From 64089cc9f030d8ef7972adb5d117e0b23f47d62b Mon Sep 17 00:00:00 2001
From: mark <mark@138bc75d-0d04-0410-961f-82ee72b054a4>
Date: Thu, 18 May 2006 17:29:21 +0000
Subject:        Imported GNU Classpath 0.90        * scripts/makemake.tcl:
 LocaleData.java moved to gnu/java/locale.

       * sources.am: Regenerated.
       * gcj/javaprims.h: Regenerated.
       * Makefile.in: Regenerated.
       * gcj/Makefile.in: Regenerated.
       * include/Makefile.in: Regenerated.
       * testsuite/Makefile.in: Regenerated.

       * gnu/java/lang/VMInstrumentationImpl.java: New override.
       * gnu/java/net/local/LocalSocketImpl.java: Likewise.
       * gnu/classpath/jdwp/VMMethod.java: Likewise.
       * gnu/classpath/jdwp/VMVirtualMachine.java: Update to latest
       interface.
       * java/lang/Thread.java: Add UncaughtExceptionHandler.
       * java/lang/reflect/Method.java: Implements GenericDeclaration and
       isSynthetic(),
       * java/lang/reflect/Field.java: Likewise.
       * java/lang/reflect/Constructor.java
       * java/lang/Class.java: Implements Type, GenericDeclaration,
       getSimpleName() and getEnclosing*() methods.
       * java/lang/Class.h: Add new public methods.
       * java/lang/Math.java: Add signum(), ulp() and log10().
       * java/lang/natMath.cc (log10): New function.
       * java/security/VMSecureRandom.java: New override.
       * java/util/logging/Logger.java: Updated to latest classpath
       version.
       * java/util/logging/LogManager.java: New override.


git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@113887 138bc75d-0d04-0410-961f-82ee72b054a4
---
 .../classpath/gnu/java/security/Properties.java    |   6 +-
 libjava/classpath/gnu/java/security/Registry.java  |   3 +
 .../classpath/gnu/java/security/hash/Haval.java    |   2 +-
 libjava/classpath/gnu/java/security/hash/MD2.java  |   2 +-
 libjava/classpath/gnu/java/security/hash/MD4.java  |   2 +-
 libjava/classpath/gnu/java/security/hash/MD5.java  |   2 +-
 .../gnu/java/security/hash/RipeMD128.java          |   2 +-
 .../gnu/java/security/hash/RipeMD160.java          |   2 +-
 .../classpath/gnu/java/security/hash/Sha160.java   |   2 +-
 .../classpath/gnu/java/security/hash/Sha256.java   |   2 +-
 .../classpath/gnu/java/security/hash/Sha384.java   |   2 +-
 .../classpath/gnu/java/security/hash/Sha512.java   |   2 +-
 .../classpath/gnu/java/security/hash/Tiger.java    |   2 +-
 .../gnu/java/security/hash/Whirlpool.java          | 583 +++++++++++----------
 .../gnu/java/security/jce/hash/HavalSpi.java       |   2 -
 .../gnu/java/security/jce/hash/MD2Spi.java         |   2 -
 .../gnu/java/security/jce/hash/MD4Spi.java         |   2 -
 .../gnu/java/security/jce/hash/MD5Spi.java         |   2 -
 .../security/jce/hash/MessageDigestAdapter.java    |   2 -
 .../gnu/java/security/jce/hash/RipeMD128Spi.java   |   2 -
 .../gnu/java/security/jce/hash/RipeMD160Spi.java   |   2 -
 .../gnu/java/security/jce/hash/Sha160Spi.java      |   2 -
 .../gnu/java/security/jce/hash/Sha256Spi.java      |   2 -
 .../gnu/java/security/jce/hash/Sha384Spi.java      |   2 -
 .../gnu/java/security/jce/hash/Sha512Spi.java      |   2 -
 .../gnu/java/security/jce/hash/TigerSpi.java       |   2 -
 .../gnu/java/security/jce/hash/WhirlpoolSpi.java   |   2 -
 .../security/jce/prng/SecureRandomAdapter.java     |   8 +-
 .../security/jce/sig/DSSKeyPairGeneratorSpi.java   |   2 -
 .../java/security/jce/sig/DSSRawSignatureSpi.java  |   2 -
 .../security/jce/sig/KeyPairGeneratorAdapter.java  |   2 -
 .../gnu/java/security/jce/sig/RSAKeyFactory.java   |   4 +-
 .../security/jce/sig/RSAPSSRawSignatureSpi.java    |   2 -
 .../java/security/jce/sig/SignatureAdapter.java    |   2 -
 .../gnu/java/security/key/IKeyPairCodec.java       |   2 -
 .../gnu/java/security/key/IKeyPairGenerator.java   |   2 -
 .../java/security/key/KeyPairGeneratorFactory.java |  13 +-
 .../gnu/java/security/key/dss/DSSKey.java          |  21 +-
 .../security/key/dss/DSSKeyPairPKCS8Codec.java     |  16 +-
 .../java/security/key/dss/DSSKeyPairRawCodec.java  |   2 -
 .../gnu/java/security/key/dss/DSSPrivateKey.java   |  22 +-
 .../gnu/java/security/key/dss/DSSPublicKey.java    |  20 +-
 .../gnu/java/security/key/dss/FIPS186.java         |   2 -
 .../gnu/java/security/key/rsa/GnuRSAKey.java       |  23 +-
 .../java/security/key/rsa/GnuRSAPrivateKey.java    |  27 +-
 .../gnu/java/security/key/rsa/GnuRSAPublicKey.java |  19 +-
 .../java/security/key/rsa/RSAKeyPairGenerator.java |  14 +-
 .../security/key/rsa/RSAKeyPairPKCS8Codec.java     |  13 +-
 .../java/security/key/rsa/RSAKeyPairX509Codec.java |   3 +-
 .../gnu/java/security/pkcs/PKCS7Data.java          |  69 +++
 .../gnu/java/security/pkcs/PKCS7SignedData.java    | 231 ++++++--
 .../gnu/java/security/pkcs/SignerInfo.java         | 207 ++++++--
 .../gnu/java/security/prng/MDGenerator.java        |  14 +
 .../security/provider/DSAParameterGenerator.java   | 128 -----
 .../classpath/gnu/java/security/provider/Gnu.java  |   1 +
 .../gnu/java/security/sig/ISignature.java          |   2 -
 .../gnu/java/security/sig/ISignatureCodec.java     |   2 -
 .../gnu/java/security/sig/dss/DSSSignature.java    |   2 -
 .../security/sig/dss/DSSSignatureRawCodec.java     |   2 -
 .../gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java |   2 -
 .../gnu/java/security/sig/rsa/EMSA_PSS.java        |   2 -
 .../security/sig/rsa/RSAPKCS1V1_5Signature.java    |   2 -
 .../gnu/java/security/sig/rsa/RSAPSSSignature.java |   2 -
 .../security/sig/rsa/RSAPSSSignatureRawCodec.java  |   2 -
 libjava/classpath/gnu/java/security/util/Util.java |   2 -
 .../java/security/x509/X500DistinguishedName.java  |  14 +-
 66 files changed, 925 insertions(+), 620 deletions(-)
 create mode 100644 libjava/classpath/gnu/java/security/pkcs/PKCS7Data.java
 delete mode 100644 libjava/classpath/gnu/java/security/provider/DSAParameterGenerator.java

(limited to 'libjava/classpath/gnu/java/security')

diff --git a/libjava/classpath/gnu/java/security/Properties.java b/libjava/classpath/gnu/java/security/Properties.java
index 813888c20a8..860b7d928ff 100644
--- a/libjava/classpath/gnu/java/security/Properties.java
+++ b/libjava/classpath/gnu/java/security/Properties.java
@@ -333,9 +333,9 @@ public final class Properties
     handleBooleanProperty(DO_RSA_BLINDING);
 
     // re-sync the 'known' properties
-    reproducible = new Boolean((String) props.get(REPRODUCIBLE_PRNG)).booleanValue();
-    checkForWeakKeys = new Boolean((String) props.get(CHECK_WEAK_KEYS)).booleanValue();
-    doRSABlinding = new Boolean((String) props.get(DO_RSA_BLINDING)).booleanValue();
+    reproducible = Boolean.valueOf((String) props.get(REPRODUCIBLE_PRNG)).booleanValue();
+    checkForWeakKeys = Boolean.valueOf((String) props.get(CHECK_WEAK_KEYS)).booleanValue();
+    doRSABlinding = Boolean.valueOf((String) props.get(DO_RSA_BLINDING)).booleanValue();
 
     // This does not change.
     props.put(VERSION, Registry.VERSION_STRING);
diff --git a/libjava/classpath/gnu/java/security/Registry.java b/libjava/classpath/gnu/java/security/Registry.java
index efb54e71470..0cb92513502 100644
--- a/libjava/classpath/gnu/java/security/Registry.java
+++ b/libjava/classpath/gnu/java/security/Registry.java
@@ -159,6 +159,9 @@ public interface Registry
 
   // Padding scheme names and synonyms........................................
 
+  /** PKCS#5 padding scheme. */
+  String PKCS5_PAD = "pkcs5";
+
   /** PKCS#7 padding scheme. */
   String PKCS7_PAD = "pkcs7";
 
diff --git a/libjava/classpath/gnu/java/security/hash/Haval.java b/libjava/classpath/gnu/java/security/hash/Haval.java
index f9f3282f278..1bf75652de7 100644
--- a/libjava/classpath/gnu/java/security/hash/Haval.java
+++ b/libjava/classpath/gnu/java/security/hash/Haval.java
@@ -567,7 +567,7 @@ public class Haval extends BaseHash
   {
     if (valid == null)
       {
-        valid = new Boolean(DIGEST0.equals(Util.toString(new Haval().digest())));
+        valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new Haval().digest())));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/MD2.java b/libjava/classpath/gnu/java/security/hash/MD2.java
index 41e876983bd..2a93c42c44a 100644
--- a/libjava/classpath/gnu/java/security/hash/MD2.java
+++ b/libjava/classpath/gnu/java/security/hash/MD2.java
@@ -181,7 +181,7 @@ public class MD2 extends BaseHash
   {
     if (valid == null)
       {
-        valid = new Boolean(DIGEST0.equals(Util.toString(new MD2().digest())));
+        valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new MD2().digest())));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/MD4.java b/libjava/classpath/gnu/java/security/hash/MD4.java
index 54dda358b11..a09eb170554 100644
--- a/libjava/classpath/gnu/java/security/hash/MD4.java
+++ b/libjava/classpath/gnu/java/security/hash/MD4.java
@@ -154,7 +154,7 @@ public class MD4 extends BaseHash
   {
     if (valid == null)
       {
-        valid = new Boolean(DIGEST0.equals(Util.toString(new MD4().digest())));
+        valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new MD4().digest())));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/MD5.java b/libjava/classpath/gnu/java/security/hash/MD5.java
index 463292984dd..165392394fc 100644
--- a/libjava/classpath/gnu/java/security/hash/MD5.java
+++ b/libjava/classpath/gnu/java/security/hash/MD5.java
@@ -358,7 +358,7 @@ public class MD5 extends BaseHash
   {
     if (valid == null)
       {
-        valid = new Boolean(DIGEST0.equals(Util.toString(new MD5().digest())));
+        valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new MD5().digest())));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/RipeMD128.java b/libjava/classpath/gnu/java/security/hash/RipeMD128.java
index 83e8f25044d..31874a0c29a 100644
--- a/libjava/classpath/gnu/java/security/hash/RipeMD128.java
+++ b/libjava/classpath/gnu/java/security/hash/RipeMD128.java
@@ -283,7 +283,7 @@ public class RipeMD128 extends BaseHash
   {
     if (valid == null)
       {
-        valid = new Boolean
+        valid = Boolean.valueOf
           (DIGEST0.equals(Util.toString(new RipeMD128().digest())));
       }
     return valid.booleanValue();
diff --git a/libjava/classpath/gnu/java/security/hash/RipeMD160.java b/libjava/classpath/gnu/java/security/hash/RipeMD160.java
index 73ecc5161d7..642ffb32de6 100644
--- a/libjava/classpath/gnu/java/security/hash/RipeMD160.java
+++ b/libjava/classpath/gnu/java/security/hash/RipeMD160.java
@@ -320,7 +320,7 @@ public class RipeMD160 extends BaseHash
   {
     if (valid == null)
       {
-        valid = new Boolean
+        valid = Boolean.valueOf
           (DIGEST0.equals(Util.toString(new RipeMD160().digest())));
       }
     return valid.booleanValue();
diff --git a/libjava/classpath/gnu/java/security/hash/Sha160.java b/libjava/classpath/gnu/java/security/hash/Sha160.java
index bf5f45652a1..037b118e601 100644
--- a/libjava/classpath/gnu/java/security/hash/Sha160.java
+++ b/libjava/classpath/gnu/java/security/hash/Sha160.java
@@ -229,7 +229,7 @@ public class Sha160 extends BaseHash
         md.update((byte) 0x62); // b
         md.update((byte) 0x63); // c
         String result = Util.toString(md.digest());
-        valid = new Boolean(DIGEST0.equals(result));
+        valid = Boolean.valueOf(DIGEST0.equals(result));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/Sha256.java b/libjava/classpath/gnu/java/security/hash/Sha256.java
index 9ef70a1a6a3..284425ea43a 100644
--- a/libjava/classpath/gnu/java/security/hash/Sha256.java
+++ b/libjava/classpath/gnu/java/security/hash/Sha256.java
@@ -217,7 +217,7 @@ public class Sha256 extends BaseHash
         md.update((byte) 0x62); // b
         md.update((byte) 0x63); // c
         String result = Util.toString(md.digest());
-        valid = new Boolean(DIGEST0.equals(result));
+        valid = Boolean.valueOf(DIGEST0.equals(result));
       }
 
     return valid.booleanValue();
diff --git a/libjava/classpath/gnu/java/security/hash/Sha384.java b/libjava/classpath/gnu/java/security/hash/Sha384.java
index 2f619dc984d..332f048d782 100644
--- a/libjava/classpath/gnu/java/security/hash/Sha384.java
+++ b/libjava/classpath/gnu/java/security/hash/Sha384.java
@@ -254,7 +254,7 @@ public class Sha384 extends BaseHash
         md.update((byte) 0x62); // b
         md.update((byte) 0x63); // c
         String result = Util.toString(md.digest());
-        valid = new Boolean(DIGEST0.equals(result));
+        valid = Boolean.valueOf(DIGEST0.equals(result));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/Sha512.java b/libjava/classpath/gnu/java/security/hash/Sha512.java
index 798b34dfc1d..da035dcfc2d 100644
--- a/libjava/classpath/gnu/java/security/hash/Sha512.java
+++ b/libjava/classpath/gnu/java/security/hash/Sha512.java
@@ -256,7 +256,7 @@ public class Sha512 extends BaseHash
         md.update((byte) 0x62); // b
         md.update((byte) 0x63); // c
         String result = Util.toString(md.digest());
-        valid = new Boolean(DIGEST0.equals(result));
+        valid = Boolean.valueOf(DIGEST0.equals(result));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/Tiger.java b/libjava/classpath/gnu/java/security/hash/Tiger.java
index f39fed30d62..be0921dceb5 100644
--- a/libjava/classpath/gnu/java/security/hash/Tiger.java
+++ b/libjava/classpath/gnu/java/security/hash/Tiger.java
@@ -640,7 +640,7 @@ public class Tiger extends BaseHash
   {
     if (valid == null)
       {
-        valid = new Boolean(DIGEST0.equals(Util.toString(new Tiger().digest())));
+        valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new Tiger().digest())));
       }
     return valid.booleanValue();
   }
diff --git a/libjava/classpath/gnu/java/security/hash/Whirlpool.java b/libjava/classpath/gnu/java/security/hash/Whirlpool.java
index 8c5d9f360d0..b10fa53cd7f 100644
--- a/libjava/classpath/gnu/java/security/hash/Whirlpool.java
+++ b/libjava/classpath/gnu/java/security/hash/Whirlpool.java
@@ -42,25 +42,25 @@ import gnu.java.security.Registry;
 import gnu.java.security.util.Util;
 
