbfhZWvhGQCjBjBgNVHSMEXDBagBTdTo0qEcCDA/Cs66K/+fJ9\n" +
+        "yGkfm6E/pD0wOzELMAkGA1UEBhMCVVMxDTALBgNVBAoTBEphdmExHTAbBgNVBAsT\n" +
+        "FFN1bkpTU0UgVGVzdCBTZXJpdmNlggEAMBIGA1UdEwEB/wQIMAYBAf8CAQEwCwYD\n" +
+        "VR0PBAQDAgEGMA0GCSqGSIb3DQEBBAUAA4GBAI+LXA/UCPkTANablUkt80JNPWsl\n" +
+        "pS4XLNgPxWaN0bkRDs5oI4ooWAz1rwpeJ/nfetOvWlpmrVjSeovBFja5Hl+dUHTf\n" +
+        "VfuyzkxXbhuNiJIpo1mVBpNsjwu9YRxuwX6UA2LTUQpgvtVJEE012x3zRvxBCbu2\n" +
+        "Y/v1R5fZ4c+hXDfC\n" +
+        "-----END CERTIFICATE-----";
+    static String caSignerPrivateKey = // Private key in the format of PKCS#8
+        "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAL7Hz6jugzRy38tm\n" +
+        "ZktcEvgJDyOtQsPk/s20RbSGD/PEEVl8Ed/7jg6jZ4w9hmP7vFpEQ4fkGZUpFiXN\n" +
+        "G040BoLk2DgyublQo09wwghSNQ6+bu9YzihJMxJ+gRxJf6+n325QCTDfDtn5+tgO\n" +
+        "bUzgC3+PRv6UuKPvUYU3Yvx2umA9AgMBAAECgYBYvu30cW8LONyt62Zua9hPFTe7\n" +
+        "qt9B7QYyfkdmoG5PQMepTrOp84SzfoOukvgvDm0huFuJnSvhXQl2cCDhkgXskvFj\n" +
+        "Hh7KBCFViVXokGdq5YoS0/KYMyQV0TZfJUvILBl51uc4/siQ2tClC/N4sa+1JhgW\n" +
+        "a6dFGfRjiUKSSlmMwQJBAPWpIz3Q/c+DYMvoQr5OD8EaYwYIevlTdXb97RnJJh2b\n" +
+        "UnhB9jrqesJiHYVzPmP0ukyPOXOwlp2T5Am4Kw0LFOkCQQDGz150NoHOp28Mvyc4\n" +
+        "CTqz/zYzUhy2eCJESl196uyP4N65Y01VYQ3JDww4DlsXiU17tVSbgA9TCcfTYOzy\n" +
+        "vyw1AkARUky+1hafZCcWGZljK8PmnMKwsTZikCTvL/Zg5BMA8Wu+OQBwpQnk3OAy\n" +
+        "Aa87gw0DyvGFG8Vy9POWT9sRP1/JAkBqP0hrMvYMSs6+MSn0eHo2151PsAJIQcuO\n" +
+        "U2/Da1khSzu8N6WMi2GiobgV/RYRbf9KrY2ZzMZjykZQYOxAjopBAkEAghCu38cN\n" +
+        "aOsW6ueo24uzsWI1FTdE+qWNVEi3RSP120xXBCyhaBjIq4WVSlJK9K2aBaJpit3j\n" +
+        "iQ5tl6zrLlxQhg==";
+
+    // Certificate information:
+    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce, CN=casigner
+    // Validity
+    //     Not Before: May  5 02:40:57 2012 GMT
+    //     Not After : Jan 21 02:40:57 2032 GMT
+    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce, CN=certissuer
+    // X509v3 Subject Key Identifier:
+    //     39:0E:C6:33:B1:50:BC:73:07:31:E5:D8:04:F7:BB:97:55:CF:9B:C8
+    // X509v3 Authority Key Identifier:
+    //     keyid:13:07:E0:11:07:DB:EB:33:23:87:31:D0:DB:7E:16:56:BE:11:90:0A
+    //     DirName:/C=US/O=Java/OU=SunJSSE Test Serivce
