OpenJDK / jdk / jdk12
changeset 25407:63b91a5b8d1f
Merge
| author | lana |
|---|---|
| date | Thu, 10 Jul 2014 12:40:48 -0700 |
| parents | 6f1f212bfc42 4814eec6a323 |
| children | 27563093d2d2 |
| files | jdk/src/share/lib/security/BlacklistedCertsConverter.java jdk/src/share/lib/security/blacklisted.certs jdk/src/share/lib/security/blacklisted.certs.pem |
| diffstat | 101 files changed, 2752 insertions(+), 1363 deletions(-) [+] |
line wrap: on
line diff
--- a/jdk/make/CopyFiles.gmk Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/make/CopyFiles.gmk Thu Jul 10 12:40:48 2014 -0700 @@ -407,16 +407,11 @@ ########################################################################################## -BLACKLISTED_CERTS_SRC := $(JDK_TOPDIR)/src/share/lib/security/blacklisted.certs -BLACKLISTED_CERTS_DST := $(JDK_OUTPUTDIR)/lib/security/blacklisted.certs - ifndef OPENJDK BLACKLIST_SRC := $(JDK_TOPDIR)/src/closed/share/lib/security/blacklist BLACKLIST_DST := $(JDK_OUTPUTDIR)/lib/security/blacklist - BLACKLISTED_CERTS_SRC += $(wildcard $(JDK_TOPDIR)/src/closed/share/lib/security/blacklisted.certs) - TRUSTEDLIBS_SRC := $(JDK_TOPDIR)/src/closed/share/lib/security/trusted.libraries TRUSTEDLIBS_DST := $(JDK_OUTPUTDIR)/lib/security/trusted.libraries @@ -432,20 +427,6 @@ endif -$(BLACKLISTED_CERTS_DST): $(BLACKLISTED_CERTS_SRC) - $(MKDIR) -p $(@D) - $(CAT) $^ | $(SED) '/^$$/d' | $(SORT) | $(UNIQ) > $@.tmp - $(GREP) -i Algorithm $@.tmp > $@ - if [ `$(SED) -n -e "$$=" $@` != 1 ]; then \ - $(ECHO) "Different algorithms defined in $^"; \ - $(RM) $@ $@.tmp; \ - false; \ - fi - $(GREP) -iv Algorithm $@.tmp >> $@ - $(RM) $@.tmp - -COPY_FILES += $(BLACKLISTED_CERTS_DST) - ########################################################################################## ifndef OPENJDK
--- a/jdk/make/GenerateData.gmk Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/make/GenerateData.gmk Thu Jul 10 12:40:48 2014 -0700 @@ -50,6 +50,9 @@ include gendata/GendataHtml32dtd.gmk GENDATA += $(GENDATA_HTML32DTD) +include gendata/GendataBlacklistedCerts.gmk +GENDATA += $(GENDATA_BLACKLISTED_CERTS) + ########################################################################################## GENDATA_UNINAME := $(JDK_OUTPUTDIR)/classes/java/lang/uniName.dat
--- a/jdk/make/Tools.gmk Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/make/Tools.gmk Thu Jul 10 12:40:48 2014 -0700 @@ -87,6 +87,9 @@ TOOL_TZDB = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \ build.tools.tzdb.TzdbZoneRulesCompiler +TOOL_BLACKLISTED_CERTS = $(JAVA_SMALL) -cp $(JDK_OUTPUTDIR)/btclasses \ + build.tools.blacklistedcertsconverter.BlacklistedCertsConverter + # TODO: There are references to the jdwpgen.jar in jdk/make/netbeans/jdwpgen/build.xml # and nbproject/project.properties in the same dir. Needs to be looked at.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/make/data/blacklistedcertsconverter/blacklisted.certs.pem Thu Jul 10 12:40:48 2014 -0700 @@ -0,0 +1,727 @@ +#! java BlacklistedCertsConverter SHA-256 + +# The line above must be the first line of the blacklisted.certs.pem +# file inside src/share/lib/security/. It will be ignored if added in +# src/closed/share/lib/security/blacklisted.certs.pem. + +// Subject: CN=Digisign Server ID (Enrich), +// OU=457608-K, +// O=Digicert Sdn. Bhd., +// C=MY +// Issuer: CN=GTE CyberTrust Global Root, +// OU=GTE CyberTrust Solutions, Inc., +// O=GTE Corporation, +// C=US +// Serial: 120001705 (07:27:14:a9) +-----BEGIN CERTIFICATE----- +MIIDyzCCAzSgAwIBAgIEBycUqTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV +UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU +cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds +b2JhbCBSb290MB4XDTA3MDcxNzE1MTc0OFoXDTEyMDcxNzE1MTY1NFowYzELMAkG +A1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNkbi4gQmhkLjERMA8GA1UECxMI +NDU3NjA4LUsxJDAiBgNVBAMTG0RpZ2lzaWduIFNlcnZlciBJRCAoRW5yaWNoKTCB +nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArahkS02Hx4RZufuQRqCmicDx/tXa +VII3DZkrRSYK6Fawf8qo9I5HhAGCKeOzarWR8/uVhbxyqGToCkCcxfRxrnt7agfq +kBRPjYmvlKuyBtQCanuYH1m5Os1U+iDfsioK6bjdaZDAKdNO0JftZszFGUkGf/pe +LHx7hRsyQt97lSUCAwEAAaOCAXgwggF0MBIGA1UdEwEB/wQIMAYBAf8CAQAwXAYD +VR0gBFUwUzBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcCARYtaHR0cDovL2N5YmVy +dHJ1c3Qub21uaXJvb3QuY29tL3JlcG9zaXRvcnkuY2ZtMAcGBWCDSgEBMA4GA1Ud +DwEB/wQEAwIB5jCBiQYDVR0jBIGBMH+heaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYD +VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv +bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv +b3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0 +LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFMYWk04WF+wW +royUdvOGbcV0boR3MA0GCSqGSIb3DQEBBQUAA4GBAHYAe6Z4K2Ydjl42xqSOBfIj +knyTZ9P0wAp9iy3Z6tVvGvPhSilaIoRNUC9LDPL/hcJ7VdREgr5trGeOvLQfkpxR +gBoU9m6rYYgLrRx/90tQUdZlG6ZHcRVesHHzNRTyN71jyNXwk1o0X9g96F33xR7A +5c8fhiSpPAdmzcHSNmNZ +-----END CERTIFICATE----- + +// Subject: CN=Digisign Server ID - (Enrich), +// OU=457608-K, +// O=Digicert Sdn. Bhd., +// C=MY +// Issuer: CN=Entrust.net Certification Authority (2048) +// OU=(c) 1999 Entrust.net Limited, +// OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), +// O=Entrust.net +// Serial: 1184644297 (4c:0e:63:6a) +-----BEGIN CERTIFICATE----- +MIIEzjCCA7agAwIBAgIETA5jajANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML +RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp +bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5 +IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xMDA3MTYxNzIzMzdaFw0xNTA3 +MTYxNzUzMzdaMGUxCzAJBgNVBAYTAk1ZMRswGQYDVQQKExJEaWdpY2VydCBTZG4u +IEJoZC4xETAPBgNVBAsTCDQ1NzYwOC1LMSYwJAYDVQQDEx1EaWdpc2lnbiBTZXJ2 +ZXIgSUQgLSAoRW5yaWNoKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AMWJ5PQNBkCSWccaszXRDkwqM/n4r8qef+65p21g9FTob9Wb8xtjMQRoctE0Foy0 +FyyX3nPF2JAVoBor9cuzSIZE8B2ITM5BQhrv9Qze/kDaOSD3BlU6ap1GwdJvpbLI +Vz4po5zg6YV3ZuiYpyR+vsBZIOVEb7ZX2L7OwmV3WMZhQdF0BMh/SULFcqlyFu6M +3RJdtErU0a9Qt9iqdXZorT5dqjBtYairEFs+E78z4K9EnTgiW+9ML6ZxJhUmyiiM +2fqOjqmiFDXimySItPR/hZ2DTwehthSQNsQ0HI0mYW0Tb3i+6I8nx0uElqOGaAwj +vgvsjJQAqQSKE5D334VsDLECAwEAAaOCATQwggEwMA4GA1UdDwEB/wQEAwIBBjAS +BgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcD +AgYIKwYBBQUHAwQwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v +b2NzcC5lbnRydXN0Lm5ldDBEBgNVHSAEPTA7MDkGBWCDSgEBMDAwLgYIKwYBBQUH +AgEWImh0dHA6Ly93d3cuZGlnaWNlcnQuY29tLm15L2Nwcy5odG0wMgYDVR0fBCsw +KTAnoCWgI4YhaHR0cDovL2NybC5lbnRydXN0Lm5ldC8yMDQ4Y2EuY3JsMBEGA1Ud +DgQKBAhMTswlKAMpgTAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDAN +BgkqhkiG9w0BAQUFAAOCAQEAl0zvSjpJrHL8MCBrtClbp8WVBJD5MtXChWreA6E3 ++YkAsFqsVX7bQzX/yQH4Ub7MJsrIaqTEVD4mHucMo82XZ5TdpkLrXM2POXlrM3kh +Bnn6gkQVmczBtznTRmJ8snDrb84gqj4Zt+l0gpy0pUtNYQA35IfS8hQ6ZHy4qXth +4JMi59WfPkfmNnagU9gAAzoPtTP+lsrT0oI6Lt3XSOHkp2nMHOmZSufKcEXXCwcO +mnUb0C+Sb/akB8O9HEumhLZ9qJqp0qcp8QtXaR6XVybsK0Os1EWDBQDp4/BGQAf6 +6rFRc5Mcpd1TETfIKqcVJx20qsx/qjEw/LhFn0gJ7RDixQ== +-----END CERTIFICATE----- + +// Subject: CN=Java Media APIs, +// OU=Java Signed Extensions, +// OU=Corporate Object Signing, +// O=Sun Microsystems Inc +// Issuer: CN=Object Signing CA, +// OU=Class 2 OnSite Subscriber CA, +// OU=VeriSign Trust Network, +// O=Sun Microsystems Inc +// Serial: 6a:8b:99:91:37:59:4f:89:53:e2:97:18:9f:19:1e:4e +-----BEGIN CERTIFICATE----- +MIIFdzCCBF+gAwIBAgIQaouZkTdZT4lT4pcYnxkeTjANBgkqhkiG9w0BAQUFADCB +gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT +aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj +cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDUxMjAw +MDAwMFoXDTEyMDUxMTIzNTk1OVowfTEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt +cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE +CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEYMBYGA1UEAxQPSmF2YSBNZWRpYSBB +UElzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5blzoKTVE8y4Hpz +q6E15RZz1bF5HnYEyYqgHkZXnAKedmYCoMzm1XK8s+gQWShLEvGEAvs5yqarx9gE +nnC21N28aEZgIJMa2/arKxCUkS4pxdGPYGexL9UzSRkUpoBShCZKEGdmX7gfJE2K +/sd9MFvGV5/yZtWXrADzvm0Kd/9mg1KRv1gfrZIq0TJbupoXPYYqb73AkI9eT2ZD +q9MdwD4E5+oojsDFXt8GU/D00fUhtXpYwuplU7D667WHYdJhIah0ST6JywyqcLXG +XSuFTXOgITT2idSHluZVmx3dqJ72u9kPkO4JdJTMDfaK8zgNLaRkiU8Qcj+qhLYH +ytaqcwIDAQABo4IB6jCCAeYwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCB4AwfwYD +VR0fBHgwdjB0oHKgcIZuaHR0cDovL29uc2l0ZWNybC52ZXJpc2lnbi5jb20vU3Vu +TWljcm9zeXN0ZW1zSW5jQ29ycG9yYXRlT2JqZWN0U2lnbmluZ0phdmFTaWduZWRF +eHRlbnNpb25zQ2xhc3NCL0xhdGVzdENSTC5jcmwwHwYDVR0jBBgwFoAUs0crgn5T +tHPKuLsZt76BTQeVx+0wHQYDVR0OBBYEFKS32mVx0gNWTeS4ProHEaeSpvvIMDsG +CCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL29uc2l0ZS1vY3NwLnZl +cmlzaWduLmNvbTCBtQYDVR0gBIGtMIGqMDkGC2CGSAGG+EUBBxcCMCowKAYIKwYB +BQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwbQYLYIZIAYb3AIN9 +nD8wXjAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cuc3VuLmNvbS9wa2kvY3BzMDMG +CCsGAQUFBwICMCcaJVZhbGlkYXRlZCBGb3IgU3VuIEJ1c2luZXNzIE9wZXJhdGlv +bnMwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQEFBQADggEBAAe6BO4W +3TSNWfezyelJs6kE3HfulT6Bdyz4UUoh9ykXcV8nRwT+kh25I5MdyG2GfkJoADPR +VhC5DYo13UFpIsTNVjq+hGYe2hML93bN7ad9SxCCyjHUo3yMz2qgBbHZI3VA9ZHA +aWM4Tx0saMwbcnVvlbuGh+PXvStfypJqYT6lzcdFfjNVX4FI/QQNGhBswMY51tC8 +GTBCL2qhJon0gSCU4zaawDOf7+XxJWirLamYL1Aal1/h2z2sFrvA/1ftxtU3kZ6I +7De8DyoHeZg7pYGdrj7g+lPhCga/WvEhN152I+aP08YbFcJHYmK05ngl/Ye4c6Bd +cdrdfbw6QzEUIYY= +-----END CERTIFICATE----- + +// Subject: CN=JavaFX 1.0 Runtime, +// OU=Java Signed Extensions, +// OU=Corporate Object Signing, +// O=Sun Microsystems Inc +// Issuer: CN=Object Signing CA, +// OU=Class 2 OnSite Subscriber CA, +// OU=VeriSign Trust Network, +// O=Sun Microsystems Inc +// Serial: 55:c0:e6:44:59:59:79:9e:d9:26:f1:b0:4a:1e:f0:27 +-----BEGIN CERTIFICATE----- +MIIFezCCBGOgAwIBAgIQVcDmRFlZeZ7ZJvGwSh7wJzANBgkqhkiG9w0BAQUFADCB +gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT +aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj +cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA4MTAwOTAw +MDAwMFoXDTExMTAwOTIzNTk1OVowgYAxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl +bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxHzAdBgNV +BAsUFkphdmEgU2lnbmVkIEV4dGVuc2lvbnMxGzAZBgNVBAMUEkphdmFGWCAxLjAg +UnVudGltZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+WDc6+bu+4 +tmAcS/lBtUc02WOt9QZpVsXg9cG2pu/8bUtmDELa8iiYBVFpIs8DU58HLrGQtCUY +SIAGOVPsOJoN29UKCDWfY9j5JeVhfhMGqk9DwrWhzgsjy4cpZ1pIp+k/fJ8zT8Ul +aYLpow1vg3UNddsmwz02tN7cOrMw9WYIG4CRYnY1OrtJSfe2pYzheC4zyvR+aiVl +nang2OtqikSQsNFOFHsLOJFxngy9LrO8evDSu25VTKI6zlWU6/bMeqtztJPN0VOn +NyUrJZvkxZ207Jg0T693BGSxNC1n+ihztXogql8950M/pEuUbDjylv5FFvlp6DSB +dDT2MkutmyMCAwEAAaOCAeowggHmMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgeA +MH8GA1UdHwR4MHYwdKByoHCGbmh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29t +L1N1bk1pY3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdKYXZhU2ln +bmVkRXh0ZW5zaW9uc0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaAFLNH +K4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBTjgufVi3XJ3gx1ewsA6Rr7BR4Z +zjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUtb2Nz +cC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAqMCgG +CCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CGSAGG +9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtpL2Nw +czAzBggrBgEFBQcCAjAnGiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBPcGVy +YXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IBAQAB +YVJTTVe7rzyTO4jc3zajErOT/COkdQTfNo0eIX1QbNynFieJvwY/jRzUZwjktIFR +2p4JtbpHGAtKtjOAOTieQ8xdDOoC1djzpE7/AbMvuvlTavtUKT+F7tPdhfXgWXJV +6Wbt8jryKyk3zZGiEhauIwZUkfjRkEtffEmZWLUd8c8rURJjfC/XHH2oyurscoxc +CjX29c9ynxSiS/VvQp1an0HvErGh69N48wj7cj8mtZ1yHzd2XCzSSR1OfTPfk0Pt +yg51p7yJaFiH21PTZegEL6zyVNOYBTKwwIi2OzpwYalD3uvK6e3OKDrfFCOxu17u +4PveESbrdyrmvLe7IVez +-----END CERTIFICATE----- + +// Subject: CN=JavaFX Runtime, +// OU=Java Signed Extensions, +// OU=Corporate Object Signing, +// O=Sun Microsystems Inc +// Issuer: CN=Object Signing CA, +// OU=Class 2 OnSite Subscriber CA, +// OU=VeriSign Trust Network, +// O=Sun Microsystems Inc +// Serial: 47:f4:55:f1:da:4a:5e:f9:e3:f7:a8:03:62:17:c0:ff +-----BEGIN CERTIFICATE----- +MIIFdjCCBF6gAwIBAgIQR/RV8dpKXvnj96gDYhfA/zANBgkqhkiG9w0BAQUFADCB +gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT +aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj +cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDEyOTAw +MDAwMFoXDTEyMDEyOTIzNTk1OVowfDEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt +cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE +CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEXMBUGA1UEAxQOSmF2YUZYIFJ1bnRp +bWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIzd0fAk8mI9ONc6RJ +aGieioK2FLdXEwj8zL3vdGDVmBwyR1zwYkaOIFFgF9IW/8qc4iAYA5sGUY+0g8q3 +5DuYAxfTzBB5KdaYvbuq6GGnoHIWmTirXY+1friFp8lyXSvtuEaGB1VHaBoZchEg +k+UgeVDA43dHwcT1Ov3DePczJRUes8T/QHzLX+BxUDG43vjyncCEO/AjqLZxXEz2 +xrNbKLcH3lGMJK7hdbfssUfF5BjC38Hn71HauYlA43b2no+2y0Sjulwzez2YPbDC +0GLR3TnKtA8dqOrnl5t3DniDbfOBNtBE3VOydJO0XW57Ng1HRXD023nm9ECPY2xp +0N/pAgMBAAGjggHqMIIB5jAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDB/BgNV +HR8EeDB2MHSgcqBwhm5odHRwOi8vb25zaXRlY3JsLnZlcmlzaWduLmNvbS9TdW5N +aWNyb3N5c3RlbXNJbmNDb3Jwb3JhdGVPYmplY3RTaWduaW5nSmF2YVNpZ25lZEV4 +dGVuc2lvbnNDbGFzc0IvTGF0ZXN0Q1JMLmNybDAfBgNVHSMEGDAWgBSzRyuCflO0 +c8q4uxm3voFNB5XH7TAdBgNVHQ4EFgQUvOdd0cKPj+Yik/iOBwTdphh5A+gwOwYI +KwYBBQUHAQEELzAtMCsGCCsGAQUFBzABhh9odHRwOi8vb25zaXRlLW9jc3AudmVy +aXNpZ24uY29tMIG1BgNVHSAEga0wgaowOQYLYIZIAYb4RQEHFwIwKjAoBggrBgEF +BQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTBtBgtghkgBhvcAg32c +PzBeMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5zdW4uY29tL3BraS9jcHMwMwYI +KwYBBQUHAgIwJxolVmFsaWRhdGVkIEZvciBTdW4gQnVzaW5lc3MgT3BlcmF0aW9u +czATBgNVHSUEDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQUFAAOCAQEAbGcf2NjL +AI93HG6ny2BbepaZA1a8xa/R6uUc7xV+Qw6MgLwFD4Q4i6LWUztQDvg9l68MM2/i +Y9LEi1KM4lcNbK5+D+t9x98wXBiuojXhVdp5ZmC03EyEBbriopdBsmXVLDSu/Y3+ +zowOO5xwpMK3dbgsSDs2Vt0UosD3FTcRaD3GNfOhXMp+o1grHNiXF9YgkmdQbPPZ +DQ2KBhFPCRJXBGvyKOqno/DTg0sQ3crGH/C4/4t7mnQXWldZotmJUZ0ONc9oD+Q1 +JAaguUKqIwn9yZ093ie+JWHbYNid9IIIPXYgtRxmf9a376WBhqhu56uJftBJ7x9g +eQ7Lot6CSWCiFw== +-----END CERTIFICATE----- + +// Subject: CN=Solaris INTERNAL DEVELOPMENT USE ONLY, +// OU=Solaris Cryptographic Framework, +// OU=Corporate Object Signing, +// O=Sun Microsystems Inc +// Issuer: CN=Object Signing CA, +// OU=Class 2 OnSite Subscriber CA, +// OU=VeriSign Trust Network, +// O=Sun Microsystems Inc +// Serial: 77:29:77:52:6a:19:7b:9a:a6:a2:c7:99:a0:e1:cd:8c +-----BEGIN CERTIFICATE----- +MIIFHjCCBAagAwIBAgIQdyl3UmoZe5qmoseZoOHNjDANBgkqhkiG9w0BAQUFADCB +gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT +aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj +cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA3MDEwNDAw +MDAwMFoXDTEwMDEwMzIzNTk1OVowgZwxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl +bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxKDAmBgNV +BAsUH1NvbGFyaXMgQ3J5cHRvZ3JhcGhpYyBGcmFtZXdvcmsxLjAsBgNVBAMUJVNv +bGFyaXMgSU5URVJOQUwgREVWRUxPUE1FTlQgVVNFIE9OTFkwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBALbNU4hf3mD5ArDI9pjgioAyvV3bjMPRQdCZniIeGJBp +odFlSEH+Mh64W1DsY8coeZ7FvvGJkx9IpTMJW9k8w1oJK9UNqHyAQfaYjQyXi3xQ +LJp62EvYdGfDlwOZejEcR/MbzZG+GOPMMvQj5+xyFDvLXNGfQNTnxw2qnBgCJXjj +AgMBAAGjggH1MIIB8TAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDCBiQYDVR0f +BIGBMH8wfaB7oHmGd2h0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1N1bk1p +Y3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdTb2xhcmlzQ3J5cHRv +Z3JhcGhpY0ZyYW1ld29ya0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaA +FLNHK4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBRpfiGYkehTnsIzuN2H6AFb +VCZG8jA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUt +b2NzcC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAq +MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CG +SAGG9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtp +L2NwczAzBggrBgEFBQcCAjAnFiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBP +cGVyYXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IB +AQCG5soy3LFHTFbA8/5SzDRhQoJkHUnOP0t3b6nvX6vZYRp649fje7TQOPRm1pFd +CZ17J+tggdZwgzTqY4aYpJ00jZaK6pV37q/vgFC/ia6jDs8Q+ly9cEcadBZ5loYg +cmxp9p57W2MNWx8VA8oFdNtKfF0jUNXbLNtvwGHmgR6YcwLrGN1b6/9Lt9bO3ODl +FO+ZDwkfQz5ClUVrTx2dGBvKRYFqSG5S8JAfsgYhPvcacUQkA7ExyKvfRXLWVrce +ZiPpcElbx+819H2sAPvVvparVeAruZGMAtejHZp9NFoowKen5drJp9VxePS4eM49 +3DepB6lKRrNRw66LNQol4ZBz +-----END CERTIFICATE----- + +// Subject: EMAILADDRESS=info@diginotar.nl, CN=DigiNotar Cyber CA, +// O=DigiNotar, C=NL +// Issuer: CN=GTE CyberTrust Global Root, +// OU=GTE CyberTrust Solutions, Inc., +// O=GTE Corporation, +// C=US +// Serial: 120000525 (07:27:10:0D) +-----BEGIN CERTIFICATE----- +MIIFWjCCBMOgAwIBAgIEBycQDTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV +UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU +cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds +b2JhbCBSb290MB4XDTA2MTAwNDEwNTQxMVoXDTExMTAwNDEwNTMxMVowYDELMAkG +A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy +IEN5YmVyIENBMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P8 +9DS5+SxD52ATPXrjss87Z2yQrcC5P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXy +XUte0dmHutZ9fPXOMp8QM8WxSrtekTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCI +A6U/i5kTYUO1m4Kz7iBvz6FEouova0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpc +SQhdvd5wQbEPyWNr0380dAIvNFp4dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtB +pcmM5r3qSLYFFgizNxJa92E89zhvLpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2V +VgIKgmCyc0XgMyZRdJq51FAc9k1bW1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJ +NEH3gW8/nsl8dVWw58Gzd+jDxAA1lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6 +uc8kpmp/3mQiRFhogmoQ+T3lPhu5vfwi9GAEibtVbShV+t6OjRshFNc3izR7Tfay +shDPM7F9HGKZSMsrbHaWVb8ZDR0fu2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0 +fc1zvrPtTsHR7VJej/e4142HrbLZG1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kU +xbHuWUOV36toKDA/AgMBAAGjggGGMIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMG +A1UdIARMMEowSAYJKwYBBAGxPgEAMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cu +cHVibGljLXRydXN0LmNvbS9DUFMvT21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMC +AQYwgaAGA1UdIwSBmDCBlYAUpgwdn2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJ +BgNVBAYTAlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdU +RSBDeWJlclRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVy +VHJ1c3QgR2xvYmFsIFJvb3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93 +d3cucHVibGljLXRydXN0LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYD +VR0OBBYEFKv5aN/PSjfXe0WMX3LeQETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9o +a6VbB7pEZg4cqFwwezPkCiYE/O+eGjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4 +BJ98UAHV42mv7xXSRZskCSpmBU8lgcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE +9r1TgSOWPbT6MopTZkQloiXGpjwljPDgKAYityZB +-----END CERTIFICATE----- + +// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL +// Issuer: CN=GTE CyberTrust Global Root, +// OU=GTE CyberTrust Solutions, Inc., +// O=GTE Corporation, +// C=US +// Serial: 120000505 (07:27:0F:F9) +-----BEGIN CERTIFICATE----- +MIIFODCCBKGgAwIBAgIEBycP+TANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV +UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU +cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds +b2JhbCBSb290MB4XDTA2MDkyMDA5NDUzMloXDTEzMDkyMDA5NDQwNlowPjELMAkG +A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy +IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o +XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S +tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7 +24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp +naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj +9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu +LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU +Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk +vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6 +3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt +eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4 +iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB +/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC +ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s +MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV +jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv +bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD +VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6 +oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw +MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI +hvcNAQEFBQADgYEACcpiD427SuDUejUrBi3RKGG2rAH7g0m8rtQvLYauGYOl1h0T +4he+/jJ06XoUOMqUXvcpAWlxG5Ea/aO7qh3Ke+IW/aGjDvMMX7LhIDGUK16Sdu36 +6bUjpr8KOwOpb1JgVM1f6bcvfKIn/UGDdbYN+3gm87FF6TKVKho1IZXFonU= +-----END CERTIFICATE----- + +// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL +// Issuer: CN=GTE CyberTrust Global Root, +// OU=GTE CyberTrust Solutions, Inc., +// O=GTE Corporation, +// C=US +// Serial: 120000515 (07:27:10:03) +-----BEGIN CERTIFICATE----- +MIIFODCCBKGgAwIBAgIEBycQAzANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV +UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU +cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds +b2JhbCBSb290MB4XDTA2MDkyNzEwNTMzMloXDTExMDkyNzEwNTIzMFowPjELMAkG +A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy +IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o +XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S +tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7 +24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp +naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj +9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu +LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU +Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk +vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6 +3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt +eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4 +iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB +/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC +ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s +MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV +jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv +bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD +VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6 +oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw +MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI +hvcNAQEFBQADgYEAWcyGZhizJlRP1jjNupZey+yZG6oMDW4Z11boriMHbYPCndBE +bVh07zmPbZsihOw9w/vm5KbVX5CgxUv4Rhzh/20Faixf3P3bpWg0qgzHVVusNVR/ +P50aKkpdK3hp+QLl56e+lWOddSAINIpmcuyDI1hyuzB+GJEASm9tNU/6rs8= +-----END CERTIFICATE----- + +// Subject: EMAILADDRESS=info@diginotar.nl, +// CN=DigiNotar Root CA, +// O=DigiNotar, C=NL +// Issuer: CN=Entrust.net Secure Server Certification Authority +// OU=(c) 1999 Entrust.net Limited, +// OU=www.entrust.net/CPS incorp. by ref. (limits liab.), +// O=Entrust.net, +// C=US, +// Serial: 1184644297 (46:9C:3C:C9) +-----BEGIN CERTIFICATE----- +MIIFSDCCBLGgAwIBAgIERpw8yTANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC +VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u +ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc +KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u +ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA0 +MjYwNTAwMDBaFw0xMzA4MTQyMDEyMzZaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK +EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI +hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt +OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx +hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7 +gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D +IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T +BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs +Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8 +5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf +DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX +9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e +7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj +ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB +BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF +BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD +VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy +bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G +A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob +BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAI979rBep8tu3TeLunapgsZ0jtXp +GDFjKWSk87dj1jCyYi+q/GyDyZ6ZQZNRP0sF+6twscq05lClWNy3TROMp7QeuoLO +G7Utw3OJaswUtp4YglANMRTHEe3g9ltifUXRH5tSuy7u6yi4LD4WTm5ULP6r/g6l +0CnjXYb0+b1Fmz6U +-----END CERTIFICATE----- + +// Subject: EMAILADDRESS=info@diginotar.nl, +// CN=DigiNotar Root CA, +// O=DigiNotar, C=NL +// Issuer: CN=Entrust.net Secure Server Certification Authority +// OU=(c) 1999 Entrust.net Limited, +// OU=www.entrust.net/CPS incorp. by ref. (limits liab.), +// O=Entrust.net, +// C=US, +// Serial: 1184640175 (46:9C:2C:AF) +-----BEGIN CERTIFICATE----- +MIIFSDCCBLGgAwIBAgIERpwsrzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC +VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u +ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc +KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u +ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3 +MjYxNTU3MzlaFw0xMzA4MjYxNjI3MzlaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK +EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI +hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt +OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx +hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7 +gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D +IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T +BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs +Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8 +5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf +DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX +9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e +7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj +ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB +BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF +BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD +VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy +bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G +A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob +BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAEa6RcDNcEIGUlkDJUY/pWTds4zh +xbVkp3wSmpwPFhx5fxTyF4HD2L60jl3aqjTB7gPpsL2Pk5QZlNsi3t4UkCV70UOd +ueJRN3o/LOtk4+bjXY2lC0qTHbN80VMLqPjmaf9ghSA9hwhskdtMgRsgfd90q5QP +ZFdYf+hthc3m6IcJ +-----END CERTIFICATE----- + +// Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2, +// O=DigiNotar B.V., +// C=NL +// Issuer: CN=Staat der Nederlanden Organisatie CA - G2, +// O=Staat der Nederlanden, +// C=NL +// Serial: 20001983 (01:31:34:bf) +-----BEGIN CERTIFICATE----- +MIIGnDCCBISgAwIBAgIEATE0vzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJO +TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTIwMAYDVQQDDClTdGFh +dCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xMDA1MTIw +ODUxMzhaFw0yMDAzMjMwOTUwMDRaMFoxCzAJBgNVBAYTAk5MMRcwFQYDVQQKDA5E +aWdpTm90YXIgQi5WLjEyMDAGA1UEAwwpRGlnaU5vdGFyIFBLSW92ZXJoZWlkIENB +IE9yZ2FuaXNhdGllIC0gRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC +AQCxExkPJ+Zs1FWGS9DsiYpFkXisR71HK+T8RetPtCZzWzfTw3/2497Xo/gtaMUI +PkuU1uSHJTZrhLUYdPMoWHMvm2rPvAQe9t7dr/xLqvXbZmIlASWC3vKXWhBu3V2p +IrEEqSNzOvhxrR3PhETrR9Gvbch8KKvH8jd6dF9fxQIUiqNa4xtsAeNdjtlo1vQJ +GzLckbUs9SDrjANtJkm4k8SFXdjSm69WaswFM8ygQp40VUSca6DUEtArVM23iQ3l +9uvo+4UBM096a/GdcjOWDveyhKWlJ8Qn8VFzKXe6Z27+TNy04qGhgS85SY1DOBPO +0KVcwoc6AGdlQiPxNlkKHaNRyLyjlCox3+M88p0aPASw77EKMBNzttfzo0wBdRSF +eMDXijlYhVD6LubFvs+LP6+PNtQlCS3SD6xyk/K/i9RQs/kVUJuZ9RTZ+4uRozIm +JqD43ztggYaDeVsr6xM9KTrBbd29no6H1kquNJcF7hSm9tw4fkrpJFQHPZdoN0Zr +DceoIa8TVOQJavFNRgrJXfubT73e+7dUy7g4nKc5+2otwHuNq6WnV+xKkoozxeEg +XHPYkJIrgNUPhhhpfDlPhIa890xb89W0yqDC8DciynlSH1PmqvOQsDvd8ij9rOvF +BiSgydQvD1j9tZ7sD8+yWdCiBHo4aq5y+73wJWKUCacFCwIDAQABo4IBYTCCAV0w +SAYDVR0gBEEwPzA9BgRVHSAAMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZGln +aW5vdGFyLm5sL2Nwcy9wa2lvdmVyaGVpZDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud +DwEB/wQEAwIBBjCBhQYDVR0jBH4wfIAUORCLSZJc22ESIM1JnRqO2pxnQLmhXqRc +MFoxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4x +KzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzKCBACY +lvQwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9E +b21PcmdhbmlzYXRpZUxhdGVzdENSTC1HMi5jcmwwHQYDVR0OBBYEFLxdlDvZq3sD +JXNhwtst7vyrj2WhMA0GCSqGSIb3DQEBCwUAA4ICAQCP/C1Mt9kt1R+978v0t2gX +dZ1O1ffdnPEqJu2forYcA9VTs+wIzzTi48P0tRYvyMO+19NzqwA2+RpKftZj6V5G +uqW2jhW3oyrYQx3vXcgfgYWzi/f/PPTZ9EYIP5y8HaDZqEzNJVJOCrEg9x/pQ9lU +RoETmsBedGwqmDLq/He7DaWiMZgifnx859qkrey3LhoZcfhIUNpDjyyE3cFAJ+O1 +8BVOltT4XOOGKUYr1zsH6zh/yIZXl9PvKjPEF1DVZGlrK2tFXl0vF8paTs/D1zk8 +9TufRrmb5w5Jl53W1eMbD+qPAU6aE5RZCgIHSEsaYKt/T+0L2FUNaG9VnGllFULs +wNzdbKzDFs4LHVabpMTE0i7gD+JEJytQaaTcYuiKISlCbMwAOpZ2m+9AwKRed4Qy +bCYqOWauXeO5ubIsaB8empADOfCqs6TMSYsYNOk3yXspx4R8b0QVL+xhWQTJRcui +1lKifH8pktZKxYtCqNT+6tjHhyMY5J16fXNAUpigrm7jBT8FD+Clxm1N7YM3iJzH +89xCmmq21yFJNnfy7xhPxXDZnunetyuL9Lx+KN8NQMmFXK6dxTH/0FwOtah+8Okv +uq+IruW10Vilr5xxpykBkINpN4IFuvwJwQhujHg7wzMCgD9EhQgd31VWCK0shS1d +sQPhrqp0xaTzTro3mHuCuQ== +-----END CERTIFICATE----- + +// Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven, +// O=DigiNotar B.V., +// C=NL +// Issuer: CN=Staat der Nederlanden Overheid CA +// O=Staat der Nederlanden, +// C=NL +// Serial: 20015536 (01:31:69:b0) +-----BEGIN CERTIFICATE----- +MIIEiDCCA3CgAwIBAgIEATFpsDANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO +TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh +dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDcwNzA1MDg0MjA3WhcN +MTUwNzI3MDgzOTQ2WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy +IEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp +ZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc +vdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6HVcg+uwQ5 +AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalkLU3DL7nn +UNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rmMgeUVAVT +Q+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ/aB2jKx+ +ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC36esgl3H +aLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0GBFUdIAAw +NTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3BzL3BraW92 +ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGABgNVHSME +eTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMCTkwxHjAc +BgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3RhYXQgZGVy +IE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCgLoYsaHR0 +cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmwwHQYDVR0O +BBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IBAQAMlIca +v03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+mriXiRWsi +D7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X5HNhIxMm +cUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZhzizDXMU +5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro5Ij76eUv +BjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkegllYOQJBR +RKwa/fHuhR/3Qlpl +-----END CERTIFICATE----- + +// Subject: CN=DigiNotar PKIoverheid CA Overheid +// O=DigiNotar B.V., +// C=NL +// Issuer: CN=Staat der Nederlanden Overheid CA +// O=Staat der Nederlanden, +// C=NL +// Serial: 20006006 (01:31:44:76) +-----BEGIN CERTIFICATE----- +MIIEezCCA2OgAwIBAgIEATFEdjANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO +TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh +dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDQwNjI0MDgxOTMyWhcN +MTAwNjIzMDgxNzM2WjBSMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy +IEIuVi4xKjAoBgNVBAMTIURpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp +ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSlrubta5tlOjVCi/gb +yLCvRqfBjxG8H594VcKHu0WAYc99SPZF9cycj5mw2GyfQvy/WIrGrL4iyNq1gSqR +0QA/mTXKZIaPqzpDhdm+VvrKkmjrbZfaQxgMSs3ChtBsjcP9Lc0X1zXZ4Q8nBe3k +BTp+zehINfmbjoEgXLxsMR5RQ6GxzKjuC04PQpbJQgTIakglKaqYcDDZbEscWgPV +Hgj/2aoHlj6leW/ThHZ+O41jUguEmBLZA3mu3HrCfrHntb5dPt0ihzSx7GtD/SaX +5HBLxnP189YuqMk5iRA95CtiSdKauvon/xRKRLNgG6XAz0ctSoY7xLDdiBVU5kJd +FScCAwEAAaOCAVAwggFMMEgGA1UdIARBMD8wPQYEVR0gADA1MDMGCCsGAQUFBwIB +FidodHRwOi8vd3d3LmRpZ2lub3Rhci5ubC9jcHMvcGtpb3ZlcmhlaWQwDwYDVR0T +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgYAGA1UdIwR5MHeAFAuG1g93o2ix ++2QJw4huXAQcV+k9oVmkVzBVMQswCQYDVQQGEwJOTDEeMBwGA1UEChMVU3RhYXQg +ZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFhdCBkZXIgTmVkZXJsYW5kZW4g +Um9vdCBDQYIEAJiaeTA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnBraW92 +ZXJoZWlkLm5sL0RvbU92TGF0ZXN0Q1JMLmNybDAdBgNVHQ4EFgQUvRaYQh2+kdE9 +wpcl4CjXWOC1f+IwDQYJKoZIhvcNAQEFBQADggEBAGhQsCWLiaN2EOhPAW+JQP6o +XBOrLv5w6joahzBFVn1BiefzmlMKjibqKYxURRvMAsMkh82/MfL8V0w6ugxl81lu +i42dcxl9cKSVXKMw4bbBzJ2VQI5HTIABwefeNuy/eX6idVwYdt3ajAH7fUA8Q9Cq +vr6H8B+8mwoEqTVTEVlCSsC/EXsokYEUr06PPzRudKjDmijgj7zFaIioZNc8hk7g +ufEgrs/tmcNGylrwRHgCXjCRBt2NHlZ08l7A1AGU8HcHlSbG9Un/2q9kVHUkps0D +gtUaEK+x6jpAu/R8Ojezu/+ZEcwwjI/KOhG+84+ejFmtyEkrUdsAdEdLf/2dKsw= +-----END CERTIFICATE----- + +// Subject: EMAILADDRESS=info@diginotar.nl, +// CN=DigiNotar Services 1024 CA +// O=DigiNotar, C=NL +// Issuer: CN=Entrust.net Secure Server Certification Authority, +// OU=(c) 1999 Entrust.net Limited, +// OU=www.entrust.net/CPS incorp. by ref. (limits liab.), +// O=Entrust.net, +// C=US +// Serial: 1184640176 (46:9c:2c:b0) +-----BEGIN CERTIFICATE----- +MIIDzTCCAzagAwIBAgIERpwssDANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC +VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u +ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc +KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u +ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3 +MjYxNTU5MDBaFw0xMzA4MjYxNjI5MDBaMGgxCzAJBgNVBAYTAk5MMRIwEAYDVQQK +EwlEaWdpTm90YXIxIzAhBgNVBAMTGkRpZ2lOb3RhciBTZXJ2aWNlcyAxMDI0IENB +MSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCBnzANBgkqhkiG9w0B +AQEFAAOBjQAwgYkCgYEA2ptNXTz50eKLxsYIIMXZHkjsZlhneWIrQWP0iY1o2q+4 +lDaLGSSkoJPSmQ+yrS01Tc0vauH5mxkrvAQafi09UmTN8T5nD4ku6PJPrqYIoYX+ +oakJ5sarPkP8r3oDkdqmOaZh7phPGKjTs69mgumfvN1y+QYEvRLZGCTnq5NTi1kC +AwEAAaOCASYwggEiMBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYB +BQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwMwYI +KwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l +dDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L3NlcnZl +cjEuY3JsMB0GA1UdDgQWBBT+3JRJDG/vXH/G8RKZTxZJrfuCZTALBgNVHQ8EBAMC +AQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowGQYJKoZIhvZ9B0EA +BAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEFBQADgYEAY3RqN6k/lpxmyFisCcnv +9WWUf6MCxDgxvV0jh+zUVrLJsm7kBQb87PX6iHBZ1O7m3bV6oKNgLwIMq94SXa/w +NUuqikeRGvWFLELHHe+VQ7NeuJWTpdrFKKqtci0xrZlrbP+MISevrZqRK8fdWMNu +B8WfedLHjFW/TMcnXlEWKz4= +-----END CERTIFICATE----- + +// Subject: CN=Buster Paper Comercial Ltda, +// O=Buster Paper Comercial Ltda, +// L=S?o Jos? Dos Campos, +// ST=S?o Paulo, +// C=BR +// Issuer: CN=DigiCert Assured ID Code Signing CA-1, +// OU=www.digicert.com, +// O=DigiCert Inc, +// C=US +// Serial: 07:b4:4c:db:ff:fb:78:de:05:f4:26:16:72:a6:73:12 +-----BEGIN CERTIFICATE----- +MIIGwzCCBaugAwIBAgIQB7RM2//7eN4F9CYWcqZzEjANBgkqhkiG9w0BAQUFADBv +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv +ZGUgU2lnbmluZyBDQS0xMB4XDTEzMDExNzAwMDAwMFoXDTE0MDEyMjEyMDAwMFow +gY4xCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMR4wHAYDVQQHDBVT +w6NvIEpvc8OpIERvcyBDYW1wb3MxJDAiBgNVBAoTG0J1c3RlciBQYXBlciBDb21l +cmNpYWwgTHRkYTEkMCIGA1UEAxMbQnVzdGVyIFBhcGVyIENvbWVyY2lhbCBMdGRh +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO0l6jWIpEfO2oUpVHpL +HETj5lzivNb0S9jKHgGJax917czh81PnGTxwxFXd6gLJuy/XFHvmiSi8g8jzlymn +2Ji5zQ3CPaz7nomJokSUDlMVJ2qYWtctw4jrdjuI4qtn+koXXUFkWjkf8h8251I4 +tUs7S49HE2Go5owCYP3byajj7fsFAYR/Xb7TdVtndkZsUB/YgOjHovyACjouaNCi +mDiRyQ6zLLjZGiyeD65Yiseuhp5b8/BL5h1p7w76QYMYMVQNAdtDKut2R8MBpuWf +Ny7Eoi0x/gm1p9X5Rcl5aN7K0G4UtTAJKbkuUfXddsyFoM0Nx8uo8SgNQ8Y/X5Jx +BwIDAQABo4IDOTCCAzUwHwYDVR0jBBgwFoAUe2jOKarAF75JeuHlP9an90WPNTIw +HQYDVR0OBBYEFFLZ3n5nt/Eer7n1bvtOqMb1qKO5MA4GA1UdDwEB/wQEAwIHgDAT +BgNVHSUEDDAKBggrBgEFBQcDAzBzBgNVHR8EbDBqMDOgMaAvhi1odHRwOi8vY3Js +My5kaWdpY2VydC5jb20vYXNzdXJlZC1jcy0yMDExYS5jcmwwM6AxoC+GLWh0dHA6 +Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9hc3N1cmVkLWNzLTIwMTFhLmNybDCCAcQGA1Ud +IASCAbswggG3MIIBswYJYIZIAYb9bAMBMIIBpDA6BggrBgEFBQcCARYuaHR0cDov +L3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQGCCsG +AQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMAIABD +AGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMAIABh +AGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMAZQBy +AHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkAbgBn +ACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgAIABs +AGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUAIABp +AG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAAcgBl +AGYAZQByAGUAbgBjAGUALjCBggYIKwYBBQUHAQEEdjB0MCQGCCsGAQUFBzABhhho +dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTAYIKwYBBQUHMAKGQGh0dHA6Ly9jYWNl +cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRENvZGVTaWduaW5nQ0Et +MS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPTTQvpOIikXI +hTLnNbajaFRR5GhQpTzUNgBfF9VYSlNw/wMjpGsrh5RxaJCip52jbehmTgjMRhft +jRYyml44PAVsCcR9uEoDpCZYpI1fHI1R+F8jd1C9rqprbSwwOG4xlg4SmvTHYs6e +gBItQ/1p9XY+Sf4Wv1qOuOFL1qvV/5VyR2zdlOQCmKCeMgxt6a/tHLBDiAA67D44 +/vfdoNJl0CU2It0PO60jdCPFNWIRcxL+OSDqAoePeUC7xQ+JsTEIxuUE8+d6w6fc +BV2mYb1flh22t46GLjh4gyo7xw3aL6L0L0jzlTT6IcEw6NIbaPbIKj/npQnHobYj +XMuKLxbh7g== +-----END CERTIFICATE----- + +// Subject: CN=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME, +// O=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME, +// L=S?o Paulo, +// ST=S?o Paulo, +// C=BR +// Issuer: CN=DigiCert Assured ID Code Signing CA-1, +// OU=www.digicert.com, +// O=DigiCert Inc, +// C=US +// Serial: 0a:38:9b:95:ee:73:6d:d1:3b:c0:ed:74:3f:d7:4d:2f +-----BEGIN CERTIFICATE----- +MIIG4DCCBcigAwIBAgIQCjible5zbdE7wO10P9dNLzANBgkqhkiG9w0BAQUFADBv +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv +ZGUgU2lnbmluZyBDQS0xMB4XDTEyMTEwOTAwMDAwMFoXDTEzMTExNDEyMDAwMFow +gasxCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMRMwEQYDVQQHDApT +w6NvIFBhdWxvMTgwNgYDVQQKEy9CVVNURVIgQVNTSVNURU5DSUEgVEVDTklDQSBF +TEVUUk9OSUNBIExUREEgLSBNRTE4MDYGA1UEAxMvQlVTVEVSIEFTU0lTVEVOQ0lB +IFRFQ05JQ0EgRUxFVFJPTklDQSBMVERBIC0gTUUwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQDAqNeEs5/B2CTXGjTOkUIdu6jV6qulOZwdw4sefHWYj1UR +4z6zPk9kjpUgbnb402RFq88QtfInwddZ/wXn9OxMtDd/3TnC7HrhNS7ga79ZFL2V +JnmzKHum2Yvh0q82QEJ9tHBR2X9VdKpUIH08Zs3k6cWWM1H0YX0cxA/HohhesQJW +kwJ3urOIJiH/HeByDk8a1NS8safcCxk5vxvW4WvCg43iT09LeHY5Aa8abKw8lqVb +0tD5ZSIjdmdj3TT1U37iAHLLRM2DXbxfdbhouUX1c5U1ZHAMA67HwjKiseOiDaHj +NUGbC37C+cgbc9VVM/cURD8WvS0Kj6fQv7F2QtJDAgMBAAGjggM5MIIDNTAfBgNV +HSMEGDAWgBR7aM4pqsAXvkl64eU/1qf3RY81MjAdBgNVHQ4EFgQU88EXKAyDsh30 +o9+Gu9a4xUy+FSMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMD +MHMGA1UdHwRsMGowM6AxoC+GLWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9hc3N1 +cmVkLWNzLTIwMTFhLmNybDAzoDGgL4YtaHR0cDovL2NybDQuZGlnaWNlcnQuY29t +L2Fzc3VyZWQtY3MtMjAxMWEuY3JsMIIBxAYDVR0gBIIBuzCCAbcwggGzBglghkgB +hv1sAwEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9z +c2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4A +eQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQA +ZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUA +IABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAA +YQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcA +cgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIA +aQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQA +ZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMIGC +BggrBgEFBQcBAQR2MHQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0 +LmNvbTBMBggrBgEFBQcwAoZAaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp +Z2lDZXJ0QXNzdXJlZElEQ29kZVNpZ25pbmdDQS0xLmNydDAMBgNVHRMBAf8EAjAA +MA0GCSqGSIb3DQEBBQUAA4IBAQAei1QmiXepje8OIfo/WonD4MIXgpPr2dfRaquQ +A8q63OpTRSveyqdQDCSPpDRF/nvO1Y30yksZvIH1tNBsW5LBdxAKN3lFdBlqBwtE +Q3jHc0KVVYRJ0FBaGE/PJHmRajscdAhYIcMPhTga0u0tDK+wOHEq3993dfl6yHjA +XHU2iW5pnk75ZoE39zALD5eKXT8ZXrET5c3XUFJKWA+XuGmdmyzqo0Au49PanBv9 +UlZnabYfqoMArqMS0tGSX4cGgi9/2E+pHG9BX4sFW+ZDumroOA2pxyMWEKjxePEL +zCOfhbsRWdMLYepauaNZOIMZXmFwcrIl0TGMkTAtATz+XmZc +-----END CERTIFICATE----- + +// Subject: CN=CLEARESULT CONSULTING INC., OU=Corporate IT, +// O=CLEARESULT CONSULTING INC., L=Austin, ST=TX, C=US +// Issuer: SERIALNUMBER=07969287, +// CN=Go Daddy Secure Certification Authority, +// OU=http://certificates.godaddy.com/repository, +// O="GoDaddy.com, Inc.", +// L=Scottsdale, +// ST=Arizona, +// C=US +// Serial: 2b:73:43:2a:a8:4f:44 +-----BEGIN CERTIFICATE----- +MIIFYjCCBEqgAwIBAgIHK3NDKqhPRDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE +BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY +BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm +aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5 +IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky +ODcwHhcNMTIwMjE1MjEwOTA2WhcNMTQwMjE1MjEwOTA2WjCBjDELMAkGA1UEBgwC +VVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4xIzAhBgNVBAoMGkNMRUFS +RVNVTFQgQ09OU1VMVElORyBJTkMuMRUwEwYDVQQLDAxDb3Jwb3JhdGUgSVQxIzAh +BgNVBAMMGkNMRUFSRVNVTFQgQ09OU1VMVElORyBJTkMuMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAtIOjCKeAicull+7ZIzt0/4ya3IeXUFlfypqKMLkU +IbKjn0P5uMj6VE3rlbZr44RCegxvdnR6umBh1c0ZXoN3o+yc0JKcKcLiApmJJ277 +p7IbLwYDhBXRQNoIJm187IOMRPIxsKN4hL91txn9jGBmW+9zKlJlNhR5R7vjwU2E +jrH/6oqsc9EM2yYpfjlNv6+3jSwAYZCkSWr+27PQOV+YHKmIxtJjX0upFz5FdIrV +9CCX+L2Kji1THOkSgG4QTbYxmEcHqGViWz8hXLeNXjcbEsPuIiAu3hknxRHfUTE/ +U0Lh0Ug1e3LrJu+WnxM2SmUY4krsZ22c0yWUW9hzWITIjQIDAQABo4IBhzCCAYMw +DwYDVR0TAQH/BAUwAwEBADATBgNVHSUEDDAKBggrBgEFBQcDAzAOBgNVHQ8BAf8E +BAMCB4AwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5LmNvbS9n +ZHM1LTE2LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcCMDkwNwYIKwYBBQUH +AgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8w +gYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRk +eS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHku +Y29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSMEGDAWgBT9 +rGEyk2xF1uLuhV+auud2mWjM5zAdBgNVHQ4EFgQUDtdeKqeN2QkcbEp1HovFieNB +XiowDQYJKoZIhvcNAQEFBQADggEBAD74Agw5tvi2aBl4/f/s7/VE/BClzDsKMb9K +v9qpeC45ZA/jelxV11HKbQnVF194gDb7D2H9OsAsRUy8HVKbXEcc/8dKvwOqb+BC +2i/EmfjLgmCfezNFtLq8xcPxF3zIRc44vPrK0z4YZsaHdH+yTEJ51p5EMdTqaLaP +4n5m8LX3RfqlQB9dYFe6dUoYZjKm9d/pIRww3VqfOzjl42Edi1w6dWmBVMx1NZuR +DBabJH1vJ9Gd+KwxMCmBZ6pQPl28JDimhJhI2LNqU349uADQVV0HJosddN/ARyyI +LSIQO7BnNVKVG9Iujf33bvPNeg0qNz5qw+rKKq97Pqeum+L5oKU= +-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/make/gendata/GendataBlacklistedCerts.gmk Thu Jul 10 12:40:48 2014 -0700 @@ -0,0 +1,36 @@ +# +# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. Oracle designates this +# particular file as subject to the "Classpath" exception as provided +# by Oracle in the LICENSE file that accompanied this code. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA +# or visit www.oracle.com if you need additional information or have any +# questions. +# + +GENDATA_BLACKLISTED_CERTS_SRC := $(JDK_TOPDIR)/make/data/blacklistedcertsconverter/blacklisted.certs.pem +GENDATA_BLACKLISTED_CERTS := $(JDK_OUTPUTDIR)/lib/security/blacklisted.certs + +ifndef OPENJDK + GENDATA_BLACKLISTED_CERTS_SRC += $(wildcard $(JDK_TOPDIR)/make/closed/data/blacklistedcertsconverter/blacklisted.certs.pem) +endif + +$(GENDATA_BLACKLISTED_CERTS): $(BUILD_TOOLS) $(GENDATA_BLACKLISTED_CERTS_SRC) + $(ECHO) "Generating blacklisted certs" + $(MKDIR) -p $(@D) + ($(CAT) $(GENDATA_BLACKLISTED_CERTS_SRC) | $(TOOL_BLACKLISTED_CERTS) > $@) || exit 1
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/make/src/classes/build/tools/blacklistedcertsconverter/BlacklistedCertsConverter.java Thu Jul 10 12:40:48 2014 -0700 @@ -0,0 +1,111 @@ +/* + * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package build.tools.blacklistedcertsconverter; + +import java.security.MessageDigest; +import java.security.cert.Certificate; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.Collection; +import java.util.Set; +import java.util.TreeSet; + + +/** + * Converts blacklisted.certs.pem from System.in to blacklisted.certs in + * System.out. The input must start with a #! line including the fingerprint + * algorithm. The output is sorted and unique. + */ +public class BlacklistedCertsConverter { + + public static void main(String[] args) throws Exception { + + byte[] pattern = "#! java BlacklistedCertsConverter ".getBytes(); + String mdAlg = ""; + + for (int i=0; ; i++) { + int n = System.in.read(); + if (n < 0) { + throw new Exception("Unexpected EOF"); + } + if (i < pattern.length) { + if (n != pattern[i]) { + throw new Exception("The first line must start with \"" + + new String(pattern) + "\""); + } + } else if (i < pattern.length + 100) { + if (n < 32) { + break; + } else { + mdAlg = mdAlg + String.format("%c", n); + } + } + } + + mdAlg = mdAlg.trim(); + System.out.println("Algorithm=" + mdAlg); + + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + Collection<? extends Certificate> certs + = cf.generateCertificates(System.in); + + // Output sorted so that it's easy to locate an entry. + Set<String> fingerprints = new TreeSet<>(); + for (Certificate cert: certs) { + fingerprints.add( + getCertificateFingerPrint(mdAlg, (X509Certificate)cert)); + } + + for (String s: fingerprints) { + System.out.println(s); + } + } + + /** + * Converts a byte to hex digit and writes to the supplied buffer + */ + private static void byte2hex(byte b, StringBuffer buf) { + char[] hexChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8', + '9', 'A', 'B', 'C', 'D', 'E', 'F' }; + int high = ((b & 0xf0) >> 4); + int low = (b & 0x0f); + buf.append(hexChars[high]); + buf.append(hexChars[low]); + } + + /** + * Gets the requested finger print of the certificate. + */ + private static String getCertificateFingerPrint( + String mdAlg, X509Certificate cert) throws Exception { + byte[] encCertInfo = cert.getEncoded(); + MessageDigest md = MessageDigest.getInstance(mdAlg); + byte[] digest = md.digest(encCertInfo); + StringBuffer buf = new StringBuffer(); + for (int i = 0; i < digest.length; i++) { + byte2hex(digest[i], buf); + } + return buf.toString(); + } +}
--- a/jdk/src/share/classes/com/sun/crypto/provider/JceKeyStore.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/JceKeyStore.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -107,7 +107,7 @@ { Key key = null; - Object entry = entries.get(alias.toLowerCase()); + Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH)); if (!((entry instanceof PrivateKeyEntry) || (entry instanceof SecretKeyEntry))) { @@ -150,7 +150,7 @@ { Certificate[] chain = null; - Object entry = entries.get(alias.toLowerCase()); + Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH)); if ((entry instanceof PrivateKeyEntry) && (((PrivateKeyEntry)entry).chain != null)) { @@ -178,7 +178,7 @@ public Certificate engineGetCertificate(String alias) { Certificate cert = null; - Object entry = entries.get(alias.toLowerCase()); + Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH)); if (entry != null) { if (entry instanceof TrustedCertEntry) { @@ -203,7 +203,7 @@ public Date engineGetCreationDate(String alias) { Date date = null; - Object entry = entries.get(alias.toLowerCase()); + Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH)); if (entry != null) { // We have to create a new instance of java.util.Date because @@ -266,7 +266,7 @@ } // store the entry - entries.put(alias.toLowerCase(), entry); + entries.put(alias.toLowerCase(Locale.ENGLISH), entry); } else { SecretKeyEntry entry = new SecretKeyEntry(); @@ -274,7 +274,7 @@ // seal and store the key entry.sealedKey = keyProtector.seal(key); - entries.put(alias.toLowerCase(), entry); + entries.put(alias.toLowerCase(Locale.ENGLISH), entry); } } catch (Exception e) { @@ -322,7 +322,7 @@ entry.chain = null; } - entries.put(alias.toLowerCase(), entry); + entries.put(alias.toLowerCase(Locale.ENGLISH), entry); } } @@ -345,7 +345,7 @@ { synchronized(entries) { - Object entry = entries.get(alias.toLowerCase()); + Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH)); if (entry != null) { if (entry instanceof PrivateKeyEntry) { throw new KeyStoreException("Cannot overwrite own " @@ -358,7 +358,7 @@ TrustedCertEntry trustedCertEntry = new TrustedCertEntry(); trustedCertEntry.cert = cert; trustedCertEntry.date = new Date(); - entries.put(alias.toLowerCase(), trustedCertEntry); + entries.put(alias.toLowerCase(Locale.ENGLISH), trustedCertEntry); } } @@ -373,7 +373,7 @@ throws KeyStoreException { synchronized(entries) { - entries.remove(alias.toLowerCase()); + entries.remove(alias.toLowerCase(Locale.ENGLISH)); } } @@ -394,7 +394,7 @@ * @return true if the alias exists, false otherwise */ public boolean engineContainsAlias(String alias) { - return entries.containsKey(alias.toLowerCase()); + return entries.containsKey(alias.toLowerCase(Locale.ENGLISH)); } /** @@ -416,7 +416,7 @@ public boolean engineIsKeyEntry(String alias) { boolean isKey = false; - Object entry = entries.get(alias.toLowerCase()); + Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH)); if ((entry instanceof PrivateKeyEntry) || (entry instanceof SecretKeyEntry)) { isKey = true; @@ -434,7 +434,7 @@ */ public boolean engineIsCertificateEntry(String alias) { boolean isCert = false; - Object entry = entries.get(alias.toLowerCase()); + Object entry = entries.get(alias.toLowerCase(Locale.ENGLISH)); if (entry instanceof TrustedCertEntry) { isCert = true; }
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBEKey.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBEKey.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -27,6 +27,7 @@ import java.security.KeyRep; import java.security.spec.InvalidKeySpecException; +import java.util.Locale; import javax.crypto.SecretKey; import javax.crypto.spec.PBEKeySpec; @@ -91,7 +92,7 @@ for (int i = 1; i < this.key.length; i++) { retval += this.key[i] * i; } - return(retval ^= getAlgorithm().toLowerCase().hashCode()); + return(retval ^= getAlgorithm().toLowerCase(Locale.ENGLISH).hashCode()); } public boolean equals(Object obj) {
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBEKeyFactory.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,6 +32,7 @@ import javax.crypto.SecretKeyFactorySpi; import javax.crypto.spec.PBEKeySpec; import java.util.HashSet; +import java.util.Locale; /** * This class implements a key factory for PBE keys according to PKCS#5, @@ -56,24 +57,24 @@ static { validTypes = new HashSet<String>(17); - validTypes.add("PBEWithMD5AndDES".toUpperCase()); - validTypes.add("PBEWithSHA1AndDESede".toUpperCase()); - validTypes.add("PBEWithSHA1AndRC2_40".toUpperCase()); - validTypes.add("PBEWithSHA1AndRC2_128".toUpperCase()); - validTypes.add("PBEWithSHA1AndRC4_40".toUpperCase()); - validTypes.add("PBEWithSHA1AndRC4_128".toUpperCase()); + validTypes.add("PBEWithMD5AndDES".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithSHA1AndDESede".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithSHA1AndRC2_40".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithSHA1AndRC2_128".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithSHA1AndRC4_40".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithSHA1AndRC4_128".toUpperCase(Locale.ENGLISH)); // Proprietary algorithm. - validTypes.add("PBEWithMD5AndTripleDES".toUpperCase()); - validTypes.add("PBEWithHmacSHA1AndAES_128".toUpperCase()); - validTypes.add("PBEWithHmacSHA224AndAES_128".toUpperCase()); - validTypes.add("PBEWithHmacSHA256AndAES_128".toUpperCase()); - validTypes.add("PBEWithHmacSHA384AndAES_128".toUpperCase()); - validTypes.add("PBEWithHmacSHA512AndAES_128".toUpperCase()); - validTypes.add("PBEWithHmacSHA1AndAES_256".toUpperCase()); - validTypes.add("PBEWithHmacSHA224AndAES_256".toUpperCase()); - validTypes.add("PBEWithHmacSHA256AndAES_256".toUpperCase()); - validTypes.add("PBEWithHmacSHA384AndAES_256".toUpperCase()); - validTypes.add("PBEWithHmacSHA512AndAES_256".toUpperCase()); + validTypes.add("PBEWithMD5AndTripleDES".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithHmacSHA1AndAES_128".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithHmacSHA224AndAES_128".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithHmacSHA256AndAES_128".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithHmacSHA384AndAES_128".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithHmacSHA512AndAES_128".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithHmacSHA1AndAES_256".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithHmacSHA224AndAES_256".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithHmacSHA256AndAES_256".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithHmacSHA384AndAES_256".toUpperCase(Locale.ENGLISH)); + validTypes.add("PBEWithHmacSHA512AndAES_256".toUpperCase(Locale.ENGLISH)); } public static final class PBEWithMD5AndDES @@ -237,7 +238,7 @@ protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpecCl) throws InvalidKeySpecException { if ((key instanceof SecretKey) - && (validTypes.contains(key.getAlgorithm().toUpperCase())) + && (validTypes.contains(key.getAlgorithm().toUpperCase(Locale.ENGLISH))) && (key.getFormat().equalsIgnoreCase("RAW"))) { // Check if requested key spec is amongst the valid ones @@ -279,7 +280,7 @@ { try { if ((key != null) && - (validTypes.contains(key.getAlgorithm().toUpperCase())) && + (validTypes.contains(key.getAlgorithm().toUpperCase(Locale.ENGLISH))) && (key.getFormat().equalsIgnoreCase("RAW"))) { // Check if key originates from this factory
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -30,6 +30,7 @@ import java.nio.CharBuffer; import java.nio.charset.Charset; import java.util.Arrays; +import java.util.Locale; import java.security.KeyRep; import java.security.GeneralSecurityException; import java.security.NoSuchAlgorithmException; @@ -143,7 +144,7 @@ @Override public int hashCode() { return Arrays.hashCode(password) * 41 + - prf.getAlgorithm().toLowerCase().hashCode(); + prf.getAlgorithm().toLowerCase(Locale.ENGLISH).hashCode(); } @Override public boolean equals(Object obj) { @@ -221,7 +222,7 @@ for (int i = 1; i < this.key.length; i++) { retval += this.key[i] * i; } - return(retval ^= getAlgorithm().toLowerCase().hashCode()); + return(retval ^= getAlgorithm().toLowerCase(Locale.ENGLISH).hashCode()); } public boolean equals(Object obj) {
--- a/jdk/src/share/classes/com/sun/jndi/ldap/Connection.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/com/sun/jndi/ldap/Connection.java Thu Jul 10 12:40:48 2014 -0700 @@ -111,6 +111,7 @@ private static final boolean debug = false; private static final int dump = 0; // > 0 r, > 1 rw + public static final long DEFAULT_READ_TIMEOUT_MILLIS = 15 * 1000; // 15 second timeout; final private Thread worker; // Initialized in constructor @@ -460,7 +461,7 @@ // available ldr.wait(readTimeout); } else { - ldr.wait(15 * 1000); // 15 second timeout + ldr.wait(DEFAULT_READ_TIMEOUT_MILLIS); } waited = true; } else {
--- a/jdk/src/share/classes/com/sun/security/ntlm/Client.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/com/sun/security/ntlm/Client.java Thu Jul 10 12:40:48 2014 -0700 @@ -46,7 +46,7 @@ final private String hostname; final private String username; - private String domain; // might be updated by Type 2 msg + private String domain; private byte[] pw1, pw2; /** @@ -82,7 +82,7 @@ } this.hostname = hostname; this.username = username; - this.domain = domain; + this.domain = domain == null ? "" : domain; this.pw1 = getP1(password); this.pw2 = getP2(password); debug("NTLM Client: (h,u,t,version(v)) = (%s,%s,%s,%s(%s))\n", @@ -95,19 +95,13 @@ */ public byte[] type1() { Writer p = new Writer(1, 32); - int flags = 0x8203; - if (hostname != null) { - flags |= 0x2000; - } - if (domain != null) { - flags |= 0x1000; - } + // Negotiate always sign, Negotiate NTLM, + // Request Target, Negotiate OEM, Negotiate unicode + int flags = 0x8207; if (v != Version.NTLM) { flags |= 0x80000; } p.writeInt(12, flags); - p.writeSecurityBuffer(24, hostname, false); - p.writeSecurityBuffer(16, domain, false); debug("NTLM Client: Type 1 created\n"); debug(p.getBytes()); return p.getBytes(); @@ -133,13 +127,10 @@ byte[] challenge = r.readBytes(24, 8); int inputFlags = r.readInt(20); boolean unicode = (inputFlags & 1) == 1; - String domainFromServer = r.readSecurityBuffer(12, unicode); - if (domainFromServer != null) { - domain = domainFromServer; - } - if (domain == null) { - domain = ""; - } + + // IE uses domainFromServer to generate an alist if server has not + // provided one. Firefox/WebKit do not. Neither do we. + //String domainFromServer = r.readSecurityBuffer(12, unicode); int flags = 0x88200 | (inputFlags & 3); Writer p = new Writer(3, 64); @@ -163,7 +154,9 @@ if (writeLM) lm = calcV2(nthash, username.toUpperCase(Locale.US)+domain, nonce, challenge); if (writeNTLM) { - byte[] alist = type2.length > 48 ? + // Some client create a alist even if server does not send + // one: (i16)2 (i16)len target_in_unicode (i16)0 (i16) 0 + byte[] alist = ((inputFlags & 0x800000) != 0) ? r.readSecurityBuffer(40) : new byte[0]; byte[] blob = new byte[32+alist.length]; System.arraycopy(new byte[]{1,1,0,0,0,0,0,0}, 0, blob, 0, 8);
--- a/jdk/src/share/classes/com/sun/security/ntlm/Server.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/com/sun/security/ntlm/Server.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,3 +1,4 @@ + /* * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. @@ -92,7 +93,9 @@ debug("NTLM Server: Type 1 received\n"); if (type1 != null) debug(type1); Writer p = new Writer(2, 32); - int flags = 0x80205; + // Negotiate NTLM2 Key, Target Type Domain, + // Negotiate NTLM, Request Target, Negotiate unicode + int flags = 0x90205; p.writeSecurityBuffer(12, domain, true); p.writeInt(20, flags); p.writeBytes(24, nonce); @@ -127,8 +130,9 @@ "Wrong domain: " + incomingDomain + " vs " + domain); // Needed? }*/ + boolean verified = false; - char[] password = getPassword(domain, username); + char[] password = getPassword(incomingDomain, username); if (password == null) { throw new NTLMException(NTLMException.USER_UNKNOWN, "Unknown user"); @@ -179,6 +183,8 @@ } } if (incomingNTLM.length > 0) { + // We didn't sent alist in type2(), so there + // is nothing to check here. byte[] clientBlob = Arrays.copyOfRange( incomingNTLM, 16, incomingNTLM.length); byte[] ntlmresponse = calcV2(nthash,