 /**
- * <p>Whirlpool, a new 512-bit hashing function operating on messages less than
+ * Whirlpool, a new 512-bit hashing function operating on messages less than
  * 2 ** 256 bits in length. The function structure is designed according to the
  * Wide Trail strategy and permits a wide variety of implementation trade-offs.
- * </p>
- *
- * <p><b>IMPORTANT</b>: This implementation is not thread-safe.</p>
- *
- * <p>References:</p>
- *
+ * <p>
+ * This implementation is of Whirlpool Version 3, described in [1] last revised
+ * on May 24th, 2003.
+ * <p>
+ * <b>IMPORTANT</b>: This implementation is not thread-safe.
+ * <p>
+ * References:
  * <ol>
  *    <li><a href="http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html">
  *    The WHIRLPOOL Hashing Function</a>.<br>
  *    <a href="mailto:paulo.barreto@terra.com.br">Paulo S.L.M. Barreto</a> and
- *    <a href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a>.</li>
+ *    <a href="mailto:vincent.rijmen@iaik.tugraz.at">Vincent Rijmen</a>.</li>
  * </ol>
  */
 public final class Whirlpool extends BaseHash
 {
-
   // Debugging methods and variables
   // -------------------------------------------------------------------------
 
@@ -74,45 +74,43 @@ public final class Whirlpool extends BaseHash
   private static final int BLOCK_SIZE = 64; // inner block size in bytes
 
   /** The digest of the 0-bit long message. */
-  private static final String DIGEST0 = "470F0409ABAA446E49667D4EBE12A14387CEDBD10DD17B8243CAD550A089DC0F"
-                                        + "EEA7AA40F6C2AAAB71C6EBD076E43C7CFCA0AD32567897DCB5969861049A0F5A";
-
-  private static final int R = 10; // default number of rounds
-
-  private static final String Sd = // p. 19 [WHIRLPOOL]
-  "\u1823\uc6E8\u87B8\u014F\u36A6\ud2F5\u796F\u9152"
-      + "\u60Bc\u9B8E\uA30c\u7B35\u1dE0\ud7c2\u2E4B\uFE57"
-      + "\u1577\u37E5\u9FF0\u4AdA\u58c9\u290A\uB1A0\u6B85"
-      + "\uBd5d\u10F4\ucB3E\u0567\uE427\u418B\uA77d\u95d8"
-      + "\uFBEE\u7c66\udd17\u479E\ucA2d\uBF07\uAd5A\u8333"
-      + "\u6302\uAA71\uc819\u49d9\uF2E3\u5B88\u9A26\u32B0"
-      + "\uE90F\ud580\uBEcd\u3448\uFF7A\u905F\u2068\u1AAE"
-      + "\uB454\u9322\u64F1\u7312\u4008\uc3Ec\udBA1\u8d3d"
-      + "\u9700\ucF2B\u7682\ud61B\uB5AF\u6A50\u45F3\u30EF"
-      + "\u3F55\uA2EA\u65BA\u2Fc0\udE1c\uFd4d\u9275\u068A"
-      + "\uB2E6\u0E1F\u62d4\uA896\uF9c5\u2559\u8472\u394c"
-      + "\u5E78\u388c\ud1A5\uE261\uB321\u9c1E\u43c7\uFc04"
-      + "\u5199\u6d0d\uFAdF\u7E24\u3BAB\ucE11\u8F4E\uB7EB"
-      + "\u3c81\u94F7\uB913\u2cd3\uE76E\uc403\u5644\u7FA9"
-      + "\u2ABB\uc153\udc0B\u9d6c\u3174\uF646\uAc89\u14E1"
-      + "\u163A\u6909\u70B6\ud0Ed\ucc42\u98A4\u285c\uF886";
-
+  private static final String DIGEST0 =
+      "19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A7"
+    + "3E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3";
+
+  /** Default number of rounds. */
+  private static final int R = 10;
+
+  /** Whirlpool S-box; p. 19. */
+  private static final String S_box = // p. 19 [WHIRLPOOL]
+      "\u1823\uc6E8\u87B8\u014F\u36A6\ud2F5\u796F\u9152" +
+      "\u60Bc\u9B8E\uA30c\u7B35\u1dE0\ud7c2\u2E4B\uFE57" +
+      "\u1577\u37E5\u9FF0\u4AdA\u58c9\u290A\uB1A0\u6B85" +
+      "\uBd5d\u10F4\ucB3E\u0567\uE427\u418B\uA77d\u95d8" +
+      "\uFBEE\u7c66\udd17\u479E\ucA2d\uBF07\uAd5A\u8333" +
+      "\u6302\uAA71\uc819\u49d9\uF2E3\u5B88\u9A26\u32B0" +
+      "\uE90F\ud580\uBEcd\u3448\uFF7A\u905F\u2068\u1AAE" +
+      "\uB454\u9322\u64F1\u7312\u4008\uc3Ec\udBA1\u8d3d" +
+      "\u9700\ucF2B\u7682\ud61B\uB5AF\u6A50\u45F3\u30EF" +
+      "\u3F55\uA2EA\u65BA\u2Fc0\udE1c\uFd4d\u9275\u068A" +
+      "\uB2E6\u0E1F\u62d4\uA896\uF9c5\u2559\u8472\u394c" +
+      "\u5E78\u388c\ud1A5\uE261\uB321\u9c1E\u43c7\uFc04" +
+      "\u5199\u6d0d\uFAdF\u7E24\u3BAB\ucE11\u8F4E\uB7EB" +
+      "\u3c81\u94F7\uB913\u2cd3\uE76E\uc403\u5644\u7FA9" +
+      "\u2ABB\uc153\udc0B\u9d6c\u3174\uF646\uAc89\u14E1" +
+      "\u163A\u6909\u70B6\ud0Ed\ucc42\u98A4\u285c\uF886";
+
+  /** The 64-bit lookup tables; section 7.1 p. 13. */
   private static final long[] T0 = new long[256];
-
   private static final long[] T1 = new long[256];
-
   private static final long[] T2 = new long[256];
-
   private static final long[] T3 = new long[256];
-
   private static final long[] T4 = new long[256];
-
   private static final long[] T5 = new long[256];
-
   private static final long[] T6 = new long[256];
-
   private static final long[] T7 = new long[256];
 
+  /** The round constants. */
   private static final long[] rc = new long[R];
 
   /** caches the result of the correctness test, once executed. */
@@ -123,12 +121,10 @@ public final class Whirlpool extends BaseHash
 
   /** Work area for computing the round key schedule. */
   private long k00, k01, k02, k03, k04, k05, k06, k07;
-
   private long Kr0, Kr1, Kr2, Kr3, Kr4, Kr5, Kr6, Kr7;
 
   /** work area for transforming the 512-bit buffer. */
   private long n0, n1, n2, n3, n4, n5, n6, n7;
-
   private long nn0, nn1, nn2, nn3, nn4, nn5, nn6, nn7;
 
   /** work area for holding block cipher's intermediate values. */
@@ -140,72 +136,67 @@ public final class Whirlpool extends BaseHash
     {
       long time = System.currentTimeMillis();
 
-      int ROOT = 0x11d; // para. 2.1 [WHIRLPOOL]
+      int ROOT = 0x11D; // para. 2.1 [WHIRLPOOL]
       int i, r, j;
-      long s, s2, s3, s4, s5, s8, s9, t;
+      long s1, s2, s4, s5, s8, s9, t;
       char c;
       final byte[] S = new byte[256];
       for (i = 0; i < 256; i++)
         {
-          c = Sd.charAt(i >>> 1);
+          c = S_box.charAt(i >>> 1);
 
-          s = ((i & 1) == 0 ? c >>> 8 : c) & 0xFFL;
-          s2 = s << 1;
+          s1 = ((i & 1) == 0 ? c >>> 8 : c) & 0xFFL;
+          s2 = s1 << 1;
           if (s2 > 0xFFL)
-            {
-              s2 ^= ROOT;
-            }
-          s3 = s2 ^ s;
+            s2 ^= ROOT;
+
           s4 = s2 << 1;
           if (s4 > 0xFFL)
-            {
-              s4 ^= ROOT;
-            }
-          s5 = s4 ^ s;
+            s4 ^= ROOT;
+
+          s5 = s4 ^ s1;
           s8 = s4 << 1;
           if (s8 > 0xFFL)
-            {
-              s8 ^= ROOT;
-            }
-          s9 = s8 ^ s;
+            s8 ^= ROOT;
 
-          S[i] = (byte) s;
-          T0[i] = t = s << 56 | s << 48 | s3 << 40 | s << 32 | s5 << 24
-                      | s8 << 16 | s9 << 8 | s5;
-          T1[i] = t >>> 8 | t << 56;
+          s9 = s8 ^ s1;
+
+          T0[i] = t = s1 << 56 | s1 << 48 | s4 << 40 | s1 << 32
+                    | s8 << 24 | s5 << 16 | s2 <<  8 | s9;
+          T1[i] = t >>>  8 | t << 56;
           T2[i] = t >>> 16 | t << 48;
           T3[i] = t >>> 24 | t << 40;
           T4[i] = t >>> 32 | t << 32;
           T5[i] = t >>> 40 | t << 24;
           T6[i] = t >>> 48 | t << 16;
-          T7[i] = t >>> 56 | t << 8;
+          T7[i] = t >>> 56 | t <<  8;
         }
 
-      for (r = 1, i = 0, j = 0; r < R + 1; r++)
-        {
-          rc[i++] = (S[j++] & 0xFFL) << 56 | (S[j++] & 0xFFL) << 48
-                    | (S[j++] & 0xFFL) << 40 | (S[j++] & 0xFFL) << 32
-                    | (S[j++] & 0xFFL) << 24 | (S[j++] & 0xFFL) << 16
-                    | (S[j++] & 0xFFL) << 8 | (S[j++] & 0xFFL);
-        }
+      for (r = 0, i = 0; r < R; )
+        rc[r++] = (T0[i++] & 0xFF00000000000000L)
+                ^ (T1[i++] & 0x00FF000000000000L)
+                ^ (T2[i++] & 0x0000FF0000000000L)
+                ^ (T3[i++] & 0x000000FF00000000L)
+                ^ (T4[i++] & 0x00000000FF000000L)
+                ^ (T5[i++] & 0x0000000000FF0000L)
+                ^ (T6[i++] & 0x000000000000FF00L)
+                ^ (T7[i++] & 0x00000000000000FFL);
 
       time = System.currentTimeMillis() - time;
-
       if (DEBUG && debuglevel > 8)
         {
           System.out.println("==========");
           System.out.println();
           System.out.println("Static data");
           System.out.println();
-
+          
           System.out.println();
           System.out.println("T0[]:");
           for (i = 0; i < 64; i++)
             {
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T0[i * 4 + j]) + ", ");
-                }
+                System.out.print("0x" + Util.toString(T0[i * 4 + j]) + ", ");
+
               System.out.println();
             }
           System.out.println();
@@ -213,9 +204,8 @@ public final class Whirlpool extends BaseHash
           for (i = 0; i < 64; i++)
             {
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", ");
-                }
+                System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", ");
+
               System.out.println();
             }
           System.out.println();
@@ -223,9 +213,8 @@ public final class Whirlpool extends BaseHash
           for (i = 0; i < 64; i++)
             {
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", ");
-                }
+                System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", ");
+
               System.out.println();
             }
           System.out.println();
@@ -233,9 +222,8 @@ public final class Whirlpool extends BaseHash
           for (i = 0; i < 64; i++)
             {
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", ");
-                }
+                System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", ");
+
               System.out.println();
             }
           System.out.println();
@@ -243,9 +231,8 @@ public final class Whirlpool extends BaseHash
           for (i = 0; i < 64; i++)
             {
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", ");
-                }
+                System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", ");
+
               System.out.println();
             }
           System.out.println();
@@ -253,9 +240,8 @@ public final class Whirlpool extends BaseHash
           for (i = 0; i < 64; i++)
             {
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
-                }
+                System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
+
               System.out.println();
             }
           System.out.println();
@@ -263,9 +249,8 @@ public final class Whirlpool extends BaseHash
           for (i = 0; i < 64; i++)
             {
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
-                }
+                System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
+
               System.out.println();
             }
           System.out.println();
@@ -273,17 +258,15 @@ public final class Whirlpool extends BaseHash
           for (i = 0; i < 64; i++)
             {
               for (j = 0; j < 4; j++)
-                {
-                  System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
-                }
+                System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
+
               System.out.println();
             }
           System.out.println();
           System.out.println("rc[]:");
           for (i = 0; i < R; i++)
-            {
-              System.out.println("0x" + Util.toString(rc[i]));
-            }
+            System.out.println("0x" + Util.toString(rc[i]));
+
           System.out.println();
 