+    //     serial:02
+    static String certIssuerStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICvjCCAiegAwIBAgIBAzANBgkqhkiG9w0BAQQFADBOMQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxETAP\n" +
+        "BgNVBAMTCGNhc2lnbmVyMB4XDTEyMDUwNTAyNDA1N1oXDTMyMDEyMTAyNDA1N1ow\n" +
+        "UDELMAkGA1UEBhMCVVMxDTALBgNVBAoTBEphdmExHTAbBgNVBAsTFFN1bkpTU0Ug\n" +
+        "VGVzdCBTZXJpdmNlMRMwEQYDVQQDEwpjZXJ0aXNzdWVyMIGfMA0GCSqGSIb3DQEB\n" +
+        "AQUAA4GNADCBiQKBgQCyz55zinU6kNL/LeiTNiBI0QWYmDG0YTotuC4D75liBNqs\n" +
+        "7Mmladsh2mTtQUAwmuGaGzaZV25a+cUax0DXZoyBwdbTI09u1bUYsZcaUUKbPoCC\n" +
+        "HH26e4jLFL4olW13Sv4ZAd57tIYevMw+Fp5f4fLPFGegCJTFlv2Qjpmic/cuvQID\n" +
+        "AQABo4GpMIGmMB0GA1UdDgQWBBQ5DsYzsVC8cwcx5dgE97uXVc+byDBjBgNVHSME\n" +
+        "XDBagBQTB+ARB9vrMyOHMdDbfhZWvhGQCqE/pD0wOzELMAkGA1UEBhMCVVMxDTAL\n" +
+        "BgNVBAoTBEphdmExHTAbBgNVBAsTFFN1bkpTU0UgVGVzdCBTZXJpdmNlggECMBMG\n" +
+        "A1UdEwEB/wQJMAcBAf8CAgQAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQQFAAOB\n" +
+        "gQCQTagenCdClT98C+oTJGJrw/dUBD9K3tE6ZJKPMc/2bUia8G5ei1C0eXj4mWG2\n" +
+        "lu9umR6C90/A6qB050QB2h50qtqxSrkpu+ym1yypauZpg7U3nUY9wZWJNI1vqrQZ\n" +
+        "pqUMRcXY3iQIVKx+Qj+4/Za1wwFQzpEoGmqRW31V1SdMEw==\n" +
+        "-----END CERTIFICATE-----";
+    static String certIssuerPrivateKey = // Private key in the format of PKCS#8
+        "MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBALLPnnOKdTqQ0v8t\n" +
+        "6JM2IEjRBZiYMbRhOi24LgPvmWIE2qzsyaVp2yHaZO1BQDCa4ZobNplXblr5xRrH\n" +
+        "QNdmjIHB1tMjT27VtRixlxpRQps+gIIcfbp7iMsUviiVbXdK/hkB3nu0hh68zD4W\n" +
+        "nl/h8s8UZ6AIlMWW/ZCOmaJz9y69AgMBAAECgYEAjtew2tgm4gxDojqIauF4VPM1\n" +
+        "pzsdqd1p3pAdomNLgrQiBLZ8N7oiph6TNb1EjA+OXc+ThFgF/oM9ZDD8qZZwcvjN\n" +
+        "qDZlpTkFs2TaGcyEZfUaMB45NHVs6Nn+pSkagSNwwy3xeyAct7sQEzGNTDlEwVv5\n" +
+        "7V9LQutQtBd6xT48KzkCQQDpNRfv2OFNG/6GtzJoO68oJhpnpl2MsYNi4ntRkre/\n" +
+        "6uXpiCYaDskcrPMRwOOs0m7mxG+Ev+uKnLnSoEMm1GCbAkEAxEmDtiD0Psb8Z9BL\n" +
+        "ZRb83Jqho3xe2MCAh3xUfz9b/Mhae9dZ44o4OCgQZuwvW1mczF0NtpgZl93BmYa2\n" +
+        "hTwHhwJBAKHrEj6ep/fA6x0gD2idoATRR94VfbiU+7NpqtO9ecVP0+gsdr/66hn1\n" +
+        "3yLBeZLh3MxvMTrLgkAQh1i9m0JXjOcCQQClLXAHHegrw+u3uNMZeKTFR+Lp3sk6\n" +