--- a/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Base.java Thu Jul 10 12:40:48 2014 -0700 @@ -26,11 +26,14 @@ package com.sun.security.sasl.gsskerb; +import java.util.Locale; import java.util.Map; import java.util.logging.Level; import javax.security.sasl.*; import com.sun.security.sasl.util.AbstractSaslImpl; import org.ietf.jgss.*; +import com.sun.security.jgss.ExtendedGSSContext; +import com.sun.security.jgss.InquireType; abstract class GssKrb5Base extends AbstractSaslImpl { @@ -61,6 +64,36 @@ return "GSSAPI"; } + @Override + public Object getNegotiatedProperty(String propName) { + if (!completed) { + throw new IllegalStateException("Authentication incomplete"); + } + String xprefix = "com.sun.security.jgss.inquiretype."; + if (propName.startsWith(xprefix)) { + String type = propName.substring(xprefix.length()); + if (logger.isLoggable(Level.FINEST)) { + logger.logp(Level.FINE, "GssKrb5Base", + "getNegotiatedProperty", propName); + } + for (InquireType t: InquireType.values()) { + if (t.name().toLowerCase(Locale.US).equals(type)) { + try { + return ((ExtendedGSSContext)secCtx).inquireSecContext(t); + } catch (GSSException e) { + if (logger.isLoggable(Level.FINEST)) { + logger.log(Level.WARNING, "inquireSecContext error", e); + } + return null; + } + } + } + // No such InquireType. Although not likely to be defined + // as a property in a parent class, still try it. + } + return super.getNegotiatedProperty(propName); + } + public byte[] unwrap(byte[] incoming, int start, int len) throws SaslException { if (!completed) {
--- a/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMClient.java Thu Jul 10 12:40:48 2014 -0700 @@ -160,9 +160,17 @@ } } try { + String name = ncb.getName(); + if (name == null) { + name = authzid; + } + String domain = dcb.getText(); + if (domain == null) { + domain = serverName; + } client = new Client(version, hostname, - ncb.getName(), - dcb.getText(), + name, + domain, pcb.getPassword()); } catch (NTLMException ne) { throw new SaslException(
--- a/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/com/sun/security/sasl/ntlm/NTLMServer.java Thu Jul 10 12:40:48 2014 -0700 @@ -141,8 +141,10 @@ server = new Server(version, domain) { public char[] getPassword(String ntdomain, String username) { try { - RealmCallback rcb = new RealmCallback( - "Domain: ", ntdomain); + RealmCallback rcb = + (ntdomain == null || ntdomain.isEmpty()) + ? new RealmCallback("Domain: ") + : new RealmCallback("Domain: ", ntdomain); NameCallback ncb = new NameCallback( "Name: ", username); PasswordCallback pcb = new PasswordCallback(
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/src/share/classes/java/awt/font/JavaAWTFontAccessImpl.java Thu Jul 10 12:40:48 2014 -0700 @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package java.awt.font; + +import java.lang.reflect.Field; +import sun.misc.JavaAWTFontAccess; + +class JavaAWTFontAccessImpl implements sun.misc.JavaAWTFontAccess { + + // java.awt.font.TextAttribute constants + public Object getTextAttributeConstant(String name) { + switch (name) { + case "RUN_DIRECTION": + case "NUMERIC_SHAPING": + case "BIDI_EMBEDDING": + case "RUN_DIRECTION_LTR": + try { + Field f = TextAttribute.class.getField(name); + return f.get(null); + } catch (NoSuchFieldException | IllegalAccessException x) { + throw new AssertionError(x); + } + } + + throw new AssertionError("Constant name is not recognized"); + } + + // java.awt.font.NumericShaper + public void shape(Object shaper, char[] text, int start, int count) { + assert shaper instanceof NumericShaper; + ((NumericShaper)shaper).shape(text, start,count); + } + +}
--- a/jdk/src/share/classes/java/awt/font/NumericShaper.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/java/awt/font/NumericShaper.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,6 +31,7 @@ import java.util.Comparator; import java.util.EnumSet; import java.util.Set; +import sun.misc.SharedSecrets; /** * The <code>NumericShaper</code> class is used to convert Latin-1 (European) @@ -134,6 +135,14 @@ */ public final class NumericShaper implements java.io.Serializable { + + // For access from java.text.Bidi + static { + if (SharedSecrets.getJavaAWTFontAccess() == null) { + SharedSecrets.setJavaAWTFontAccess(new JavaAWTFontAccessImpl()); + } + } + /** * A {@code NumericShaper.Range} represents a Unicode range of a * script having its own decimal digits. For example, the {@link
--- a/jdk/src/share/classes/java/awt/font/TextAttribute.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/java/awt/font/TextAttribute.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -44,6 +44,7 @@ import java.text.AttributedCharacterIterator.Attribute; import java.util.Map; import java.util.HashMap; +import sun.misc.SharedSecrets; /** * The <code>TextAttribute</code> class defines attribute keys and @@ -257,6 +258,13 @@ private static final Map<String, TextAttribute> instanceMap = new HashMap<String, TextAttribute>(29); + // For access from java.text.Bidi + static { + if (SharedSecrets.getJavaAWTFontAccess() == null) { + SharedSecrets.setJavaAWTFontAccess(new JavaAWTFontAccessImpl()); + } + } + /** * Constructs a <code>TextAttribute</code> with the specified name. * @param name the attribute name to assign to this
--- a/jdk/src/share/classes/java/lang/Class.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/java/lang/Class.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -130,11 +130,15 @@ } /* - * Constructor. Only the Java Virtual Machine creates Class - * objects. + * Private constructor. Only the Java Virtual Machine creates Class objects. + * This constructor is not used and prevents the default constructor being + * generated. */ - private Class() {} - + private Class(ClassLoader loader) { + // Initialize final field for classLoader. The initialization value of non-null + // prevents future JIT optimizations from assuming this final field is null. + classLoader = loader; + } /** * Converts the object to a string. The string representation is the @@ -677,8 +681,10 @@ } // Package-private to allow ClassLoader access - native ClassLoader getClassLoader0(); - + ClassLoader getClassLoader0() { return classLoader; } + + // Initialized in JVM not by private constructor + private final ClassLoader classLoader; /** * Returns an array of {@code TypeVariable} objects that represent the
--- a/jdk/src/share/classes/java/lang/reflect/AccessibleObject.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/java/lang/reflect/AccessibleObject.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -129,16 +129,24 @@ setAccessible0(this, flag); } - /* Check that you aren't exposing java.lang.Class.<init>. */ + /* Check that you aren't exposing java.lang.Class.<init> or sensitive + fields in java.lang.Class. */ private static void setAccessible0(AccessibleObject obj, boolean flag) throws SecurityException { if (obj instanceof Constructor && flag == true) { Constructor<?> c = (Constructor<?>)obj; if (c.getDeclaringClass() == Class.class) { - throw new SecurityException("Can not make a java.lang.Class" + + throw new SecurityException("Cannot make a java.lang.Class" + " constructor accessible"); } + } else if (obj instanceof Field && flag == true) { + Field f = (Field)obj; + if (f.getDeclaringClass() == Class.class && + f.getName().equals("classLoader")) { + throw new SecurityException("Cannot make java.lang.Class.classLoader" + + " accessible"); + } } obj.override = flag; }
--- a/jdk/src/share/classes/java/net/URL.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/java/net/URL.java Thu Jul 10 12:40:48 2014 -0700 @@ -1071,7 +1071,7 @@ /** * The URLStreamHandler factory. */ - static URLStreamHandlerFactory factory; + private static volatile URLStreamHandlerFactory factory; /** * Sets an application's {@code URLStreamHandlerFactory}. @@ -1106,6 +1106,7 @@ security.checkSetFactory(); } handlers.clear(); + // safe publication of URLStreamHandlerFactory with volatile write factory = fac; } } @@ -1127,9 +1128,11 @@ boolean checkedWithFactory = false; - // Use the factory (if any) - if (factory != null) { - handler = factory.createURLStreamHandler(protocol); + // Use the factory (if any). Volatile read makes + // URLStreamHandlerFactory appear fully initialized to current thread. + URLStreamHandlerFactory fac = factory; + if (fac != null) { + handler = fac.createURLStreamHandler(protocol); checkedWithFactory = true; } @@ -1193,8 +1196,8 @@ // Check with factory if another thread set a // factory since our last check - if (!checkedWithFactory && factory != null) { - handler2 = factory.createURLStreamHandler(protocol); + if (!checkedWithFactory && (fac = factory) != null) { + handler2 = fac.createURLStreamHandler(protocol); } if (handler2 != null) {
--- a/jdk/src/share/classes/java/util/logging/FileHandler.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/java/util/logging/FileHandler.java Thu Jul 10 12:40:48 2014 -0700 @@ -25,6 +25,7 @@ package java.util.logging; +import static java.nio.file.StandardOpenOption.APPEND; import static java.nio.file.StandardOpenOption.CREATE_NEW; import static java.nio.file.StandardOpenOption.WRITE; @@ -34,10 +35,17 @@ import java.io.IOException; import java.io.OutputStream; import java.nio.channels.FileChannel; +import java.nio.channels.OverlappingFileLockException; import java.nio.file.FileAlreadyExistsException; +import java.nio.file.Files; +import java.nio.file.LinkOption; +import java.nio.file.NoSuchFileException; +import java.nio.file.Path; import java.nio.file.Paths; import java.security.AccessController; import java.security.PrivilegedAction; +import java.util.HashSet; +import java.util.Set; /** * Simple file logging <tt>Handler</tt>. @@ -149,7 +157,7 @@ private FileChannel lockFileChannel; private File files[]; private static final int MAX_LOCKS = 100; - private static final java.util.HashMap<String, String> locks = new java.util.HashMap<>(); + private static final Set<String> locks = new HashSet<>(); /** * A metered stream is a subclass of OutputStream that @@ -428,34 +436,80 @@ // between processes (and not within a process), we first check // if we ourself already have the file locked. synchronized(locks) { - if (locks.get(lockFileName) != null) { + if (locks.contains(lockFileName)) { // We already own this lock, for a different FileHandler // object. Try again. continue; } - try { - lockFileChannel = FileChannel.open(Paths.get(lockFileName), - CREATE_NEW, WRITE); - } catch (FileAlreadyExistsException ix) { - // try the next lock file name in the sequence - continue; + final Path lockFilePath = Paths.get(lockFileName); + FileChannel channel = null; + int retries = -1; + boolean fileCreated = false; + while (channel == null && retries++ < 1) { + try { + channel = FileChannel.open(lockFilePath, + CREATE_NEW, WRITE); + fileCreated = true; + } catch (FileAlreadyExistsException ix) { + // This may be a zombie file left over by a previous + // execution. Reuse it - but only if we can actually + // write to its directory. + // Note that this is a situation that may happen, + // but not too frequently. + if (Files.isRegularFile(lockFilePath, LinkOption.NOFOLLOW_LINKS) + && Files.isWritable(lockFilePath.getParent())) { + try { + channel = FileChannel.open(lockFilePath, + WRITE, APPEND); + } catch (NoSuchFileException x) { + // Race condition - retry once, and if that + // fails again just try the next name in + // the sequence. + continue; + } catch(IOException x) { + // the file may not be writable for us. + // try the next name in the sequence + break; + } + } else { + // at this point channel should still be null. + // break and try the next name in the sequence. + break; + } + } } + if (channel == null) continue; // try the next name; + lockFileChannel = channel; + boolean available; try { available = lockFileChannel.tryLock() != null; // We got the lock OK. + // At this point we could call File.deleteOnExit(). + // However, this could have undesirable side effects + // as indicated by JDK-4872014. So we will instead + // rely on the fact that close() will remove the lock + // file and that whoever is creating FileHandlers should + // be responsible for closing them. } catch (IOException ix) { // We got an IOException while trying to get the lock. // This normally indicates that locking is not supported // on the target directory. We have to proceed without - // getting a lock. Drop through. - available = true; + // getting a lock. Drop through, but only if we did + // create the file... + available = fileCreated; + } catch (OverlappingFileLockException x) { + // someone already locked this file in this VM, through + // some other channel - that is - using something else + // than new FileHandler(...); + // continue searching for an available lock. + available = false; } if (available) { // We got the lock. Remember it. - locks.put(lockFileName, lockFileName); + locks.add(lockFileName); break; }
--- a/jdk/src/share/classes/javax/crypto/spec/SecretKeySpec.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/crypto/spec/SecretKeySpec.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,7 @@ package javax.crypto.spec; import java.security.spec.KeySpec; +import java.util.Locale; import javax.crypto.SecretKey; /** @@ -194,7 +195,8 @@ if (this.algorithm.equalsIgnoreCase("TripleDES")) return (retval ^= "desede".hashCode()); else - return (retval ^= this.algorithm.toLowerCase().hashCode()); + return (retval ^= + this.algorithm.toLowerCase(Locale.ENGLISH).hashCode()); } /**
--- a/jdk/src/share/classes/javax/security/sasl/SaslClient.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/security/sasl/SaslClient.java Thu Jul 10 12:40:48 2014 -0700 @@ -204,6 +204,10 @@ * This method can be called only after the authentication exchange has * completed (i.e., when {@code isComplete()} returns true); otherwise, an * {@code IllegalStateException} is thrown. + * <p> + * The {@link Sasl} class includes several well-known property names + * (For example, {@link Sasl#QOP}). A SASL provider can support other + * properties which are specific to the vendor and/or a mechanism. * * @param propName The non-null property name. * @return The value of the negotiated property. If null, the property was
--- a/jdk/src/share/classes/javax/security/sasl/SaslServer.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/security/sasl/SaslServer.java Thu Jul 10 12:40:48 2014 -0700 @@ -196,6 +196,10 @@ * This method can be called only after the authentication exchange has * completed (i.e., when {@code isComplete()} returns true); otherwise, an * {@code IllegalStateException} is thrown. + * <p> + * The {@link Sasl} class includes several well-known property names + * (For example, {@link Sasl#QOP}). A SASL provider can support other + * properties which are specific to the vendor and/or a mechanism. * * @param propName the property * @return The value of the negotiated property. If null, the property was
--- a/jdk/src/share/classes/javax/swing/AbstractListModel.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/AbstractListModel.java Thu Jul 10 12:40:48 2014 -0700 @@ -202,6 +202,7 @@ * If no such listeners exist, * this method returns an empty array. * + * @param <T> the type of {@code EventListener} class being requested * @param listenerType the type of listeners requested; * this parameter should specify an interface * that descends from <code>java.util.EventListener</code>
--- a/jdk/src/share/classes/javax/swing/CellRendererPane.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/CellRendererPane.java Thu Jul 10 12:40:48 2014 -0700 @@ -190,8 +190,12 @@ // Accessibility support //////////////// + /** + * {@code AccessibleContext} associated with this {@code CellRendererPan} + */ protected AccessibleContext accessibleContext = null; + /** * Gets the AccessibleContext associated with this CellRendererPane. * For CellRendererPanes, the AccessibleContext takes the form of an
--- a/jdk/src/share/classes/javax/swing/DefaultCellEditor.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/DefaultCellEditor.java Thu Jul 10 12:40:48 2014 -0700 @@ -353,6 +353,7 @@ * Returns true to indicate that editing has begun. * * @param anEvent the event + * @return true to indicate editing has begun */ public boolean startCellEditing(EventObject anEvent) { return true;
--- a/jdk/src/share/classes/javax/swing/DefaultDesktopManager.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/DefaultDesktopManager.java Thu Jul 10 12:40:48 2014 -0700 @@ -462,7 +462,12 @@ f.revalidate(); } - /** Convenience method to remove the desktopIcon of <b>f</b> is necessary. */ + /** + * Convenience method to remove the desktopIcon of <b>f</b> is necessary. + * + * @param f the {@code JInternalFrame} for which to remove the + * {@code desktopIcon} + */ protected void removeIconFor(JInternalFrame f) { JInternalFrame.JDesktopIcon di = f.getDesktopIcon(); Container c = di.getParent(); @@ -472,10 +477,13 @@ } } - /** The iconifyFrame() code calls this to determine the proper bounds - * for the desktopIcon. - */ - + /** + * The {@code iconifyFrame()} code calls this to determine the proper bounds + * for the desktopIcon. + * + * @param f the {@code JInternalFrame} of interest + * @return a {@code Rectangle} containing bounds for the {@code desktopIcon} + */ protected Rectangle getBoundsForIconOf(JInternalFrame f) { // // Get the icon for this internal frame and its preferred size @@ -592,6 +600,9 @@ /** * Sets that the component has been iconized and the bounds of the * <code>desktopIcon</code> are valid. + * + * @param f the {@code JInternalFrame} of interest + * @param value a {@code Boolean} signifying if component has been iconized */ protected void setWasIcon(JInternalFrame f, Boolean value) { if (value != null) {
--- a/jdk/src/share/classes/javax/swing/DefaultListModel.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/DefaultListModel.java Thu Jul 10 12:40:48 2014 -0700 @@ -444,6 +444,7 @@ * (<code>index < 0 || index >= size()</code>). * * @param index index of element to return + * @return the element at the specified position in this list */ public E get(int index) { return delegate.elementAt(index);
--- a/jdk/src/share/classes/javax/swing/DefaultListSelectionModel.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/DefaultListSelectionModel.java Thu Jul 10 12:40:48 2014 -0700 @@ -160,6 +160,9 @@ * Notifies <code>ListSelectionListeners</code> that the value * of the selection, in the closed interval <code>firstIndex</code>, * <code>lastIndex</code>, has changed. + * + * @param firstIndex the first index in the interval + * @param lastIndex the last index in the interval */ protected void fireValueChanged(int firstIndex, int lastIndex) { fireValueChanged(firstIndex, lastIndex, getValueIsAdjusting()); @@ -231,6 +234,7 @@ * If no such listeners exist, * this method returns an empty array. * + * @param <T> the type of {@code EventListener} class being requested * @param listenerType the type of listeners requested; * this parameter should specify an interface * that descends from <code>java.util.EventListener</code> @@ -332,6 +336,8 @@ /** * Sets the value of the leadAnchorNotificationEnabled flag. + * + * @param flag boolean value for {@code leadAnchorNotificationEnabled} * @see #isLeadAnchorNotificationEnabled() */ public void setLeadAnchorNotificationEnabled(boolean flag) {
--- a/jdk/src/share/classes/javax/swing/DefaultRowSorter.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/DefaultRowSorter.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -712,6 +712,8 @@ * * @param column the index of the column to test, in terms of the * underlying model + * @return true if values are to be converted to strings before doing + * comparisons when sorting * @throws IndexOutOfBoundsException if <code>column</code> is not valid */ protected boolean useToString(int column) {
--- a/jdk/src/share/classes/javax/swing/InputMap.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/InputMap.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -32,15 +32,12 @@ import java.util.Set; /** - * <code>InputMap</code> provides a binding between an input event - * (currently only <code>KeyStroke</code>s are used) - * and an <code>Object</code>. <code>InputMap</code>s - * are usually used with an <code>ActionMap</code>, - * to determine an <code>Action</code> to perform - * when a key is pressed. - * An <code>InputMap</code> can have a parent - * that is searched for bindings not defined in the <code>InputMap</code>. - * <p>As with <code>ActionMap</code> if you create a cycle, eg: + * {@code InputMap} provides a binding between an input event (currently only + * {@code KeyStroke}s are used) and an {@code Object}. {@code InputMap}s are + * usually used with an {@code ActionMap}, to determine an {@code Action} to + * perform when a key is pressed. An {@code InputMap} can have a parent that + * is searched for bindings not defined in the {@code InputMap}. + * <p>As with {@code ActionMap} if you create a cycle, eg: * <pre> * InputMap am = new InputMap(); * InputMap bm = new InputMap(): @@ -61,34 +58,37 @@ /** - * Creates an <code>InputMap</code> with no parent and no mappings. + * Creates an {@code InputMap} with no parent and no mappings. */ public InputMap() { } /** - * Sets this <code>InputMap</code>'s parent. + * Sets this {@code InputMap}'s parent. * - * @param map the <code>InputMap</code> that is the parent of this one + * @param map the {@code InputMap} that is the parent of this one */ public void setParent(InputMap map) { this.parent = map; } /** - * Gets this <code>InputMap</code>'s parent. + * Gets this {@code InputMap}'s parent. * - * @return map the <code>InputMap</code> that is the parent of this one, - * or null if this <code>InputMap</code> has no parent + * @return map the {@code InputMap} that is the parent of this one, + * or null if this {@code InputMap} has no parent */ public InputMap getParent() { return parent; } /** - * Adds a binding for <code>keyStroke</code> to <code>actionMapKey</code>. - * If <code>actionMapKey</code> is null, this removes the current binding - * for <code>keyStroke</code>. + * Adds a binding for {@code keyStroke} to {@code actionMapKey}. + * If {@code actionMapKey} is null, this removes the current binding + * for {@code keyStroke}. + * + * @param keyStroke a {@code KeyStroke} + * @param actionMapKey an action map key */ public void put(KeyStroke keyStroke, Object actionMapKey) { if (keyStroke == null) { @@ -106,8 +106,11 @@ } /** - * Returns the binding for <code>keyStroke</code>, messaging the - * parent <code>InputMap</code> if the binding is not locally defined. + * Returns the binding for {@code keyStroke}, messaging the + * parent {@code InputMap} if the binding is not locally defined. + * + * @param keyStroke the {@code KeyStroke} for which to get the binding + * @return the binding for {@code keyStroke} */ public Object get(KeyStroke keyStroke) { if (arrayTable == null) { @@ -131,8 +134,9 @@ } /** - * Removes the binding for <code>key</code> from this - * <code>InputMap</code>. + * Removes the binding for {@code key} from this {@code InputMap}. + * + * @param key the {@code KeyStroke} for which to remove the binding */ public void remove(KeyStroke key) { if (arrayTable != null) { @@ -141,7 +145,7 @@ } /** - * Removes all the mappings from this <code>InputMap</code>. + * Removes all the mappings from this {@code InputMap}. */ public void clear() { if (arrayTable != null) { @@ -150,7 +154,10 @@ } /** - * Returns the <code>KeyStroke</code>s that are bound in this <code>InputMap</code>. + * Returns the {@code KeyStroke}s that are bound in this {@code InputMap}. + * + * @return an array of the {@code KeyStroke}s that are bound in this + * {@code InputMap} */ public KeyStroke[] keys() { if (arrayTable == null) { @@ -162,7 +169,9 @@ } /** - * Returns the number of <code>KeyStroke</code> bindings. + * Returns the number of {@code KeyStroke} bindings. + * + * @return the number of {@code KeyStroke} bindings */ public int size() { if (arrayTable == null) { @@ -172,9 +181,12 @@ } /** - * Returns an array of the <code>KeyStroke</code>s defined in this - * <code>InputMap</code> and its parent. This differs from <code>keys()</code> in that - * this method includes the keys defined in the parent. + * Returns an array of the {@code KeyStroke}s defined in this + * {@code InputMap} and its parent. This differs from {@code keys()} + * in that this method includes the keys defined in the parent. + * + * @return an array of the {@code KeyStroke}s defined in this + * {@code InputMap} and its parent */ public KeyStroke[] allKeys() { int count = size();
--- a/jdk/src/share/classes/javax/swing/JCheckBox.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/JCheckBox.java Thu Jul 10 12:40:48 2014 -0700 @@ -132,6 +132,7 @@ * Creates a check box where properties are taken from the * Action supplied. * + * @param a the {@code Action} used to specify the new check box * @since 1.3 */ public JCheckBox(Action a) {
--- a/jdk/src/share/classes/javax/swing/JCheckBoxMenuItem.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/JCheckBoxMenuItem.java Thu Jul 10 12:40:48 2014 -0700 @@ -109,7 +109,7 @@ /** * Creates an initially unselected check box menu item with an icon. * - * @param icon the icon of the CheckBoxMenuItem. + * @param icon the icon of the {@code JCheckBoxMenuItem}. */ public JCheckBoxMenuItem(Icon icon) { this(null, icon, false); @@ -118,7 +118,7 @@ /** * Creates an initially unselected check box menu item with text. * - * @param text the text of the CheckBoxMenuItem + * @param text the text of the {@code JCheckBoxMenuItem} */ public JCheckBoxMenuItem(String text) { this(text, null, false); @@ -128,6 +128,7 @@ * Creates a menu item whose properties are taken from the * Action supplied. * + * @param a the action of the {@code JCheckBoxMenuItem} * @since 1.3 */ public JCheckBoxMenuItem(Action a) { @@ -138,8 +139,8 @@ /** * Creates an initially unselected check box menu item with the specified text and icon. * - * @param text the text of the CheckBoxMenuItem - * @param icon the icon of the CheckBoxMenuItem + * @param text the text of the {@code JCheckBoxMenuItem} + * @param icon the icon of the {@code JCheckBoxMenuItem} */ public JCheckBoxMenuItem(String text, Icon icon) { this(text, icon, false);
--- a/jdk/src/share/classes/javax/swing/JEditorPane.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/JEditorPane.java Thu Jul 10 12:40:48 2014 -0700 @@ -1251,11 +1251,12 @@ } /** - * Returns the currently registered <code>EditorKit</code> - * class name for the type <code>type</code>. + * Returns the currently registered {@code EditorKit} class name for the + * type {@code type}. * - * @param type the non-<code>null</code> content type - * + * @param type the non-{@code null} content type + * @return a {@code String} containing the {@code EditorKit} class name + * for {@code type} * @since 1.3 */ public static String getEditorKitClassNameForContentType(String type) {