           System.out.println();
@@ -340,38 +323,70 @@ public final class Whirlpool extends BaseHash
   protected void transform(byte[] in, int offset)
   {
     // apply mu to the input
-    n0 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48
-         | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32
-         | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16
-         | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL);
-    n1 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48
-         | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32
-         | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16
-         | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL);
-    n2 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48
-         | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32
-         | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16
-         | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL);
-    n3 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48
-         | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32
-         | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16
-         | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL);
-    n4 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48
-         | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32
-         | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16
-         | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL);
-    n5 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48
-         | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32
-         | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16
-         | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL);
-    n6 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48
-         | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32
-         | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16
-         | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL);
-    n7 = (in[offset++] & 0xFFL) << 56 | (in[offset++] & 0xFFL) << 48
-         | (in[offset++] & 0xFFL) << 40 | (in[offset++] & 0xFFL) << 32
-         | (in[offset++] & 0xFFL) << 24 | (in[offset++] & 0xFFL) << 16
-         | (in[offset++] & 0xFFL) << 8 | (in[offset++] & 0xFFL);
+    n0 = (in[offset++] & 0xFFL) << 56
+       | (in[offset++] & 0xFFL) << 48
+       | (in[offset++] & 0xFFL) << 40
+       | (in[offset++] & 0xFFL) << 32
+       | (in[offset++] & 0xFFL) << 24
+       | (in[offset++] & 0xFFL) << 16
+       | (in[offset++] & 0xFFL) <<  8
+       | (in[offset++] & 0xFFL);
+    n1 = (in[offset++] & 0xFFL) << 56
+       | (in[offset++] & 0xFFL) << 48
+       | (in[offset++] & 0xFFL) << 40
+       | (in[offset++] & 0xFFL) << 32
+       | (in[offset++] & 0xFFL) << 24
+       | (in[offset++] & 0xFFL) << 16
+       | (in[offset++] & 0xFFL) <<  8
+       | (in[offset++] & 0xFFL);
+    n2 = (in[offset++] & 0xFFL) << 56
+       | (in[offset++] & 0xFFL) << 48
+       | (in[offset++] & 0xFFL) << 40
+       | (in[offset++] & 0xFFL) << 32
+       | (in[offset++] & 0xFFL) << 24
+       | (in[offset++] & 0xFFL) << 16
+       | (in[offset++] & 0xFFL) <<  8
+       | (in[offset++] & 0xFFL);
+    n3 = (in[offset++] & 0xFFL) << 56
+       | (in[offset++] & 0xFFL) << 48
+       | (in[offset++] & 0xFFL) << 40
+       | (in[offset++] & 0xFFL) << 32
+       | (in[offset++] & 0xFFL) << 24
+       | (in[offset++] & 0xFFL) << 16
+       | (in[offset++] & 0xFFL) <<  8
+       | (in[offset++] & 0xFFL);
+    n4 = (in[offset++] & 0xFFL) << 56
+       | (in[offset++] & 0xFFL) << 48
+       | (in[offset++] & 0xFFL) << 40
+       | (in[offset++] & 0xFFL) << 32
+       | (in[offset++] & 0xFFL) << 24
+       | (in[offset++] & 0xFFL) << 16
+       | (in[offset++] & 0xFFL) <<  8
+       | (in[offset++] & 0xFFL);
+    n5 = (in[offset++] & 0xFFL) << 56
+       | (in[offset++] & 0xFFL) << 48
+       | (in[offset++] & 0xFFL) << 40
+       | (in[offset++] & 0xFFL) << 32
+       | (in[offset++] & 0xFFL) << 24
+       | (in[offset++] & 0xFFL) << 16
+       | (in[offset++] & 0xFFL) <<  8
+       | (in[offset++] & 0xFFL);
+    n6 = (in[offset++] & 0xFFL) << 56
+       | (in[offset++] & 0xFFL) << 48
+       | (in[offset++] & 0xFFL) << 40
+       | (in[offset++] & 0xFFL) << 32
+       | (in[offset++] & 0xFFL) << 24
+       | (in[offset++] & 0xFFL) << 16
+       | (in[offset++] & 0xFFL) <<  8
+       | (in[offset++] & 0xFFL);
+    n7 = (in[offset++] & 0xFFL) << 56
+       | (in[offset++] & 0xFFL) << 48
+       | (in[offset++] & 0xFFL) << 40
+       | (in[offset++] & 0xFFL) << 32
+       | (in[offset++] & 0xFFL) << 24
+       | (in[offset++] & 0xFFL) << 16
+       | (in[offset++] & 0xFFL) <<  8
+       | (in[offset++] & 0xFFL);
 
     // transform K into the key schedule Kr; 0 <= r <= R
     k00 = H0;
@@ -399,62 +414,70 @@ public final class Whirlpool extends BaseHash
       {
         // 1. compute intermediate round key schedule by applying ro[rc]
         // to the previous round key schedule --rc being the round constant
-        Kr0 = T0[(int) ((k00 >> 56) & 0xFFL)] ^ T1[(int) ((k07 >> 48) & 0xFFL)]
-              ^ T2[(int) ((k06 >> 40) & 0xFFL)]
-              ^ T3[(int) ((k05 >> 32) & 0xFFL)]
-              ^ T4[(int) ((k04 >> 24) & 0xFFL)]
-              ^ T5[(int) ((k03 >> 16) & 0xFFL)]
-              ^ T6[(int) ((k02 >> 8) & 0xFFL)] ^ T7[(int) (k01 & 0xFFL)]
-              ^ rc[r];
-
-        Kr1 = T0[(int) ((k01 >> 56) & 0xFFL)] ^ T1[(int) ((k00 >> 48) & 0xFFL)]
-              ^ T2[(int) ((k07 >> 40) & 0xFFL)]
-              ^ T3[(int) ((k06 >> 32) & 0xFFL)]
-              ^ T4[(int) ((k05 >> 24) & 0xFFL)]
-              ^ T5[(int) ((k04 >> 16) & 0xFFL)]
-              ^ T6[(int) ((k03 >> 8) & 0xFFL)] ^ T7[(int) (k02 & 0xFFL)];
-
-        Kr2 = T0[(int) ((k02 >> 56) & 0xFFL)] ^ T1[(int) ((k01 >> 48) & 0xFFL)]
-              ^ T2[(int) ((k00 >> 40) & 0xFFL)]
-              ^ T3[(int) ((k07 >> 32) & 0xFFL)]
-              ^ T4[(int) ((k06 >> 24) & 0xFFL)]
-              ^ T5[(int) ((k05 >> 16) & 0xFFL)]
-              ^ T6[(int) ((k04 >> 8) & 0xFFL)] ^ T7[(int) (k03 & 0xFFL)];
-
-        Kr3 = T0[(int) ((k03 >> 56) & 0xFFL)] ^ T1[(int) ((k02 >> 48) & 0xFFL)]
-              ^ T2[(int) ((k01 >> 40) & 0xFFL)]
-              ^ T3[(int) ((k00 >> 32) & 0xFFL)]
-              ^ T4[(int) ((k07 >> 24) & 0xFFL)]
-              ^ T5[(int) ((k06 >> 16) & 0xFFL)]
-              ^ T6[(int) ((k05 >> 8) & 0xFFL)] ^ T7[(int) (k04 & 0xFFL)];
-
-        Kr4 = T0[(int) ((k04 >> 56) & 0xFFL)] ^ T1[(int) ((k03 >> 48) & 0xFFL)]
-              ^ T2[(int) ((k02 >> 40) & 0xFFL)]
-              ^ T3[(int) ((k01 >> 32) & 0xFFL)]
-              ^ T4[(int) ((k00 >> 24) & 0xFFL)]
-              ^ T5[(int) ((k07 >> 16) & 0xFFL)]
-              ^ T6[(int) ((k06 >> 8) & 0xFFL)] ^ T7[(int) (k05 & 0xFFL)];
-
-        Kr5 = T0[(int) ((k05 >> 56) & 0xFFL)] ^ T1[(int) ((k04 >> 48) & 0xFFL)]
-              ^ T2[(int) ((k03 >> 40) & 0xFFL)]
-              ^ T3[(int) ((k02 >> 32) & 0xFFL)]
-              ^ T4[(int) ((k01 >> 24) & 0xFFL)]
-              ^ T5[(int) ((k00 >> 16) & 0xFFL)]
-              ^ T6[(int) ((k07 >> 8) & 0xFFL)] ^ T7[(int) (k06 & 0xFFL)];
-
-        Kr6 = T0[(int) ((k06 >> 56) & 0xFFL)] ^ T1[(int) ((k05 >> 48) & 0xFFL)]
-              ^ T2[(int) ((k04 >> 40) & 0xFFL)]
-              ^ T3[(int) ((k03 >> 32) & 0xFFL)]
-              ^ T4[(int) ((k02 >> 24) & 0xFFL)]
-              ^ T5[(int) ((k01 >> 16) & 0xFFL)]
-              ^ T6[(int) ((k00 >> 8) & 0xFFL)] ^ T7[(int) (k07 & 0xFFL)];
-
-        Kr7 = T0[(int) ((k07 >> 56) & 0xFFL)] ^ T1[(int) ((k06 >> 48) & 0xFFL)]
-              ^ T2[(int) ((k05 >> 40) & 0xFFL)]
-              ^ T3[(int) ((k04 >> 32) & 0xFFL)]
-              ^ T4[(int) ((k03 >> 24) & 0xFFL)]
-              ^ T5[(int) ((k02 >> 16) & 0xFFL)]
-              ^ T6[(int) ((k01 >> 8) & 0xFFL)] ^ T7[(int) (k00 & 0xFFL)];
+        Kr0 = T0[(int)((k00 >> 56) & 0xFFL)]
+            ^ T1[(int)((k07 >> 48) & 0xFFL)]
+            ^ T2[(int)((k06 >> 40) & 0xFFL)]
+            ^ T3[(int)((k05 >> 32) & 0xFFL)]
+            ^ T4[(int)((k04 >> 24) & 0xFFL)]
+            ^ T5[(int)((k03 >> 16) & 0xFFL)]
+            ^ T6[(int)((k02 >>  8) & 0xFFL)]
+            ^ T7[(int)( k01        & 0xFFL)] ^ rc[r];
+        Kr1 = T0[(int)((k01 >> 56) & 0xFFL)]
+            ^ T1[(int)((k00 >> 48) & 0xFFL)]
+            ^ T2[(int)((k07 >> 40) & 0xFFL)]
+            ^ T3[(int)((k06 >> 32) & 0xFFL)]
+            ^ T4[(int)((k05 >> 24) & 0xFFL)]
+            ^ T5[(int)((k04 >> 16) & 0xFFL)]
+            ^ T6[(int)((k03 >>  8) & 0xFFL)]
+            ^ T7[(int)( k02        & 0xFFL)];
+        Kr2 = T0[(int)((k02 >> 56) & 0xFFL)]
+            ^ T1[(int)((k01 >> 48) & 0xFFL)]
+            ^ T2[(int)((k00 >> 40) & 0xFFL)]
+            ^ T3[(int)((k07 >> 32) & 0xFFL)]
+            ^ T4[(int)((k06 >> 24) & 0xFFL)]
+            ^ T5[(int)((k05 >> 16) & 0xFFL)]
+            ^ T6[(int)((k04 >>  8) & 0xFFL)]
+            ^ T7[(int)( k03        & 0xFFL)];
+        Kr3 = T0[(int)((k03 >> 56) & 0xFFL)]
+            ^ T1[(int)((k02 >> 48) & 0xFFL)]
+            ^ T2[(int)((k01 >> 40) & 0xFFL)]
+            ^ T3[(int)((k00 >> 32) & 0xFFL)]
+            ^ T4[(int)((k07 >> 24) & 0xFFL)]
+            ^ T5[(int)((k06 >> 16) & 0xFFL)]
+            ^ T6[(int)((k05 >>  8) & 0xFFL)]
+            ^ T7[(int)( k04        & 0xFFL)];
+        Kr4 = T0[(int)((k04 >> 56) & 0xFFL)]
+            ^ T1[(int)((k03 >> 48) & 0xFFL)]
+            ^ T2[(int)((k02 >> 40) & 0xFFL)]
+            ^ T3[(int)((k01 >> 32) & 0xFFL)]
+            ^ T4[(int)((k00 >> 24) & 0xFFL)]
+            ^ T5[(int)((k07 >> 16) & 0xFFL)]
+            ^ T6[(int)((k06 >>  8) & 0xFFL)]
+            ^ T7[(int)( k05        & 0xFFL)];
+        Kr5 = T0[(int)((k05 >> 56) & 0xFFL)]
+            ^ T1[(int)((k04 >> 48) & 0xFFL)]
+            ^ T2[(int)((k03 >> 40) & 0xFFL)]
+            ^ T3[(int)((k02 >> 32) & 0xFFL)]
+            ^ T4[(int)((k01 >> 24) & 0xFFL)]
+            ^ T5[(int)((k00 >> 16) & 0xFFL)]
+            ^ T6[(int)((k07 >>  8) & 0xFFL)]
+            ^ T7[(int)( k06        & 0xFFL)];
+        Kr6 = T0[(int)((k06 >> 56) & 0xFFL)]
+            ^ T1[(int)((k05 >> 48) & 0xFFL)]
+            ^ T2[(int)((k04 >> 40) & 0xFFL)]
+            ^ T3[(int)((k03 >> 32) & 0xFFL)]
+            ^ T4[(int)((k02 >> 24) & 0xFFL)]
+            ^ T5[(int)((k01 >> 16) & 0xFFL)]
+            ^ T6[(int)((k00 >>  8) & 0xFFL)]
+            ^ T7[(int)( k07        & 0xFFL)];
+        Kr7 = T0[(int)((k07 >> 56) & 0xFFL)]
+            ^ T1[(int)((k06 >> 48) & 0xFFL)]
+            ^ T2[(int)((k05 >> 40) & 0xFFL)]
+            ^ T3[(int)((k04 >> 32) & 0xFFL)]
+            ^ T4[(int)((k03 >> 24) & 0xFFL)]
+            ^ T5[(int)((k02 >> 16) & 0xFFL)]
+            ^ T6[(int)((k01 >>  8) & 0xFFL)]
+            ^ T7[(int)( k00        & 0xFFL)];
 
         k00 = Kr0;
         k01 = Kr1;
@@ -466,54 +489,70 @@ public final class Whirlpool extends BaseHash
         k07 = Kr7;
 