+        "AZSnbvr0Me9I45kxSeG81x3ENALJecvIRbrrRws5MvmmkNhQR8rkh8WVAkEAk6b+\n" +
+        "aVtmBgUaTS5+FFlHGHJY9HFrfT1a1C/dwyMuqlmbC3YsBmZaMOlKli5TXNybLff8\n" +
+        "5KMeGEpXMzgC7AscGA==";
+
+    // Certificate information:
+    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce, CN=certissuer
+    // Validity
+    //     Not Before: May  5 02:41:01 2012 GMT
+    //     Not After : Jan 21 02:41:01 2032 GMT
+    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce, CN=localhost
+    // X509v3 Subject Key Identifier:
+    //     AD:C0:2C:4C:E4:C2:2E:A1:BB:5D:92:BE:66:E0:4E:E0:0D:2F:11:EF
+    // X509v3 Authority Key Identifier:
+    //     keyid:39:0E:C6:33:B1:50:BC:73:07:31:E5:D8:04:F7:BB:97:55:CF:9B:C8
+    static String serverCertStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICjTCCAfagAwIBAgIBBDANBgkqhkiG9w0BAQQFADBQMQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxEzAR\n" +
+        "BgNVBAMTCmNlcnRpc3N1ZXIwHhcNMTIwNTA1MDI0MTAxWhcNMzIwMTIxMDI0MTAx\n" +
+        "WjBPMQswCQYDVQQGEwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNT\n" +
+        "RSBUZXN0IFNlcml2Y2UxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B\n" +
+        "AQEFAAOBjQAwgYkCgYEAvwaUd7wmBSKqycEstYLWD26vkU08DM39EtaT8wL9HnQ0\n" +
+        "fgPblwBFI4zdLa2cuYXRZcFUb04N8nrkcpR0D6kkE+AlFAoRWrrZF80B7JTbtEK4\n" +
+        "1PIeurihXvUT+4MpzGLOojIihMfvM4ufelblD56SInso4WFHm7t4qCln88J1gjkC\n" +
+        "AwEAAaN4MHYwCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBStwCxM5MIuobtdkr5m4E7g\n" +
+        "DS8R7zAfBgNVHSMEGDAWgBQ5DsYzsVC8cwcx5dgE97uXVc+byDAnBgNVHSUEIDAe\n" +
+        "BggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBAUAA4GB\n" +
+        "AGfwcfdvEG/nSCiAn2MGbYHp34mgF3OA1SJLWUW0LvWJhwm2cn4AXlSoyvbwrkaB\n" +
+        "IDDCwhJvvc0vUyL2kTx7sqVaFTq3mDs+ktlB/FfH0Pb+i8FE+g+7T42Iw/j0qxHL\n" +
+        "YmgbrjBQf5WYN1AvBE/rrPt9aOtS3UsqtVGW574b0shW\n" +
+        "-----END CERTIFICATE-----";
+    static String serverPrivateKey = // Private key in the format of PKCS#8
+        "MIICdAIBADANBgkqhkiG9w0BAQEFAASCAl4wggJaAgEAAoGBAL8GlHe8JgUiqsnB\n" +
+        "LLWC1g9ur5FNPAzN/RLWk/MC/R50NH4D25cARSOM3S2tnLmF0WXBVG9ODfJ65HKU\n" +
+        "dA+pJBPgJRQKEVq62RfNAeyU27RCuNTyHrq4oV71E/uDKcxizqIyIoTH7zOLn3pW\n" +