--- a/jdk/src/share/classes/javax/swing/JFileChooser.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/JFileChooser.java Thu Jul 10 12:40:48 2014 -0700 @@ -330,6 +330,8 @@ /** * Constructs a <code>JFileChooser</code> using the given * <code>FileSystemView</code>. + * + * @param fsv a {@code FileSystemView} */ public JFileChooser(FileSystemView fsv) { this((File) null, fsv); @@ -339,6 +341,10 @@ /** * Constructs a <code>JFileChooser</code> using the given current directory * and <code>FileSystemView</code>. + * + * @param currentDirectory a {@code File} object specifying the path to a + * file or directory + * @param fsv a {@code FileSystemView} */ public JFileChooser(File currentDirectory, FileSystemView fsv) { setup(fsv); @@ -348,6 +354,10 @@ /** * Constructs a <code>JFileChooser</code> using the given current directory * path and <code>FileSystemView</code>. + * + * @param currentDirectoryPath a {@code String} specifying the path to a file + * or directory + * @param fsv a {@code FileSystemView} */ public JFileChooser(String currentDirectoryPath, FileSystemView fsv) { setup(fsv); @@ -360,6 +370,8 @@ /** * Performs common constructor initialization and setup. + * + * @param view the {@code FileSystemView} used for setup */ protected void setup(FileSystemView view) { installShowFilesListener(); @@ -512,6 +524,8 @@ /** * Returns a list of selected files if the file chooser is * set to allow multiple selection. + * + * @return an array of selected {@code File}s */ public File[] getSelectedFiles() { if(selectedFiles == null) { @@ -525,6 +539,7 @@ * Sets the list of selected files if the file chooser is * set to allow multiple selection. * + * @param selectedFiles an array {@code File}s to be selected * @beaninfo * bound: true * description: The list of selected files if the chooser is in multiple selection mode. @@ -971,6 +986,7 @@ /** * Gets the string that goes in the <code>JFileChooser</code>'s titlebar. * + * @return the string from the {@code JFileChooser} window's title bar * @see #setDialogTitle */ public String getDialogTitle() { @@ -1158,6 +1174,8 @@ * Removes a filter from the list of user choosable file filters. Returns * true if the file filter was removed. * + * @param f the file filter to be removed + * @return true if the file filter was removed, false otherwise * @see #addChoosableFileFilter * @see #getChoosableFileFilters * @see #resetChoosableFileFilters @@ -1215,6 +1233,8 @@ /** * Returns the <code>AcceptAll</code> file filter. * For example, on Microsoft Windows this would be All Files (*.*). + * + * @return the {@code AcceptAll} file filter */ public FileFilter getAcceptAllFileFilter() { FileFilter filter = null; @@ -1240,8 +1260,10 @@ * If false, the <code>AcceptAll</code> file filter is removed from * the list of available file filters. * If true, the <code>AcceptAll</code> file filter will become the - * the actively used file filter. + * actively used file filter. * + * @param b a {@code boolean} which determines whether the {@code AcceptAll} + * file filter is an available choice in the choosable filter list * @beaninfo * preferred: true * bound: true @@ -1284,6 +1306,7 @@ * any listeners that the accessory might have registered with the * file chooser. * + * @param newAccessory the accessory component to be set * @beaninfo * preferred: true * bound: true @@ -1355,6 +1378,7 @@ * Convenience call that determines if files are selectable based on the * current file selection mode. * + * @return true if files are selectable, false otherwise * @see #setFileSelectionMode * @see #getFileSelectionMode */ @@ -1366,6 +1390,7 @@ * Convenience call that determines if directories are selectable based * on the current file selection mode. * + * @return true if directories are selectable, false otherwise * @see #setFileSelectionMode * @see #getFileSelectionMode */ @@ -1487,9 +1512,10 @@ } /** - * Sets the file view to used to retrieve UI information, such as + * Sets the file view to be used to retrieve UI information, such as * the icon that represents a file or the type description of a file. * + * @param fileView a {@code FileView} to be used to retrieve UI information * @beaninfo * preferred: true * bound: true @@ -1506,6 +1532,7 @@ /** * Returns the current file view. * + * @return the current file view * @see #setFileView */ public FileView getFileView() { @@ -1765,6 +1792,8 @@ * notification on this event type. The event instance * is lazily created using the <code>command</code> parameter. * + * @param command a string that may specify a command associated with + * the event * @see EventListenerList */ protected void fireActionPerformed(String command) { @@ -1973,6 +2002,9 @@ // Accessibility support //////////////// + /** + * {@code AccessibleContext} associated with this {@code JFileChooser} + */ protected AccessibleContext accessibleContext = null; /**
--- a/jdk/src/share/classes/javax/swing/JFrame.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/JFrame.java Thu Jul 10 12:40:48 2014 -0700 @@ -275,6 +275,8 @@ /** * Called by the constructor methods to create the default * <code>rootPane</code>. + * + * @return a new {@code JRootPane} */ protected JRootPane createRootPane() { JRootPane rp = new JRootPane(); @@ -874,7 +876,9 @@ // Accessibility support //////////////// - /** The accessible context property. */ + /** + * The accessible context property. + */ protected AccessibleContext accessibleContext = null; /**
--- a/jdk/src/share/classes/javax/swing/JMenu.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/JMenu.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -608,16 +608,18 @@ * it to the end of this menu. * * @param s the string for the menu item to be added + * @return the new {@code JMenuItem} */ public JMenuItem add(String s) { return add(new JMenuItem(s)); } /** - * Creates a new menu item attached to the specified - * <code>Action</code> object and appends it to the end of this menu. + * Creates a new menu item attached to the specified {@code Action} object + * and appends it to the end of this menu. * - * @param a the <code>Action</code> for the menu item to be added + * @param a the {@code Action} for the menu item to be added + * @return the new {@code JMenuItem} * @see Action */ public JMenuItem add(Action a) { @@ -653,8 +655,11 @@ } /** - * Returns a properly configured <code>PropertyChangeListener</code> - * which updates the control as changes to the <code>Action</code> occur. + * Returns a properly configured {@code PropertyChangeListener} + * which updates the control as changes to the {@code Action} occur. + * + * @param b a menu item for which to create a {@code PropertyChangeListener} + * @return a {@code PropertyChangeListener} for {@code b} */ protected PropertyChangeListener createActionChangeListener(JMenuItem b) { return b.createActionPropertyChangeListener0(b.getAction()); @@ -714,6 +719,7 @@ * @param a the <code>Action</code> object for the menu item to add * @param pos an integer specifying the position at which to add the * new menu item + * @return the new menu item * @exception IllegalArgumentException if the value of * <code>pos</code> < 0 */ @@ -748,16 +754,16 @@ } /** - * Returns the <code>JMenuItem</code> at the specified position. - * If the component at <code>pos</code> is not a menu item, - * <code>null</code> is returned. + * Returns the {@code JMenuItem} at the specified position. + * If the component at {@code pos} is not a menu item, + * {@code null} is returned. * This method is included for AWT compatibility. * - * @param pos an integer specifying the position - * @exception IllegalArgumentException if the value of - * <code>pos</code> < 0 + * @param pos an integer specifying the position * @return the menu item at the specified position; or <code>null</code> * if the item as the specified position is not a menu item + * @exception IllegalArgumentException if the value of + * {@code pos} < 0 */ public JMenuItem getItem(int pos) { if (pos < 0) { @@ -975,6 +981,8 @@ /** * Returns the popupmenu associated with this menu. If there is * no popupmenu, it will create one. + * + * @return the {@code JPopupMenu} associated with this menu */ public JPopupMenu getPopupMenu() { ensurePopupMenuCreated(); @@ -1159,6 +1167,8 @@ JPopupMenu popupMenu; /** * Create the window listener for the specified popup. + * + * @param p the popup menu for which to create a listener * @since 1.4 */ public WinListener(JPopupMenu p) {
--- a/jdk/src/share/classes/javax/swing/JMenuBar.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/JMenuBar.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -124,6 +124,8 @@ /** * Returns the menubar's current UI. + * + * @return a {@code MenuBarUI} which is the menubar's current L&F object * @see #setUI */ public MenuBarUI getUI() {
--- a/jdk/src/share/classes/javax/swing/JSlider.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/JSlider.java Thu Jul 10 12:40:48 2014 -0700 @@ -281,6 +281,8 @@ /** * Creates a horizontal slider using the specified * BoundedRangeModel. + * + * @param brm a {@code BoundedRangeModel} for the slider */ public JSlider(BoundedRangeModel brm) { @@ -363,6 +365,8 @@ * {@code fireStateChanged} method to forward {@code ChangeEvent}s * to the {@code ChangeListener}s that have been added directly to the * slider. + * + * @return a instance of new {@code ChangeListener} * @see #changeListener * @see #fireStateChanged * @see javax.swing.event.ChangeListener
--- a/jdk/src/share/classes/javax/swing/JTabbedPane.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/JTabbedPane.java Thu Jul 10 12:40:48 2014 -0700 @@ -278,6 +278,7 @@ * can override this to return a subclass of <code>ModelListener</code> or * another <code>ChangeListener</code> implementation. * + * @return a {@code ChangeListener} * @see #fireStateChanged */ protected ChangeListener createChangeListener() { @@ -423,6 +424,7 @@ /** * Returns the model associated with this tabbedpane. * + * @return the {@code SingleSelectionModel} associated with this tabbedpane * @see #setModel */ public SingleSelectionModel getModel() { @@ -459,6 +461,8 @@ /** * Returns the placement of the tabs for this tabbedpane. + * + * @return an {@code int} specifying the placement for the tabs * @see #setTabPlacement */ public int getTabPlacement() { @@ -507,6 +511,8 @@ /** * Returns the policy used by the tabbedpane to layout the tabs when all the * tabs will not fit within a single run. + * + * @return an {@code int} specifying the policy used to layout the tabs * @see #setTabLayoutPolicy * @since 1.4 */ @@ -664,6 +670,7 @@ * will automatically set the <code>selectedIndex</code> to the index * corresponding to the specified component. * + * @param c the selected {@code Component} for this {@code TabbedPane} * @exception IllegalArgumentException if component not found in tabbed * pane * @see #getSelectedComponent
--- a/jdk/src/share/classes/javax/swing/JTable.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/JTable.java Thu Jul 10 12:40:48 2014 -0700 @@ -865,6 +865,8 @@ /** * Equivalent to <code>new JScrollPane(aTable)</code>. * + * @param aTable a {@code JTable} to be used for the scroll pane + * @return a {@code JScrollPane} created using {@code aTable} * @deprecated As of Swing version 1.0.2, * replaced by <code>new JScrollPane(aTable)</code>. */ @@ -1961,6 +1963,7 @@ * <code>JList</code>. See the <code>setSelectionMode</code> method * in <code>JList</code> for details about the modes. * + * @param selectionMode the mode used by the row and column selection models * @see JList#setSelectionMode * @beaninfo * description: The selection mode used by the row and column selection models. @@ -2321,6 +2324,7 @@ * Returns true if the specified index is in the valid range of rows, * and the row at that index is selected. * + * @param row a row in the row model * @return true if <code>row</code> is a valid index and the row at * that index is selected (where 0 is the first row) */ @@ -3174,6 +3178,8 @@ /** * Sizes the table columns to fit the available space. + * + * @param lastColumnOnly determines whether to resize last column only * @deprecated As of Swing version 1.0.3, * replaced by <code>doLayout()</code>. * @see #doLayout @@ -6692,7 +6698,7 @@ // Listeners to echo changes to the AccessiblePropertyChange mechanism - /* + /** * Describes a change in the accessible table model. */ protected class AccessibleJTableModelChange @@ -6737,6 +6743,8 @@ /** * Track changes to the table contents + * + * @param e a {@code TableModelEvent} describing the event */ public void tableChanged(TableModelEvent e) { firePropertyChange(AccessibleContext.ACCESSIBLE_VISIBLE_DATA_PROPERTY, @@ -6764,6 +6772,8 @@ /** * Track changes to the table contents (row insertions) + * + * @param e a {@code TableModelEvent} describing the event */ public void tableRowsInserted(TableModelEvent e) { firePropertyChange(AccessibleContext.ACCESSIBLE_VISIBLE_DATA_PROPERTY, @@ -6789,6 +6799,8 @@ /** * Track changes to the table contents (row deletions) + * + * @param e a {@code TableModelEvent} describing the event */ public void tableRowsDeleted(TableModelEvent e) { firePropertyChange(AccessibleContext.ACCESSIBLE_VISIBLE_DATA_PROPERTY, @@ -7922,6 +7934,11 @@ /** * Constructs an <code>AccessibleJTableHeaderEntry</code>. + * + * @param t a {@code JTable} + * @param r an {@code int} specifying a row + * @param c an {@code int} specifying a column + * @param i an {@code int} specifying the index to this cell * @since 1.4 */ public AccessibleJTableCell(JTable t, int r, int c, int i) {
--- a/jdk/src/share/classes/javax/swing/MenuElement.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/MenuElement.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2003, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,7 +29,7 @@ /** * Any component that can be placed into a menu should implement this interface. - * This interface is used by <code>MenuSelectionManager</code> + * This interface is used by {@code MenuSelectionManager} * to handle selection and navigation in menu hierarchies. * * @author Arnaud Weber @@ -39,46 +39,56 @@ public interface MenuElement { /** - * Processes a mouse event. <code>event</code> is a <code>MouseEvent</code> - * with source being the receiving element's component. - * <code>path</code> is the path of the receiving element in the menu - * hierarchy including the receiving element itself. - * <code>manager</code> is the <code>MenuSelectionManager</code> - * for the menu hierarchy. - * This method should process the <code>MouseEvent</code> and change - * the menu selection if necessary - * by using <code>MenuSelectionManager</code>'s API - * Note: you do not have to forward the event to sub-components. - * This is done automatically by the <code>MenuSelectionManager</code>. + * Processes a mouse event. {@code event} is a {@code MouseEvent} with + * source being the receiving element's component. {@code path} is the + * path of the receiving element in the menu hierarchy including the + * receiving element itself. {@code manager} is the + * {@code MenuSelectionManager}for the menu hierarchy. This method should + * process the {@code MouseEvent} and change the menu selection if necessary + * by using {@code MenuSelectionManager}'s API Note: you do not have to + * forward the event to sub-components. This is done automatically by the + * {@code MenuSelectionManager}. + * + * @param event a {@code MouseEvent} to be processed + * @param path the path of the receiving element in the menu hierarchy + * @param manager the {@code MenuSelectionManager} for the menu hierarchy */ - public void processMouseEvent(MouseEvent event,MenuElement path[],MenuSelectionManager manager); + public void processMouseEvent(MouseEvent event, MenuElement path[], MenuSelectionManager manager); /** * Process a key event. + * + * @param event a {@code KeyEvent} to be processed + * @param path the path of the receiving element in the menu hierarchy + * @param manager the {@code MenuSelectionManager} for the menu hierarchy */ - public void processKeyEvent(KeyEvent event,MenuElement path[],MenuSelectionManager manager); + public void processKeyEvent(KeyEvent event, MenuElement path[], MenuSelectionManager manager); /** - * Call by the <code>MenuSelectionManager</code> when the - * <code>MenuElement</code> is added or remove from - * the menu selection. + * Call by the {@code MenuSelectionManager} when the {@code MenuElement} is + * added or removed from the menu selection. + * + * @param isIncluded can be used to indicate if this {@code MenuElement} is + * active (if it is a menu) or is on the part of the menu path that + * changed (if it is a menu item). */ public void menuSelectionChanged(boolean isIncluded); /** - * This method should return an array containing the sub-elements for the receiving menu element + * This method should return an array containing the sub-elements for the + * receiving menu element. * - * @return an array of MenuElements + * @return an array of {@code MenuElement}s */ public MenuElement[] getSubElements(); /** - * This method should return the java.awt.Component used to paint the receiving element. - * The returned component will be used to convert events and detect if an event is inside - * a MenuElement's component. + * This method should return the {@code java.awt.Component} used to paint the + * receiving element. The returned component will be used to convert events + * and detect if an event is inside a {@code MenuElement}'s component. * - * @return the Component value + * @return the {@code Component} value */ public Component getComponent(); }
--- a/jdk/src/share/classes/javax/swing/MenuSelectionManager.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/MenuSelectionManager.java Thu Jul 10 12:40:48 2014 -0700 @@ -80,6 +80,7 @@ * generated is always "this". */ protected transient ChangeEvent changeEvent = null; + /** The collection of registered listeners */ protected EventListenerList listenerList = new EventListenerList(); /** @@ -477,7 +478,11 @@ } /** - * Return true if c is part of the currently used menu + * Return true if {@code c} is part of the currently used menu + * + * @param c a {@code Component} + * @return true if {@code c} is part of the currently used menu, + * false otherwise */ public boolean isComponentPartOfCurrentMenu(Component c) { if(selection.size() > 0) {
--- a/jdk/src/share/classes/javax/swing/RowFilter.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/RowFilter.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -159,6 +159,8 @@ * {@link java.util.regex.Pattern} for a complete description of * the supported regular-expression constructs. * + * @param <M> the type of the model to which the {@code RowFilter} applies + * @param <I> the type of the identifier passed to the {@code RowFilter} * @param regex the regular expression to filter on * @param indices the indices of the values to check. If not supplied all * values are evaluated @@ -186,6 +188,8 @@ * RowFilter.dateFilter(ComparisonType.AFTER, new Date()); * </pre> * + * @param <M> the type of the model to which the {@code RowFilter} applies + * @param <I> the type of the identifier passed to the {@code RowFilter} * @param type the type of comparison to perform * @param date the date to compare against * @param indices the indices of the values to check. If not supplied all @@ -214,7 +218,10 @@ * RowFilter.numberFilter(ComparisonType.EQUAL, 10); * </pre> * + * @param <M> the type of the model to which the {@code RowFilter} applies + * @param <I> the type of the identifier passed to the {@code RowFilter} * @param type the type of comparison to perform + * @param number a {@code Number} value to compare against * @param indices the indices of the values to check. If not supplied all * values are evaluated * @return a <code>RowFilter</code> implementing the specified criteria @@ -241,6 +248,8 @@ * RowFilter<Object,Object> fooBarFilter = RowFilter.orFilter(filters); * </pre> * + * @param <M> the type of the model to which the {@code RowFilter} applies + * @param <I> the type of the identifier passed to the {@code RowFilter} * @param filters the <code>RowFilter</code>s to test * @throws IllegalArgumentException if any of the filters * are <code>null</code> @@ -267,6 +276,8 @@ * RowFilter<Object,Object> fooBarFilter = RowFilter.andFilter(filters); * </pre> * + * @param <M> the type of the model the {@code RowFilter} applies to + * @param <I> the type of the identifier passed to the {@code RowFilter} * @param filters the <code>RowFilter</code>s to test * @return a <code>RowFilter</code> implementing the specified criteria * @throws IllegalArgumentException if any of the filters @@ -283,6 +294,8 @@ * Returns a <code>RowFilter</code> that includes entries if the * supplied filter does not include the entry. * + * @param <M> the type of the model to which the {@code RowFilter} applies + * @param <I> the type of the identifier passed to the {@code RowFilter} * @param filter the <code>RowFilter</code> to negate * @return a <code>RowFilter</code> implementing the specified criteria * @throws IllegalArgumentException if <code>filter</code> is
--- a/jdk/src/share/classes/javax/swing/SortingFocusTraversalPolicy.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/SortingFocusTraversalPolicy.java Thu Jul 10 12:40:48 2014 -0700 @@ -100,6 +100,8 @@ /** * Constructs a SortingFocusTraversalPolicy with the specified Comparator. + * + * @param comparator the {@code Comparator} to sort by */ public SortingFocusTraversalPolicy(Comparator<? super Component> comparator) { this.comparator = comparator;
--- a/jdk/src/share/classes/javax/swing/Spring.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/Spring.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -547,9 +547,10 @@ /** - * Returns <code>-s</code>: a spring running in the opposite direction to <code>s</code>. + * Returns {@code -s}: a spring running in the opposite direction to {@code s}. * - * @return <code>-s</code>: a spring running in the opposite direction to <code>s</code> + * @param s a {@code Spring} object + * @return {@code -s}: a spring running in the opposite direction to {@code s} * * @see Spring */ @@ -582,6 +583,8 @@ * the <em>value</em>s of <code>s1</code> and <code>s2</code> is exactly equal to * the <em>value</em> of <code>s3</code>. * + * @param s1 a {@code Spring} object + * @param s2 a {@code Spring} object * @return <code>s1+s2</code>: a spring representing <code>s1</code> and <code>s2</code> in series * * @see Spring @@ -591,11 +594,13 @@ } /** - * Returns <code>max(s1, s2)</code>: a spring whose value is always greater than (or equal to) - * the values of both <code>s1</code> and <code>s2</code>. + * Returns {@code max(s1, s2)}: a spring whose value is always greater than (or equal to) + * the values of both {@code s1} and {@code s2}. * - * @return <code>max(s1, s2)</code>: a spring whose value is always greater than (or equal to) - * the values of both <code>s1</code> and <code>s2</code> + * @param s1 a {@code Spring} object + * @param s2 a {@code Spring} object + * @return {@code max(s1, s2)}: a spring whose value is always greater than (or equal to) + * the values of both {@code s1} and {@code s2} * @see Spring */ public static Spring max(Spring s1, Spring s2) {
--- a/jdk/src/share/classes/javax/swing/UIManager.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/javax/swing/UIManager.java Thu Jul 10 12:40:48 2014 -0700 @@ -1107,6 +1107,8 @@ * UI class is created or when the default look and feel is changed * on a component instance. * <p>Note these are not the same as the installed look and feels. + * + * @param laf the {@code LookAndFeel} to be removed * @return true if the <code>LookAndFeel</code> was removed from the list * @see #removeAuxiliaryLookAndFeel * @see #getAuxiliaryLookAndFeels
--- a/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java Thu Jul 10 12:40:48 2014 -0700 @@ -221,8 +221,17 @@ } OutputStream os = new UnsyncBufferedOutputStream(bos); + + DOMSubTreeData subTree = new DOMSubTreeData(localSiElem, true); try { - os.close(); + ((DOMCanonicalizationMethod) + canonicalizationMethod).canonicalize(subTree, context, os); + } catch (TransformException te) { + throw new XMLSignatureException(te); + } + + try { + os.flush(); } catch (IOException e) { if (log.isLoggable(java.util.logging.Level.FINE)) { log.log(java.util.logging.Level.FINE, e.getMessage(), e); @@ -230,15 +239,6 @@ // Impossible } - DOMSubTreeData subTree = new DOMSubTreeData(localSiElem, true); - - try { - ((DOMCanonicalizationMethod) - canonicalizationMethod).canonicalize(subTree, context, bos); - } catch (TransformException te) { - throw new XMLSignatureException(te); - } - byte[] signedInfoBytes = bos.toByteArray(); // this whole block should only be done if logging is enabled @@ -253,6 +253,15 @@ } this.canonData = new ByteArrayInputStream(signedInfoBytes); + + try { + os.close(); + } catch (IOException e) { + if (log.isLoggable(java.util.logging.Level.FINE)) { + log.log(java.util.logging.Level.FINE, e.getMessage(), e); + } + // Impossible + } } public void marshal(Node parent, String dsPrefix, DOMCryptoContext context)
--- a/jdk/src/share/classes/sun/jvmstat/monitor/event/MonitorStatusChangeEvent.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/monitor/event/MonitorStatusChangeEvent.java Thu Jul 10 12:40:48 2014 -0700 @@ -27,6 +27,7 @@ import java.util.List; import sun.jvmstat.monitor.MonitoredVm; +import sun.jvmstat.monitor.Monitor; /** * Provides a description of a change in status of the instrumentation @@ -42,13 +43,13 @@ * List of instrumentation objects inserted since the last event. * Elements of this list will always be of type Monitor. */ - protected List inserted; + protected List<Monitor> inserted; /** * List of instrumentation objects removed since the last event. * Elements of this list will always be of type Monitor. */ - protected List removed; + protected List<Monitor> removed; /** * Construct a new MonitorStatusChangeEvent. @@ -59,8 +60,8 @@ * @param removed the list of instrumentation objects removed since * the last event. */ - public MonitorStatusChangeEvent(MonitoredVm vm, List inserted, - List removed) { + public MonitorStatusChangeEvent(MonitoredVm vm, List<Monitor> inserted, + List<Monitor> removed) { super(vm); this.inserted = inserted; this.removed = removed; @@ -75,7 +76,7 @@ * new instrumentation was inserted, an emply List is * returned. */ - public List getInserted() { + public List<Monitor> getInserted() { return inserted; } @@ -87,7 +88,7 @@ * instrumentation exported by the MonitoredHost. If no * instrumentation was removed, an emply List is returned. */ - public List getRemoved() { + public List<Monitor> getRemoved() { return removed; } }
--- a/jdk/src/share/classes/sun/jvmstat/monitor/event/VmStatusChangeEvent.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/monitor/event/VmStatusChangeEvent.java Thu Jul 10 12:40:48 2014 -0700 @@ -44,7 +44,7 @@ * active Java Virtual Machine on the MonitoredHost. This Set will only * contain Integer objects. */ - protected Set active; + protected Set<Integer> active; /** * The set of Java Virtual Machines started on MonitoredHost since the @@ -52,7 +52,7 @@ * <em>lvmid</em> for each Java Virtual Machine started on the * MonitoredHost. This Set will only contain Integer objects. */ - protected Set started; + protected Set<Integer> started; /** * The set of Java Virtual Machines terminated on MonitoredHost since the @@ -60,7 +60,7 @@ * <em>lvmid</em> for each Java Virtual Machine started on the * MonitoredHost. This Set will only contain Integer objects. */ - protected Set terminated; + protected Set<Integer> terminated; /** * Construct a new VmStatusChangeEvent instance. @@ -72,8 +72,8 @@ * @param terminated the set of Java Virtual Machines terminated since * the last event. */ - public VmStatusChangeEvent(MonitoredHost host, Set active, - Set started, Set terminated) { + public VmStatusChangeEvent(MonitoredHost host, Set<Integer> active, + Set<Integer> started, Set<Integer> terminated) { super(host); this.active = active; this.started = started; @@ -90,7 +90,7 @@ * there are no active Java Virtual Machines on the host, * an empty Set is returned. */ - public Set getActive() { + public Set<Integer> getActive() { return active; } @@ -105,7 +105,7 @@ * no Java Virtual Machines were recently started on the * host, an empty Set is returned. */ - public Set getStarted() { + public Set<Integer> getStarted() { return started; } @@ -120,7 +120,7 @@ * no Java Virtual Machines were recently terminated on the * host, an empty Set is returned. */ - public Set getTerminated() { + public Set<Integer> getTerminated() { return terminated; } }
--- a/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/AbstractPerfDataBuffer.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/AbstractPerfDataBuffer.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -169,7 +169,7 @@ try { Class<?> implClass = Class.forName(classname); - Constructor cons = implClass.getConstructor(new Class[] { + Constructor<?> cons = implClass.getConstructor(new Class<?>[] { Class.forName("java.nio.ByteBuffer"), Integer.TYPE });
--- a/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/MonitorStatus.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/MonitorStatus.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -26,6 +26,7 @@ package sun.jvmstat.perfdata.monitor; import java.util.List; +import sun.jvmstat.monitor.Monitor; /** * Immutable class containing the list of inserted and deleted @@ -39,12 +40,12 @@ /** * The list of Monitors inserted since the last query. */ - protected List inserted; + protected List<Monitor> inserted; /** * The list of Monitors removed since the last query. */ - protected List removed; + protected List<Monitor> removed; /** * Create a MonitorStatus instance. @@ -52,7 +53,7 @@ * @param inserted the list of Monitors inserted * @param removed the list of Monitors removed */ - public MonitorStatus(List inserted, List removed) { + public MonitorStatus(List<Monitor> inserted, List<Monitor> removed) { this.inserted = inserted; this.removed = removed; } @@ -62,7 +63,7 @@ * * @return List - the List of Monitor objects inserted or an empty List. */ - public List getInserted() { + public List<Monitor> getInserted() { return inserted; } @@ -71,7 +72,7 @@ * * @return List - the List of Monitor objects removed or an empty List. */ - public List getRemoved() { + public List<Monitor> getRemoved() { return removed; } }