         // 2. incrementally compute the cipher output
-        w0 = T0[(int) ((nn0 >> 56) & 0xFFL)] ^ T1[(int) ((nn7 >> 48) & 0xFFL)]
-             ^ T2[(int) ((nn6 >> 40) & 0xFFL)]
-             ^ T3[(int) ((nn5 >> 32) & 0xFFL)]
-             ^ T4[(int) ((nn4 >> 24) & 0xFFL)]
-             ^ T5[(int) ((nn3 >> 16) & 0xFFL)] ^ T6[(int) ((nn2 >> 8) & 0xFFL)]
-             ^ T7[(int) (nn1 & 0xFFL)] ^ Kr0;
-        w1 = T0[(int) ((nn1 >> 56) & 0xFFL)] ^ T1[(int) ((nn0 >> 48) & 0xFFL)]
-             ^ T2[(int) ((nn7 >> 40) & 0xFFL)]
-             ^ T3[(int) ((nn6 >> 32) & 0xFFL)]
-             ^ T4[(int) ((nn5 >> 24) & 0xFFL)]
-             ^ T5[(int) ((nn4 >> 16) & 0xFFL)] ^ T6[(int) ((nn3 >> 8) & 0xFFL)]
-             ^ T7[(int) (nn2 & 0xFFL)] ^ Kr1;
-        w2 = T0[(int) ((nn2 >> 56) & 0xFFL)] ^ T1[(int) ((nn1 >> 48) & 0xFFL)]
-             ^ T2[(int) ((nn0 >> 40) & 0xFFL)]
-             ^ T3[(int) ((nn7 >> 32) & 0xFFL)]
-             ^ T4[(int) ((nn6 >> 24) & 0xFFL)]
-             ^ T5[(int) ((nn5 >> 16) & 0xFFL)] ^ T6[(int) ((nn4 >> 8) & 0xFFL)]
-             ^ T7[(int) (nn3 & 0xFFL)] ^ Kr2;
-        w3 = T0[(int) ((nn3 >> 56) & 0xFFL)] ^ T1[(int) ((nn2 >> 48) & 0xFFL)]
-             ^ T2[(int) ((nn1 >> 40) & 0xFFL)]
-             ^ T3[(int) ((nn0 >> 32) & 0xFFL)]
-             ^ T4[(int) ((nn7 >> 24) & 0xFFL)]
-             ^ T5[(int) ((nn6 >> 16) & 0xFFL)] ^ T6[(int) ((nn5 >> 8) & 0xFFL)]
-             ^ T7[(int) (nn4 & 0xFFL)] ^ Kr3;
-        w4 = T0[(int) ((nn4 >> 56) & 0xFFL)] ^ T1[(int) ((nn3 >> 48) & 0xFFL)]
-             ^ T2[(int) ((nn2 >> 40) & 0xFFL)]
-             ^ T3[(int) ((nn1 >> 32) & 0xFFL)]
-             ^ T4[(int) ((nn0 >> 24) & 0xFFL)]
-             ^ T5[(int) ((nn7 >> 16) & 0xFFL)] ^ T6[(int) ((nn6 >> 8) & 0xFFL)]
-             ^ T7[(int) (nn5 & 0xFFL)] ^ Kr4;
-        w5 = T0[(int) ((nn5 >> 56) & 0xFFL)] ^ T1[(int) ((nn4 >> 48) & 0xFFL)]
-             ^ T2[(int) ((nn3 >> 40) & 0xFFL)]
-             ^ T3[(int) ((nn2 >> 32) & 0xFFL)]
-             ^ T4[(int) ((nn1 >> 24) & 0xFFL)]
-             ^ T5[(int) ((nn0 >> 16) & 0xFFL)] ^ T6[(int) ((nn7 >> 8) & 0xFFL)]
-             ^ T7[(int) (nn6 & 0xFFL)] ^ Kr5;
-        w6 = T0[(int) ((nn6 >> 56) & 0xFFL)] ^ T1[(int) ((nn5 >> 48) & 0xFFL)]
-             ^ T2[(int) ((nn4 >> 40) & 0xFFL)]
-             ^ T3[(int) ((nn3 >> 32) & 0xFFL)]
-             ^ T4[(int) ((nn2 >> 24) & 0xFFL)]
-             ^ T5[(int) ((nn1 >> 16) & 0xFFL)] ^ T6[(int) ((nn0 >> 8) & 0xFFL)]
-             ^ T7[(int) (nn7 & 0xFFL)] ^ Kr6;
-        w7 = T0[(int) ((nn7 >> 56) & 0xFFL)] ^ T1[(int) ((nn6 >> 48) & 0xFFL)]
-             ^ T2[(int) ((nn5 >> 40) & 0xFFL)]
-             ^ T3[(int) ((nn4 >> 32) & 0xFFL)]
-             ^ T4[(int) ((nn3 >> 24) & 0xFFL)]
-             ^ T5[(int) ((nn2 >> 16) & 0xFFL)] ^ T6[(int) ((nn1 >> 8) & 0xFFL)]
-             ^ T7[(int) (nn0 & 0xFFL)] ^ Kr7;
+        w0 = T0[(int)((nn0 >> 56) & 0xFFL)]
+           ^ T1[(int)((nn7 >> 48) & 0xFFL)]
+           ^ T2[(int)((nn6 >> 40) & 0xFFL)]
+           ^ T3[(int)((nn5 >> 32) & 0xFFL)]
+           ^ T4[(int)((nn4 >> 24) & 0xFFL)]
+           ^ T5[(int)((nn3 >> 16) & 0xFFL)]
+           ^ T6[(int)((nn2 >>  8) & 0xFFL)]
+           ^ T7[(int)( nn1        & 0xFFL)] ^ Kr0;
+        w1 = T0[(int)((nn1 >> 56) & 0xFFL)]
+           ^ T1[(int)((nn0 >> 48) & 0xFFL)]
+           ^ T2[(int)((nn7 >> 40) & 0xFFL)]
+           ^ T3[(int)((nn6 >> 32) & 0xFFL)]
+           ^ T4[(int)((nn5 >> 24) & 0xFFL)]
+           ^ T5[(int)((nn4 >> 16) & 0xFFL)]
+           ^ T6[(int)((nn3 >>  8) & 0xFFL)]
+           ^ T7[(int)( nn2        & 0xFFL)] ^ Kr1;
+        w2 = T0[(int)((nn2 >> 56) & 0xFFL)]
+           ^ T1[(int)((nn1 >> 48) & 0xFFL)]
+           ^ T2[(int)((nn0 >> 40) & 0xFFL)]
+           ^ T3[(int)((nn7 >> 32) & 0xFFL)]
+           ^ T4[(int)((nn6 >> 24) & 0xFFL)]
+           ^ T5[(int)((nn5 >> 16) & 0xFFL)]
+           ^ T6[(int)((nn4 >>  8) & 0xFFL)]
+           ^ T7[(int)( nn3        & 0xFFL)] ^ Kr2;
+        w3 = T0[(int)((nn3 >> 56) & 0xFFL)]
+           ^ T1[(int)((nn2 >> 48) & 0xFFL)]
+           ^ T2[(int)((nn1 >> 40) & 0xFFL)]
+           ^ T3[(int)((nn0 >> 32) & 0xFFL)]
+           ^ T4[(int)((nn7 >> 24) & 0xFFL)]
+           ^ T5[(int)((nn6 >> 16) & 0xFFL)]
+           ^ T6[(int)((nn5 >>  8) & 0xFFL)]
+           ^ T7[(int)( nn4        & 0xFFL)] ^ Kr3;
+        w4 = T0[(int)((nn4 >> 56) & 0xFFL)]
+           ^ T1[(int)((nn3 >> 48) & 0xFFL)]
+           ^ T2[(int)((nn2 >> 40) & 0xFFL)]
+           ^ T3[(int)((nn1 >> 32) & 0xFFL)]
+           ^ T4[(int)((nn0 >> 24) & 0xFFL)]
+           ^ T5[(int)((nn7 >> 16) & 0xFFL)]
+           ^ T6[(int)((nn6 >>  8) & 0xFFL)]
+           ^ T7[(int)( nn5        & 0xFFL)] ^ Kr4;
+        w5 = T0[(int)((nn5 >> 56) & 0xFFL)]
+           ^ T1[(int)((nn4 >> 48) & 0xFFL)]
+           ^ T2[(int)((nn3 >> 40) & 0xFFL)]
+           ^ T3[(int)((nn2 >> 32) & 0xFFL)]
+           ^ T4[(int)((nn1 >> 24) & 0xFFL)]
+           ^ T5[(int)((nn0 >> 16) & 0xFFL)]
+           ^ T6[(int)((nn7 >>  8) & 0xFFL)]
+           ^ T7[(int)( nn6        & 0xFFL)] ^ Kr5;
+        w6 = T0[(int)((nn6 >> 56) & 0xFFL)]
+           ^ T1[(int)((nn5 >> 48) & 0xFFL)]
+           ^ T2[(int)((nn4 >> 40) & 0xFFL)]
+           ^ T3[(int)((nn3 >> 32) & 0xFFL)]
+           ^ T4[(int)((nn2 >> 24) & 0xFFL)]
+           ^ T5[(int)((nn1 >> 16) & 0xFFL)]
+           ^ T6[(int)((nn0 >>  8) & 0xFFL)]
+           ^ T7[(int)( nn7        & 0xFFL)] ^ Kr6;
+        w7 = T0[(int)((nn7 >> 56) & 0xFFL)]
+           ^ T1[(int)((nn6 >> 48) & 0xFFL)]
+           ^ T2[(int)((nn5 >> 40) & 0xFFL)]
+           ^ T3[(int)((nn4 >> 32) & 0xFFL)]
+           ^ T4[(int)((nn3 >> 24) & 0xFFL)]
+           ^ T5[(int)((nn2 >> 16) & 0xFFL)]
+           ^ T6[(int)((nn1 >>  8) & 0xFFL)]
+           ^ T7[(int)( nn0        & 0xFFL)] ^ Kr7;
 
         nn0 = w0;
         nn1 = w1;
@@ -547,7 +586,7 @@ public final class Whirlpool extends BaseHash
     // are 33 (1 for the 1-bit followed by the 0-bits and the encoding of
     // the count framed in a 256-bit block). our formula is then:
     //		count + 33 + padding = 0 (mod BLOCK_SIZE)
-    int n = (int) ((count + 33) % BLOCK_SIZE);
+    int n = (int)((count + 33) % BLOCK_SIZE);
     int padding = n == 0 ? 33 : BLOCK_SIZE - n + 33;
 
     byte[] result = new byte[padding];
@@ -558,14 +597,14 @@ public final class Whirlpool extends BaseHash
     // save (right justified) the number of bits hashed
     long bits = count * 8;
     int i = padding - 8;
-    result[i++] = (byte) (bits >>> 56);
-    result[i++] = (byte) (bits >>> 48);
-    result[i++] = (byte) (bits >>> 40);
-    result[i++] = (byte) (bits >>> 32);
-    result[i++] = (byte) (bits >>> 24);
-    result[i++] = (byte) (bits >>> 16);
-    result[i++] = (byte) (bits >>> 8);
-    result[i] = (byte) bits;
+    result[i++] = (byte)(bits >>> 56);
+    result[i++] = (byte)(bits >>> 48);
+    result[i++] = (byte)(bits >>> 40);
+    result[i++] = (byte)(bits >>> 32);
+    result[i++] = (byte)(bits >>> 24);
+    result[i++] = (byte)(bits >>> 16);
+    result[i++] = (byte)(bits >>>  8);
+    result[i  ] = (byte) bits;
 