+        "5Q+ekiJ7KOFhR5u7eKgpZ/PCdYI5AgMBAAECf3CscOYvFD3zNMnMJ5LomVqA7w3F\n" +
+        "gKYM2jlCWAH+wU41PMEXhW6Lujw92jgXL1o+lERwxFzirVdZJWZwKgUSvzP1G0h3\n" +
+        "fkucq1/UWnToK+8NSXNM/yS8hXbBgSEoJo5f7LKcIi1Ev6doBVofMxs+njzyWKbM\n" +
+        "Nb7rOLHadghoon0CQQDgQzbzzSN8Dc1YmmylhI5v+0sQRHH0DL7D24k4Weh4vInG\n" +
+        "EAbt4x8M7ZKEo8/dv0s4hbmNmAnJl93/RRxIyEqLAkEA2g87DiswSQam2pZ8GlrO\n" +
+        "+w4Qg9mH8uxx8ou2rl0XlHzH1XiTNbkjfY0EZoL7L31BHFk9n11Fb2P85g6ws+Hy\n" +
+        "ywJAM/xgyLNM/nzUlS128geAXUULaYH0SHaL4isJ7B4rXZGW/mrIsGxtzjlkNYsj\n" +
+        "rGujrD6TfNc5rZmexIXowJZtcQJBAIww+pCzZ4mrgx5JXWQ8OZHiiu+ZrPOa2+9J\n" +
+        "r5sOMpi+WGN/73S8oHqZbNjTINZ5OqEVJq8MchWZPQBTNXuQql0CQHEjUzzkCQa3\n" +
+        "j6JTa2KAdqyvLOx0XF9zcc1gA069uNQI2gPUHS8V215z57f/gMGnDNhVfLs/vMKz\n" +
+        "sFkVZ3zg7As=";
+
+    // Certificate information:
+    // Issuer: C=US, O=Java, OU=SunJSSE Test Serivce, CN=certissuer
+    // Validity
+    //     Not Before: May  5 02:41:02 2012 GMT
+    //     Not After : Jan 21 02:41:02 2032 GMT
+    // Subject: C=US, O=Java, OU=SunJSSE Test Serivce, CN=InterOp Tester
+    // X509v3 Subject Key Identifier:
+    //     57:7D:E2:33:33:60:DF:DD:5E:ED:81:3F:EB:F2:1B:59:7F:50:9C:99
+    // X509v3 Authority Key Identifier:
+    //     keyid:39:0E:C6:33:B1:50:BC:73:07:31:E5:D8:04:F7:BB:97:55:CF:9B:C8
+    static String clientCertStr =
+        "-----BEGIN CERTIFICATE-----\n" +
+        "MIICaTCCAdKgAwIBAgIBBTANBgkqhkiG9w0BAQQFADBQMQswCQYDVQQGEwJVUzEN\n" +
+        "MAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNTRSBUZXN0IFNlcml2Y2UxEzAR\n" +
+        "BgNVBAMTCmNlcnRpc3N1ZXIwHhcNMTIwNTA1MDI0MTAyWhcNMzIwMTIxMDI0MTAy\n" +
+        "WjBUMQswCQYDVQQGEwJVUzENMAsGA1UEChMESmF2YTEdMBsGA1UECxMUU3VuSlNT\n" +
+        "RSBUZXN0IFNlcml2Y2UxFzAVBgNVBAMTDkludGVyT3AgVGVzdGVyMIGfMA0GCSqG\n" +
+        "SIb3DQEBAQUAA4GNADCBiQKBgQC1pA71nDg1KhhnHjRdi/eVDUa7uFZAtN8R9huu\n" +
+        "pTwFoyqSX8lDMz8jDawOMmaI9dVZLjTh3hnf4KBEqQOearFVz45yBOjlgPLBuI4F\n" +
+        "D/ORhgmDaIu2NK+c1yj6YQlyiO0DPwh55GtPLVG3iuEpejU7gQyaMuTaddoXrO7s\n" +
+        "xwzanQIDAQABo08wTTALBgNVHQ8EBAMCA+gwHQYDVR0OBBYEFFd94jMzYN/dXu2B\n" +
+        "P+vyG1l/UJyZMB8GA1UdIwQYMBaAFDkOxjOxULxzBzHl2AT3u5dVz5vIMA0GCSqG\n" +