--- a/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/PerfDataBufferImpl.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/PerfDataBufferImpl.java Thu Jul 10 12:40:48 2014 -0700 @@ -66,7 +66,7 @@ /** * A cache of resolved monitor aliases. */ - protected Map aliasCache; + protected Map<String, Monitor> aliasCache; /** @@ -79,9 +79,9 @@ protected PerfDataBufferImpl(ByteBuffer buffer, int lvmid) { this.buffer = buffer; this.lvmid = lvmid; - this.monitors = new TreeMap<String, Monitor>(); - this.aliasMap = new HashMap<String, ArrayList<String>>(); - this.aliasCache = new HashMap(); + this.monitors = new TreeMap<>(); + this.aliasMap = new HashMap<>(); + this.aliasCache = new HashMap<>(); } /** @@ -200,12 +200,12 @@ protected Monitor findByAlias(String name) { assert Thread.holdsLock(this); - Monitor m = (Monitor)aliasCache.get(name); + Monitor m = aliasCache.get(name); if (m == null) { - ArrayList al = aliasMap.get(name); + ArrayList<String> al = aliasMap.get(name); if (al != null) { - for (Iterator i = al.iterator(); i.hasNext() && m == null; ) { - String alias = (String)i.next(); + for (Iterator<String> i = al.iterator(); i.hasNext() && m == null; ) { + String alias = i.next(); m = monitors.get(alias); } } @@ -287,21 +287,21 @@ Pattern pattern = Pattern.compile(patternString); Matcher matcher = pattern.matcher(""); - List<Monitor> matches = new ArrayList<Monitor>(); + List<Monitor> matches = new ArrayList<>(); - Set monitorSet = monitors.entrySet(); + Set<Map.Entry<String,Monitor>> monitorSet = monitors.entrySet(); - for (Iterator i = monitorSet.iterator(); i.hasNext(); /* empty */) { - Map.Entry me = (Map.Entry)i.next(); - String name = (String)me.getKey(); - Monitor m = (Monitor)me.getValue(); + for (Iterator<Map.Entry<String, Monitor>> i = monitorSet.iterator(); i.hasNext(); /* empty */) { + Map.Entry<String, Monitor> me = i.next(); + String name = me.getKey(); + Monitor m = me.getValue(); // apply pattern to monitor item name matcher.reset(name); // if the pattern matches, then add monitor to list if (matcher.lookingAt()) { - matches.add((Monitor)me.getValue()); + matches.add(me.getValue()); } } return matches;
--- a/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/LocalMonitoredVm.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/LocalMonitoredVm.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -143,16 +143,17 @@ * @param inserted List of Monitor objects inserted. * @param removed List of Monitor objects removed. */ - void fireMonitorStatusChangedEvents(List inserted, List removed) { + @SuppressWarnings("unchecked") // Cast of result of clone + void fireMonitorStatusChangedEvents(List<Monitor> inserted, List<Monitor> removed) { MonitorStatusChangeEvent ev = null; - ArrayList registered = null; + ArrayList<VmListener> registered = null; synchronized (listeners) { registered = (ArrayList)listeners.clone(); } - for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) { - VmListener l = (VmListener)i.next(); + for (Iterator<VmListener> i = registered.iterator(); i.hasNext(); /* empty */) { + VmListener l = i.next(); // lazily create the event object; if (ev == null) { ev = new MonitorStatusChangeEvent(this, inserted, removed); @@ -190,8 +191,8 @@ super.run(); try { MonitorStatus status = getMonitorStatus(); - List inserted = status.getInserted(); - List removed = status.getRemoved(); + List<Monitor> inserted = status.getInserted(); + List<Monitor> removed = status.getRemoved(); if (!inserted.isEmpty() || !removed.isEmpty()) { fireMonitorStatusChangedEvents(inserted, removed);
--- a/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/MonitoredHostProvider.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/local/MonitoredHostProvider.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2008, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -160,17 +160,18 @@ * @param terminated a set of Integer objects containing the vmid of * terminated Vms since last interval. */ - private void fireVmStatusChangedEvents(Set active, Set started, - Set terminated) { - ArrayList registered = null; + @SuppressWarnings("unchecked") // Cast of result of clone + private void fireVmStatusChangedEvents(Set<Integer> active, Set<Integer> started, + Set<Integer> terminated) { + ArrayList<HostListener> registered = null; VmStatusChangeEvent ev = null; synchronized(listeners) { registered = (ArrayList)listeners.clone(); } - for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) { - HostListener l = (HostListener)i.next(); + for (Iterator<HostListener> i = registered.iterator(); i.hasNext(); /* empty */) { + HostListener l = i.next(); if (ev == null) { ev = new VmStatusChangeEvent(this, active, started, terminated); } @@ -186,7 +187,7 @@ super.run(); // save the last set of active JVMs - Set lastActiveVms = activeVms; + Set<Integer> lastActiveVms = activeVms; // get the current set of active JVMs activeVms = (HashSet<Integer>)vmManager.activeVms(); @@ -194,20 +195,20 @@ if (activeVms.isEmpty()) { return; } - Set<Integer> startedVms = new HashSet<Integer>(); - Set<Object> terminatedVms = new HashSet<Object>(); + Set<Integer> startedVms = new HashSet<>(); + Set<Integer> terminatedVms = new HashSet<>(); - for (Iterator i = activeVms.iterator(); i.hasNext(); /* empty */) { - Integer vmid = (Integer)i.next(); + for (Iterator<Integer> i = activeVms.iterator(); i.hasNext(); /* empty */) { + Integer vmid = i.next(); if (!lastActiveVms.contains(vmid)) { // a new file has been detected, add to set startedVms.add(vmid); } } - for (Iterator i = lastActiveVms.iterator(); i.hasNext(); + for (Iterator<Integer> i = lastActiveVms.iterator(); i.hasNext(); /* empty */) { - Object o = i.next(); + Integer o = i.next(); if (!activeVms.contains(o)) { // JVM has terminated, remove it from the active list terminatedVms.add(o);
--- a/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/MonitoredHostProvider.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/MonitoredHostProvider.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -246,17 +246,18 @@ * Vm Identifiers of terminated JVMs since last * interval. */ - private void fireVmStatusChangedEvents(Set active, Set started, - Set terminated) { - ArrayList registered = null; + @SuppressWarnings("unchecked") // Cast of result of clone + private void fireVmStatusChangedEvents(Set<Integer> active, Set<Integer> started, + Set<Integer> terminated) { + ArrayList<HostListener> registered = null; VmStatusChangeEvent ev = null; synchronized(listeners) { registered = (ArrayList)listeners.clone(); } - for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) { - HostListener l = (HostListener)i.next(); + for (Iterator<HostListener> i = registered.iterator(); i.hasNext(); /* empty */) { + HostListener l = i.next(); if (ev == null) { ev = new VmStatusChangeEvent(this, active, started, terminated); } @@ -267,16 +268,17 @@ /** * Fire hostDisconnectEvent events. */ + @SuppressWarnings("unchecked") // Cast of result of clone void fireDisconnectedEvents() { - ArrayList registered = null; + ArrayList<HostListener> registered = null; HostEvent ev = null; synchronized(listeners) { registered = (ArrayList)listeners.clone(); } - for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) { - HostListener l = (HostListener)i.next(); + for (Iterator<HostListener> i = registered.iterator(); i.hasNext(); /* empty */) { + HostListener l = i.next(); if (ev == null) { ev = new HostEvent(this); } @@ -292,7 +294,7 @@ super.run(); // save the last set of active JVMs - Set lastActiveVms = activeVms; + Set<Integer> lastActiveVms = activeVms; try { // get the current set of active JVMs @@ -313,20 +315,20 @@ return; } - Set<Integer> startedVms = new HashSet<Integer>(); - Set<Object> terminatedVms = new HashSet<Object>(); + Set<Integer> startedVms = new HashSet<>(); + Set<Integer> terminatedVms = new HashSet<>(); - for (Iterator i = activeVms.iterator(); i.hasNext(); /* empty */ ) { - Integer vmid = (Integer)i.next(); + for (Iterator<Integer> i = activeVms.iterator(); i.hasNext(); /* empty */ ) { + Integer vmid = i.next(); if (!lastActiveVms.contains(vmid)) { // a new file has been detected, add to set startedVms.add(vmid); } } - for (Iterator i = lastActiveVms.iterator(); i.hasNext(); + for (Iterator<Integer> i = lastActiveVms.iterator(); i.hasNext(); /* empty */ ) { - Object o = i.next(); + Integer o = i.next(); if (!activeVms.contains(o)) { // JVM has terminated, remove it from the active list terminatedVms.add(o);
--- a/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/RemoteMonitoredVm.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/protocol/rmi/RemoteMonitoredVm.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -198,16 +198,17 @@ * @param inserted List of Monitor objects inserted. * @param removed List of Monitor objects removed. */ - void fireMonitorStatusChangedEvents(List inserted, List removed) { - ArrayList registered = null; + @SuppressWarnings("unchecked") // Cast of result of clone + void fireMonitorStatusChangedEvents(List<Monitor> inserted, List<Monitor> removed) { + ArrayList<VmListener> registered = null; MonitorStatusChangeEvent ev = null; synchronized(listeners) { registered = (ArrayList)listeners.clone(); } - for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) { - VmListener l = (VmListener)i.next(); + for (Iterator<VmListener> i = registered.iterator(); i.hasNext(); /* empty */) { + VmListener l = i.next(); if (ev == null) { ev = new MonitorStatusChangeEvent(this, inserted, removed); } @@ -218,16 +219,17 @@ /** * Fire MonitoredVmStructureChanged events. */ + @SuppressWarnings("unchecked") // Cast of result of clone void fireMonitorsUpdatedEvents() { - ArrayList registered = null; + ArrayList<VmListener> registered = null; VmEvent ev = null; synchronized(listeners) { registered = (ArrayList)listeners.clone(); } - for (Iterator i = registered.iterator(); i.hasNext(); /* empty */) { - VmListener l = (VmListener)i.next(); + for (Iterator<VmListener> i = registered.iterator(); i.hasNext(); /* empty */) { + VmListener l = i.next(); if (ev == null) { ev = new VmEvent(this); } @@ -256,8 +258,8 @@ try { MonitorStatus status = getMonitorStatus(); - List inserted = status.getInserted(); - List removed = status.getRemoved(); + List<Monitor> inserted = status.getInserted(); + List<Monitor> removed = status.getRemoved(); if (!inserted.isEmpty() || !removed.isEmpty()) { fireMonitorStatusChangedEvents(inserted, removed);
--- a/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/v1_0/PerfDataBuffer.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/v1_0/PerfDataBuffer.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -47,7 +47,7 @@ private static final boolean DEBUG = false; private static final int syncWaitMs = Integer.getInteger("sun.jvmstat.perdata.syncWaitMs", 5000); - private static final ArrayList EMPTY_LIST = new ArrayList(0); + private static final ArrayList<Monitor> EMPTY_LIST = new ArrayList<Monitor>(0); /* * the following constants must be kept in sync with struct @@ -190,8 +190,8 @@ getNewMonitors(map); // current implementation doesn't support deletion or reuse of entries - ArrayList removed = EMPTY_LIST; - ArrayList inserted = insertedMonitors; + ArrayList<Monitor> removed = EMPTY_LIST; + ArrayList<Monitor> inserted = insertedMonitors; insertedMonitors = new ArrayList<Monitor>(); return new MonitorStatus(inserted, removed); @@ -618,14 +618,14 @@ /** * Method to dump debugging information */ - private void dumpAll(Map map, int lvmid) { + private void dumpAll(Map<String, Monitor> map, int lvmid) { if (DEBUG) { - Set keys = map.keySet(); + Set<String> keys = map.keySet(); System.err.println("Dump for " + lvmid); int j = 0; - for (Iterator i = keys.iterator(); i.hasNext(); j++) { - Monitor monitor = (Monitor)map.get(i.next()); + for (Iterator<String> i = keys.iterator(); i.hasNext(); j++) { + Monitor monitor = map.get(i.next()); System.err.println(j + "\t" + monitor.getName() + "=" + monitor.getValue()); }
--- a/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/v2_0/PerfDataBuffer.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/jvmstat/perfdata/monitor/v2_0/PerfDataBuffer.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -65,7 +65,7 @@ private static final boolean DEBUG = false; private static final int syncWaitMs = Integer.getInteger("sun.jvmstat.perdata.syncWaitMs", 5000); - private static final ArrayList EMPTY_LIST = new ArrayList(0); + private static final ArrayList<Monitor> EMPTY_LIST = new ArrayList<>(0); /* * These are primarily for documentary purposes and the match up @@ -198,10 +198,10 @@ getNewMonitors(map); // current implementation doesn't support deletion of reuse of entries - ArrayList removed = EMPTY_LIST; - ArrayList inserted = insertedMonitors; + ArrayList<Monitor> removed = EMPTY_LIST; + ArrayList<Monitor> inserted = insertedMonitors; - insertedMonitors = new ArrayList<Monitor>(); + insertedMonitors = new ArrayList<>(); return new MonitorStatus(inserted, removed); } @@ -524,7 +524,7 @@ System.err.println("Dump for " + lvmid); int j = 0; - for (Iterator i = keys.iterator(); i.hasNext(); j++) { + for (Iterator<String> i = keys.iterator(); i.hasNext(); j++) { Monitor monitor = map.get(i.next()); System.err.println(j + "\t" + monitor.getName() + "=" + monitor.getValue());
--- a/jdk/src/share/classes/sun/management/DiagnosticCommandImpl.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/management/DiagnosticCommandImpl.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -84,10 +84,10 @@ Exception cause = null; if (info.getPermissionClass() != null) { try { - Class c = Class.forName(info.getPermissionClass()); + Class<?> c = Class.forName(info.getPermissionClass()); if (info.getPermissionAction() == null) { try { - Constructor constructor = c.getConstructor(String.class); + Constructor<?> constructor = c.getConstructor(String.class); permission = (Permission) constructor.newInstance(info.getPermissionName()); } catch (InstantiationException | IllegalAccessException @@ -98,7 +98,7 @@ } if (permission == null) { try { - Constructor constructor = c.getConstructor(String.class, String.class); + Constructor<?> constructor = c.getConstructor(String.class, String.class); permission = (Permission) constructor.newInstance( info.getPermissionName(), info.getPermissionAction()); @@ -158,7 +158,7 @@ SortedSet<MBeanOperationInfo> operations = new TreeSet<>(new OperationInfoComparator()); Map<String, Wrapper> wrappersmap; if (!isSupported) { - wrappersmap = (Map<String, Wrapper>) Collections.EMPTY_MAP; + wrappersmap = Collections.emptyMap(); } else { try { String[] command = getDiagnosticCommands(); @@ -189,7 +189,7 @@ } } } catch (IllegalArgumentException | UnsupportedOperationException e) { - wrappersmap = (Map<String, Wrapper>) Collections.EMPTY_MAP; + wrappersmap = Collections.emptyMap(); } } wrappers = Collections.unmodifiableMap(wrappersmap);
--- a/jdk/src/share/classes/sun/management/GarbageCollectionNotifInfoCompositeData.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/management/GarbageCollectionNotifInfoCompositeData.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -65,7 +65,7 @@ final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() { public GcInfoBuilder run() { try { - Class cl = Class.forName("com.sun.management.GcInfo"); + Class<?> cl = Class.forName("com.sun.management.GcInfo"); Field f = cl.getDeclaredField("builder"); f.setAccessible(true); return (GcInfoBuilder)f.get(gcNotifInfo.getGcInfo());
--- a/jdk/src/share/classes/sun/management/GcInfoBuilder.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/management/GcInfoBuilder.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -98,7 +98,7 @@ // First, fill with the attributes in the GcInfo String[] gcInfoItemNames = GcInfoCompositeData.getBaseGcInfoItemNames(); - OpenType[] gcInfoItemTypes = GcInfoCompositeData.getBaseGcInfoItemTypes(); + OpenType<?>[] gcInfoItemTypes = GcInfoCompositeData.getBaseGcInfoItemTypes(); int numGcInfoItems = gcInfoItemNames.length; int itemCount = numGcInfoItems + gcExtItemCount;
--- a/jdk/src/share/classes/sun/management/GcInfoCompositeData.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/management/GcInfoCompositeData.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -72,7 +72,7 @@ final GcInfoBuilder builder = AccessController.doPrivileged (new PrivilegedAction<GcInfoBuilder>() { public GcInfoBuilder run() { try { - Class cl = Class.forName("com.sun.management.GcInfo"); + Class<?> cl = Class.forName("com.sun.management.GcInfo"); Field f = cl.getDeclaredField("builder"); f.setAccessible(true); return (GcInfoBuilder)f.get(info); @@ -84,7 +84,7 @@ final Object[] extAttr = AccessController.doPrivileged (new PrivilegedAction<Object[]>() { public Object[] run() { try { - Class cl = Class.forName("com.sun.management.GcInfo"); + Class<?> cl = Class.forName("com.sun.management.GcInfo"); Field f = cl.getDeclaredField("extAttributes"); f.setAccessible(true); return (Object[])f.get(info); @@ -182,8 +182,8 @@ return baseGcInfoItemNames; } - private static OpenType[] baseGcInfoItemTypes = null; - static synchronized OpenType[] getBaseGcInfoItemTypes() { + private static OpenType<?>[] baseGcInfoItemTypes = null; + static synchronized OpenType<?>[] getBaseGcInfoItemTypes() { if (baseGcInfoItemTypes == null) { OpenType<?> memoryUsageOpenType = memoryUsageMapType.getOpenType(); baseGcInfoItemTypes = new OpenType<?>[] {
--- a/jdk/src/share/classes/sun/management/MappedMXBeanType.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/management/MappedMXBeanType.java Thu Jul 10 12:40:48 2014 -0700 @@ -227,6 +227,7 @@ // Enum <-> enum's name // static class EnumMXBeanType extends MappedMXBeanType { + @SuppressWarnings("rawtypes") final Class enumClass; EnumMXBeanType(Class<?> c) { this.enumClass = c; @@ -754,7 +755,7 @@ } } - private static class InProgress extends OpenType { + private static class InProgress<T> extends OpenType<T> { private static final String description = "Marker to detect recursive type use -- internal use only!"; @@ -783,7 +784,7 @@ static { OpenType<?> t; try { - t = new InProgress(); + t = new InProgress<>(); } catch (OpenDataException e) { // Should not reach here throw new AssertionError(e); @@ -791,7 +792,7 @@ inProgress = t; } - private static final OpenType[] simpleTypes = { + private static final OpenType<?>[] simpleTypes = { BIGDECIMAL, BIGINTEGER, BOOLEAN, BYTE, CHARACTER, DATE, DOUBLE, FLOAT, INTEGER, LONG, OBJECTNAME, SHORT, STRING, VOID,
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/src/share/classes/sun/misc/JavaAWTFontAccess.java Thu Jul 10 12:40:48 2014 -0700 @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * SharedSecrets interface used for the access from java.text.Bidi + */ + +package sun.misc; + +public interface JavaAWTFontAccess { + + // java.awt.font.TextAttribute constants + public Object getTextAttributeConstant(String name); + + // java.awt.font.NumericShaper + public void shape(Object shaper, char[] text, int start, int count); +}
--- a/jdk/src/share/classes/sun/misc/SharedSecrets.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/misc/SharedSecrets.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2002, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -55,6 +55,7 @@ private static JavaSecurityAccess javaSecurityAccess; private static JavaUtilZipFileAccess javaUtilZipFileAccess; private static JavaAWTAccess javaAWTAccess; + private static JavaAWTFontAccess javaAWTFontAccess; private static JavaBeansIntrospectorAccess javaBeansIntrospectorAccess; public static JavaUtilJarAccess javaUtilJarAccess() { @@ -180,12 +181,19 @@ public static JavaAWTAccess getJavaAWTAccess() { // this may return null in which case calling code needs to // provision for. - if (javaAWTAccess == null) { - return null; - } return javaAWTAccess; } + public static void setJavaAWTFontAccess(JavaAWTFontAccess jafa) { + javaAWTFontAccess = jafa; + } + + public static JavaAWTFontAccess getJavaAWTFontAccess() { + // this may return null in which case calling code needs to + // provision for. + return javaAWTFontAccess; + } + public static JavaBeansIntrospectorAccess getJavaBeansIntrospectorAccess() { return javaBeansIntrospectorAccess; }
--- a/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -900,7 +900,7 @@ private static ObjectIdentifier mapPBEAlgorithmToOID(String algorithm) throws NoSuchAlgorithmException { // Check for PBES2 algorithms - if (algorithm.toLowerCase().startsWith("pbewithhmacsha")) { + if (algorithm.toLowerCase(Locale.ENGLISH).startsWith("pbewithhmacsha")) { return pbes2_OID; } return AlgorithmId.get(algorithm).getOID();
--- a/jdk/src/share/classes/sun/security/provider/ConfigFile.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/security/provider/ConfigFile.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -451,7 +451,7 @@ // controlFlag (required, optional, etc) LoginModuleControlFlag controlFlag; - String sflag = match("controlFlag").toUpperCase(); + String sflag = match("controlFlag").toUpperCase(Locale.ENGLISH); switch (sflag) { case "REQUIRED": controlFlag = LoginModuleControlFlag.REQUIRED;
--- a/jdk/src/share/classes/sun/security/provider/PolicyParser.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/security/provider/PolicyParser.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -707,7 +707,7 @@ } catch (PropertyExpander.ExpandException peee) { throw new IOException(peee.getLocalizedMessage()); } - properties.put(key.toLowerCase(), value); + properties.put(key.toLowerCase(Locale.ENGLISH), value); } return properties;
--- a/jdk/src/share/classes/sun/security/tools/keytool/Main.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/security/tools/keytool/Main.java Thu Jul 10 12:40:48 2014 -0700 @@ -1540,7 +1540,7 @@ boolean useDefaultPBEAlgorithm = true; SecretKey secKey = null; - if (keyAlgName.toUpperCase().startsWith("PBE")) { + if (keyAlgName.toUpperCase(Locale.ENGLISH).startsWith("PBE")) { SecretKeyFactory factory = SecretKeyFactory.getInstance("PBE"); // User is prompted for PBE credential
--- a/jdk/src/share/classes/sun/text/bidi/BidiBase.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/classes/sun/text/bidi/BidiBase.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -54,13 +54,12 @@ import java.io.IOException; import java.lang.reflect.Array; -import java.lang.reflect.Field; -import java.lang.reflect.Method; -import java.lang.reflect.InvocationTargetException; import java.text.AttributedCharacterIterator; import java.text.Bidi; import java.util.Arrays; import java.util.MissingResourceException; +import sun.misc.JavaAWTFontAccess; +import sun.misc.SharedSecrets; import sun.text.normalizer.UBiDiProps; import sun.text.normalizer.UCharacter; import sun.text.normalizer.UTF16; @@ -3446,7 +3445,13 @@ * java.awt.font.TextAttribute without creating a static dependency. */ private static class TextAttributeConstants { - private static final Class<?> clazz = getClass("java.awt.font.TextAttribute"); + // Make sure to load the AWT's TextAttribute class before using the constants, if any. + static { + try { + Class.forName("java.awt.font.TextAttribute", true, null); + } catch (ClassNotFoundException e) {} + } + static final JavaAWTFontAccess jafa = SharedSecrets.getJavaAWTFontAccess(); /** * TextAttribute instances (or a fake Attribute type if @@ -3462,88 +3467,41 @@ /** * TextAttribute.RUN_DIRECTION_LTR */ - static final Boolean RUN_DIRECTION_LTR = (clazz == null) ? - Boolean.FALSE : (Boolean)getStaticField(clazz, "RUN_DIRECTION_LTR"); - - - private static Class<?> getClass(String name) { - try { - return Class.forName(name, true, null); - } catch (ClassNotFoundException e) { - return null; - } - } - - private static Object getStaticField(Class<?> clazz, String name) { - try { - Field f = clazz.getField(name); - return f.get(null); - } catch (NoSuchFieldException | IllegalAccessException x) { - throw new AssertionError(x); - } - } + static final Boolean RUN_DIRECTION_LTR = (jafa == null) ? + Boolean.FALSE : (Boolean)jafa.getTextAttributeConstant("RUN_DIRECTION_LTR"); @SuppressWarnings("serial") private static AttributedCharacterIterator.Attribute getTextAttribute(String name) { - if (clazz == null) { + if (jafa == null) { // fake attribute return new AttributedCharacterIterator.Attribute(name) { }; } else { - return (AttributedCharacterIterator.Attribute)getStaticField(clazz, name); + return (AttributedCharacterIterator.Attribute)jafa.getTextAttributeConstant(name); } } } /** - * A class that provides access to java.awt.font.NumericShaping without + * A class that provides access to java.awt.font.NumericShaper without * creating a static dependency. */ private static class NumericShapings { - private static final Class<?> clazz = - getClass("java.awt.font.NumericShaper"); - private static final Method shapeMethod = - getMethod(clazz, "shape", char[].class, int.class, int.class); - - private static Class<?> getClass(String name) { + // Make sure to load the AWT's NumericShaper class before calling shape, if any. + static { try { - return Class.forName(name, true, null); - } catch (ClassNotFoundException e) { - return null; - } + Class.forName("java.awt.font.NumericShaper", true, null); + } catch (ClassNotFoundException e) {} } - - private static Method getMethod(Class<?> clazz, - String name, - Class<?>... paramTypes) - { - if (clazz != null) { - try { - return clazz.getMethod(name, paramTypes); - } catch (NoSuchMethodException e) { - throw new AssertionError(e); - } - } else { - return null; - } - } + static final JavaAWTFontAccess jafa = SharedSecrets.getJavaAWTFontAccess(); /** * Invokes NumericShaping shape(text,start,count) method. */ static void shape(Object shaper, char[] text, int start, int count) { - if (shapeMethod == null) - throw new AssertionError("Should not get here"); - try { - shapeMethod.invoke(shaper, text, start, count); - } catch (InvocationTargetException e) { - Throwable cause = e.getCause(); - if (cause instanceof RuntimeException) - throw (RuntimeException)cause; - throw new AssertionError(e); - } catch (IllegalAccessException iae) { - throw new AssertionError(iae); + if (jafa != null) { + jafa.shape(shaper, text, start, count); } } }
--- a/jdk/src/share/javavm/export/jvm.h Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/javavm/export/jvm.h Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -426,9 +426,6 @@ JNIEXPORT jobjectArray JNICALL JVM_GetClassInterfaces(JNIEnv *env, jclass cls); -JNIEXPORT jobject JNICALL -JVM_GetClassLoader(JNIEnv *env, jclass cls); - JNIEXPORT jboolean JNICALL JVM_IsInterface(JNIEnv *env, jclass cls);
--- a/jdk/src/share/lib/security/BlacklistedCertsConverter.java Thu Jul 10 12:13:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,89 +0,0 @@ -/* - * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved. - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. - * - * This code is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * version 2 for more details (a copy is included in the LICENSE file that - * accompanied this code). - * - * You should have received a copy of the GNU General Public License version - * 2 along with this work; if not, write to the Free Software Foundation, - * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - * - * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA - * or visit www.oracle.com if you need additional information or have any - * questions. - */ - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.cert.Certificate; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.Collection; - -/** - * This is the tool to convert blacklisted.certs.pem to blacklisted.certs. - * Every time a new blacklisted certs is added, please append the PEM format - * to the end of blacklisted.certs.pem (with proper comments) and then use - * this tool to generate an updated blacklisted.certs. Make sure to include - * changes to both in a changeset. - */ -public class BlacklistedCertsConverter { - public static void main(String[] args) throws Exception { - if (args.length == 0) { - System.out.println("Usage: java BlacklistedCertsConverter SHA-256" + - " < blacklisted.certs.pem > blacklisted.certs"); - System.exit(1); - } - String mdAlg = args[0]; - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - Collection<? extends Certificate> certs - = cf.generateCertificates(System.in); - System.out.println("Algorithm=" + mdAlg); - for (Certificate cert: certs) { - System.out.println( - getCertificateFingerPrint(mdAlg, (X509Certificate)cert)); - } - } - - /** - * Converts a byte to hex digit and writes to the supplied buffer - */ - private static void byte2hex(byte b, StringBuffer buf) { - char[] hexChars = { '0', '1', '2', '3', '4', '5', '6', '7', '8', - '9', 'A', 'B', 'C', 'D', 'E', 'F' }; - int high = ((b & 0xf0) >> 4); - int low = (b & 0x0f); - buf.append(hexChars[high]); - buf.append(hexChars[low]); - } - - /** - * Gets the requested finger print of the certificate. - */ - private static String getCertificateFingerPrint(String mdAlg, - X509Certificate cert) { - String fingerPrint = ""; - try { - byte[] encCertInfo = cert.getEncoded(); - MessageDigest md = MessageDigest.getInstance(mdAlg); - byte[] digest = md.digest(encCertInfo); - StringBuffer buf = new StringBuffer(); - for (int i = 0; i < digest.length; i++) { - byte2hex(digest[i], buf); - } - fingerPrint = buf.toString(); - } catch (NoSuchAlgorithmException | CertificateEncodingException e) { - // ignored - } - return fingerPrint; - } -}