     return result;
   }
@@ -573,38 +612,24 @@ public final class Whirlpool extends BaseHash
   protected byte[] getResult()
   {
     // apply inverse mu to the context
-    byte[] result = new byte[] { (byte) (H0 >>> 56), (byte) (H0 >>> 48),
-                                (byte) (H0 >>> 40), (byte) (H0 >>> 32),
-                                (byte) (H0 >>> 24), (byte) (H0 >>> 16),
-                                (byte) (H0 >>> 8), (byte) H0,
-                                (byte) (H1 >>> 56), (byte) (H1 >>> 48),
-                                (byte) (H1 >>> 40), (byte) (H1 >>> 32),
-                                (byte) (H1 >>> 24), (byte) (H1 >>> 16),
-                                (byte) (H1 >>> 8), (byte) H1,
-                                (byte) (H2 >>> 56), (byte) (H2 >>> 48),
-                                (byte) (H2 >>> 40), (byte) (H2 >>> 32),
-                                (byte) (H2 >>> 24), (byte) (H2 >>> 16),
-                                (byte) (H2 >>> 8), (byte) H2,
-                                (byte) (H3 >>> 56), (byte) (H3 >>> 48),
-                                (byte) (H3 >>> 40), (byte) (H3 >>> 32),
-                                (byte) (H3 >>> 24), (byte) (H3 >>> 16),
-                                (byte) (H3 >>> 8), (byte) H3,
-                                (byte) (H4 >>> 56), (byte) (H4 >>> 48),
-                                (byte) (H4 >>> 40), (byte) (H4 >>> 32),
-                                (byte) (H4 >>> 24), (byte) (H4 >>> 16),
-                                (byte) (H4 >>> 8), (byte) H4,
-                                (byte) (H5 >>> 56), (byte) (H5 >>> 48),
-                                (byte) (H5 >>> 40), (byte) (H5 >>> 32),
-                                (byte) (H5 >>> 24), (byte) (H5 >>> 16),
-                                (byte) (H5 >>> 8), (byte) H5,
-                                (byte) (H6 >>> 56), (byte) (H6 >>> 48),
-                                (byte) (H6 >>> 40), (byte) (H6 >>> 32),
-                                (byte) (H6 >>> 24), (byte) (H6 >>> 16),
-                                (byte) (H6 >>> 8), (byte) H6,
-                                (byte) (H7 >>> 56), (byte) (H7 >>> 48),
-                                (byte) (H7 >>> 40), (byte) (H7 >>> 32),
-                                (byte) (H7 >>> 24), (byte) (H7 >>> 16),
-                                (byte) (H7 >>> 8), (byte) H7 };
+    byte[] result = new byte[] {
+      (byte)(H0 >>> 56), (byte)(H0 >>> 48), (byte)(H0 >>> 40), (byte)(H0 >>> 32),
+      (byte)(H0 >>> 24), (byte)(H0 >>> 16), (byte)(H0 >>>  8), (byte) H0,
+      (byte)(H1 >>> 56), (byte)(H1 >>> 48), (byte)(H1 >>> 40), (byte)(H1 >>> 32),
+      (byte)(H1 >>> 24), (byte)(H1 >>> 16), (byte)(H1 >>>  8), (byte) H1,
+      (byte)(H2 >>> 56), (byte)(H2 >>> 48), (byte)(H2 >>> 40), (byte)(H2 >>> 32),
+      (byte)(H2 >>> 24), (byte)(H2 >>> 16), (byte)(H2 >>>  8), (byte) H2,
+      (byte)(H3 >>> 56), (byte)(H3 >>> 48), (byte)(H3 >>> 40), (byte)(H3 >>> 32),
+      (byte)(H3 >>> 24), (byte)(H3 >>> 16), (byte)(H3 >>>  8), (byte) H3,
+      (byte)(H4 >>> 56), (byte)(H4 >>> 48), (byte)(H4 >>> 40), (byte)(H4 >>> 32),
+      (byte)(H4 >>> 24), (byte)(H4 >>> 16), (byte)(H4 >>>  8), (byte) H4,
+      (byte)(H5 >>> 56), (byte)(H5 >>> 48), (byte)(H5 >>> 40), (byte)(H5 >>> 32),
+      (byte)(H5 >>> 24), (byte)(H5 >>> 16), (byte)(H5 >>>  8), (byte) H5,
+      (byte)(H6 >>> 56), (byte)(H6 >>> 48), (byte)(H6 >>> 40), (byte)(H6 >>> 32),
+      (byte)(H6 >>> 24), (byte)(H6 >>> 16), (byte)(H6 >>>  8), (byte) H6,
+      (byte)(H7 >>> 56), (byte)(H7 >>> 48), (byte)(H7 >>> 40), (byte)(H7 >>> 32),
+      (byte)(H7 >>> 24), (byte)(H7 >>> 16), (byte)(H7 >>>  8), (byte) H7
+    };
 
     return result;
   }
@@ -617,10 +642,8 @@ public final class Whirlpool extends BaseHash
   public boolean selfTest()
   {
     if (valid == null)
-      {
-        valid = new Boolean(
-                            DIGEST0.equals(Util.toString(new Whirlpool().digest())));
-      }
+      valid = Boolean.valueOf(DIGEST0.equals(Util.toString(new Whirlpool().digest())));
+
     return valid.booleanValue();
   }
 }
diff --git a/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java b/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java
index e127779efb4..05595edeae8 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/HavalSpi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * The implementation of the <code>HAVAL</code> <i>Service Provider Interface</i>
  * (<b>SPI</b>) Adapter.<p>
- *
- * @version Revision: $
  */
 public class HavalSpi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java
index 5b6b0e1e1d7..001cbaf3c8e 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/MD2Spi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * <p>The implementation of the MD2 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class MD2Spi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java
index 8be44993400..41fef87bf38 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/MD4Spi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * <p>The implementation of the MD4 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class MD4Spi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java b/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java
index 92fb6ab3864..aa1a8844e36 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/MD5Spi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * The implementation of the MD5 <i>Service Provider Interface</i> (<b>SPI</b>)
  * adapter.<p>
- *
- * @version $Revision: 1.1 $
  */
 public class MD5Spi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java b/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java
index 9b8a73d55fd..e30beca3df3 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/MessageDigestAdapter.java
@@ -59,8 +59,6 @@ import java.security.MessageDigestSpi;
  *
  * All the implementations which subclass this object, and which are serviced by
  * the GNU Crypto provider implement the {@link java.lang.Cloneable} interface.<p>
- *
- * @version $Revision: 1.1 $
  */
 class MessageDigestAdapter extends MessageDigestSpi implements Cloneable
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java b/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java
index b8e90d4bfb4..404214d91ba 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/RipeMD128Spi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * The implementation of the RIPEMD-128 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.<p>
- *
- * @version $Revision: 1.1 $
  */
 public class RipeMD128Spi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java b/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java
index 49615e2fcc8..841f46b3bc2 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/RipeMD160Spi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * The implementation of the RIPEMD-160 <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.<p>
- *
- * @version $Revision: 1.1 $
  */
 public class RipeMD160Spi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java
index a9b72634d78..41988438270 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/Sha160Spi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * The implementation of the SHA-1 (160-bit) <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.<p>
- *
- * @version $Revision: 1.1 $
  */
 public class Sha160Spi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java
index 9eeaebdeaec..f07e1894115 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/Sha256Spi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * <p>The implementation of the SHA-2-1 (256-bit) <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class Sha256Spi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java
index 96e1e6eb0ab..fc17077e831 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/Sha384Spi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * <p>The implementation of the SHA-2-2 (384-bit) <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class Sha384Spi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java b/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java
index 75c617046fc..0b4c3d62c65 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/Sha512Spi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * <p>The implementation of the SHA-2-3 (512-bit) <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class Sha512Spi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java b/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java
index b355d78d05c..599437410e6 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/TigerSpi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * <p>The implementation of the Tiger <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class TigerSpi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java b/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java
index e42e74ddb36..d1864bc7cd4 100644
--- a/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/hash/WhirlpoolSpi.java
@@ -43,8 +43,6 @@ import gnu.java.security.Registry;
 /**
  * The implementation of the Whirlpool <i>Service Provider Interface</i>
  * (<b>SPI</b>) adapter.<p>
- *
- * @version $Revision: 1.1 $
  */
 public class WhirlpoolSpi extends MessageDigestAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java b/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java
index e7cb7209103..70d30f15301 100644
--- a/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java
+++ b/libjava/classpath/gnu/java/security/jce/prng/SecureRandomAdapter.java
@@ -42,7 +42,7 @@ import gnu.java.security.prng.LimitReachedException;
 import gnu.java.security.prng.MDGenerator;
 
 import java.security.SecureRandomSpi;
-import java.util.HashMap;
+import java.util.Collections;
 
 /**
  * <p>The implementation of a generic {@link java.security.SecureRandom} adapter
@@ -80,6 +80,7 @@ abstract class SecureRandomAdapter extends SecureRandomSpi
     super();
 
     this.mdName = mdName;
+    adaptee.init (Collections.singletonMap (MDGenerator.MD_NAME, mdName));
   }
 
   // Class methods
@@ -118,9 +119,6 @@ abstract class SecureRandomAdapter extends SecureRandomSpi
 
   public void engineSetSeed(byte[] seed)
   {
-    HashMap attributes = new HashMap();
-    attributes.put(MDGenerator.MD_NAME, mdName);
-    attributes.put(MDGenerator.SEEED, seed);
-    adaptee.init(attributes);
+    adaptee.addRandomBytes (seed);
   }
 }
diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
index 97e9594f6a5..44503b26b9a 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/DSSKeyPairGeneratorSpi.java
@@ -57,8 +57,6 @@ import java.util.HashMap;
  * In case the client does not explicitly initialize the KeyPairGenerator (via
  * a call to an <code>initialize()</code> method), the GNU Crypto provider
  * uses a default <i>modulus</i> size (keysize) of 1024 bits.<p>
- *
- * @version $Revision: 1.3 $
  */
 public class DSSKeyPairGeneratorSpi extends KeyPairGeneratorAdapter implements
     DSAKeyPairGenerator
diff --git a/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java b/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java
index 16e4ddd4edc..a63c51afab8 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/DSSRawSignatureSpi.java
@@ -45,8 +45,6 @@ import gnu.java.security.sig.dss.DSSSignatureRawCodec;
  * The implementation of <i>Service Provider Interface</i> (<b>SPI</b>) adapter
  * for the DSS (Digital Signature Standard) signature scheme, encoded and/or
  * decoded in RAW format.<p>
- *
- * @version $Revision: 1.1 $
  */
 public class DSSRawSignatureSpi extends SignatureAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java b/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
index 60268299188..edf19f627e0 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/KeyPairGeneratorAdapter.java
@@ -63,8 +63,6 @@ import java.security.spec.AlgorithmParameterSpec;
  * supplies (and document) default values to be used. For example, the GNU
  * Crypto provider uses a default <i>modulus</i> size (keysize) of 1024 bits for
  * the DSS (Digital Signature Standard) a.k.a <i>DSA</i>.<p>
- *
- * @version $Revision: 1.3 $
  */
 public abstract class KeyPairGeneratorAdapter extends KeyPairGenerator
 {
diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java
index fecf54cb8e9..674e2afb6a5 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/RSAKeyFactory.java
@@ -84,7 +84,7 @@ public class RSAKeyFactory
         PublicKey result;
         try
           {
-            result = new RSAKeyPairX509Codec().decodePublicKey(encoded);
+            return new RSAKeyPairX509Codec().decodePublicKey(encoded);
           }
         catch (RuntimeException x)
           {
@@ -131,7 +131,7 @@ public class RSAKeyFactory
         PrivateKey result;
         try
           {
-            result = new RSAKeyPairPKCS8Codec().decodePrivateKey(encoded);
+            return new RSAKeyPairPKCS8Codec().decodePrivateKey(encoded);
           }
         catch (RuntimeException x)
           {
diff --git a/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java b/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java
index e44b8adf14d..f3548d884d6 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/RSAPSSRawSignatureSpi.java
@@ -44,8 +44,6 @@ import gnu.java.security.sig.rsa.RSAPSSSignatureRawCodec;
 /**
  * The implementation of <i>Service Provider Interface</i> (<b>SPI</b>) adapter
  * for the RSA-PSS signature scheme, encoded and/or decoded in RAW format.<p>
- *
- * @version $Revision: 1.1 $
  */
 public class RSAPSSRawSignatureSpi extends SignatureAdapter
 {
diff --git a/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java b/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java
index 6cb7c7c7128..4dcbe78e570 100644
--- a/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java
+++ b/libjava/classpath/gnu/java/security/jce/sig/SignatureAdapter.java
@@ -69,8 +69,6 @@ import java.util.logging.Logger;
  *
  * All the implementations which subclass this object, and which are serviced by
  * the GNU Crypto provider implement the {@link java.lang.Cloneable} interface.<p>
- *
- * @version $Revision: 1.2 $
  */
 class SignatureAdapter extends SignatureSpi implements Cloneable
 {
diff --git a/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java b/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java
index c64f928574b..965a317d4ff 100644
--- a/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java
+++ b/libjava/classpath/gnu/java/security/key/IKeyPairCodec.java
@@ -48,8 +48,6 @@ import java.security.PublicKey;
  * cryptographic asymmetric keypairs. Codecs are useful for (a) externalising
  * public and private keys for storage and on-the-wire transmission, as well as
  * (b) re-creating their internal Java representation from external sources.</p>
- *
- * @version $Revision: 1.2 $
  */
 public interface IKeyPairCodec
 {
diff --git a/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java
index 219863d33eb..2e0b299286b 100644
--- a/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java
+++ b/libjava/classpath/gnu/java/security/key/IKeyPairGenerator.java
@@ -43,8 +43,6 @@ import java.util.Map;
 
 /**
  * The visible methods of every asymmetric keypair generator.<p>
- *
- * @version $Revision: 1.1 $
  */
 public interface IKeyPairGenerator
 {
diff --git a/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java b/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java
index edcc186e2c7..8c2f348c9c7 100644
--- a/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java
+++ b/libjava/classpath/gnu/java/security/key/KeyPairGeneratorFactory.java
@@ -49,8 +49,6 @@ import java.util.Set;
 
 /**
  * <p>A Factory to instantiate asymmetric keypair generators.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class KeyPairGeneratorFactory
 {
@@ -87,7 +85,7 @@ public class KeyPairGeneratorFactory
     name = name.trim();
     IKeyPairGenerator result = null;
     if (name.equalsIgnoreCase(Registry.DSA_KPG)
-        || name.equals(Registry.DSS_KPG))
+        || name.equalsIgnoreCase(Registry.DSS_KPG))
       {
         result = new DSSKeyPairGenerator();
       }
@@ -118,6 +116,7 @@ public class KeyPairGeneratorFactory
   {
     HashSet hs = new HashSet();
     hs.add(Registry.DSS_KPG);
+    hs.add(Registry.DSA_KPG);
     hs.add(Registry.RSA_KPG);
     hs.add(Registry.DH_KPG);
     hs.add(Registry.SRP_KPG);
@@ -135,11 +134,9 @@ public class KeyPairGeneratorFactory
       }
     catch (Exception x)
       {
-        IllegalArgumentException iae =
-          new IllegalArgumentException ("strong crypto key pair generator not available: "
-                                        + clazz);
-        iae.initCause (x);
-        throw iae;
+        throw new IllegalArgumentException(
+            "strong crypto key pair generator not available: " + clazz,
+            x);
       }
   }
 
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSKey.java
index 428cab1e78e..40aaea89352 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSKey.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSKey.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.java.security.key.dss;
 
+import gnu.classpath.SystemProperties;
 import gnu.java.security.Registry;
 import gnu.java.security.util.FormatUtil;
 