+        "SIb3DQEBBAUAA4GBAHTgB5W7wnl7Jnb4wNQcb6JdR8FRHIdslcRfnReFfZBHZZux\n" +
+        "ChpA1lf62KIzYohKoxQXXMul86vnVSHnXq5xctHEmxCBnALEnoAcCOv6wfWqEA7g\n" +
+        "2rX+ydmu+0ArbqKhSOypZ7K3ame0UOJJ6HDxdsgBYJuotmSou4KKq9e8GF+d\n" +
+        "-----END CERTIFICATE-----";
+    static String clientPrivateKey = // Private key in the format of PKCS#8
+        "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALWkDvWcODUqGGce\n" +
+        "NF2L95UNRru4VkC03xH2G66lPAWjKpJfyUMzPyMNrA4yZoj11VkuNOHeGd/goESp\n" +
+        "A55qsVXPjnIE6OWA8sG4jgUP85GGCYNoi7Y0r5zXKPphCXKI7QM/CHnka08tUbeK\n" +
+        "4Sl6NTuBDJoy5Np12hes7uzHDNqdAgMBAAECgYEAjLwygwapXjfhdHQoqpp6F9iT\n" +
+        "h3sKCVSaybXgOO75lHyZzZO9wv1/288KEm3mmBOxXEm6245UievnAYvaq/GKt93O\n" +
+        "pj2zRefBzZjGbz0v84fmna/MN6zUUYX1PcVRMKWLx9HKKmQihzwoXdBX0o9PPXdi\n" +
+        "LfzujNa/q8/mpI5PmEECQQDZwLSaL7OReWZTY4NoQuNzwhx5IKJUOtCFQfmHKZSW\n" +
+        "wtXntZf+E5W9tGaDY5wjpq5cilKDAHdEAlFWxDe1PoE1AkEA1YuTBpctOLBfquFn\n" +
+        "Y/S3lzGVlnIHDk3dj4bFglkoJ2bCdlwRNUyBSjAjBDcbYhper8S7GlEN5SiEdz9I\n" +
+        "3OjIyQJBAKEPMgYhZjYhjxf6sQV7A/VpC9pj0u1uGzGVXNUmYisorUKXRHa/UbBh\n" +
+        "MLnaAXE1Jh54iRMwUwbQmA0PUQ0T0EkCQQCcr6/umwhkWw2nHYK2Vf5LoudGn15M\n" +
+        "AZg7UsEjVnXfC0hOfllmCT+ohs96rVCbWAv33lsHAUg3x9YChV3aMbf5AkAj1kuV\n" +
+        "jUTgFKjediyQC6uof7YdLn+gQGiXK1XE0GBN4WMkzcLiS0jC+MFTgKfFnFdh9K0y\n" +
+        "fswYKdTA/o8RKaa5";
+
+    static char passphrase[] = "passphrase".toCharArray();
+
+    /*
+     * Is the server ready to serve?
+     */
+    volatile static boolean serverReady = false;
+
+    /*
+     * Turn on SSL debugging?
+     */
+    static boolean debug = false;
+
+    /*
+     * Define the server side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doServerSide() throws Exception {
+        SSLContext context = getSSLContext(true);
+        SSLServerSocketFactory sslssf = context.getServerSocketFactory();
+
+        SSLServerSocket sslServerSocket =
+            (SSLServerSocket)sslssf.createServerSocket(serverPort);
+        serverPort = sslServerSocket.getLocalPort();
+        SSLSocket sslSocket = null;
+        try {
+            /*
+             * Signal Client, we're ready for his connect.