--- a/jdk/src/share/lib/security/blacklisted.certs Thu Jul 10 12:13:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,19 +0,0 @@ -Algorithm=SHA-256 -76A45A496031E4DD2D7ED23E8F6FF97DBDEA980BAAC8B0BA94D7EDB551348645 -4CBBF8256BC9888A8007B2F386940A2E394378B0D903CBB3863C5A6394B889CE -D24566BF315F4E597D6E381C87119FB4198F5E9E2607F5F4AB362EF7E2E7672F -14E6D2764A4B06701C6CBC376A253775F79C782FBCB6C0EE6F99DE4BA1024ADD -D3A936E1A7775A45217C8296A1F22AC5631DCDEC45594099E78EEEBBEDCBA967 -5E83124D68D24E8E177E306DF643D5EA99C5A94D6FC34B072F7544A1CABB7C7B -9ED8F9B0E8E42A1656B8E1DD18F42BA42DC06FE52686173BA2FC70E756F207DC -FDEDB5BDFCB67411513A61AEE5CB5B5D7C52AF06028EFC996CC1B05B1D6CEA2B -A686FEE577C88AB664D0787ECDFFF035F4806F3DE418DC9E4D516324FFF02083 -4FEE0163686ECBD65DB968E7494F55D84B25486D438E9DE558D629D28CD4D176 -8A1BD21661C60015065212CC98B1ABB50DFD14C872A208E66BAE890F25C448AF -B8686723E415534BC0DBD16326F9486F85B0B0799BF6639334E61DAAE67F36CD -3946901F46B0071E90D78279E82FABABCA177231A704BE72C5B0E8918566EA66 -31C8FD37DB9B56E708B03D1F01848B068C6DA66F36FB5D82C008C6040FA3E133 -450F1B421BB05C8609854884559C323319619E8B06B001EA2DCBB74A23AA3BE2 -FC02FD48DB92D4DCE6F11679D38354CF750CFC7F584A520EB90BDE80E241F2BD -DF21016B00FC54F9FE3BC8B039911BB216E9162FAD2FD14D990AB96E951B49BE -F5B6F88F75D391A4B1EB336F9E201239FB6B1377DB8CFA7B84736216E5AFFFD7
--- a/jdk/src/share/lib/security/blacklisted.certs.pem Thu Jul 10 12:13:26 2014 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,721 +0,0 @@ -// Subject: CN=Digisign Server ID (Enrich), -// OU=457608-K, -// O=Digicert Sdn. Bhd., -// C=MY -// Issuer: CN=GTE CyberTrust Global Root, -// OU=GTE CyberTrust Solutions, Inc., -// O=GTE Corporation, -// C=US -// Serial: 120001705 (07:27:14:a9) ------BEGIN CERTIFICATE----- -MIIDyzCCAzSgAwIBAgIEBycUqTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV -UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU -cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds -b2JhbCBSb290MB4XDTA3MDcxNzE1MTc0OFoXDTEyMDcxNzE1MTY1NFowYzELMAkG -A1UEBhMCTVkxGzAZBgNVBAoTEkRpZ2ljZXJ0IFNkbi4gQmhkLjERMA8GA1UECxMI -NDU3NjA4LUsxJDAiBgNVBAMTG0RpZ2lzaWduIFNlcnZlciBJRCAoRW5yaWNoKTCB -nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArahkS02Hx4RZufuQRqCmicDx/tXa -VII3DZkrRSYK6Fawf8qo9I5HhAGCKeOzarWR8/uVhbxyqGToCkCcxfRxrnt7agfq -kBRPjYmvlKuyBtQCanuYH1m5Os1U+iDfsioK6bjdaZDAKdNO0JftZszFGUkGf/pe -LHx7hRsyQt97lSUCAwEAAaOCAXgwggF0MBIGA1UdEwEB/wQIMAYBAf8CAQAwXAYD -VR0gBFUwUzBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcCARYtaHR0cDovL2N5YmVy -dHJ1c3Qub21uaXJvb3QuY29tL3JlcG9zaXRvcnkuY2ZtMAcGBWCDSgEBMA4GA1Ud -DwEB/wQEAwIB5jCBiQYDVR0jBIGBMH+heaR3MHUxCzAJBgNVBAYTAlVTMRgwFgYD -VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv -bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv -b3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93d3cucHVibGljLXRydXN0 -LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYDVR0OBBYEFMYWk04WF+wW -royUdvOGbcV0boR3MA0GCSqGSIb3DQEBBQUAA4GBAHYAe6Z4K2Ydjl42xqSOBfIj -knyTZ9P0wAp9iy3Z6tVvGvPhSilaIoRNUC9LDPL/hcJ7VdREgr5trGeOvLQfkpxR -gBoU9m6rYYgLrRx/90tQUdZlG6ZHcRVesHHzNRTyN71jyNXwk1o0X9g96F33xR7A -5c8fhiSpPAdmzcHSNmNZ ------END CERTIFICATE----- - -// Subject: CN=Digisign Server ID - (Enrich), -// OU=457608-K, -// O=Digicert Sdn. Bhd., -// C=MY -// Issuer: CN=Entrust.net Certification Authority (2048) -// OU=(c) 1999 Entrust.net Limited, -// OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), -// O=Entrust.net -// Serial: 1184644297 (4c:0e:63:6a) ------BEGIN CERTIFICATE----- -MIIEzjCCA7agAwIBAgIETA5jajANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML -RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp -bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5 -IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp -ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xMDA3MTYxNzIzMzdaFw0xNTA3 -MTYxNzUzMzdaMGUxCzAJBgNVBAYTAk1ZMRswGQYDVQQKExJEaWdpY2VydCBTZG4u -IEJoZC4xETAPBgNVBAsTCDQ1NzYwOC1LMSYwJAYDVQQDEx1EaWdpc2lnbiBTZXJ2 -ZXIgSUQgLSAoRW5yaWNoKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AMWJ5PQNBkCSWccaszXRDkwqM/n4r8qef+65p21g9FTob9Wb8xtjMQRoctE0Foy0 -FyyX3nPF2JAVoBor9cuzSIZE8B2ITM5BQhrv9Qze/kDaOSD3BlU6ap1GwdJvpbLI -Vz4po5zg6YV3ZuiYpyR+vsBZIOVEb7ZX2L7OwmV3WMZhQdF0BMh/SULFcqlyFu6M -3RJdtErU0a9Qt9iqdXZorT5dqjBtYairEFs+E78z4K9EnTgiW+9ML6ZxJhUmyiiM -2fqOjqmiFDXimySItPR/hZ2DTwehthSQNsQ0HI0mYW0Tb3i+6I8nx0uElqOGaAwj -vgvsjJQAqQSKE5D334VsDLECAwEAAaOCATQwggEwMA4GA1UdDwEB/wQEAwIBBjAS -BgNVHRMBAf8ECDAGAQH/AgEAMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcD -AgYIKwYBBQUHAwQwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v -b2NzcC5lbnRydXN0Lm5ldDBEBgNVHSAEPTA7MDkGBWCDSgEBMDAwLgYIKwYBBQUH -AgEWImh0dHA6Ly93d3cuZGlnaWNlcnQuY29tLm15L2Nwcy5odG0wMgYDVR0fBCsw -KTAnoCWgI4YhaHR0cDovL2NybC5lbnRydXN0Lm5ldC8yMDQ4Y2EuY3JsMBEGA1Ud -DgQKBAhMTswlKAMpgTAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDAN -BgkqhkiG9w0BAQUFAAOCAQEAl0zvSjpJrHL8MCBrtClbp8WVBJD5MtXChWreA6E3 -+YkAsFqsVX7bQzX/yQH4Ub7MJsrIaqTEVD4mHucMo82XZ5TdpkLrXM2POXlrM3kh -Bnn6gkQVmczBtznTRmJ8snDrb84gqj4Zt+l0gpy0pUtNYQA35IfS8hQ6ZHy4qXth -4JMi59WfPkfmNnagU9gAAzoPtTP+lsrT0oI6Lt3XSOHkp2nMHOmZSufKcEXXCwcO -mnUb0C+Sb/akB8O9HEumhLZ9qJqp0qcp8QtXaR6XVybsK0Os1EWDBQDp4/BGQAf6 -6rFRc5Mcpd1TETfIKqcVJx20qsx/qjEw/LhFn0gJ7RDixQ== ------END CERTIFICATE----- - -// Subject: CN=Java Media APIs, -// OU=Java Signed Extensions, -// OU=Corporate Object Signing, -// O=Sun Microsystems Inc -// Issuer: CN=Object Signing CA, -// OU=Class 2 OnSite Subscriber CA, -// OU=VeriSign Trust Network, -// O=Sun Microsystems Inc -// Serial: 6a:8b:99:91:37:59:4f:89:53:e2:97:18:9f:19:1e:4e ------BEGIN CERTIFICATE----- -MIIFdzCCBF+gAwIBAgIQaouZkTdZT4lT4pcYnxkeTjANBgkqhkiG9w0BAQUFADCB -gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj -cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDUxMjAw -MDAwMFoXDTEyMDUxMTIzNTk1OVowfTEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt -cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE -CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEYMBYGA1UEAxQPSmF2YSBNZWRpYSBB -UElzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5blzoKTVE8y4Hpz -q6E15RZz1bF5HnYEyYqgHkZXnAKedmYCoMzm1XK8s+gQWShLEvGEAvs5yqarx9gE -nnC21N28aEZgIJMa2/arKxCUkS4pxdGPYGexL9UzSRkUpoBShCZKEGdmX7gfJE2K -/sd9MFvGV5/yZtWXrADzvm0Kd/9mg1KRv1gfrZIq0TJbupoXPYYqb73AkI9eT2ZD -q9MdwD4E5+oojsDFXt8GU/D00fUhtXpYwuplU7D667WHYdJhIah0ST6JywyqcLXG -XSuFTXOgITT2idSHluZVmx3dqJ72u9kPkO4JdJTMDfaK8zgNLaRkiU8Qcj+qhLYH -ytaqcwIDAQABo4IB6jCCAeYwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCB4AwfwYD -VR0fBHgwdjB0oHKgcIZuaHR0cDovL29uc2l0ZWNybC52ZXJpc2lnbi5jb20vU3Vu -TWljcm9zeXN0ZW1zSW5jQ29ycG9yYXRlT2JqZWN0U2lnbmluZ0phdmFTaWduZWRF -eHRlbnNpb25zQ2xhc3NCL0xhdGVzdENSTC5jcmwwHwYDVR0jBBgwFoAUs0crgn5T -tHPKuLsZt76BTQeVx+0wHQYDVR0OBBYEFKS32mVx0gNWTeS4ProHEaeSpvvIMDsG -CCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL29uc2l0ZS1vY3NwLnZl -cmlzaWduLmNvbTCBtQYDVR0gBIGtMIGqMDkGC2CGSAGG+EUBBxcCMCowKAYIKwYB -BQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwbQYLYIZIAYb3AIN9 -nD8wXjAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cuc3VuLmNvbS9wa2kvY3BzMDMG -CCsGAQUFBwICMCcaJVZhbGlkYXRlZCBGb3IgU3VuIEJ1c2luZXNzIE9wZXJhdGlv -bnMwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcNAQEFBQADggEBAAe6BO4W -3TSNWfezyelJs6kE3HfulT6Bdyz4UUoh9ykXcV8nRwT+kh25I5MdyG2GfkJoADPR -VhC5DYo13UFpIsTNVjq+hGYe2hML93bN7ad9SxCCyjHUo3yMz2qgBbHZI3VA9ZHA -aWM4Tx0saMwbcnVvlbuGh+PXvStfypJqYT6lzcdFfjNVX4FI/QQNGhBswMY51tC8 -GTBCL2qhJon0gSCU4zaawDOf7+XxJWirLamYL1Aal1/h2z2sFrvA/1ftxtU3kZ6I -7De8DyoHeZg7pYGdrj7g+lPhCga/WvEhN152I+aP08YbFcJHYmK05ngl/Ye4c6Bd -cdrdfbw6QzEUIYY= ------END CERTIFICATE----- - -// Subject: CN=JavaFX 1.0 Runtime, -// OU=Java Signed Extensions, -// OU=Corporate Object Signing, -// O=Sun Microsystems Inc -// Issuer: CN=Object Signing CA, -// OU=Class 2 OnSite Subscriber CA, -// OU=VeriSign Trust Network, -// O=Sun Microsystems Inc -// Serial: 55:c0:e6:44:59:59:79:9e:d9:26:f1:b0:4a:1e:f0:27 ------BEGIN CERTIFICATE----- -MIIFezCCBGOgAwIBAgIQVcDmRFlZeZ7ZJvGwSh7wJzANBgkqhkiG9w0BAQUFADCB -gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj -cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA4MTAwOTAw -MDAwMFoXDTExMTAwOTIzNTk1OVowgYAxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl -bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxHzAdBgNV -BAsUFkphdmEgU2lnbmVkIEV4dGVuc2lvbnMxGzAZBgNVBAMUEkphdmFGWCAxLjAg -UnVudGltZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+WDc6+bu+4 -tmAcS/lBtUc02WOt9QZpVsXg9cG2pu/8bUtmDELa8iiYBVFpIs8DU58HLrGQtCUY -SIAGOVPsOJoN29UKCDWfY9j5JeVhfhMGqk9DwrWhzgsjy4cpZ1pIp+k/fJ8zT8Ul -aYLpow1vg3UNddsmwz02tN7cOrMw9WYIG4CRYnY1OrtJSfe2pYzheC4zyvR+aiVl -nang2OtqikSQsNFOFHsLOJFxngy9LrO8evDSu25VTKI6zlWU6/bMeqtztJPN0VOn -NyUrJZvkxZ207Jg0T693BGSxNC1n+ihztXogql8950M/pEuUbDjylv5FFvlp6DSB -dDT2MkutmyMCAwEAAaOCAeowggHmMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgeA -MH8GA1UdHwR4MHYwdKByoHCGbmh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29t -L1N1bk1pY3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdKYXZhU2ln -bmVkRXh0ZW5zaW9uc0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaAFLNH -K4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBTjgufVi3XJ3gx1ewsA6Rr7BR4Z -zjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUtb2Nz -cC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAqMCgG -CCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CGSAGG -9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtpL2Nw -czAzBggrBgEFBQcCAjAnGiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBPcGVy -YXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IBAQAB -YVJTTVe7rzyTO4jc3zajErOT/COkdQTfNo0eIX1QbNynFieJvwY/jRzUZwjktIFR -2p4JtbpHGAtKtjOAOTieQ8xdDOoC1djzpE7/AbMvuvlTavtUKT+F7tPdhfXgWXJV -6Wbt8jryKyk3zZGiEhauIwZUkfjRkEtffEmZWLUd8c8rURJjfC/XHH2oyurscoxc -CjX29c9ynxSiS/VvQp1an0HvErGh69N48wj7cj8mtZ1yHzd2XCzSSR1OfTPfk0Pt -yg51p7yJaFiH21PTZegEL6zyVNOYBTKwwIi2OzpwYalD3uvK6e3OKDrfFCOxu17u -4PveESbrdyrmvLe7IVez ------END CERTIFICATE----- - -// Subject: CN=JavaFX Runtime, -// OU=Java Signed Extensions, -// OU=Corporate Object Signing, -// O=Sun Microsystems Inc -// Issuer: CN=Object Signing CA, -// OU=Class 2 OnSite Subscriber CA, -// OU=VeriSign Trust Network, -// O=Sun Microsystems Inc -// Serial: 47:f4:55:f1:da:4a:5e:f9:e3:f7:a8:03:62:17:c0:ff ------BEGIN CERTIFICATE----- -MIIFdjCCBF6gAwIBAgIQR/RV8dpKXvnj96gDYhfA/zANBgkqhkiG9w0BAQUFADCB -gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj -cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA5MDEyOTAw -MDAwMFoXDTEyMDEyOTIzNTk1OVowfDEdMBsGA1UEChQUU3VuIE1pY3Jvc3lzdGVt -cyBJbmMxITAfBgNVBAsUGENvcnBvcmF0ZSBPYmplY3QgU2lnbmluZzEfMB0GA1UE -CxQWSmF2YSBTaWduZWQgRXh0ZW5zaW9uczEXMBUGA1UEAxQOSmF2YUZYIFJ1bnRp -bWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIzd0fAk8mI9ONc6RJ -aGieioK2FLdXEwj8zL3vdGDVmBwyR1zwYkaOIFFgF9IW/8qc4iAYA5sGUY+0g8q3 -5DuYAxfTzBB5KdaYvbuq6GGnoHIWmTirXY+1friFp8lyXSvtuEaGB1VHaBoZchEg -k+UgeVDA43dHwcT1Ov3DePczJRUes8T/QHzLX+BxUDG43vjyncCEO/AjqLZxXEz2 -xrNbKLcH3lGMJK7hdbfssUfF5BjC38Hn71HauYlA43b2no+2y0Sjulwzez2YPbDC -0GLR3TnKtA8dqOrnl5t3DniDbfOBNtBE3VOydJO0XW57Ng1HRXD023nm9ECPY2xp -0N/pAgMBAAGjggHqMIIB5jAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDB/BgNV -HR8EeDB2MHSgcqBwhm5odHRwOi8vb25zaXRlY3JsLnZlcmlzaWduLmNvbS9TdW5N -aWNyb3N5c3RlbXNJbmNDb3Jwb3JhdGVPYmplY3RTaWduaW5nSmF2YVNpZ25lZEV4 -dGVuc2lvbnNDbGFzc0IvTGF0ZXN0Q1JMLmNybDAfBgNVHSMEGDAWgBSzRyuCflO0 -c8q4uxm3voFNB5XH7TAdBgNVHQ4EFgQUvOdd0cKPj+Yik/iOBwTdphh5A+gwOwYI -KwYBBQUHAQEELzAtMCsGCCsGAQUFBzABhh9odHRwOi8vb25zaXRlLW9jc3AudmVy -aXNpZ24uY29tMIG1BgNVHSAEga0wgaowOQYLYIZIAYb4RQEHFwIwKjAoBggrBgEF -BQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTBtBgtghkgBhvcAg32c -PzBeMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5zdW4uY29tL3BraS9jcHMwMwYI -KwYBBQUHAgIwJxolVmFsaWRhdGVkIEZvciBTdW4gQnVzaW5lc3MgT3BlcmF0aW9u -czATBgNVHSUEDDAKBggrBgEFBQcDAzANBgkqhkiG9w0BAQUFAAOCAQEAbGcf2NjL -AI93HG6ny2BbepaZA1a8xa/R6uUc7xV+Qw6MgLwFD4Q4i6LWUztQDvg9l68MM2/i -Y9LEi1KM4lcNbK5+D+t9x98wXBiuojXhVdp5ZmC03EyEBbriopdBsmXVLDSu/Y3+ -zowOO5xwpMK3dbgsSDs2Vt0UosD3FTcRaD3GNfOhXMp+o1grHNiXF9YgkmdQbPPZ -DQ2KBhFPCRJXBGvyKOqno/DTg0sQ3crGH/C4/4t7mnQXWldZotmJUZ0ONc9oD+Q1 -JAaguUKqIwn9yZ093ie+JWHbYNid9IIIPXYgtRxmf9a376WBhqhu56uJftBJ7x9g -eQ7Lot6CSWCiFw== ------END CERTIFICATE----- - -// Subject: CN=Solaris INTERNAL DEVELOPMENT USE ONLY, -// OU=Solaris Cryptographic Framework, -// OU=Corporate Object Signing, -// O=Sun Microsystems Inc -// Issuer: CN=Object Signing CA, -// OU=Class 2 OnSite Subscriber CA, -// OU=VeriSign Trust Network, -// O=Sun Microsystems Inc -// Serial: 77:29:77:52:6a:19:7b:9a:a6:a2:c7:99:a0:e1:cd:8c ------BEGIN CERTIFICATE----- -MIIFHjCCBAagAwIBAgIQdyl3UmoZe5qmoseZoOHNjDANBgkqhkiG9w0BAQUFADCB -gzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxHzAdBgNVBAsTFlZlcmlT -aWduIFRydXN0IE5ldHdvcmsxJTAjBgNVBAsTHENsYXNzIDIgT25TaXRlIFN1YnNj -cmliZXIgQ0ExGjAYBgNVBAMTEU9iamVjdCBTaWduaW5nIENBMB4XDTA3MDEwNDAw -MDAwMFoXDTEwMDEwMzIzNTk1OVowgZwxHTAbBgNVBAoUFFN1biBNaWNyb3N5c3Rl -bXMgSW5jMSEwHwYDVQQLFBhDb3Jwb3JhdGUgT2JqZWN0IFNpZ25pbmcxKDAmBgNV -BAsUH1NvbGFyaXMgQ3J5cHRvZ3JhcGhpYyBGcmFtZXdvcmsxLjAsBgNVBAMUJVNv -bGFyaXMgSU5URVJOQUwgREVWRUxPUE1FTlQgVVNFIE9OTFkwgZ8wDQYJKoZIhvcN -AQEBBQADgY0AMIGJAoGBALbNU4hf3mD5ArDI9pjgioAyvV3bjMPRQdCZniIeGJBp -odFlSEH+Mh64W1DsY8coeZ7FvvGJkx9IpTMJW9k8w1oJK9UNqHyAQfaYjQyXi3xQ -LJp62EvYdGfDlwOZejEcR/MbzZG+GOPMMvQj5+xyFDvLXNGfQNTnxw2qnBgCJXjj -AgMBAAGjggH1MIIB8TAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDCBiQYDVR0f -BIGBMH8wfaB7oHmGd2h0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL1N1bk1p -Y3Jvc3lzdGVtc0luY0NvcnBvcmF0ZU9iamVjdFNpZ25pbmdTb2xhcmlzQ3J5cHRv -Z3JhcGhpY0ZyYW1ld29ya0NsYXNzQi9MYXRlc3RDUkwuY3JsMB8GA1UdIwQYMBaA -FLNHK4J+U7Rzyri7Gbe+gU0HlcftMB0GA1UdDgQWBBRpfiGYkehTnsIzuN2H6AFb -VCZG8jA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUHMAGGH2h0dHA6Ly9vbnNpdGUt -b2NzcC52ZXJpc2lnbi5jb20wgbUGA1UdIASBrTCBqjA5BgtghkgBhvhFAQcXAjAq -MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhMG0GC2CG -SAGG9wCDfZw/MF4wJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnN1bi5jb20vcGtp -L2NwczAzBggrBgEFBQcCAjAnFiVWYWxpZGF0ZWQgRm9yIFN1biBCdXNpbmVzcyBP -cGVyYXRpb25zMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4IB -AQCG5soy3LFHTFbA8/5SzDRhQoJkHUnOP0t3b6nvX6vZYRp649fje7TQOPRm1pFd -CZ17J+tggdZwgzTqY4aYpJ00jZaK6pV37q/vgFC/ia6jDs8Q+ly9cEcadBZ5loYg -cmxp9p57W2MNWx8VA8oFdNtKfF0jUNXbLNtvwGHmgR6YcwLrGN1b6/9Lt9bO3ODl -FO+ZDwkfQz5ClUVrTx2dGBvKRYFqSG5S8JAfsgYhPvcacUQkA7ExyKvfRXLWVrce -ZiPpcElbx+819H2sAPvVvparVeAruZGMAtejHZp9NFoowKen5drJp9VxePS4eM49 -3DepB6lKRrNRw66LNQol4ZBz ------END CERTIFICATE----- - -// Subject: EMAILADDRESS=info@diginotar.nl, CN=DigiNotar Cyber CA, -// O=DigiNotar, C=NL -// Issuer: CN=GTE CyberTrust Global Root, -// OU=GTE CyberTrust Solutions, Inc., -// O=GTE Corporation, -// C=US -// Serial: 120000525 (07:27:10:0D) ------BEGIN CERTIFICATE----- -MIIFWjCCBMOgAwIBAgIEBycQDTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV -UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU -cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds -b2JhbCBSb290MB4XDTA2MTAwNDEwNTQxMVoXDTExMTAwNDEwNTMxMVowYDELMAkG -A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy -IEN5YmVyIENBMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIw -DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANLOFQotqF6EZ639vu9Gx8i5z3P8 -9DS5+SxD52ATPXrjss87Z2yQrcC5P4RS8DVC3HTcKDu9UrSnrHJFF8bwieu0qiXy -XUte0dmHutZ9fPXOMp8QM8WxSrtekTHC0OlBwpFkfglBO9uLCDdqqspS3rU5HsCI -A6U/i5kTYUO1m4Kz7iBvz6FEouova0CfjytXraFTwoUiaZ2gP1HfC0GRDaXhqKpc -SQhdvd5wQbEPyWNr0380dAIvNFp4dRxoeoFnivPaQPBgY/SSINcDpj2jHmfEhBtB -pcmM5r3qSLYFFgizNxJa92E89zhvLpfgb1Y4VNMota0Ubi5LZLUnZbd1JQm2Bz2V -VgIKgmCyc0XgMyZRdJq51FAc9k1bW1JSE1qmf6cO4ehBVGeYjIfVydNsy9NUkgYJ -NEH3gW8/nsl8dVWw58Gzd+jDxAA1lUBwEEoF3iW7n1mlZLxHYL9g43aLE1Xd4XR6 -uc8kpmp/3mQiRFhogmoQ+T3lPhu5vfwi9GAEibtVbShV+t6OjRshFNc3izR7Tfay -shDPM7F9HGKZSMsrbHaWVb8ZDR0fu2WqG46ZtcYokOWCLXhQIJr9eS8kf/CJKWn0 -fc1zvrPtTsHR7VJej/e4142HrbLZG1ES/1az4a80fVykeIgQnp0DxqWqoiRR90kU -xbHuWUOV36toKDA/AgMBAAGjggGGMIIBgjASBgNVHRMBAf8ECDAGAQH/AgEBMFMG -A1UdIARMMEowSAYJKwYBBAGxPgEAMDswOQYIKwYBBQUHAgEWLWh0dHA6Ly93d3cu -cHVibGljLXRydXN0LmNvbS9DUFMvT21uaVJvb3QuaHRtbDAOBgNVHQ8BAf8EBAMC -AQYwgaAGA1UdIwSBmDCBlYAUpgwdn2H/Bxe1vzhG20Mw1Y6wUgaheaR3MHUxCzAJ -BgNVBAYTAlVTMRgwFgYDVQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdU -RSBDeWJlclRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVy -VHJ1c3QgR2xvYmFsIFJvb3SCAgGlMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly93 -d3cucHVibGljLXRydXN0LmNvbS9jZ2ktYmluL0NSTC8yMDE4L2NkcC5jcmwwHQYD -VR0OBBYEFKv5aN/PSjfXe0WMX3LeQETDZbvCMA0GCSqGSIb3DQEBBQUAA4GBAI9o -a6VbB7pEZg4cqFwwezPkCiYE/O+eGjjWLqEf0JlHwnVkJP2eOyh2uSYoYZEMbSz4 -BJ98UAHV42mv7xXSRZskCSpmBU8lgcpdvqrBWSeuM46C9990sFWzjvjnN8huqlZE -9r1TgSOWPbT6MopTZkQloiXGpjwljPDgKAYityZB ------END CERTIFICATE----- - -// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL -// Issuer: CN=GTE CyberTrust Global Root, -// OU=GTE CyberTrust Solutions, Inc., -// O=GTE Corporation, -// C=US -// Serial: 120000505 (07:27:0F:F9) ------BEGIN CERTIFICATE----- -MIIFODCCBKGgAwIBAgIEBycP+TANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV -UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU -cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds -b2JhbCBSb290MB4XDTA2MDkyMDA5NDUzMloXDTEzMDkyMDA5NDQwNlowPjELMAkG -A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy -IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o -XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S -tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7 -24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp -naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj -9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu -LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU -Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk -vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6 -3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt -eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4 -iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB -/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC -ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s -MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV -jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv -bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD -VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6 -oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw -MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI -hvcNAQEFBQADgYEACcpiD427SuDUejUrBi3RKGG2rAH7g0m8rtQvLYauGYOl1h0T -4he+/jJ06XoUOMqUXvcpAWlxG5Ea/aO7qh3Ke+IW/aGjDvMMX7LhIDGUK16Sdu36 -6bUjpr8KOwOpb1JgVM1f6bcvfKIn/UGDdbYN+3gm87FF6TKVKho1IZXFonU= ------END CERTIFICATE----- - -// Subject: CN=DigiNotar Cyber CA, O=DigiNotar, C=NL -// Issuer: CN=GTE CyberTrust Global Root, -// OU=GTE CyberTrust Solutions, Inc., -// O=GTE Corporation, -// C=US -// Serial: 120000515 (07:27:10:03) ------BEGIN CERTIFICATE----- -MIIFODCCBKGgAwIBAgIEBycQAzANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV -UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU -cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds -b2JhbCBSb290MB4XDTA2MDkyNzEwNTMzMloXDTExMDkyNzEwNTIzMFowPjELMAkG -A1UEBhMCTkwxEjAQBgNVBAoTCURpZ2lOb3RhcjEbMBkGA1UEAxMSRGlnaU5vdGFy -IEN5YmVyIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0s4VCi2o -XoRnrf2+70bHyLnPc/z0NLn5LEPnYBM9euOyzztnbJCtwLk/hFLwNULcdNwoO71S -tKesckUXxvCJ67SqJfJdS17R2Ye61n189c4ynxAzxbFKu16RMcLQ6UHCkWR+CUE7 -24sIN2qqylLetTkewIgDpT+LmRNhQ7WbgrPuIG/PoUSi6i9rQJ+PK1etoVPChSJp -naA/Ud8LQZENpeGoqlxJCF293nBBsQ/JY2vTfzR0Ai80Wnh1HGh6gWeK89pA8GBj -9JIg1wOmPaMeZ8SEG0GlyYzmvepItgUWCLM3Elr3YTz3OG8ul+BvVjhU0yi1rRRu -LktktSdlt3UlCbYHPZVWAgqCYLJzReAzJlF0mrnUUBz2TVtbUlITWqZ/pw7h6EFU -Z5iMh9XJ02zL01SSBgk0QfeBbz+eyXx1VbDnwbN36MPEADWVQHAQSgXeJbufWaVk -vEdgv2DjdosTVd3hdHq5zySman/eZCJEWGiCahD5PeU+G7m9/CL0YASJu1VtKFX6 -3o6NGyEU1zeLNHtN9rKyEM8zsX0cYplIyytsdpZVvxkNHR+7Zaobjpm1xiiQ5YIt -eFAgmv15LyR/8IkpafR9zXO+s+1OwdHtUl6P97jXjYetstkbURL/VrPhrzR9XKR4 -iBCenQPGpaqiJFH3SRTFse5ZQ5Xfq2goMD8CAwEAAaOCAYYwggGCMBIGA1UdEwEB -/wQIMAYBAf8CAQEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEFBQcC -ARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5odG1s -MA4GA1UdDwEB/wQEAwIBBjCBoAYDVR0jBIGYMIGVgBSmDB2fYf8HF7W/OEbbQzDV -jrBSBqF5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dURSBDb3Jwb3JhdGlv -bjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25zLCBJbmMuMSMwIQYD -VQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUwRQYDVR0fBD4wPDA6 -oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL2NnaS1iaW4vQ1JMLzIw -MTgvY2RwLmNybDAdBgNVHQ4EFgQUq/lo389KN9d7RYxfct5ARMNlu8IwDQYJKoZI -hvcNAQEFBQADgYEAWcyGZhizJlRP1jjNupZey+yZG6oMDW4Z11boriMHbYPCndBE -bVh07zmPbZsihOw9w/vm5KbVX5CgxUv4Rhzh/20Faixf3P3bpWg0qgzHVVusNVR/ -P50aKkpdK3hp+QLl56e+lWOddSAINIpmcuyDI1hyuzB+GJEASm9tNU/6rs8= ------END CERTIFICATE----- - -// Subject: EMAILADDRESS=info@diginotar.nl, -// CN=DigiNotar Root CA, -// O=DigiNotar, C=NL -// Issuer: CN=Entrust.net Secure Server Certification Authority -// OU=(c) 1999 Entrust.net Limited, -// OU=www.entrust.net/CPS incorp. by ref. (limits liab.), -// O=Entrust.net, -// C=US, -// Serial: 1184644297 (46:9C:3C:C9) ------BEGIN CERTIFICATE----- -MIIFSDCCBLGgAwIBAgIERpw8yTANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC -VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u -ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc -KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u -ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA0 -MjYwNTAwMDBaFw0xMzA4MTQyMDEyMzZaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK -EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI -hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP -ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt -OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx -hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7 -gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D -IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T -BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs -Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8 -5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf -DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX -9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e -7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj -ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB -BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF -BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD -VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy -bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G -A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob -BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAI979rBep8tu3TeLunapgsZ0jtXp -GDFjKWSk87dj1jCyYi+q/GyDyZ6ZQZNRP0sF+6twscq05lClWNy3TROMp7QeuoLO -G7Utw3OJaswUtp4YglANMRTHEe3g9ltifUXRH5tSuy7u6yi4LD4WTm5ULP6r/g6l -0CnjXYb0+b1Fmz6U ------END CERTIFICATE----- - -// Subject: EMAILADDRESS=info@diginotar.nl, -// CN=DigiNotar Root CA, -// O=DigiNotar, C=NL -// Issuer: CN=Entrust.net Secure Server Certification Authority -// OU=(c) 1999 Entrust.net Limited, -// OU=www.entrust.net/CPS incorp. by ref. (limits liab.), -// O=Entrust.net, -// C=US, -// Serial: 1184640175 (46:9C:2C:AF) ------BEGIN CERTIFICATE----- -MIIFSDCCBLGgAwIBAgIERpwsrzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC -VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u -ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc -KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u -ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3 -MjYxNTU3MzlaFw0xMzA4MjYxNjI3MzlaMF8xCzAJBgNVBAYTAk5MMRIwEAYDVQQK -EwlEaWdpTm90YXIxGjAYBgNVBAMTEURpZ2lOb3RhciBSb290IENBMSAwHgYJKoZI -hvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCCAiIwDQYJKoZIhvcNAQEBBQADggIP -ADCCAgoCggIBAKywWMEAvdghCAsrmv5uVjAFnxt3kBBBXMMNhxF3joHxynzpjGrt -OHQ1u9rf+bvACTe0lnOBfTMamDn3k2+Vfz25sXWHulFI6ItwPpUExdi2wxbZiLCx -hx1w2oa0DxSLes8Q0XQ2ohJ7d4ZKeeZ73wIRaKVOhq40WJskE3hWIiUeAYtLUXH7 -gsxZlmmIWmhTxbkNAjfLS7xmSpB+KgsFB+0WX1WQddhGyRuD4gi+8SPMmR3WKg+D -IBVYJ4Iu+uIiwkmxuQGBap1tnUB3aHZOISpthECFTnaZfILz87cCWdQmARuO361T -BtGuGN3isjrL14g4jqxbKbkZ05j5GAPPSIKGZgsbaQ/J6ziIeiYaBUyS1yTUlvKs -Ui2jR9VS9j/+zoQGcKaqPqLytlY0GFei5IFt58rwatPHkWsCg0F8Fe9rmmRe49A8 -5bHre12G+8vmd0nNo2Xc97mcuOQLX5PPzDAaMhzOHGOVpfnq4XSLnukrqTB7oBgf -DhgL5Vup09FsHgdnj5FLqYq80maqkwGIspH6MVzVpsFSCAnNCmOi0yKm6KHZOQaX -9W6NApCMFHs/gM0bnLrEWHIjr7ZWn8Z6QjMpBz+CyeYfBQ3NTCg2i9PIPhzGiO9e -7olk6R3r2ol+MqZp0d3MiJ/R0MlmIdwGZ8WUepptYkx9zOBkgLKeR46jAgMBAAGj -ggEmMIIBIjASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMB -BggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAAMDMGCCsGAQUF -BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD -VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9zZXJ2ZXIxLmNy -bDAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wCwYDVR0PBAQDAgEGMB8G -A1UdIwQYMBaAFPAXYhNVPbP/CgBr+1CEl/PtYtAaMBkGCSqGSIb2fQdBAAQMMAob -BFY3LjEDAgCBMA0GCSqGSIb3DQEBBQUAA4GBAEa6RcDNcEIGUlkDJUY/pWTds4zh -xbVkp3wSmpwPFhx5fxTyF4HD2L60jl3aqjTB7gPpsL2Pk5QZlNsi3t4UkCV70UOd -ueJRN3o/LOtk4+bjXY2lC0qTHbN80VMLqPjmaf9ghSA9hwhskdtMgRsgfd90q5QP -ZFdYf+hthc3m6IcJ ------END CERTIFICATE----- - -// Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2, -// O=DigiNotar B.V., -// C=NL -// Issuer: CN=Staat der Nederlanden Organisatie CA - G2, -// O=Staat der Nederlanden, -// C=NL -// Serial: 20001983 (01:31:34:bf) ------BEGIN CERTIFICATE----- -MIIGnDCCBISgAwIBAgIEATE0vzANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMTIwMAYDVQQDDClTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xMDA1MTIw -ODUxMzhaFw0yMDAzMjMwOTUwMDRaMFoxCzAJBgNVBAYTAk5MMRcwFQYDVQQKDA5E -aWdpTm90YXIgQi5WLjEyMDAGA1UEAwwpRGlnaU5vdGFyIFBLSW92ZXJoZWlkIENB -IE9yZ2FuaXNhdGllIC0gRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC -AQCxExkPJ+Zs1FWGS9DsiYpFkXisR71HK+T8RetPtCZzWzfTw3/2497Xo/gtaMUI -PkuU1uSHJTZrhLUYdPMoWHMvm2rPvAQe9t7dr/xLqvXbZmIlASWC3vKXWhBu3V2p -IrEEqSNzOvhxrR3PhETrR9Gvbch8KKvH8jd6dF9fxQIUiqNa4xtsAeNdjtlo1vQJ -GzLckbUs9SDrjANtJkm4k8SFXdjSm69WaswFM8ygQp40VUSca6DUEtArVM23iQ3l -9uvo+4UBM096a/GdcjOWDveyhKWlJ8Qn8VFzKXe6Z27+TNy04qGhgS85SY1DOBPO -0KVcwoc6AGdlQiPxNlkKHaNRyLyjlCox3+M88p0aPASw77EKMBNzttfzo0wBdRSF -eMDXijlYhVD6LubFvs+LP6+PNtQlCS3SD6xyk/K/i9RQs/kVUJuZ9RTZ+4uRozIm -JqD43ztggYaDeVsr6xM9KTrBbd29no6H1kquNJcF7hSm9tw4fkrpJFQHPZdoN0Zr -DceoIa8TVOQJavFNRgrJXfubT73e+7dUy7g4nKc5+2otwHuNq6WnV+xKkoozxeEg -XHPYkJIrgNUPhhhpfDlPhIa890xb89W0yqDC8DciynlSH1PmqvOQsDvd8ij9rOvF -BiSgydQvD1j9tZ7sD8+yWdCiBHo4aq5y+73wJWKUCacFCwIDAQABo4IBYTCCAV0w -SAYDVR0gBEEwPzA9BgRVHSAAMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cuZGln -aW5vdGFyLm5sL2Nwcy9wa2lvdmVyaGVpZDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud -DwEB/wQEAwIBBjCBhQYDVR0jBH4wfIAUORCLSZJc22ESIM1JnRqO2pxnQLmhXqRc -MFoxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4x -KzApBgNVBAMMIlN0YWF0IGRlciBOZWRlcmxhbmRlbiBSb290IENBIC0gRzKCBACY -lvQwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5wa2lvdmVyaGVpZC5ubC9E -b21PcmdhbmlzYXRpZUxhdGVzdENSTC1HMi5jcmwwHQYDVR0OBBYEFLxdlDvZq3sD -JXNhwtst7vyrj2WhMA0GCSqGSIb3DQEBCwUAA4ICAQCP/C1Mt9kt1R+978v0t2gX -dZ1O1ffdnPEqJu2forYcA9VTs+wIzzTi48P0tRYvyMO+19NzqwA2+RpKftZj6V5G -uqW2jhW3oyrYQx3vXcgfgYWzi/f/PPTZ9EYIP5y8HaDZqEzNJVJOCrEg9x/pQ9lU -RoETmsBedGwqmDLq/He7DaWiMZgifnx859qkrey3LhoZcfhIUNpDjyyE3cFAJ+O1 -8BVOltT4XOOGKUYr1zsH6zh/yIZXl9PvKjPEF1DVZGlrK2tFXl0vF8paTs/D1zk8 -9TufRrmb5w5Jl53W1eMbD+qPAU6aE5RZCgIHSEsaYKt/T+0L2FUNaG9VnGllFULs -wNzdbKzDFs4LHVabpMTE0i7gD+JEJytQaaTcYuiKISlCbMwAOpZ2m+9AwKRed4Qy -bCYqOWauXeO5ubIsaB8empADOfCqs6TMSYsYNOk3yXspx4R8b0QVL+xhWQTJRcui -1lKifH8pktZKxYtCqNT+6tjHhyMY5J16fXNAUpigrm7jBT8FD+Clxm1N7YM3iJzH -89xCmmq21yFJNnfy7xhPxXDZnunetyuL9Lx+KN8NQMmFXK6dxTH/0FwOtah+8Okv -uq+IruW10Vilr5xxpykBkINpN4IFuvwJwQhujHg7wzMCgD9EhQgd31VWCK0shS1d -sQPhrqp0xaTzTro3mHuCuQ== ------END CERTIFICATE----- - -// Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven, -// O=DigiNotar B.V., -// C=NL -// Issuer: CN=Staat der Nederlanden Overheid CA -// O=Staat der Nederlanden, -// C=NL -// Serial: 20015536 (01:31:69:b0) ------BEGIN CERTIFICATE----- -MIIEiDCCA3CgAwIBAgIEATFpsDANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO -TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDcwNzA1MDg0MjA3WhcN -MTUwNzI3MDgzOTQ2WjBfMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy -IEIuVi4xNzA1BgNVBAMTLkRpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp -ZCBlbiBCZWRyaWp2ZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc -vdKnTmoKuzuiheF/AK2+tDBomAfNoHrElM9x+Yo35FPrV3bMi+Zs/u6HVcg+uwQ5 -AKeAeKxbT370vbhUuHE7BzFJOZNUfCA7eSuPu2GQfbGs5h+QLp1FAalkLU3DL7nn -UNVOKlyrdnY3Rtd57EKZ96LspIlw3Dgrh6aqJOadkiQbvvb91C8ZF3rmMgeUVAVT -Q+lsvK9Hy7zL/b07RBKB8WtLu+20z6slTxjSzAL8o0+1QjPLWc0J3NNQ/aB2jKx+ -ZopC9q0ckvO2+xRG603XLzDgbe5bNr5EdLcgBVeFTegAGaL2DOauocBC36esgl3H -aLcY5olLmmv6znn58yynAgMBAAGjggFQMIIBTDBIBgNVHSAEQTA/MD0GBFUdIAAw -NTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5kaWdpbm90YXIubmwvY3BzL3BraW92 -ZXJoZWlkMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMIGABgNVHSME -eTB3gBQLhtYPd6NosftkCcOIblwEHFfpPaFZpFcwVTELMAkGA1UEBhMCTkwxHjAc -BgNVBAoTFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEmMCQGA1UEAxMdU3RhYXQgZGVy -IE5lZGVybGFuZGVuIFJvb3QgQ0GCBACYmnkwPQYDVR0fBDYwNDAyoDCgLoYsaHR0 -cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PdkxhdGVzdENSTC5jcmwwHQYDVR0O -BBYEFEwIyY128ZjHPt881y91DbF2eZfMMA0GCSqGSIb3DQEBBQUAA4IBAQAMlIca -v03jheLu19hjeQ5Q38aEW9K72fUxCho1l3TfFPoqDz7toOMI9tVOW6+mriXiRWsi -D7dUKH6S3o0UbNEc5W50BJy37zRERd/Jgx0ZH8Apad+J1T/CsFNt5U4X5HNhIxMm -cUP9TFnLw98iqiEr2b+VERqKpOKrp11Lbyn1UtHk0hWxi/7wA8+nfemZhzizDXMU -5HIs4c71rQZIZPrTKbmi2Lv01QulQERDjqC/zlqlUkxk0xcxYczopIro5Ij76eUv -BjMzm5RmZrGrUDqhCYF0U1onuabSJc/Tw6f/ltAv6uAejVLpGBwgCkegllYOQJBR -RKwa/fHuhR/3Qlpl ------END CERTIFICATE----- - -// Subject: CN=DigiNotar PKIoverheid CA Overheid -// O=DigiNotar B.V., -// C=NL -// Issuer: CN=Staat der Nederlanden Overheid CA -// O=Staat der Nederlanden, -// C=NL -// Serial: 20006006 (01:31:44:76) ------BEGIN CERTIFICATE----- -MIIEezCCA2OgAwIBAgIEATFEdjANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJO -TDEeMBwGA1UEChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSowKAYDVQQDEyFTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gT3ZlcmhlaWQgQ0EwHhcNMDQwNjI0MDgxOTMyWhcN -MTAwNjIzMDgxNzM2WjBSMQswCQYDVQQGEwJOTDEXMBUGA1UEChMORGlnaU5vdGFy -IEIuVi4xKjAoBgNVBAMTIURpZ2lOb3RhciBQS0lvdmVyaGVpZCBDQSBPdmVyaGVp -ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSlrubta5tlOjVCi/gb -yLCvRqfBjxG8H594VcKHu0WAYc99SPZF9cycj5mw2GyfQvy/WIrGrL4iyNq1gSqR -0QA/mTXKZIaPqzpDhdm+VvrKkmjrbZfaQxgMSs3ChtBsjcP9Lc0X1zXZ4Q8nBe3k -BTp+zehINfmbjoEgXLxsMR5RQ6GxzKjuC04PQpbJQgTIakglKaqYcDDZbEscWgPV -Hgj/2aoHlj6leW/ThHZ+O41jUguEmBLZA3mu3HrCfrHntb5dPt0ihzSx7GtD/SaX -5HBLxnP189YuqMk5iRA95CtiSdKauvon/xRKRLNgG6XAz0ctSoY7xLDdiBVU5kJd -FScCAwEAAaOCAVAwggFMMEgGA1UdIARBMD8wPQYEVR0gADA1MDMGCCsGAQUFBwIB -FidodHRwOi8vd3d3LmRpZ2lub3Rhci5ubC9jcHMvcGtpb3ZlcmhlaWQwDwYDVR0T -AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgYAGA1UdIwR5MHeAFAuG1g93o2ix -+2QJw4huXAQcV+k9oVmkVzBVMQswCQYDVQQGEwJOTDEeMBwGA1UEChMVU3RhYXQg -ZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFhdCBkZXIgTmVkZXJsYW5kZW4g -Um9vdCBDQYIEAJiaeTA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnBraW92 -ZXJoZWlkLm5sL0RvbU92TGF0ZXN0Q1JMLmNybDAdBgNVHQ4EFgQUvRaYQh2+kdE9 -wpcl4CjXWOC1f+IwDQYJKoZIhvcNAQEFBQADggEBAGhQsCWLiaN2EOhPAW+JQP6o -XBOrLv5w6joahzBFVn1BiefzmlMKjibqKYxURRvMAsMkh82/MfL8V0w6ugxl81lu -i42dcxl9cKSVXKMw4bbBzJ2VQI5HTIABwefeNuy/eX6idVwYdt3ajAH7fUA8Q9Cq -vr6H8B+8mwoEqTVTEVlCSsC/EXsokYEUr06PPzRudKjDmijgj7zFaIioZNc8hk7g -ufEgrs/tmcNGylrwRHgCXjCRBt2NHlZ08l7A1AGU8HcHlSbG9Un/2q9kVHUkps0D -gtUaEK+x6jpAu/R8Ojezu/+ZEcwwjI/KOhG+84+ejFmtyEkrUdsAdEdLf/2dKsw= ------END CERTIFICATE----- - -// Subject: EMAILADDRESS=info@diginotar.nl, -// CN=DigiNotar Services 1024 CA -// O=DigiNotar, C=NL -// Issuer: CN=Entrust.net Secure Server Certification Authority, -// OU=(c) 1999 Entrust.net Limited, -// OU=www.entrust.net/CPS incorp. by ref. (limits liab.), -// O=Entrust.net, -// C=US -// Serial: 1184640176 (46:9c:2c:b0) ------BEGIN CERTIFICATE----- -MIIDzTCCAzagAwIBAgIERpwssDANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC -VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u -ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc -KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u -ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3 -MjYxNTU5MDBaFw0xMzA4MjYxNjI5MDBaMGgxCzAJBgNVBAYTAk5MMRIwEAYDVQQK -EwlEaWdpTm90YXIxIzAhBgNVBAMTGkRpZ2lOb3RhciBTZXJ2aWNlcyAxMDI0IENB -MSAwHgYJKoZIhvcNAQkBFhFpbmZvQGRpZ2lub3Rhci5ubDCBnzANBgkqhkiG9w0B -AQEFAAOBjQAwgYkCgYEA2ptNXTz50eKLxsYIIMXZHkjsZlhneWIrQWP0iY1o2q+4 -lDaLGSSkoJPSmQ+yrS01Tc0vauH5mxkrvAQafi09UmTN8T5nD4ku6PJPrqYIoYX+ -oakJ5sarPkP8r3oDkdqmOaZh7phPGKjTs69mgumfvN1y+QYEvRLZGCTnq5NTi1kC -AwEAAaOCASYwggEiMBIGA1UdEwEB/wQIMAYBAf8CAQAwJwYDVR0lBCAwHgYIKwYB -BQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwMwYI -KwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l -dDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L3NlcnZl -cjEuY3JsMB0GA1UdDgQWBBT+3JRJDG/vXH/G8RKZTxZJrfuCZTALBgNVHQ8EBAMC -AQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowGQYJKoZIhvZ9B0EA -BAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEFBQADgYEAY3RqN6k/lpxmyFisCcnv -9WWUf6MCxDgxvV0jh+zUVrLJsm7kBQb87PX6iHBZ1O7m3bV6oKNgLwIMq94SXa/w -NUuqikeRGvWFLELHHe+VQ7NeuJWTpdrFKKqtci0xrZlrbP+MISevrZqRK8fdWMNu -B8WfedLHjFW/TMcnXlEWKz4= ------END CERTIFICATE----- - -// Subject: CN=Buster Paper Comercial Ltda, -// O=Buster Paper Comercial Ltda, -// L=S?o Jos? Dos Campos, -// ST=S?o Paulo, -// C=BR -// Issuer: CN=DigiCert Assured ID Code Signing CA-1, -// OU=www.digicert.com, -// O=DigiCert Inc, -// C=US -// Serial: 07:b4:4c:db:ff:fb:78:de:05:f4:26:16:72:a6:73:12 ------BEGIN CERTIFICATE----- -MIIGwzCCBaugAwIBAgIQB7RM2//7eN4F9CYWcqZzEjANBgkqhkiG9w0BAQUFADBv -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv -ZGUgU2lnbmluZyBDQS0xMB4XDTEzMDExNzAwMDAwMFoXDTE0MDEyMjEyMDAwMFow -gY4xCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMR4wHAYDVQQHDBVT -w6NvIEpvc8OpIERvcyBDYW1wb3MxJDAiBgNVBAoTG0J1c3RlciBQYXBlciBDb21l -cmNpYWwgTHRkYTEkMCIGA1UEAxMbQnVzdGVyIFBhcGVyIENvbWVyY2lhbCBMdGRh -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO0l6jWIpEfO2oUpVHpL -HETj5lzivNb0S9jKHgGJax917czh81PnGTxwxFXd6gLJuy/XFHvmiSi8g8jzlymn -2Ji5zQ3CPaz7nomJokSUDlMVJ2qYWtctw4jrdjuI4qtn+koXXUFkWjkf8h8251I4 -tUs7S49HE2Go5owCYP3byajj7fsFAYR/Xb7TdVtndkZsUB/YgOjHovyACjouaNCi -mDiRyQ6zLLjZGiyeD65Yiseuhp5b8/BL5h1p7w76QYMYMVQNAdtDKut2R8MBpuWf -Ny7Eoi0x/gm1p9X5Rcl5aN7K0G4UtTAJKbkuUfXddsyFoM0Nx8uo8SgNQ8Y/X5Jx -BwIDAQABo4IDOTCCAzUwHwYDVR0jBBgwFoAUe2jOKarAF75JeuHlP9an90WPNTIw -HQYDVR0OBBYEFFLZ3n5nt/Eer7n1bvtOqMb1qKO5MA4GA1UdDwEB/wQEAwIHgDAT -BgNVHSUEDDAKBggrBgEFBQcDAzBzBgNVHR8EbDBqMDOgMaAvhi1odHRwOi8vY3Js -My5kaWdpY2VydC5jb20vYXNzdXJlZC1jcy0yMDExYS5jcmwwM6AxoC+GLWh0dHA6 -Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9hc3N1cmVkLWNzLTIwMTFhLmNybDCCAcQGA1Ud -IASCAbswggG3MIIBswYJYIZIAYb9bAMBMIIBpDA6BggrBgEFBQcCARYuaHR0cDov -L3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQGCCsG -AQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMAIABD -AGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMAIABh -AGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMAZQBy -AHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkAbgBn -ACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgAIABs -AGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUAIABp -AG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAAcgBl -AGYAZQByAGUAbgBjAGUALjCBggYIKwYBBQUHAQEEdjB0MCQGCCsGAQUFBzABhhho -dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wTAYIKwYBBQUHMAKGQGh0dHA6Ly9jYWNl -cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRENvZGVTaWduaW5nQ0Et -MS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPTTQvpOIikXI -hTLnNbajaFRR5GhQpTzUNgBfF9VYSlNw/wMjpGsrh5RxaJCip52jbehmTgjMRhft -jRYyml44PAVsCcR9uEoDpCZYpI1fHI1R+F8jd1C9rqprbSwwOG4xlg4SmvTHYs6e -gBItQ/1p9XY+Sf4Wv1qOuOFL1qvV/5VyR2zdlOQCmKCeMgxt6a/tHLBDiAA67D44 -/vfdoNJl0CU2It0PO60jdCPFNWIRcxL+OSDqAoePeUC7xQ+JsTEIxuUE8+d6w6fc -BV2mYb1flh22t46GLjh4gyo7xw3aL6L0L0jzlTT6IcEw6NIbaPbIKj/npQnHobYj -XMuKLxbh7g== ------END CERTIFICATE----- - -// Subject: CN=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME, -// O=BUSTER ASSISTENCIA TECNICA ELETRONICA LTDA - ME, -// L=S?o Paulo, -// ST=S?o Paulo, -// C=BR -// Issuer: CN=DigiCert Assured ID Code Signing CA-1, -// OU=www.digicert.com, -// O=DigiCert Inc, -// C=US -// Serial: 0a:38:9b:95:ee:73:6d:d1:3b:c0:ed:74:3f:d7:4d:2f ------BEGIN CERTIFICATE----- -MIIG4DCCBcigAwIBAgIQCjible5zbdE7wO10P9dNLzANBgkqhkiG9w0BAQUFADBv -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMS4wLAYDVQQDEyVEaWdpQ2VydCBBc3N1cmVkIElEIENv -ZGUgU2lnbmluZyBDQS0xMB4XDTEyMTEwOTAwMDAwMFoXDTEzMTExNDEyMDAwMFow -gasxCzAJBgNVBAYTAkJSMRMwEQYDVQQIDApTw6NvIFBhdWxvMRMwEQYDVQQHDApT -w6NvIFBhdWxvMTgwNgYDVQQKEy9CVVNURVIgQVNTSVNURU5DSUEgVEVDTklDQSBF -TEVUUk9OSUNBIExUREEgLSBNRTE4MDYGA1UEAxMvQlVTVEVSIEFTU0lTVEVOQ0lB -IFRFQ05JQ0EgRUxFVFJPTklDQSBMVERBIC0gTUUwggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQDAqNeEs5/B2CTXGjTOkUIdu6jV6qulOZwdw4sefHWYj1UR -4z6zPk9kjpUgbnb402RFq88QtfInwddZ/wXn9OxMtDd/3TnC7HrhNS7ga79ZFL2V -JnmzKHum2Yvh0q82QEJ9tHBR2X9VdKpUIH08Zs3k6cWWM1H0YX0cxA/HohhesQJW -kwJ3urOIJiH/HeByDk8a1NS8safcCxk5vxvW4WvCg43iT09LeHY5Aa8abKw8lqVb -0tD5ZSIjdmdj3TT1U37iAHLLRM2DXbxfdbhouUX1c5U1ZHAMA67HwjKiseOiDaHj -NUGbC37C+cgbc9VVM/cURD8WvS0Kj6fQv7F2QtJDAgMBAAGjggM5MIIDNTAfBgNV -HSMEGDAWgBR7aM4pqsAXvkl64eU/1qf3RY81MjAdBgNVHQ4EFgQU88EXKAyDsh30 -o9+Gu9a4xUy+FSMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMD -MHMGA1UdHwRsMGowM6AxoC+GLWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9hc3N1 -cmVkLWNzLTIwMTFhLmNybDAzoDGgL4YtaHR0cDovL2NybDQuZGlnaWNlcnQuY29t -L2Fzc3VyZWQtY3MtMjAxMWEuY3JsMIIBxAYDVR0gBIIBuzCCAbcwggGzBglghkgB -hv1sAwEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9z -c2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4A -eQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQA -ZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUA -IABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAA -YQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcA -cgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIA -aQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQA -ZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMIGC -BggrBgEFBQcBAQR2MHQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0 -LmNvbTBMBggrBgEFBQcwAoZAaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp -Z2lDZXJ0QXNzdXJlZElEQ29kZVNpZ25pbmdDQS0xLmNydDAMBgNVHRMBAf8EAjAA -MA0GCSqGSIb3DQEBBQUAA4IBAQAei1QmiXepje8OIfo/WonD4MIXgpPr2dfRaquQ -A8q63OpTRSveyqdQDCSPpDRF/nvO1Y30yksZvIH1tNBsW5LBdxAKN3lFdBlqBwtE -Q3jHc0KVVYRJ0FBaGE/PJHmRajscdAhYIcMPhTga0u0tDK+wOHEq3993dfl6yHjA -XHU2iW5pnk75ZoE39zALD5eKXT8ZXrET5c3XUFJKWA+XuGmdmyzqo0Au49PanBv9 -UlZnabYfqoMArqMS0tGSX4cGgi9/2E+pHG9BX4sFW+ZDumroOA2pxyMWEKjxePEL -zCOfhbsRWdMLYepauaNZOIMZXmFwcrIl0TGMkTAtATz+XmZc ------END CERTIFICATE----- - -// Subject: CN=CLEARESULT CONSULTING INC., OU=Corporate IT, -// O=CLEARESULT CONSULTING INC., L=Austin, ST=TX, C=US -// Issuer: SERIALNUMBER=07969287, -// CN=Go Daddy Secure Certification Authority, -// OU=http://certificates.godaddy.com/repository, -// O="GoDaddy.com, Inc.", -// L=Scottsdale, -// ST=Arizona, -// C=US -// Serial: 2b:73:43:2a:a8:4f:44 ------BEGIN CERTIFICATE----- -MIIFYjCCBEqgAwIBAgIHK3NDKqhPRDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE -BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY -BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm -aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5 -IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky -ODcwHhcNMTIwMjE1MjEwOTA2WhcNMTQwMjE1MjEwOTA2WjCBjDELMAkGA1UEBgwC -VVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZBdXN0aW4xIzAhBgNVBAoMGkNMRUFS -RVNVTFQgQ09OU1VMVElORyBJTkMuMRUwEwYDVQQLDAxDb3Jwb3JhdGUgSVQxIzAh -BgNVBAMMGkNMRUFSRVNVTFQgQ09OU1VMVElORyBJTkMuMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAtIOjCKeAicull+7ZIzt0/4ya3IeXUFlfypqKMLkU -IbKjn0P5uMj6VE3rlbZr44RCegxvdnR6umBh1c0ZXoN3o+yc0JKcKcLiApmJJ277 -p7IbLwYDhBXRQNoIJm187IOMRPIxsKN4hL91txn9jGBmW+9zKlJlNhR5R7vjwU2E -jrH/6oqsc9EM2yYpfjlNv6+3jSwAYZCkSWr+27PQOV+YHKmIxtJjX0upFz5FdIrV -9CCX+L2Kji1THOkSgG4QTbYxmEcHqGViWz8hXLeNXjcbEsPuIiAu3hknxRHfUTE/ -U0Lh0Ug1e3LrJu+WnxM2SmUY4krsZ22c0yWUW9hzWITIjQIDAQABo4IBhzCCAYMw -DwYDVR0TAQH/BAUwAwEBADATBgNVHSUEDDAKBggrBgEFBQcDAzAOBgNVHQ8BAf8E -BAMCB4AwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5LmNvbS9n -ZHM1LTE2LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcCMDkwNwYIKwYBBQUH -AgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8w -gYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRk -eS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHku -Y29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSMEGDAWgBT9 -rGEyk2xF1uLuhV+auud2mWjM5zAdBgNVHQ4EFgQUDtdeKqeN2QkcbEp1HovFieNB -XiowDQYJKoZIhvcNAQEFBQADggEBAD74Agw5tvi2aBl4/f/s7/VE/BClzDsKMb9K -v9qpeC45ZA/jelxV11HKbQnVF194gDb7D2H9OsAsRUy8HVKbXEcc/8dKvwOqb+BC -2i/EmfjLgmCfezNFtLq8xcPxF3zIRc44vPrK0z4YZsaHdH+yTEJ51p5EMdTqaLaP -4n5m8LX3RfqlQB9dYFe6dUoYZjKm9d/pIRww3VqfOzjl42Edi1w6dWmBVMx1NZuR -DBabJH1vJ9Gd+KwxMCmBZ6pQPl28JDimhJhI2LNqU349uADQVV0HJosddN/ARyyI -LSIQO7BnNVKVG9Iujf33bvPNeg0qNz5qw+rKKq97Pqeum+L5oKU= ------END CERTIFICATE-----
--- a/jdk/src/share/lib/security/java.security-aix Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/lib/security/java.security-aix Thu Jul 10 12:40:48 2014 -0700 @@ -206,7 +206,6 @@ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ @@ -253,7 +252,6 @@ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\
--- a/jdk/src/share/lib/security/java.security-linux Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/lib/security/java.security-linux Thu Jul 10 12:40:48 2014 -0700 @@ -206,7 +206,6 @@ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ @@ -253,7 +252,6 @@ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\
--- a/jdk/src/share/lib/security/java.security-macosx Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/lib/security/java.security-macosx Thu Jul 10 12:40:48 2014 -0700 @@ -207,7 +207,6 @@ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ @@ -254,7 +253,6 @@ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\
--- a/jdk/src/share/lib/security/java.security-solaris Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/lib/security/java.security-solaris Thu Jul 10 12:40:48 2014 -0700 @@ -208,7 +208,6 @@ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ @@ -254,7 +253,6 @@ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\
--- a/jdk/src/share/lib/security/java.security-windows Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/lib/security/java.security-windows Thu Jul 10 12:40:48 2014 -0700 @@ -207,7 +207,6 @@ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\ @@ -254,7 +253,6 @@ com.sun.org.glassfish.,\ com.oracle.xmlns.internal.,\ com.oracle.webservices.internal.,\ - oracle.jrockit.jfr.,\ org.jcp.xml.dsig.internal.,\ jdk.internal.,\ jdk.nashorn.internal.,\
--- a/jdk/src/share/native/common/check_code.c Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/native/common/check_code.c Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -1357,16 +1357,9 @@ } (*env)->DeleteLocalRef(env, super); - /* The optimizer make cause this to happen on local code */ + /* The optimizer may cause this to happen on local code */ if (not_found) { -#ifdef BROKEN_JAVAC - jobject loader = JVM_GetClassLoader(env, context->class); - int has_loader = (loader != 0); - (*env)->DeleteLocalRef(env, loader); - if (has_loader) -#endif /* BROKEN_JAVAC */ - CCerror(context, - "Illegal use of nonvirtual function call"); + CCerror(context, "Illegal use of nonvirtual function call"); } } }
--- a/jdk/src/share/native/java/lang/Class.c Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/native/java/lang/Class.c Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1994, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -45,7 +45,6 @@ #define CLS "Ljava/lang/Class;" #define CPL "Lsun/reflect/ConstantPool;" #define STR "Ljava/lang/String;" -#define JCL "Ljava/lang/ClassLoader;" #define FLD "Ljava/lang/reflect/Field;" #define MHD "Ljava/lang/reflect/Method;" #define CTR "Ljava/lang/reflect/Constructor;" @@ -56,7 +55,6 @@ {"getName0", "()" STR, (void *)&JVM_GetClassName}, {"getSuperclass", "()" CLS, NULL}, {"getInterfaces0", "()[" CLS, (void *)&JVM_GetClassInterfaces}, - {"getClassLoader0", "()" JCL, (void *)&JVM_GetClassLoader}, {"isInterface", "()Z", (void *)&JVM_IsInterface}, {"getSigners", "()[" OBJ, (void *)&JVM_GetClassSigners}, {"setSigners", "([" OBJ ")V", (void *)&JVM_SetClassSigners}, @@ -81,7 +79,6 @@ #undef OBJ #undef CLS #undef STR -#undef JCL #undef FLD #undef MHD #undef CTR
--- a/jdk/src/share/native/java/lang/java_props.h Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/share/native/java/lang/java_props.h Thu Jul 10 12:40:48 2014 -0700 @@ -117,7 +117,7 @@ char *exceptionList; - char *awt_headless /* java.awt.headless setting, if NULL (default) will not be set */ + char *awt_headless; /* java.awt.headless setting, if NULL (default) will not be set */ #endif } java_props_t;
--- a/jdk/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/solaris/classes/sun/net/www/protocol/http/ntlm/NTLMAuthentication.java Thu Jul 10 12:40:48 2014 -0700 @@ -77,8 +77,7 @@ static { defaultDomain = java.security.AccessController.doPrivileged( - new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", - "domain")); + new sun.security.action.GetPropertyAction("http.auth.ntlm.domain", "")); }; public static boolean supportsTransparentAuth () { @@ -100,17 +99,13 @@ public String run() { String localhost; try { - localhost = InetAddress.getLocalHost().getHostName().toUpperCase(); + localhost = InetAddress.getLocalHost().getHostName(); } catch (UnknownHostException e) { localhost = "localhost"; } return localhost; } }); - int x = hostname.indexOf ('.'); - if (x != -1) { - hostname = hostname.substring (0, x); - } }; PasswordAuthentication pw;
--- a/jdk/src/solaris/native/java/lang/locale_str.h Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/solaris/native/java/lang/locale_str.h Thu Jul 10 12:40:48 2014 -0700 @@ -135,7 +135,7 @@ "sr_SP", "sr_YU", "tchinese", "zh_TW", #endif - "" + "", "", }; /* @@ -188,7 +188,7 @@ "japanese", "ja", "korean", "ko", #endif - "", + "", "", }; /* @@ -201,7 +201,7 @@ "iqtelif", "Latn", "latin", "Latn", #endif - "", + "", "", }; /* @@ -212,7 +212,7 @@ "RN", "US", // used on Linux, not clear what it stands for #endif "YU", "CS", // YU has been removed from ISO 3166 - "", + "", "", }; /* @@ -220,5 +220,5 @@ */ static char *variant_names[] = { "nynorsk", "NY", - "", + "", "", };
--- a/jdk/src/windows/native/java/net/net_util_md.c Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/windows/native/java/net/net_util_md.c Thu Jul 10 12:40:48 2014 -0700 @@ -443,6 +443,13 @@ { int rv; + if (level == IPPROTO_IPV6 && optname == IPV6_TCLASS) { + int *intopt = (int *)optval; + *intopt = 0; + *optlen = sizeof(*intopt); + return 0; + } + rv = getsockopt(s, level, optname, optval, optlen);
--- a/jdk/src/windows/native/sun/nio/ch/Net.c Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/src/windows/native/sun/nio/ch/Net.c Thu Jul 10 12:40:48 2014 -0700 @@ -295,9 +295,9 @@ /** * HACK: IP_TOS is deprecated on Windows and querying the option * returns a protocol error. NET_GetSockOpt handles this and uses - * a fallback mechanism. + * a fallback mechanism. Same applies to IPV6_TCLASS */ - if (level == IPPROTO_IP && opt == IP_TOS) { + if ((level == IPPROTO_IP && opt == IP_TOS) || (level == IPPROTO_IPV6 && opt == IPV6_TCLASS)) { mayNeedConversion = JNI_TRUE; } @@ -340,6 +340,11 @@ arglen = sizeof(arg); } + if (level == IPPROTO_IPV6 && opt == IPV6_TCLASS) { + /* No op */ + return; + } + if (mayNeedConversion) { n = NET_SetSockOpt(fdval(env, fdo), level, opt, parg, arglen); } else {
--- a/jdk/test/TEST.groups Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/test/TEST.groups Thu Jul 10 12:40:48 2014 -0700 @@ -362,7 +362,8 @@ sun/reflect/CallerSensitive/CallerSensitiveFinder.java \ sun/reflect/CallerSensitive/MissingCallerSensitive.java \ sun/security/util/Resources/NewNamesFormat.java \ - vm/verifier/defaultMethods/DefaultMethodRegressionTestsRun.java + vm/verifier/defaultMethods/DefaultMethodRegressionTestsRun.java \ + javax/xml/ws/clientjar/TestWsImport.java # JRE adds further tests to compact3 # @@ -388,6 +389,7 @@ java/security/Security/ClassLoaderDeadlock/Deadlock.sh \ java/util/jar/Manifest/CreateManifest.java \ java/util/logging/TestMainAppContext.java \ + java/util/logging/TestLoggingWithMainAppContext.java \ java/util/ResourceBundle/Control/Bug6530694.java \ java/text/Bidi/BidiConformance.java \ java/text/Bidi/BidiEmbeddingTest.java \
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/com/sun/crypto/provider/Cipher/PBE/PBESealedObject.java Thu Jul 10 12:40:48 2014 -0700 @@ -0,0 +1,173 @@ +/* + * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.PrintStream; +import java.security.AlgorithmParameters; +import java.security.InvalidKeyException; +import java.security.Provider; +import java.security.Security; +import java.security.spec.AlgorithmParameterSpec; +import java.util.Arrays; +import java.util.Random; +import java.util.StringTokenizer; +import javax.crypto.Cipher; +import javax.crypto.SealedObject; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.PBEParameterSpec; + +/** + * @test + * @bug 8041781 + * @summary test if seal/unseal works correctly with PBE algorithms + * @author Yun Ke + * @author Bill Situ + * @author Alexander Fomin + * @run main PBESealedObject + */ +public class PBESealedObject { + + private static final String[] PBEAlgorithms = { + "pbeWithMD5ANDdes", + "PBEWithMD5AndDES/CBC/PKCS5Padding", + "PBEWithMD5AndTripleDES", + "PBEWithMD5AndTripleDES/CBC/PKCS5Padding", + "PBEwithSHA1AndDESede", + "PBEwithSHA1AndDESede/CBC/PKCS5Padding", + "PBEwithSHA1AndRC2_40", + "PBEwithSHA1Andrc2_40/CBC/PKCS5Padding", + "PBEWithSHA1AndRC2_128", + "PBEWithSHA1andRC2_128/CBC/PKCS5Padding", + "PBEWithSHA1AndRC4_40", + "PBEWithsha1AndRC4_40/ECB/NoPadding", + "PBEWithSHA1AndRC4_128", + "pbeWithSHA1AndRC4_128/ECB/NoPadding", + "PBEWithHmacSHA1AndAES_128", + "PBEWithHmacSHA224AndAES_128", + "PBEWithHmacSHA256AndAES_128", + "PBEWithHmacSHA384AndAES_128", + "PBEWithHmacSHA512AndAES_128", + "PBEWithHmacSHA1AndAES_256", + "PBEWithHmacSHA224AndAES_256", + "PBEWithHmacSHA256AndAES_256", + "PBEWithHmacSHA384AndAES_256", + "PBEWithHmacSHA512AndAES_256" + }; + + public static void main(String[] args) { + PBESealedObject test = new PBESealedObject(); + Provider sunjce = Security.getProvider("SunJCE"); + + if (!test.runAll(sunjce, System.out)) { + throw new RuntimeException("One or more tests have failed...."); + } + } + + public boolean runAll(Provider p, PrintStream out) { + boolean finalResult = true; + + for (String algorithm : PBEAlgorithms) { + out.println("Running test with " + algorithm + ":"); + try { + if (!runTest(p, algorithm, out)) { + finalResult = false; + out.println("STATUS: Failed"); + } else { + out.println("STATUS: Passed"); + } + } catch (Exception ex) { + finalResult = false; + ex.printStackTrace(out); + out.println("STATUS:Failed"); + } + } + + return finalResult; + } + + // Have a generic throws Exception as it can throw many different exceptions + public boolean runTest(Provider p, String algo, PrintStream out) + throws Exception { + + byte[] salt = new byte[8]; + int ITERATION_COUNT = 1000; + AlgorithmParameters pbeParams = null; + + String baseAlgo + = new StringTokenizer(algo, "/").nextToken().toUpperCase(); + boolean isAES = baseAlgo.contains("AES"); + + try { + // Initialization + Cipher ci = Cipher.getInstance(algo, p); + new Random().nextBytes(salt); + AlgorithmParameterSpec aps = new PBEParameterSpec(salt, + ITERATION_COUNT); + SecretKeyFactory skf = SecretKeyFactory.getInstance(baseAlgo, p); + SecretKey key = skf.generateSecret( + new PBEKeySpec("Secret Lover".toCharArray())); + + // Seal + if (isAES) { + ci.init(Cipher.ENCRYPT_MODE, key); + pbeParams = ci.getParameters(); + } else { + ci.init(Cipher.ENCRYPT_MODE, key, aps); + } + + SealedObject so = new SealedObject(key, ci); + + // Unseal and compare + if (isAES) { + ci.init(Cipher.DECRYPT_MODE, key, pbeParams); + } else { + ci.init(Cipher.DECRYPT_MODE, key, aps); + } + + SecretKey unsealedKey; + + unsealedKey = (SecretKey) so.getObject(ci); + if (!Arrays.equals(unsealedKey.getEncoded(), key.getEncoded())) { + return false; + } + + unsealedKey = (SecretKey) so.getObject(key); + if (!Arrays.equals(unsealedKey.getEncoded(), key.getEncoded())) { + return false; + } + + unsealedKey = (SecretKey) so.getObject(key, "SunJCE"); + return Arrays.equals(unsealedKey.getEncoded(), key.getEncoded()); + } catch (InvalidKeyException ex) { + if (baseAlgo.endsWith("TRIPLEDES") || baseAlgo.endsWith("AES_256")) { + out.println( + "Expected exception , keyStrength > 128 within" + algo); + return true; + } + + throw ex; + } + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/com/sun/crypto/provider/Cipher/PBE/PBKDF2Translate.java Thu Jul 10 12:40:48 2014 -0700 @@ -0,0 +1,311 @@ +/* + * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import java.util.Arrays; +import java.util.Random; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.interfaces.PBEKey; +import javax.crypto.spec.PBEKeySpec; + +/** + * @test + * @bug 8041781 + * @summary Verify if the SecretKeyFactory.translateKey() method works + * @author Alexander Fomin + * @run main PBKDF2Translate + */ +public class PBKDF2Translate { + + private static final String[] ALGO_TO_TEST = { + "PBKDF2WithHmacSHA1", + "PBKDF2WithHmacSHA224", + "PBKDF2WithHmacSHA256", + "PBKDF2WithHmacSHA384", + "PBKDF2WithHmacSHA512" + }; + + private static final String PASS_PHRASE = "some hidden string"; + private static final int ITERATION_COUNT = 1000; + private static final int KEY_SIZE = 128; + + private final String algoToTest; + private final byte[] salt = new byte[8]; + + public static void main(String[] args) throws Exception { + + boolean failed = false; + + for (String algo : ALGO_TO_TEST) { + + System.out.println("Testing " + algo + ":"); + PBKDF2Translate theTest = new PBKDF2Translate(algo); + + try { + if (!theTest.testMyOwnSecretKey() + || !theTest.generateAndTranslateKey() + || !theTest.translateSpoiledKey()) { + // we don't want to set failed to false + failed = true; + } + } catch (InvalidKeyException | NoSuchAlgorithmException | + InvalidKeySpecException e) { + e.printStackTrace(System.err); + failed = true; + } + } + + if (failed) { + throw new RuntimeException("One or more tests failed...."); + } + } + + public PBKDF2Translate(String algoToTest) { + this.algoToTest = algoToTest; + new Random().nextBytes(this.salt); + } + + /** + * The test case scenario implemented in the method: - derive PBKDF2 key + * using the given algorithm; - translate the key - check if the translated + * and original keys have the same key value. + * + * @return true if the test case passed; false - otherwise. + * @throws NoSuchAlgorithmException + * @throws InvalidKeySpecException + * @throws InvalidKeyException + */ + public boolean generateAndTranslateKey() throws NoSuchAlgorithmException, + InvalidKeySpecException, InvalidKeyException { + // derive PBKDF2 key + SecretKey key1 = getSecretKeyForPBKDF2(algoToTest); + + // translate key + SecretKeyFactory skf = SecretKeyFactory.getInstance(algoToTest); + SecretKey key2 = skf.translateKey(key1); + + // check if it still the same after translation + if (!Arrays.equals(key1.getEncoded(), key2.getEncoded())) { + System.err.println("generateAndTranslateKey test case failed: the " + + "key1 and key2 values in its primary encoding format are " + + "not the same for " + algoToTest + "algorithm."); + return false; + } + + return true; + } + + /** + * The test case scenario implemented in the method: - derive Key1 for the + * given PBKDF2 algorithm - create my own secret Key2 as an instance of a + * class implements PBEKey - translate Key2 - check if the key value of the + * translated key and Key1 are the same. + * + * @return true if the test case passed; false - otherwise. + * @throws NoSuchAlgorithmException + * @throws InvalidKeySpecException + * @throws InvalidKeyException + */ + public boolean testMyOwnSecretKey() + throws NoSuchAlgorithmException, InvalidKeySpecException, + InvalidKeyException { + SecretKey key1 = getSecretKeyForPBKDF2(algoToTest); + SecretKey key2 = getMyOwnSecretKey(); + + // Is it actually the same? + if (!Arrays.equals(key1.getEncoded(), key2.getEncoded())) { + System.err.println("We shouldn't be here. The key1 and key2 values " + + "in its primary encoding format have to be the same!"); + return false; + } + + // Translate key + SecretKeyFactory skf = SecretKeyFactory.getInstance(algoToTest); + SecretKey key3 = skf.translateKey(key2); + + // Check if it still the same after translation + if (!Arrays.equals(key1.getEncoded(), key3.getEncoded())) { + System.err.println("testMyOwnSecretKey test case failed: the key1 " + + "and key3 values in its primary encoding format are not " + + "the same for " + algoToTest + "algorithm."); + return false; + } + + return true; + } + + /** + * The test case scenario implemented in the method: - create my own secret + * Key2 as an instance of a class implements PBEKey - spoil the key (set + * iteration count to 0, for example) - try to translate key - + * InvalidKeyException is expected. + * + * @return true if InvalidKeyException occurred; false - otherwise. + * @throws NoSuchAlgorithmException + * @throws InvalidKeySpecException + */ + public boolean translateSpoiledKey() throws NoSuchAlgorithmException, + InvalidKeySpecException { + // derive the key + SecretKey key1 = getMyOwnSecretKey(); + + // spoil the key + ((MyPBKDF2SecretKey) key1).spoil(); + + // translate key + SecretKeyFactory skf = SecretKeyFactory.getInstance(algoToTest); + try { + SecretKey key2 = skf.translateKey(key1); + } catch (InvalidKeyException ike) { + // this is expected + return true; + } + + return