@@ -59,7 +60,6 @@ import java.security.spec.DSAParameterSpec;
  * the relevant <code>getEncoded()</code> methods of each of the private and
  * public keys.</p>
  *
- * @version $Revision: 1.4 $
  * @see DSSPrivateKey#getEncoded
  * @see DSSPublicKey#getEncoded
  */
@@ -95,6 +95,9 @@ public abstract class DSSKey implements Key, DSAKey
    */
   protected final int defaultFormat;
 
+  /** String representation of this key. Cached for speed. */
+  private transient String str;
+
   // Constructor(s)
   // -------------------------------------------------------------------------
 
@@ -176,6 +179,22 @@ public abstract class DSSKey implements Key, DSAKey
            && g.equals(that.getParams().getG());
   }
 
+  public String toString()
+  {
+    if (str == null)
+      {
+        String ls = SystemProperties.getProperty("line.separator");
+        str = new StringBuilder().append(ls)
+        .append("defaultFormat=").append(defaultFormat).append(",").append(ls)
+        .append("p=0x").append(p.toString(16)).append(",").append(ls)
+        .append("q=0x").append(q.toString(16)).append(",").append(ls)
+        .append("g=0x").append(g.toString(16))
+        .toString();
+      }
+
+    return str;
+  }
+
   // abstract methods to be implemented by subclasses ------------------------
 
   public abstract byte[] getEncoded(int format);
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java
index 30e30bd144d..3a115b96378 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java
@@ -55,6 +55,7 @@ import java.security.InvalidParameterException;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.util.ArrayList;
+import java.util.logging.Logger;
 
 /**
  * An implementation of an {@link IKeyPairCodec} that knows how to encode /
@@ -65,6 +66,7 @@ import java.util.ArrayList;
 public class DSSKeyPairPKCS8Codec
     implements IKeyPairCodec
 {
+  private static final Logger log = Logger.getLogger(DSSKeyPairPKCS8Codec.class.getName());
   private static final OID DSA_ALG_OID = new OID(Registry.DSA_OID_STRING);
 
   // implicit 0-arguments constructor
@@ -137,7 +139,9 @@ public class DSSKeyPairPKCS8Codec
     DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
                                            algorithmID);
 
-    DERValue derPrivateKey = new DERValue(DER.OCTET_STRING, Util.trim(x));
+    // The OCTET STRING is the DER encoding of an INTEGER.
+    DERValue derX = new DERValue(DER.INTEGER, x);
+    DERValue derPrivateKey = new DERValue(DER.OCTET_STRING, derX.getEncoded());
 
     ArrayList pki = new ArrayList(3);
     pki.add(derVersion);
@@ -180,6 +184,8 @@ public class DSSKeyPairPKCS8Codec
    */
   public PrivateKey decodePrivateKey(byte[] input)
   {
+    log.entering("DSSKeyPairPKCS8Codec", "decodePrivateKey");
+
     if (input == null)
       throw new InvalidParameterException("Input bytes MUST NOT be null");
 
@@ -220,8 +226,13 @@ public class DSSKeyPairPKCS8Codec
         g = (BigInteger) val.getValue();
 
         val = der.read();
+        log.finest("val = " + val);
         byte[] xBytes = (byte[]) val.getValue();
-        x = new BigInteger(1, xBytes);
+        log.finest(Util.dumpString(xBytes, "xBytes: "));
+        DERReader der2 = new DERReader(xBytes);
+        val = der2.read();
+        DerUtil.checkIsBigInteger(val, "Wrong X field");
+        x = (BigInteger) val.getValue();
       }
     catch (IOException e)
       {
@@ -230,6 +241,7 @@ public class DSSKeyPairPKCS8Codec
         throw y;
       }
 
+    log.exiting("DSSKeyPairPKCS8Codec", "decodePrivateKey");
     return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x);
   }
 }
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
index 86e5b0bef7e..7c5491d6f37 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java
@@ -49,8 +49,6 @@ import java.security.PublicKey;
 /**
  * <p>An object that implements the {@link IKeyPairCodec} operations for the
  * <i>Raw</i> format to use with DSS keypairs.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class DSSKeyPairRawCodec implements IKeyPairCodec
 {
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java
index c81eb93b078..fe59cb6d77b 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.java.security.key.dss;
 
+import gnu.classpath.SystemProperties;
 import gnu.java.security.Registry;
 import gnu.java.security.key.IKeyPairCodec;
 
@@ -48,21 +49,24 @@ import java.security.interfaces.DSAPrivateKey;
 /**
  * <p>An object that embodies a DSS (Digital Signature Standard) private key.</p>
  *
- * @version $Revision: 1.2 $
  * @see #getEncoded
  */
 public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
 {
-
   // Constants and variables
   // -------------------------------------------------------------------------
 
+  private static final boolean DEBUG = false;
+
   /**
    * <p>A randomly or pseudorandomly generated integer with <code>0 &lt; x &lt;
    * q</code>.</p>
    */
   private final BigInteger x;
 
+  /** String representation of this key. Cached for speed. */
+  private transient String str;
+
   // Constructor(s)
   // -------------------------------------------------------------------------
 
@@ -198,4 +202,18 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey
     DSAPrivateKey that = (DSAPrivateKey) obj;
     return super.equals(that) && x.equals(that.getX());
   }
+
+  public String toString()
+  {
+    if (str == null)
+      {
+        String ls = SystemProperties.getProperty("line.separator");
+        str = new StringBuilder(this.getClass().getName()).append("(")
+        .append(super.toString()).append(",").append(ls)
+        .append("x=0x").append(DEBUG ? x.toString(16) : "**...*").append(ls)
+        .append(")").toString();
+      }
+
+    return str;
+  }
 }
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java
index 93bb6402203..52292131336 100644
--- a/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java
+++ b/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.java.security.key.dss;
 
+import gnu.classpath.SystemProperties;
 import gnu.java.security.Registry;
 import gnu.java.security.key.IKeyPairCodec;
 
@@ -48,12 +49,10 @@ import java.security.interfaces.DSAPublicKey;
 /**
  * <p>An object that embodies a DSS (Digital Signature Standard) public key.</p>
  * 
- * @version $Revision: 1.2 $
  * @see #getEncoded
  */
 public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
 {
-
   // Constants and variables
   // -------------------------------------------------------------------------
 
@@ -63,6 +62,9 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
    */
   private final BigInteger y;
 
+  /** String representation of this key. Cached for speed. */
+  private transient String str;
+
   // Constructor(s)
   // -------------------------------------------------------------------------
 
@@ -198,4 +200,18 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey
     DSAPublicKey that = (DSAPublicKey) obj;
     return super.equals(that) && y.equals(that.getY());
   }
+
+  public String toString()
+  {
+    if (str == null)
+      {
+        String ls = SystemProperties.getProperty("line.separator");
+        str = new StringBuilder(this.getClass().getName()).append("(")
+        .append(super.toString()).append(",").append(ls)
+        .append("y=0x").append(y.toString(16)).append(ls)
+        .append(")").toString();
+      }
+
+    return str;
+  }
 }
diff --git a/libjava/classpath/gnu/java/security/key/dss/FIPS186.java b/libjava/classpath/gnu/java/security/key/dss/FIPS186.java
index 74be626f58e..5984bcc9393 100644
--- a/libjava/classpath/gnu/java/security/key/dss/FIPS186.java
+++ b/libjava/classpath/gnu/java/security/key/dss/FIPS186.java
@@ -53,8 +53,6 @@ import java.security.SecureRandom;
  * <a href="http://www.itl.nist.gov/fipspubs/fip186.htm">Digital Signature
  * Standard (DSS)</a>, Federal Information Processing Standards Publication 186.
  * National Institute of Standards and Technology.
- *
- * @version $Revision: 1.2 $
  */
 public class FIPS186
 {
diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java
index 72cd808d43b..3009dd71fa0 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java
@@ -38,8 +38,8 @@ exception statement from your version.  */
 
 package gnu.java.security.key.rsa;
 
+import gnu.classpath.SystemProperties;
 import gnu.java.security.Registry;
-import gnu.java.security.key.IKeyPairCodec;
 import gnu.java.security.util.FormatUtil;
 
 import java.math.BigInteger;
@@ -48,8 +48,6 @@ import java.security.interfaces.RSAKey;
 
 /**
  * <p>A base asbtract class for both public and private RSA keys.</p>
- *
- * @version $Revision: 1.3 $
  */
 public abstract class GnuRSAKey implements Key, RSAKey
 {
@@ -69,6 +67,9 @@ public abstract class GnuRSAKey implements Key, RSAKey
    */
   protected final int defaultFormat;
 
+  /** String representation of this key. Cached for speed. */
+  private transient String str;
+
   // Constructor(s)
   // -------------------------------------------------------------------------
 
@@ -113,7 +114,7 @@ public abstract class GnuRSAKey implements Key, RSAKey
   /** @deprecated see getEncoded(int). */
   public byte[] getEncoded()
   {
-    return getEncoded(IKeyPairCodec.RAW_FORMAT);
+    return getEncoded(defaultFormat);
   }
 
   public String getFormat()
@@ -175,6 +176,20 @@ public abstract class GnuRSAKey implements Key, RSAKey
     return n.equals(that.getModulus());
   }
 
+  public String toString()
+  {
+    if (str == null)
+      {
+        String ls = SystemProperties.getProperty("line.separator");
+        str = new StringBuilder().append(ls)
+            .append("defaultFormat=").append(defaultFormat).append(",").append(ls)
+            .append("n=0x").append(n.toString(16)).append(",").append(ls)
+            .append("e=0x").append(e.toString(16))
+            .toString();
+      }
+    return str;
+  }
+
   // abstract methods to be implemented by subclasses ------------------------
 
   public abstract byte[] getEncoded(int format);
diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
index f8acaa50df7..92053448763 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.java.security.key.rsa;
 
+import gnu.classpath.SystemProperties;
 import gnu.java.security.Registry;
 import gnu.java.security.key.IKeyPairCodec;
 
@@ -56,16 +57,15 @@ import java.security.interfaces.RSAPrivateKey;
  *    Primitive specification and supporting documentation.<br>
  *    Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
- *
- * @version $Revision: 1.3 $
  */
 public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
     RSAPrivateCrtKey
 {
-
   // Constants and variables
   // -------------------------------------------------------------------------
 
+  private static final boolean DEBUG = false;
+
   /** The first prime divisor of the modulus. */
   private final BigInteger p;
 
@@ -86,6 +86,9 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
   /** The CRT (Chinese Remainder Theorem) coefficient. */
   private final BigInteger qInv;
 
+  /** String representation of this key. Cached for speed. */
+  private transient String str;
+
   // Constructor(s)
   // -------------------------------------------------------------------------
 
@@ -296,4 +299,22 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey,
       }
     return false;
   }
+
+  public String toString()
+  {
+    if (str == null)
+      {
+        String ls = SystemProperties.getProperty("line.separator");
+        str = new StringBuilder(this.getClass().getName()).append("(")
+            .append(super.toString()).append(",").append(ls)
+            .append("d=0x").append(DEBUG ? d.toString(16) : "**...*").append(ls)
+            .append("p=0x").append(DEBUG ? p.toString(16) : "**...*").append(ls)
+            .append("q=0x").append(DEBUG ? q.toString(16) : "**...*").append(ls)
+            .append("dP=0x").append(DEBUG ? dP.toString(16) : "**...*").append(ls)
+            .append("dQ=0x").append(DEBUG ? dQ.toString(16) : "**...*").append(ls)
+            .append("qInv=0x").append(DEBUG ? qInv.toString(16) : "**...*").append(ls)
+            .append(")").toString();
+      }
+    return str;
+  }
 }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java
index f49027ca621..8badede1422 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java
@@ -38,6 +38,7 @@ exception statement from your version.  */
 
 package gnu.java.security.key.rsa;
 
+import gnu.classpath.SystemProperties;
 import gnu.java.security.Registry;
 import gnu.java.security.key.IKeyPairCodec;
 
@@ -55,16 +56,16 @@ import java.security.interfaces.RSAPublicKey;
  *    Primitive specification and supporting documentation.<br>
  *    Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
- *
- * @version $Revision: 1.2 $
  */
 public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey,
     RSAPublicKey
 {
-
   // Constants and variables
   // -------------------------------------------------------------------------
 
+  /** String representation of this key. Cached for speed. */
+  private transient String str;
+
   // Constructor(s)
   // -------------------------------------------------------------------------
 
@@ -182,4 +183,16 @@ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey,
     return super.equals(that)
            && getPublicExponent().equals(that.getPublicExponent());
   }
+
+  public String toString()
+  {
+    if (str == null)
+      {
+        String ls = SystemProperties.getProperty("line.separator");
+        str = new StringBuilder(this.getClass().getName()).append("(")
+            .append(super.toString()).append(",").append(ls)
+            .append(")").toString();
+      }
+    return str;
+  }
 }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java
index 9c7338f662a..39063381f37 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java
@@ -50,6 +50,7 @@ import java.security.PublicKey;
 import java.security.SecureRandom;
 import java.security.spec.RSAKeyGenParameterSpec;
 import java.util.Map;
+import java.util.logging.Logger;
 
 /**
  * <p>A key-pair generator for asymetric keys to use in conjunction with the RSA
@@ -68,10 +69,11 @@ import java.util.Map;
  */
 public class RSAKeyPairGenerator implements IKeyPairGenerator
 {
-
   // Constants and variables
   // -------------------------------------------------------------------------
 
+  private static final Logger log = Logger.getLogger(RSAKeyPairGenerator.class.getName());
+
   /** The BigInteger constant 1. */
   private static final BigInteger ONE = BigInteger.ONE;
 
@@ -150,6 +152,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator
    */
   public void setup(Map attributes)
   {
+    log.entering(this.getClass().getName(), "setup", attributes);
+
     // do we have a SecureRandom, or should we use our own?
     rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS);
 
@@ -177,6 +181,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator
     Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT);
     preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT
                                        : formatID.intValue();
+
+    log.exiting(this.getClass().getName(), "setup");
   }
 
   /**
@@ -187,6 +193,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator
    */
   public KeyPair generate()
   {
+    log.entering(this.getClass().getName(), "generate");
+
     BigInteger p, q, n, d;
 