+             */
+            serverReady = true;
+
+            sslSocket = (SSLSocket) sslServerSocket.accept();
+            sslSocket.setNeedClientAuth(true);
+
+            InputStream sslIS = sslSocket.getInputStream();
+            OutputStream sslOS = sslSocket.getOutputStream();
+
+            sslIS.read();
+            sslOS.write(85);
+            sslOS.flush();
+        } finally {
+            if (sslSocket != null) {
+                sslSocket.close();
+            }
+            sslServerSocket.close();
+        }
+    }
+
+    /*
+     * Define the client side of the test.
+     *
+     * If the server prematurely exits, serverReady will be set to true
+     * to avoid infinite hangs.
+     */
+    void doClientSide() throws Exception {
+        /*
+         * Wait for server to get started.
+         */
+        while (!serverReady) {
+            Thread.sleep(50);
+        }
+
+        SSLContext context = getSSLContext(false);
+        SSLSocketFactory sslsf = context.getSocketFactory();
+
+        SSLSocket sslSocket =
+            (SSLSocket)sslsf.createSocket("localhost", serverPort);
+        try {
+            InputStream sslIS = sslSocket.getInputStream();
+            OutputStream sslOS = sslSocket.getOutputStream();
+
+            sslOS.write(280);
+            sslOS.flush();
+            sslIS.read();
+        } finally {
+            sslSocket.close();
+        }
+    }
+
+    // get the ssl context
+    private static SSLContext getSSLContext(boolean isServer) throws Exception {
+
+        // generate certificate from cert string
+        CertificateFactory cf = CertificateFactory.getInstance("X.509");
+
+        // create a key store
+        KeyStore ks = KeyStore.getInstance("JKS");
+        ks.load(null, null);
+
+        // import the trused cert
+        ByteArrayInputStream is =
+            new ByteArrayInputStream(trusedCertStr.getBytes());
+        Certificate trusedCert = cf.generateCertificate(is);
+        is.close();
+
+        ks.setCertificateEntry("SunJSSE Test Serivce", trusedCert);
+
+        // import the certificate chain and key
+        Certificate[] chain = new Certificate[3];
+
+        is = new ByteArrayInputStream(caSignerStr.getBytes());
+        Certificate caSignerCert = cf.generateCertificate(is);
+        is.close();
+        chain[2] = caSignerCert;
+
+        is = new ByteArrayInputStream(certIssuerStr.getBytes());
+        Certificate certIssuerCert = cf.generateCertificate(is);
+        is.close();
+        chain[1] = certIssuerCert;
+
+        PKCS8EncodedKeySpec priKeySpec = null;
+        if (isServer) {
+            priKeySpec = new PKCS8EncodedKeySpec(
+                            new BASE64Decoder().decodeBuffer(serverPrivateKey));
+            is = new ByteArrayInputStream(serverCertStr.getBytes());
+        } else {
+            priKeySpec = new PKCS8EncodedKeySpec(
+                            new BASE64Decoder().decodeBuffer(clientPrivateKey));
+            is = new ByteArrayInputStream(clientCertStr.getBytes());
+        }
+        KeyFactory kf = KeyFactory.getInstance("RSA");
+        RSAPrivateKey priKey = (RSAPrivateKey)kf.generatePrivate(priKeySpec);
+        Certificate keyCert = cf.generateCertificate(is);
+        is.close();
+        chain[0] = keyCert;
+
+        ks.setKeyEntry("End Entity", priKey, passphrase, chain);
+
+        // check the certification path
+        PKIXParameters paras = new PKIXParameters(ks);
+        paras.setRevocationEnabled(false);
+        CertPath path = cf.generateCertPath(Arrays.asList(chain));
+        CertPathValidator cv = CertPathValidator.getInstance("PKIX");
+        cv.validate(path, paras);
+
+        // create SSL context
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm);
+        tmf.init(ks);
+
+        SSLContext ctx = SSLContext.getInstance("TLS");
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");
+        kmf.init(ks, passphrase);
+
+        ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
+        ks = null;
+
+        return ctx;
+    }
+
+    private static String tmAlgorithm;        // trust manager
+
+    private static void parseArguments(String[] args) {
+        tmAlgorithm = args[0];
+    }
+
+    /*
+     * =============================================================
+     * The remainder is just support stuff
+     */
+
+    // use any free port by default
+    volatile int serverPort = 0;
+
+    volatile Exception serverException = null;
+    volatile Exception clientException = null;
+
+    public static void main(String args[]) throws Exception {
+        if (debug)
+            System.setProperty("javax.net.debug", "all");
+
+
+        /*
+         * Get the customized arguments.