false; + } + + /** + * Generate a PBKDF2 secret key using given algorithm. + * + * @param algoToDeriveKey PBKDF2 algorithm + * @return PBKDF2 secret key + * @throws NoSuchAlgorithmException + * @throws InvalidKeySpecException + */ + private SecretKey getSecretKeyForPBKDF2(String algoToDeriveKey) + throws NoSuchAlgorithmException, InvalidKeySpecException { + SecretKeyFactory skf = SecretKeyFactory.getInstance(algoToDeriveKey); + + PBEKeySpec spec = new PBEKeySpec(PASS_PHRASE.toCharArray(), + this.salt, ITERATION_COUNT, KEY_SIZE); + + return skf.generateSecret(spec); + } + + /** + * Generate a secrete key as an instance of a class implements PBEKey. + * + * @return secrete key + * @throws InvalidKeySpecException + * @throws NoSuchAlgorithmException + */ + private SecretKey getMyOwnSecretKey() throws InvalidKeySpecException, + NoSuchAlgorithmException { + return new MyPBKDF2SecretKey(PASS_PHRASE, this.algoToTest, this.salt, + ITERATION_COUNT, KEY_SIZE); + } +} + +/** + * An utility class to check the SecretKeyFactory.translateKey() method. + */ +class MyPBKDF2SecretKey implements PBEKey { + + private final byte[] key; + private final byte[] salt; + private final String algorithm; + private final int keySize, keyLength; + private int itereationCount; + private final String pass; + + @Override + public String getAlgorithm() { + return algorithm; + } + + @Override + public String getFormat() { + return "RAW"; + } + + @Override + public byte[] getEncoded() { + byte[] copy = new byte[keyLength]; + System.arraycopy(this.key, 0, copy, 0, keyLength); + return copy; + } + + /** + * The key is generating by SecretKeyFactory and its value just copying in + * the key field of MySecretKey class. So, this is real key derived using + * the given algorithm. + * + * @param passPhrase some string intended to be a password + * @param algo PBKDF2 algorithm + * @param salt slat for PBKDF2 + * @param iterationCount iteration count + * @param keySize key size in bits + * @throws InvalidKeySpecException + * @throws NoSuchAlgorithmException + */ + public MyPBKDF2SecretKey(String passPhrase, String algo, byte[] salt, + int iterationCount, int keySize) + throws InvalidKeySpecException, NoSuchAlgorithmException { + this.algorithm = algo; + this.salt = salt; + this.itereationCount = iterationCount; + this.keySize = keySize; + this.pass = passPhrase; + + PBEKeySpec spec = new PBEKeySpec(passPhrase.toCharArray(), + this.salt, iterationCount, this.keySize); + + SecretKeyFactory keyFactory + = SecretKeyFactory.getInstance(algo); + + SecretKey realKey = keyFactory.generateSecret(spec); + + this.keyLength = realKey.getEncoded().length; + + this.key = new byte[this.keyLength]; + System.arraycopy(realKey.getEncoded(), 0, this.key, 0, + this.keyLength); + } + + @Override + public int getIterationCount() { + return itereationCount; + } + + @Override + public byte[] getSalt() { + return salt; + } + + @Override + public char[] getPassword() { + return this.pass.toCharArray(); + } + + /** + * Spoil the generated key (before translation) to cause an + * InvalidKeyException + */ + public void spoil() { + this.itereationCount = -1; + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/com/sun/crypto/provider/Cipher/PBE/TestCipherKeyWrapperPBEKey.java Thu Jul 10 12:40:48 2014 -0700 @@ -0,0 +1,168 @@ +/* + * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.PrintStream; +import java.security.AlgorithmParameters; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.Provider; +import java.security.Security; +import java.security.spec.AlgorithmParameterSpec; +import java.util.Arrays; +import java.util.Random; +import java.util.StringTokenizer; +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.PBEParameterSpec; + +/** + * @test + * @bug 8041781 + * @summary Test to see if key wrapper works correctly with PBEKey + * @author Yu-Ching (Valerie) PENG + * @author Bill Situ + * @author Yun Ke + * @run main TestCipherKeyWrapperPBEKey + */ +public class TestCipherKeyWrapperPBEKey { + + private static final String[] PBEAlgorithms = { + "pbeWithMD5ANDdes", + "PBEWithMD5AndDES/CBC/PKCS5Padding", + "PBEWithMD5AndTripleDES", + "PBEWithMD5AndTripleDES/CBC/PKCS5Padding", + "PBEwithSHA1AndDESede", + "PBEwithSHA1AndDESede/CBC/PKCS5Padding", + "PBEwithSHA1AndRC2_40", + "PBEwithSHA1Andrc2_40/CBC/PKCS5Padding", + "PBEWithSHA1AndRC2_128", + "PBEWithSHA1andRC2_128/CBC/PKCS5Padding", + "PBEWithSHA1AndRC4_40", + "PBEWithsha1AndRC4_40/ECB/NoPadding", + "PBEWithSHA1AndRC4_128", + "pbeWithSHA1AndRC4_128/ECB/NoPadding", + "PBEWithHmacSHA1AndAES_128", + "PBEWithHmacSHA224AndAES_128", + "PBEWithHmacSHA256AndAES_128", + "PBEWithHmacSHA384AndAES_128", + "PBEWithHmacSHA512AndAES_128", + "PBEWithHmacSHA1AndAES_256", + "PBEWithHmacSHA224AndAES_256", + "PBEWithHmacSHA256AndAES_256", + "PBEWithHmacSHA384AndAES_256", + "PBEWithHmacSHA512AndAES_256" + }; + + public static void main(String[] args) { + + TestCipherKeyWrapperPBEKey test = new TestCipherKeyWrapperPBEKey(); + Provider sunjce = Security.getProvider("SunJCE"); + + if (!test.runAll(sunjce, System.out)) { + throw new RuntimeException("One or more tests have failed...."); + } + } + + public boolean runAll(Provider p, PrintStream out) { + boolean finalResult = true; + + for (String algorithm : PBEAlgorithms) { + out.println("Running test with " + algorithm + ":"); + try { + if (!runTest(p, algorithm, out)) { + finalResult = false; + out.println("STATUS: Failed"); + } else { + out.println("STATUS: Passed"); + } + } catch (Exception ex) { + finalResult = false; + ex.printStackTrace(out); + out.println("STATUS:Failed"); + } + } + + return finalResult; + } + + // Have a generic throws Exception as it can throw many different exceptions + public boolean runTest(Provider p, String algo, PrintStream out) + throws Exception { + + byte[] salt = new byte[8]; + int ITERATION_COUNT = 1000; + AlgorithmParameters pbeParams = null; + + String baseAlgo + = new StringTokenizer(algo, "/").nextToken().toUpperCase(); + boolean isAES = baseAlgo.contains("AES"); + + try { + // Initialization + new Random().nextBytes(salt); + AlgorithmParameterSpec aps = new PBEParameterSpec(salt, + ITERATION_COUNT); + SecretKeyFactory skf = SecretKeyFactory.getInstance(baseAlgo, p); + SecretKey key = skf.generateSecret(new PBEKeySpec( + "Secret Key".toCharArray())); + Cipher ci = Cipher.getInstance(algo); + + if (isAES) { + ci.init(Cipher.WRAP_MODE, key); + pbeParams = ci.getParameters(); + } else { + ci.init(Cipher.WRAP_MODE, key, aps); + } + + byte[] keyWrapper = ci.wrap(key); + if (isAES) { + ci.init(Cipher.UNWRAP_MODE, key, pbeParams); + } else { + ci.init(Cipher.UNWRAP_MODE, key, aps); + } + + Key unwrappedKey = ci.unwrap(keyWrapper, algo, Cipher.SECRET_KEY); + + if (baseAlgo.endsWith("TRIPLEDES") + || baseAlgo.endsWith("AES_256")) { + out.print( + "InvalidKeyException not thrown when keyStrength > 128"); + return false; + } + + return (Arrays.equals(key.getEncoded(), unwrappedKey.getEncoded())); + + } catch (InvalidKeyException ex) { + + if ((baseAlgo.endsWith("TRIPLEDES") + || baseAlgo.endsWith("AES_256"))) { + out.println("Expected InvalidKeyException, keyStrength > 128"); + return true; + } else { + throw ex; + } + } + } +}
--- a/jdk/test/com/sun/jndi/ldap/LdapTimeoutTest.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/test/com/sun/jndi/ldap/LdapTimeoutTest.java Thu Jul 10 12:40:48 2014 -0700 @@ -27,6 +27,8 @@ * @summary Timeout tests for ldap */ +import com.sun.jndi.ldap.Connection; + import java.net.Socket; import java.net.ServerSocket; import java.net.SocketTimeoutException; @@ -38,7 +40,9 @@ import java.util.concurrent.Executors; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.ScheduledFuture; -import java.util.concurrent.TimeUnit; + +import static java.util.concurrent.TimeUnit.MILLISECONDS; +import static java.util.concurrent.TimeUnit.NANOSECONDS; public class LdapTimeoutTest { private static final ScheduledExecutorService pool = @@ -85,7 +89,7 @@ void ldapReadTimeoutTest(Hashtable env, boolean ssl) { InitialContext ctx = null; if (ssl) env.put(Context.SECURITY_PROTOCOL, "ssl"); - ScheduledFuture killer = killSwitch(5000); + ScheduledFuture killer = killSwitch(5_000); long start = System.nanoTime(); try { ctx = new InitialDirContext(env); @@ -113,7 +117,7 @@ void simpleAuthConnectTest(Hashtable env) { InitialContext ctx = null; - ScheduledFuture killer = killSwitch(5000); + ScheduledFuture killer = killSwitch(5_000); long start = System.nanoTime(); try { ctx = new InitialDirContext(env); @@ -123,7 +127,7 @@ } catch (NamingException e) { long end = System.nanoTime(); if (e.getCause() instanceof SocketTimeoutException) { - if (TimeUnit.NANOSECONDS.toMillis(end - start) < 2900) { + if (NANOSECONDS.toMillis(end - start) < 2_900) { pass(); } else { System.err.println("Fail: Waited too long"); @@ -142,7 +146,7 @@ void deadServerNoTimeout(Hashtable env) { InitialContext ctx = null; - ScheduledFuture killer = killSwitch(30000); + ScheduledFuture killer = killSwitch(30_000); long start = System.nanoTime(); try { ctx = new InitialDirContext(env); @@ -154,9 +158,13 @@ fail(); } catch (NamingException e) { long end = System.nanoTime(); - if (TimeUnit.NANOSECONDS.toMillis(end - start) < 14000) { - System.err.println("fail: timeout should be at least 15 seconds, actual time: " - + TimeUnit.NANOSECONDS.toMillis(end - start)); + long elapsed = NANOSECONDS.toMillis(end - start); + if (elapsed < Connection.DEFAULT_READ_TIMEOUT_MILLIS) { + System.err.printf( + "fail: timeout should be at least %s ms, actual time is %s ms", + Connection.DEFAULT_READ_TIMEOUT_MILLIS, + elapsed); + e.printStackTrace(); fail(); } else { pass(); @@ -184,7 +192,7 @@ System.exit(0); return null; } - }, ms, TimeUnit.MILLISECONDS); + }, ms, MILLISECONDS); } static class Server extends Thread {
--- a/jdk/test/com/sun/security/sasl/ntlm/NTLMTest.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/test/com/sun/security/sasl/ntlm/NTLMTest.java Thu Jul 10 12:40:48 2014 -0700 @@ -23,7 +23,7 @@ /* * @test - * @bug 6911951 + * @bug 6911951 7150092 * @summary NTLM should be a supported Java SASL mechanism */ import java.io.IOException; @@ -59,7 +59,6 @@ checkAuthOnly(); checkClientNameOverride(); - checkServerDomainOverride(); checkClientDomainOverride(); checkVersions(); checkClientHostname(); @@ -116,15 +115,12 @@ Map<String,Object> ps = new HashMap<>(); ps.put("com.sun.security.sasl.ntlm.version", vs); SaslClient clnt = Sasl.createSaslClient( - new String[]{MECH}, USER1, PROTOCOL, null, pc, + new String[]{MECH}, USER1, PROTOCOL, REALM, pc, new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb: callbacks) { - if (cb instanceof NameCallback) { - NameCallback ncb = (NameCallback)cb; - ncb.setName(ncb.getDefaultName()); - } else if (cb instanceof PasswordCallback) { + if (cb instanceof PasswordCallback) { ((PasswordCallback)cb).setPassword(PASS1); } } @@ -159,15 +155,12 @@ Map<String,Object> pc = new HashMap<>(); pc.put("com.sun.security.sasl.ntlm.hostname", "this.is.com"); SaslClient clnt = Sasl.createSaslClient( - new String[]{MECH}, USER1, PROTOCOL, null, pc, + new String[]{MECH}, USER1, PROTOCOL, REALM, pc, new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb: callbacks) { - if (cb instanceof NameCallback) { - NameCallback ncb = (NameCallback)cb; - ncb.setName(ncb.getDefaultName()); - } else if (cb instanceof PasswordCallback) { + if (cb instanceof PasswordCallback) { ((PasswordCallback)cb).setPassword(PASS1); } } @@ -212,12 +205,8 @@ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb: callbacks) { - if (cb instanceof NameCallback) { - NameCallback ncb = (NameCallback)cb; - ncb.setName(ncb.getDefaultName()); - } else if(cb instanceof RealmCallback) { - RealmCallback dcb = (RealmCallback)cb; - dcb.setText("THIRDDOMAIN"); + if (cb instanceof RealmCallback) { + ((RealmCallback)cb).setText(REALM); } else if (cb instanceof PasswordCallback) { ((PasswordCallback)cb).setPassword(PASS1); } @@ -255,13 +244,13 @@ */ private static void checkClientNameOverride() throws Exception { SaslClient clnt = Sasl.createSaslClient( - new String[]{MECH}, null, PROTOCOL, null, null, + new String[]{MECH}, "someone", PROTOCOL, REALM, null, new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb: callbacks) { if (cb instanceof NameCallback) { - NameCallback ncb = (NameCallback)cb; + NameCallback ncb = (NameCallback) cb; ncb.setName(USER1); } else if (cb instanceof PasswordCallback) { ((PasswordCallback)cb).setPassword(PASS1); @@ -270,54 +259,7 @@ } }); - SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, REALM, null, - new CallbackHandler() { - public void handle(Callback[] callbacks) - throws IOException, UnsupportedCallbackException { - String domain = null, name = null; - PasswordCallback pcb = null; - for (Callback cb: callbacks) { - if (cb instanceof NameCallback) { - name = ((NameCallback)cb).getDefaultName(); - } else if (cb instanceof RealmCallback) { - domain = ((RealmCallback)cb).getDefaultText(); - } else if (cb instanceof PasswordCallback) { - pcb = (PasswordCallback)cb; - } - } - if (pcb != null) { - pcb.setPassword(getPass(domain, name)); - } - } - }); - - handshake(clnt, srv); - } - - /** - * server side domain provided in props. - * @throws Exception - */ - private static void checkServerDomainOverride() throws Exception { - SaslClient clnt = Sasl.createSaslClient( - new String[]{MECH}, USER1, PROTOCOL, null, null, - new CallbackHandler() { - public void handle(Callback[] callbacks) - throws IOException, UnsupportedCallbackException { - for (Callback cb: callbacks) { - if (cb instanceof NameCallback) { - NameCallback ncb = (NameCallback)cb; - ncb.setName(ncb.getDefaultName()); - } else if (cb instanceof PasswordCallback) { - ((PasswordCallback)cb).setPassword(PASS1); - } - } - } - }); - - Map<String,Object> ps = new HashMap<>(); - ps.put("com.sun.security.sasl.ntlm.domain", REALM); - SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, null, ps, + SaslServer srv = Sasl.createSaslServer(MECH, PROTOCOL, "FAKE", null, new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
--- a/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/test/java/lang/SecurityManager/CheckPackageAccess.java Thu Jul 10 12:40:48 2014 -0700 @@ -80,7 +80,6 @@ "com.sun.org.glassfish.", "com.oracle.xmlns.internal.", "com.oracle.webservices.internal.", - "oracle.jrockit.jfr.", "org.jcp.xml.dsig.internal.", "jdk.internal.", "jdk.nashorn.internal.",
--- a/jdk/test/java/text/Bidi/Bug7051769.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/test/java/text/Bidi/Bug7051769.java Thu Jul 10 12:40:48 2014 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2011, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,8 +23,11 @@ /* * @test - * @bug 7051769 + * @bug 7051769 8038092 * @summary verify that Bidi.toString() returns the corect result. + * The second run is intended to test lazy SharedSectets init for 8038092 + * @run main Bug7051769 + * @run main/othervm -DpreloadBidi=true Bug7051769 */ import java.awt.font.*; import java.text.*; @@ -32,6 +35,18 @@ public class Bug7051769 { + static { + if (System.getProperty("preloadBidi", "").equals("true")) { + // Make sure the SharedSecret is lazily initialized correctly + try { + Class.forName("sun.text.bidi.BidiBase"); + System.out.println("BidiBase class has been pre-loaded."); + } catch (ClassNotFoundException e) { + System.out.println("BidiBase class could not be pre-loaded."); + } + } + } + private static boolean err = false; public static void main(String[] args) {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/java/util/logging/CheckZombieLockTest.java Thu Jul 10 12:40:48 2014 -0700 @@ -0,0 +1,369 @@ +/* + * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/* + * @test + * @bug 8048020 + * @author Daniel Fuchs + * @summary Regression on java.util.logging.FileHandler. + * The fix is to avoid filling up the file system with zombie lock files. + * + * @run main/othervm CheckZombieLockTest WRITABLE CLOSE CLEANUP + * @run main/othervm CheckZombieLockTest CLEANUP + * @run main/othervm CheckZombieLockTest WRITABLE + * @run main/othervm CheckZombieLockTest CREATE_FIRST + * @run main/othervm CheckZombieLockTest CREATE_NEXT + * @run main/othervm CheckZombieLockTest CREATE_NEXT + * @run main/othervm CheckZombieLockTest CLEANUP + * @run main/othervm CheckZombieLockTest REUSE + * @run main/othervm CheckZombieLockTest CLEANUP + */ +import java.io.File; +import java.io.IOException; +import java.nio.channels.FileChannel; +import java.nio.file.Paths; +import java.nio.file.StandardOpenOption; +import java.util.ArrayList; +import java.util.List; +import java.util.UUID; +import java.util.logging.FileHandler; +import java.util.logging.Level; +import java.util.logging.LogRecord; +public class CheckZombieLockTest { + + private static final String WRITABLE_DIR = "writable-dir"; + private static volatile boolean supportsLocking = true; + + static enum TestCase { + WRITABLE, // just verifies that we can create a file in our 'writable-dir' + CLOSE, // checks that closing a FileHandler removes its lock file + CREATE_FIRST, // verifies that 'writable-dir' contains no lock, then creates a first FileHandler. + CREATE_NEXT, // verifies that 'writable-dir' contains a single lock, then creates the next FileHandler + REUSE, // verifies that zombie lock files can be reused + CLEANUP // removes "writable-dir" + }; + + public static void main(String... args) throws IOException { + // we'll base all file creation attempts on the system temp directory, + // %t + File writableDir = setup(); + System.out.println("Writable dir is: "+writableDir.getAbsolutePath()); + // we now have one writable directory to work with: + // writableDir + if (args == null || args.length == 0) { + args = new String[] { "WRITABLE", "CLOSE", "CLEANUP" }; + } + try { + runTests(writableDir, args); + } catch (RuntimeException | IOException | Error x) { + // some error occured: cleanup + delete(writableDir); + throw x; + } + } + + /** + * @param writableDir in which log and lock file are created + * @throws SecurityException + * @throws RuntimeException + * @throws IOException + */ + private static void runTests(File writableDir, String... args) throws SecurityException, + RuntimeException, IOException { + for (String arg : args) { + switch(TestCase.valueOf(arg)) { + // Test 1: makes sure we can create FileHandler in writable directory + case WRITABLE: checkWritable(writableDir); break; + // Test 2: verifies that FileHandler.close() cleans up its lock file + case CLOSE: testFileHandlerClose(writableDir); break; + // Test 3: creates the first file handler + case CREATE_FIRST: testFileHandlerCreate(writableDir, true); break; + // Test 4, 5, ... creates the next file handler + case CREATE_NEXT: testFileHandlerCreate(writableDir, false); break; + // Checks that zombie lock files are reused appropriatly + case REUSE: testFileHandlerReuse(writableDir); break; + // Removes the writableDir + case CLEANUP: delete(writableDir); break; + default: throw new RuntimeException("No such test case: "+arg); + } + } + } + + /** + * @param writableDir in which log and lock file are created + * @throws SecurityException + * @throws RuntimeException + * @throws IOException + */ + private static void checkWritable(File writableDir) throws SecurityException, + RuntimeException, IOException { + // Test 1: make sure we can create/delete files in the writable dir. + final File file = new File(writableDir, "test.txt"); + if (!createFile(file, false)) { + throw new IOException("Can't create "+file+"\n\tUnable to run test"); + } else { + delete(file); + } + } + + + private static FileHandler createFileHandler(File writableDir) throws SecurityException, + RuntimeException, IOException { + // Test 1: make sure we can create FileHandler in writable directory + try { + FileHandler handler = new FileHandler("%t/" + WRITABLE_DIR + "/log.log"); + handler.publish(new LogRecord(Level.INFO, handler.toString())); + handler.flush(); + return handler; + } catch (IOException ex) { + throw new RuntimeException("Test failed: should have been able" + + " to create FileHandler for " + "%t/" + WRITABLE_DIR + + "/log.log in writable directory.", ex); + } + } + + private static List<File> listLocks(File writableDir, boolean print) + throws IOException { + List<File> locks = new ArrayList<>(); + for (File f : writableDir.listFiles()) { + if (print) { + System.out.println("Found file: " + f.getName()); + } + if (f.getName().endsWith(".lck")) { + locks.add(f); + } + } + return locks; + } + + private static void testFileHandlerClose(File writableDir) throws IOException { + File fakeLock = new File(writableDir, "log.log.lck"); + if (!createFile(fakeLock, false)) { + throw new IOException("Can't create fake lock file: "+fakeLock); + } + try { + List<File> before = listLocks(writableDir, true); + System.out.println("before: " +before.size() + " locks found"); + FileHandler handler = createFileHandler(writableDir); + System.out.println("handler created: "+handler); + List<File> after = listLocks(writableDir, true); + System.out.println("after creating handler: " + after.size() + " locks found"); + handler.close(); + System.out.println("handler closed: "+handler); + List<File> afterClose = listLocks(writableDir, true); + System.out.println("after closing handler: " + afterClose.size() + " locks found"); + afterClose.removeAll(before); + if (!afterClose.isEmpty()) { + throw new RuntimeException("Zombie lock file detected: "+ afterClose); + } + } finally { + if (fakeLock.canRead()) delete(fakeLock); + } + List<File> finalLocks = listLocks(writableDir, false); + System.out.println("After cleanup: " + finalLocks.size() + " locks found"); + } + + + private static void testFileHandlerReuse(File writableDir) throws IOException { + List<File> before = listLocks(writableDir, true); + System.out.println("before: " +before.size() + " locks found"); + try { + if (!before.isEmpty()) { + throw new RuntimeException("Expected no lock file! Found: "+before); + } + } finally { + before.stream().forEach(CheckZombieLockTest::delete); + } + + FileHandler handler1 = createFileHandler(writableDir); + System.out.println("handler created: "+handler1); + List<File> after = listLocks(writableDir, true); + System.out.println("after creating handler: " + after.size() + " locks found"); + if (after.size() != 1) { + throw new RuntimeException("Unexpected number of lock files found for "+handler1+": "+after); + } + final File lock = after.get(0); + after.clear(); + handler1.close(); + after = listLocks(writableDir, true); + System.out.println("after closing handler: " + after.size() + " locks found"); + if (!after.isEmpty()) { + throw new RuntimeException("Unexpected number of lock files found for "+handler1+": "+after); + } + if (!createFile(lock, false)) { + throw new IOException("Can't create fake lock file: "+lock); + } + try { + before = listLocks(writableDir, true); + System.out.println("before: " +before.size() + " locks found"); + if (before.size() != 1) { + throw new RuntimeException("Unexpected number of lock files found: "+before+" expected [" + +lock+"]."); + } + FileHandler handler2 = createFileHandler(writableDir); + System.out.println("handler created: "+handler2); + after = listLocks(writableDir, true); + System.out.println("after creating handler: " + after.size() + " locks found"); + after.removeAll(before); + if (!after.isEmpty()) { + throw new RuntimeException("Unexpected lock file found: "+after + + "\n\t" + lock + " should have been reused"); + } + handler2.close(); + System.out.println("handler closed: "+handler2); + List<File> afterClose = listLocks(writableDir, true); + System.out.println("after closing handler: " + afterClose.size() + " locks found"); + if (!afterClose.isEmpty()) { + throw new RuntimeException("Zombie lock file detected: "+ afterClose); + } + + if (supportsLocking) { + FileChannel fc = FileChannel.open(Paths.get(lock.getAbsolutePath()), + StandardOpenOption.CREATE_NEW, StandardOpenOption.APPEND, + StandardOpenOption.WRITE); + try { + if (fc.tryLock() != null) { + System.out.println("locked: "+lock); + handler2 = createFileHandler(writableDir); + System.out.println("handler created: "+handler2); + after = listLocks(writableDir, true); + System.out.println("after creating handler: " + after.size() + " locks found"); + after.removeAll(before); + if (after.size() != 1) { + throw new RuntimeException("Unexpected lock files found: "+after + + "\n\t" + lock + " should not have been reused"); + } + } else { + throw new RuntimeException("Failed to lock: "+lock); + } + } finally { + delete(lock); + } + } + } finally { + List<File> finalLocks = listLocks(writableDir, false); + System.out.println("end: " + finalLocks.size() + " locks found"); + delete(writableDir); + } + } + + + private static void testFileHandlerCreate(File writableDir, boolean first) + throws IOException { + List<File> before = listLocks(writableDir, true); + System.out.println("before: " +before.size() + " locks found"); + try { + if (first && !before.isEmpty()) { + throw new RuntimeException("Expected no lock file! Found: "+before); + } else if (!first && before.size() != 1) { + throw new RuntimeException("Expected a single lock file! Found: "+before); + } + } finally { + before.stream().forEach(CheckZombieLockTest::delete); + } + FileHandler handler = createFileHandler(writableDir); + System.out.println("handler created: "+handler); + List<File> after = listLocks(writableDir, true); + System.out.println("after creating handler: " + after.size() + " locks found"); + if (after.size() != 1) { + throw new RuntimeException("Unexpected number of lock files found for "+handler+": "+after); + } + } + + + /** + * Setup all the files and directories needed for the tests + * + * @return writable directory created that needs to be deleted when done + * @throws RuntimeException + */ + private static File setup() throws RuntimeException { + // First do some setup in the temporary directory (using same logic as + // FileHandler for %t pattern) + String tmpDir = System.getProperty("java.io.tmpdir"); // i.e. %t + if (tmpDir == null) { + tmpDir = System.getProperty("user.home"); + } + File tmpOrHomeDir = new File(tmpDir); + // Create a writable directory here (%t/writable-dir) + File writableDir = new File(tmpOrHomeDir, WRITABLE_DIR); + if (!createFile(writableDir, true)) { + throw new RuntimeException("Test setup failed: unable to create" + + " writable working directory " + + writableDir.getAbsolutePath() ); + } + + // try to determine whether file locking is supported + try { + FileChannel fc = FileChannel.open(Paths.get(writableDir.getAbsolutePath(), + UUID.randomUUID().toString()+".lck"), + StandardOpenOption.CREATE_NEW, StandardOpenOption.APPEND, + StandardOpenOption.DELETE_ON_CLOSE); + try { + fc.tryLock(); + } catch(IOException x) { + supportsLocking = false; + } finally { + fc.close(); + } + } catch(Throwable t) { + // should not happen + t.printStackTrace(); + } + return writableDir; + } + + /** + * @param newFile + * @return true if file already exists or creation succeeded + */ + private static boolean createFile(File newFile, boolean makeDirectory) { + if (newFile.exists()) { + return true; + } + if (makeDirectory) { + return newFile.mkdir(); + } else { + try { + return newFile.createNewFile(); + } catch (IOException ioex) { + ioex.printStackTrace(); + return false; + } + } + } + + /* + * Recursively delete all files starting at specified file + */ + private static void delete(File f) { + if (f != null && f.isDirectory()) { + for (File c : f.listFiles()) + delete(c); + } + if (!f.delete()) + System.err.println( + "WARNING: unable to delete/cleanup writable test directory: " + + f ); + } +}
--- a/jdk/test/java/util/logging/LoggingDeadlock2.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/test/java/util/logging/LoggingDeadlock2.java Thu Jul 10 12:40:48 2014 -0700 @@ -28,7 +28,7 @@ * @author Serguei Spitsyn / Hitachi / Martin Buchholz * * @build LoggingDeadlock2 - * @run main/timeout=15 LoggingDeadlock2 + * @run main LoggingDeadlock2 * * There is a clear deadlock between LogManager.<clinit> and * Cleaner.run() methods.
--- a/jdk/test/sun/security/krb5/auto/SaslBasic.java Thu Jul 10 12:13:26 2014 -0700 +++ b/jdk/test/sun/security/krb5/auto/SaslBasic.java Thu Jul 10 12:40:48 2014 -0700 @@ -29,6 +29,8 @@ * @run main/othervm SaslBasic bound * @run main/othervm SaslBasic unbound */ +import com.sun.security.jgss.InquireType; + import java.io.IOException; import java.util.Arrays; import java.util.HashMap; @@ -82,11 +84,17 @@ } } if (!bound) { - String boundName = (String)ss.getNegotiatedProperty(Sasl.BOUND_SERVER_NAME); + String boundName = (String)ss.getNegotiatedProperty( + Sasl.BOUND_SERVER_NAME); if (!boundName.equals(name)) { throw new Exception("Wrong bound server name"); } } + Object key = ss.getNegotiatedProperty( + "com.sun.security.jgss.inquiretype.krb5_get_session_key"); + if (key == null) { + throw new Exception("Extended negotiated property not read"); + } byte[] hello = "hello".getBytes(); token = sc.wrap(hello, 0, hello.length); token = ss.unwrap(token, 0, token.length);