     // 1. Generate a prime p in the interval [2**(M-1), 2**M - 1], where
@@ -234,7 +242,9 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator
     PublicKey pubK = new GnuRSAPublicKey(preferredFormat, n, e);
     PrivateKey secK = new GnuRSAPrivateKey(preferredFormat, p, q, e, d);
 
-    return new KeyPair(pubK, secK);
+    KeyPair result = new KeyPair(pubK, secK);
+    log.exiting(this.getClass().getName(), "generate", result);
+    return result;
   }
 
   // helper methods ----------------------------------------------------------
diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
index a7f65b61012..0b980903251 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java
@@ -45,6 +45,7 @@ import java.security.InvalidParameterException;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.util.ArrayList;
+import java.util.logging.Logger;
 
 import gnu.java.security.OID;
 import gnu.java.security.Registry;
@@ -62,6 +63,7 @@ import gnu.java.security.util.DerUtil;
 public class RSAKeyPairPKCS8Codec
     implements IKeyPairCodec
 {
+  private static final Logger log = Logger.getLogger(RSAKeyPairPKCS8Codec.class.getName());
   private static final OID RSA_ALG_OID = new OID(Registry.RSA_OID_STRING);
 
   // implicit 0-arguments constructor
@@ -120,6 +122,8 @@ public class RSAKeyPairPKCS8Codec
    */
   public byte[] encodePrivateKey(PrivateKey key)
   {
+    log.entering(this.getClass().getName(), "encodePrivateKey()", key);
+
     if (! (key instanceof GnuRSAPrivateKey))
       throw new InvalidParameterException("Wrong key type");
 
@@ -187,6 +191,7 @@ public class RSAKeyPairPKCS8Codec
         throw y;
       }
 
+    log.exiting(this.getClass().getName(), "encodePrivateKey()", result);
     return result;
   }
 
@@ -208,6 +213,8 @@ public class RSAKeyPairPKCS8Codec
    */
   public PrivateKey decodePrivateKey(byte[] input)
   {
+    log.entering(this.getClass().getName(), "decodePrivateKey()", input);
+
     if (input == null)
       throw new InvalidParameterException("Input bytes MUST NOT be null");
 
@@ -278,7 +285,9 @@ public class RSAKeyPairPKCS8Codec
         throw y;
       }
 
-    return new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, n, e, d, p, q,
-                                dP, dQ, qInv);
+    PrivateKey result = new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, n, e,
+                                             d, p, q, dP, dQ, qInv);
+    log.exiting(this.getClass().getName(), "decodePrivateKey()", result);
+    return result;
   }
 }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java
index 1c362784b35..882d9c7b2ca 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java
@@ -128,8 +128,9 @@ public class RSAKeyPairX509Codec
     DERValue derN = new DERValue(DER.INTEGER, n);
     DERValue derE = new DERValue(DER.INTEGER, e);
 
-    ArrayList algorithmID = new ArrayList(1);
+    ArrayList algorithmID = new ArrayList(2);
     algorithmID.add(derOID);
+    algorithmID.add(new DERValue(DER.NULL, null));
     DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
                                            algorithmID);
 
diff --git a/libjava/classpath/gnu/java/security/pkcs/PKCS7Data.java b/libjava/classpath/gnu/java/security/pkcs/PKCS7Data.java
new file mode 100644
index 00000000000..3d3052b965b
--- /dev/null
+++ b/libjava/classpath/gnu/java/security/pkcs/PKCS7Data.java
@@ -0,0 +1,69 @@
+/* PKCS7Data.java -- Reader/writer for PKCS#7 Data objects
+   Copyright (C) 2006 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.security.pkcs;
+
+import gnu.java.security.OID;
+
+/**
+ * A read/write helper class for PKCS#7 Data ASN.1 structures.
+ */
+public class PKCS7Data
+{
+  public static final OID PKCS7_DATA = new OID("1.2.840.113549.1.7.1");
+
+  private byte[] content;
+
+  /**
+   * Constructs a new instance of <code>PKCS7Data</code> with the possibly
+   * null (implicetly referenced) content data.
+   * 
+   * @param data the raw bytes of the data to use in a PKCS#7 framework.
+   */
+  public PKCS7Data(byte[] data)
+  {
+    super();
+
+    this.content = data;
+  }
+
+  public byte[] getEncoded()
+  {
+    return content;
+  }
+}
diff --git a/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java b/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java
index ba5efc7222f..0781f4ba97c 100644
--- a/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java
+++ b/libjava/classpath/gnu/java/security/pkcs/PKCS7SignedData.java
@@ -1,5 +1,5 @@
-/* PKCS7SignedData.java -- reader for PKCS#7 signedData objects
-   Copyright (C) 2004, 2005  Free Software Foundation, Inc.
+/* PKCS7SignedData.java -- reader/writer for PKCS#7 signedData objects
+   Copyright (C) 2004, 2005, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -42,19 +42,26 @@ import gnu.java.security.ber.BER;
 import gnu.java.security.ber.BEREncodingException;
 import gnu.java.security.ber.BERReader;
 import gnu.java.security.ber.BERValue;
+import gnu.java.security.der.DER;
 import gnu.java.security.der.DERValue;
+import gnu.java.security.der.DERWriter;
+import gnu.java.security.util.Util;
 
 import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.io.OutputStream;
 
 import java.math.BigInteger;
 
 import java.security.cert.CRL;
 import java.security.cert.CRLException;
 import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
+import java.security.cert.X509CRL;
 
 import java.util.ArrayList;
 import java.util.Collections;
@@ -63,6 +70,7 @@ import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Set;
+import java.util.logging.Logger;
 
 /**
  * The SignedData object in PKCS #7. This is a read-only implementation of
@@ -72,8 +80,8 @@ import java.util.Set;
  */
 public class PKCS7SignedData
 {
+  private static final Logger log = Logger.getLogger(PKCS7SignedData.class.getName());
 
-  public static final OID PKCS7_DATA = new OID("1.2.840.113549.1.7.1");
   public static final OID PKCS7_SIGNED_DATA = new OID("1.2.840.113549.1.7.2");
 
   private BigInteger version;
@@ -84,13 +92,6 @@ public class PKCS7SignedData
   private CRL[] crls;
   private Set signerInfos;
 
-  private static final boolean DEBUG = false;
-  private static void debug(String msg)
-  {
-    System.err.print("PKCS7SignedData >> ");
-    System.err.println(msg);
-  }
-
   public PKCS7SignedData(InputStream in)
     throws CRLException, CertificateException, IOException
   {
@@ -103,14 +104,12 @@ public class PKCS7SignedData
    *
    * <pre>
    * SignedData ::= SEQUENCE {
-   *   version Version,
-   *   digestAlgorithms DigestAlgorithmIdentifiers,
-   *   contentInfo ContentInfo,
-   *   certificates
-   *     [0] IMPLICIT ExtendedCertificatesAndCertificates OPTIONAL,
-   *   crls
-   *     [1] IMPLICIT CertificateRevocationLists OPTIONAL,
-   *   signerInfos SignerInfos }
+   *   version           Version, -- always 1 for PKCS7 v1.5
+   *   digestAlgorithms  DigestAlgorithmIdentifiers,
+   *   contentInfo       ContentInfo,
+   *   certificates  [0] IMPLICIT ExtendedCertificatesAndCertificates OPTIONAL,
+   *   crls          [1] IMPLICIT CertificateRevocationLists OPTIONAL,
+   *   signerInfos       SignerInfos }
    *
    * Version ::= INTEGER
    *
@@ -119,8 +118,8 @@ public class PKCS7SignedData
    * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
    *
    * ContentInfo ::= SEQUENCE {
-   *   contentType ContentType,
-   *   content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
+   *   contentType   ContentType,
+   *   content   [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
    *
    * ContentType ::= OBJECT IDENTIFIER
    *
@@ -128,7 +127,7 @@ public class PKCS7SignedData
    *   SET OF ExtendedCertificatesAndCertificate
    *
    * ExtendedCertificatesAndCertificate ::= CHOICE {
-   *   certificate Certificate, -- from X.509
+   *   certificate             Certificate, -- from X.509
    *   extendedCertificate [0] IMPLICIT ExtendedCertificate }
    *
    * CertificateRevocationLists ::= SET OF CertificateRevocationList
@@ -137,15 +136,13 @@ public class PKCS7SignedData
    * SignerInfos ::= SET OF SignerInfo
    *
    * SignerInfo ::= SEQUENCE {
-   *   version Version,
-   *   issuerAndSerialNumber IssuerAndSerialNumber,
-   *   digestAlgorithm DigestAlgorithmIdentifier,
-   *   authenticatedAttributes
-   *     [0] IMPLICIT Attributes OPTIONAL,
-   *   digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
-   *   encryptedDigest EncryptedDigest,
-   *   unauthenticatedAttributes
-   *     [1] IMPLICIT Attributes OPTIONAL }
+   *   version                       Version, -- always 1 for PKCS7 v1.5
+   *   issuerAndSerialNumber         IssuerAndSerialNumber,
+   *   digestAlgorithm               DigestAlgorithmIdentifier,
+   *   authenticatedAttributes   [0] IMPLICIT Attributes OPTIONAL,
+   *   digestEncryptionAlgorithm     DigestEncryptionAlgorithmIdentifier,
+   *   encryptedDigest               EncryptedDigest,
+   *   unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL }
    *
    * EncryptedDigest ::= OCTET STRING
    * </pre>
@@ -177,23 +174,21 @@ public class PKCS7SignedData
     if (!val.isConstructed())
       throw new BEREncodingException("malformed SignedData");
 
-    if (DEBUG)
-      debug("SignedData: " + val);
+    log.finest("SignedData: " + val);
 
     val = ber.read();
     if (val.getTag() != BER.INTEGER)
       throw new BEREncodingException("expecting Version");
     version = (BigInteger) val.getValue();
 
-    if (DEBUG)
-      debug("  Version: " + version);
+    log.finest("  Version: " + version);
 
     digestAlgorithms = new HashSet();
     val = ber.read();
     if (!val.isConstructed())
       throw new BEREncodingException("malformed DigestAlgorithmIdentifiers");
-    if (DEBUG)
-      debug("  DigestAlgorithmIdentifiers: " + val);
+
+    log.finest("  DigestAlgorithmIdentifiers: " + val);
     int count = 0;
     DERValue val2 = ber.read();
     while (val2 != BER.END_OF_SEQUENCE &&
@@ -201,14 +196,14 @@ public class PKCS7SignedData
       {
         if (!val2.isConstructed())
           throw new BEREncodingException("malformed AlgorithmIdentifier");
-        if (DEBUG)
-          debug("    AlgorithmIdentifier: " + val2);
+
+        log.finest("    AlgorithmIdentifier: " + val2);
         count += val2.getEncodedLength();
         val2 = ber.read();
         if (val2.getTag() != BER.OBJECT_IDENTIFIER)
           throw new BEREncodingException("malformed AlgorithmIdentifier");
-        if (DEBUG)
-          debug("      ID: " + val2.getValue());
+
+        log.finest("      digestAlgorithmIdentifiers OID: " + val2.getValue());
         List algId = new ArrayList(2);
         algId.add(val2.getValue());
         val2 = ber.read();
@@ -219,29 +214,33 @@ public class PKCS7SignedData
               algId.add(null);
             else
               algId.add(val2.getEncoded());
-            if (DEBUG)
-              debug("      params: " + new BigInteger(1, val2.getEncoded()).toString(16));
+
             if (val2.isConstructed())
               ber.skip(val2.getLength());
+
             if (BERValue.isIndefinite(val))
               val2 = ber.read();
           }
         else
           algId.add(null);
+
+        log.finest("      digestAlgorithmIdentifiers params: ");
+        log.finest(Util.dumpString((byte[]) algId.get(1),
+                                   "      digestAlgorithmIdentifiers params: "));
         digestAlgorithms.add(algId);
       }
 
     val = ber.read();
     if (!val.isConstructed())
       throw new BEREncodingException("malformed ContentInfo");
-    if (DEBUG)
-      debug("  ContentInfo: " + val);
+
+    log.finest("  ContentInfo: " + val);
     val2 = ber.read();
     if (val2.getTag() != BER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed ContentType");
+
     contentType = (OID) val2.getValue();
-    if (DEBUG)
-      debug("    ContentType: " + contentType);
+    log.finest("    ContentType OID: " + contentType);
     if (BERValue.isIndefinite(val)
         || (val.getLength() > 0 && val.getLength() > val2.getEncodedLength()))
       {
@@ -251,18 +250,19 @@ public class PKCS7SignedData
             content = val2.getEncoded();
             if (BERValue.isIndefinite(val))
               val2 = ber.read();
-            if (DEBUG)
-              debug("    Content: " + new BigInteger(1, content).toString(16));
           }
       }
 
+    log.finest("    Content: ");
+    log.finest(Util.dumpString(content, "    Content: "));
+
     val = ber.read();
     if (val.getTag() == 0)
       {
         if (!val.isConstructed())
           throw new BEREncodingException("malformed ExtendedCertificatesAndCertificates");
-        if (DEBUG)
-          debug("  ExtendedCertificatesAndCertificates: " + val);
+
+        log.finest("  ExtendedCertificatesAndCertificates: " + val);
         count = 0;
         val2 = ber.read();
         List certs = new LinkedList();
@@ -271,8 +271,7 @@ public class PKCS7SignedData
           {
             Certificate cert =
               x509.generateCertificate(new ByteArrayInputStream(val2.getEncoded()));
-            if (DEBUG)
-              debug("    Certificate: " + cert);
+            log.finest("    Certificate: " + cert);
             certs.add(cert);
             count += val2.getEncodedLength();
             ber.skip(val2.getLength());
@@ -287,8 +286,8 @@ public class PKCS7SignedData
       {
         if (!val.isConstructed())
           throw new BEREncodingException("malformed CertificateRevocationLists");
-        if (DEBUG)
-          debug("  CertificateRevocationLists: " + val);
+
+        log.finest("  CertificateRevocationLists: " + val);
         count = 0;
         val2 = ber.read();
         List crls = new LinkedList();
@@ -296,8 +295,7 @@ public class PKCS7SignedData
                (val.getLength() > 0 && val.getLength() > count))
           {
             CRL crl = x509.generateCRL(new ByteArrayInputStream(val2.getEncoded()));
-            if (DEBUG)
-              debug ("    CRL: " + crl);
+            log.finest("    CRL: " + crl);
             crls.add(crl);
             count += val2.getEncodedLength();
             ber.skip(val2.getLength());
@@ -312,8 +310,7 @@ public class PKCS7SignedData
     if (!val.isConstructed())
       throw new BEREncodingException("malformed SignerInfos");
 