+         */
+        parseArguments(args);
+
+        /*
+         * Start the tests.
+         */
+        new BasicConstraints();
+    }
+
+    Thread clientThread = null;
+    Thread serverThread = null;
+    /*
+     * Primary constructor, used to drive remainder of the test.
+     *
+     * Fork off the other side, then do your work.
+     */
+    BasicConstraints() throws Exception {
+        if (separateServerThread) {
+            startServer(true);
+            startClient(false);
+        } else {
+            startClient(true);
+            startServer(false);
+        }
+
+        /*
+         * Wait for other side to close down.
+         */
+        if (separateServerThread) {
+            serverThread.join();
+        } else {
+            clientThread.join();
+        }
+
+        /*
+         * When we get here, the test is pretty much over.
+         *
+         * If the main thread excepted, that propagates back
+         * immediately.  If the other thread threw an exception, we
+         * should report back.
+         */
+        if (serverException != null)
+            throw serverException;
+        if (clientException != null)
+            throw clientException;
+    }
+
+    void startServer(boolean newThread) throws Exception {
+        if (newThread) {
+            serverThread = new Thread() {
+                public void run() {
+                    try {
+                        doServerSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our server thread just died.
+                         *
+                         * Release the client, if not active already...
+                         */
+                        System.err.println("Server died...");
+                        serverReady = true;
+                        serverException = e;
+                    }
+                }
+            };
+            serverThread.start();
+        } else {
+            doServerSide();
+        }
+    }
+
+    void startClient(boolean newThread) throws Exception {
+        if (newThread) {
+            clientThread = new Thread() {
+                public void run() {
+                    try {
+                        doClientSide();
+                    } catch (Exception e) {
+                        /*
+                         * Our client thread just died.
+                         */
+                        System.err.println("Client died...");
+                        clientException = e;
+                    }
+                }
+            };
+            clientThread.start();
+        } else {
+            doClientSide();
+        }
+    }
+
+}
--- a/test/tools/launcher/Arrrghs.java	Mon May 21 11:41:33 2012 -0700
+++ b/test/tools/launcher/Arrrghs.java	Mon May 21 11:44:01 2012 -0700
@@ -24,7 +24,7 @@
 /**
  * @test
  * @bug 5030233 6214916 6356475 6571029 6684582 6742159 4459600 6758881 6753938
- *      6894719 6968053 7151314
+ *      6894719 6968053 7151434
  * @summary Argument parsing validation.
  * @compile -XDignore.symbol.file Arrrghs.java
  * @run main Arrrghs
@@ -238,7 +238,7 @@
         tr.isNotZeroOutput();
         System.out.println(tr);
 
-        // 7151314, test for non-negative exit value for an incorrectly formed
+        // 7151434, test for non-negative exit value for an incorrectly formed
         // command line, '% java -jar -W', note the bogus -W
         tr = doExec(javaCmd, "-jar", "-W");
         tr.checkNegative();