-    if (DEBUG)
-      debug("  SignerInfos: " + val);
+    log.finest("  SignerInfos: " + val);
 
     // FIXME read this more carefully.
     // Since we are just reading a file (probably) we just read until we
@@ -327,6 +324,39 @@ public class PKCS7SignedData
       }
   }
 
+  /**
+   * Constructs a new instance of <code>PKCS7SignedData</code> given a
+   * designated set of fields.
+   * 
+   * @param digestAlgorithms the collection of DigestAlgorithm elements. Each
+   *          DigestAlgorithm is a {@link List} of two elements, the first is an
+   *          OID while the second is dependent on the value of the OID element.
+   * @param data an instance of a PKCS#7 (non-signed) data. In its simplest form
+   *          such an ASN.1 structure would consist of just the OID of a
+   *          non-signed PKCS#7 Data.
+   * @param certificates the array of Certificates used to authenticate the
+   *          enclosed (or referenced, in case the content is null) data.
+   * @param crls the array of certificate-revocation lists of the used
+   *          certificates.
+   * @param signerInfos a set of {@link SignerInfo} elements, one per signer of
+   *          the data referenced by this <code>PKCS7SignedData</code>
+   *          instance.
+   */
+  public PKCS7SignedData(Set digestAlgorithms, PKCS7Data data,
+                         Certificate[] certificates, X509CRL[] crls,
+                         Set signerInfos)
+  {
+    super();
+
+    this.version = BigInteger.ONE;
+    this.digestAlgorithms = digestAlgorithms;
+    this.contentType = PKCS7_SIGNED_DATA;
+    this.content = data == null ? null : data.getEncoded();
+    this.certificates = certificates;
+    this.crls = crls;
+    this.signerInfos = signerInfos;
+  }
+
   public BigInteger getVersion()
   {
     return version;
@@ -361,4 +391,89 @@ public class PKCS7SignedData
       copy.add(it.next());
     return Collections.unmodifiableSet(copy);
   }
+
+  /**
+   * Writes to the designated output stream the DER encoding of the current
+   * contents of this instance.
+   * 
+   * @param out the destination output stream.
+   * @throws IOException if an I/O related exception occurs during the process.
+   * @throws CRLException if an exception occurs while encoding the certificate
+   * revocation lists associated with this instance.
+   * @throws CertificateEncodingException if an exception occurs while encoding
+   * the certificate chains associated with this instance.
+   */
+  public void encode(OutputStream out) throws IOException, CRLException,
+      CertificateEncodingException
+  {
+    DERValue derVersion = new DERValue(DER.INTEGER, version);
+
+    DERValue derDigestAlgorithms = new DERValue(DER.CONSTRUCTED | DER.SET,
+                                                digestAlgorithms);
+
+    DERValue derContentType = new DERValue(DER.OBJECT_IDENTIFIER,
+                                           PKCS7Data.PKCS7_DATA);
+    ArrayList contentInfo = new ArrayList(2);
+    contentInfo.add(derContentType);
+    if (content == null)
+      contentInfo.add(new DERValue(DER.NULL, null));
+    else
+      contentInfo.add(content);
+
+    DERValue derContentInfo = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
+                                           contentInfo);
+
+    ByteArrayOutputStream baos = new ByteArrayOutputStream(4096);
+    for (int i = 0; i < certificates.length; i++)
+      baos.write(certificates[i].getEncoded());
+
+    baos.flush();
+    byte[] b = baos.toByteArray();
+    DERValue derExtendedCertificatesAndCertificates =
+        new DERValue(DER.CONSTRUCTED | DER.CONTEXT | 0, b.length, b, null);
+
+    DERValue derCertificateRevocationLists = null;
+    if (crls != null && crls.length > 0)
+      {
+        baos.reset();
+        for (int i = 0; i < crls.length; i++)
+          baos.write(((X509CRL) crls[i]).getEncoded());
+
+        baos.flush();
+        byte[] b2 = baos.toByteArray();
+        derCertificateRevocationLists =
+            new DERValue(DER.CONSTRUCTED | DER.CONTEXT | 1, b2.length, b2, null);
+      }
+
+    baos.reset();
+    for (Iterator it = signerInfos.iterator(); it.hasNext();)
+      {
+        SignerInfo signerInfo = (SignerInfo) it.next();
+        signerInfo.encode(baos);
+      }
+    baos.flush();
+    byte[] b3 = baos.toByteArray();
+    DERValue derSignerInfos = new DERValue(DER.CONSTRUCTED | DER.SET,
+                                           b3.length, b3, null);
+
+    ArrayList signedData = new ArrayList(6);
+    signedData.add(derVersion);
+    signedData.add(derDigestAlgorithms);
+    signedData.add(derContentInfo);
+    signedData.add(derExtendedCertificatesAndCertificates);
+    if (derCertificateRevocationLists != null)
+      signedData.add(derCertificateRevocationLists);
+
+    signedData.add(derSignerInfos);
+    DERValue derSignedData = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
+                                          signedData);
+    // now the outer contents
+    ArrayList outer = new ArrayList(3);
+    outer.add(new DERValue(DER.OBJECT_IDENTIFIER, PKCS7_SIGNED_DATA));
+    outer.add(new DERValue(DER.CONTEXT | 0, null));
+    outer.add(derSignedData);
+    DERValue derOuter = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, outer);
+
+    DERWriter.write(out, derOuter);
+  }
 }
diff --git a/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java b/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java
index c976799bb0c..7b38bfefdaf 100644
--- a/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java
+++ b/libjava/classpath/gnu/java/security/pkcs/SignerInfo.java
@@ -42,16 +42,25 @@ import gnu.java.security.ber.BER;
 import gnu.java.security.ber.BEREncodingException;
 import gnu.java.security.ber.BERReader;
 import gnu.java.security.ber.BERValue;
+import gnu.java.security.der.DER;
 import gnu.java.security.der.DERValue;
+import gnu.java.security.der.DERWriter;
+import gnu.java.security.util.Util;
 
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
+import java.io.OutputStream;
 
 import java.math.BigInteger;
+import java.util.ArrayList;
+import java.util.logging.Logger;
 
 import javax.security.auth.x500.X500Principal;
 
 public class SignerInfo
 {
+  private static final Logger log = Logger.getLogger(SignerInfo.class.getName());
+
   private final BigInteger version;
   private final BigInteger serialNumber;
   private final X500Principal issuer;
@@ -63,67 +72,80 @@ public class SignerInfo
   private final byte[] encryptedDigest;
   private final byte[] unauthenticatedAttributes;
 
-  private static final boolean DEBUG = false;
-  private static void debug(String msg)
-  {
-    System.err.print("SignerInfo >> ");
-    System.err.println(msg);
-  }
-
   /**
    * Parse a SignerInfo object.
+   * <p>
+   * A SignerInfo is a structure with the following ASN.1 syntax:
+   * <pre>
+   * SignerInfo ::= SEQUENCE {
+   *   version                       Version, -- always 1 for PKCS7 v1.5
+   *   issuerAndSerialNumber         IssuerAndSerialNumber, -- an INTEGER
+   *   digestAlgorithm               DigestAlgorithmIdentifier,
+   *   authenticatedAttributes   [0] IMPLICIT Attributes OPTIONAL,
+   *   digestEncryptionAlgorithm     DigestEncryptionAlgorithmIdentifier,
+   *   encryptedDigest               EncryptedDigest,
+   *   unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL }
+   *
+   * IssuerAndSerialNumber ::= SEQUENCE {
+   *   issuer       Name,
+   *   serialNumber CertificateSerialNumber
+   * }
+   * 
+   * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+   * 
+   * DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+   *
+   * EncryptedDigest ::= OCTET STRING
+   * </pre>
    */
   public SignerInfo(BERReader ber) throws IOException
   {
     DERValue val = ber.read();
-    if (DEBUG)
-      debug("SignerInfo: " + val);
+    log.finest("SignerInfo: " + val);
     if (!val.isConstructed())
       throw new BEREncodingException("malformed SignerInfo");
 
     val = ber.read();
     if (val.getTag() != BER.INTEGER)
       throw new BEREncodingException("malformed Version");
-    version = (BigInteger) val.getValue();
 
-    if (DEBUG)
-      debug("  Version: " + version);
+    version = (BigInteger) val.getValue();
+    log.finest("  Version: " + version);
 
     val = ber.read();
     if (!val.isConstructed())
       throw new BEREncodingException("malformed IssuerAndSerialNumber");
 
-    if (DEBUG)
-      debug("  IssuerAndSerialNumber: " + val);
+    log.finest("  IssuerAndSerialNumber: " + val);
 
     val = ber.read();
     if (!val.isConstructed())
       throw new BEREncodingException("malformed Issuer");
+
     issuer = new X500Principal(val.getEncoded());
     ber.skip(val.getLength());
-    if (DEBUG)
-      debug("    Issuer: " + issuer);
+    log.finest("    Issuer: " + issuer);
 
     val = ber.read();
     if (val.getTag() != BER.INTEGER)
       throw new BEREncodingException("malformed SerialNumber");
+
     serialNumber = (BigInteger) val.getValue();
-    if (DEBUG)
-      debug("    SerialNumber: " + serialNumber);
+    log.finest("    SerialNumber: " + serialNumber);
 
     val = ber.read();
     if (!val.isConstructed())
       throw new BEREncodingException("malformed DigestAlgorithmIdentifier");
-    if (DEBUG)
-      debug("  DigestAlgorithmIdentifier: " + val);
+
+    log.finest("  DigestAlgorithmIdentifier: " + val);
 
     int count = 0;
     DERValue val2 = ber.read();
     if (val2.getTag() != BER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed AlgorithmIdentifier");
+
     digestAlgorithmId = (OID) val2.getValue();
-    if (DEBUG)
-      debug("    OID: " + digestAlgorithmId);
+    log.finest("    digestAlgorithm OID: " + digestAlgorithmId);
 
     if (BERValue.isIndefinite(val))
       {
@@ -147,9 +169,10 @@ public class SignerInfo
       }
     else
       digestAlgorithmParams = null;
-    if(DEBUG)
-      debug("    params: " + (digestAlgorithmParams == null ? null
-                              : new BigInteger(digestAlgorithmParams).toString(16)));
+
+    log.finest("    digestAlgorithm params: ");
+    log.finest(Util.dumpString(digestAlgorithmParams,
+                               "    digestAlgorithm params: "));
 
     val = ber.read();
     if (val.getTag() == 0)
@@ -158,24 +181,27 @@ public class SignerInfo
         val = ber.read();
         if (val.isConstructed())
           ber.skip(val.getLength());
-        if (DEBUG)
-          debug("  AuthenticatedAttributes: " + val);
+
         val = ber.read();
       }
     else
       authenticatedAttributes = null;
 
+    log.finest("  AuthenticatedAttributes: ");
+    log.finest(Util.dumpString(authenticatedAttributes,
+                               "  AuthenticatedAttributes: "));
+
     if (!val.isConstructed())
       throw new BEREncodingException("malformed DigestEncryptionAlgorithmIdentifier");
-    if (DEBUG)
-      debug("  DigestEncryptionAlgorithmIdentifier: " + val);
+
+    log.finest("  DigestEncryptionAlgorithmIdentifier: " + val);
     count = 0;
     val2 = ber.read();
     if (val2.getTag() != BER.OBJECT_IDENTIFIER)
       throw new BEREncodingException("malformed AlgorithmIdentifier");
+
     digestEncryptionAlgorithmId = (OID) val2.getValue();
-    if (DEBUG)
-      debug("    OID: " + digestEncryptionAlgorithmId);
+    log.finest("    digestEncryptionAlgorithm OID: " + digestEncryptionAlgorithmId);
 
     if (BERValue.isIndefinite(val))
       {
@@ -199,26 +225,74 @@ public class SignerInfo
       }
     else
       digestEncryptionAlgorithmParams = null;
-    if(DEBUG)
-      debug("    params: " + (digestEncryptionAlgorithmParams == null ? null
-                              : new BigInteger(digestEncryptionAlgorithmParams).toString(16)));
+
+    log.finest("    digestEncryptionAlgorithm params: ");
+    log.finest(Util.dumpString(digestEncryptionAlgorithmParams,
+                               "    digestEncryptionAlgorithm params: "));
 
     val = ber.read();
     if (val.getTag() != BER.OCTET_STRING)
       throw new BEREncodingException("malformed EncryptedDigest");
+
     encryptedDigest = (byte[]) val.getValue();
-    if (DEBUG)
-      debug("  EncryptedDigest: " + new BigInteger(1, encryptedDigest).toString(16));
+    log.finest("  EncryptedDigest: ");
+    log.finest(Util.dumpString(encryptedDigest, "  EncryptedDigest: "));
 
     if (ber.peek() == 1)
       unauthenticatedAttributes = ber.read().getEncoded();
     else
       unauthenticatedAttributes = null;
 
+    log.finest("  UnauthenticatedAttributes: ");
+    log.finest(Util.dumpString(unauthenticatedAttributes,
+                               "  UnauthenticatedAttributes: "));
+
     if (ber.peek() == 0)
       ber.read();
   }
 
+  /**
+   * Constructs a new instance of <code>SignerInfo</code> given a designated
+   * set of fields.
+   * 
+   * @param issuer the X.500 Principal name of the signer referenced by this
+   *          instance.
+   * @param serialNumber the serial number of the certificate being used. Both
+   *          this and the previous arguments are gleaned from the signer's
+   *          certificate.
+   * @param digestAlgorithmOID the OID of the digest algorithm. When
+   *          constructing the DigestAlgorithmIdentifier with this OID, the
+   *          parameters part will be NULL.
+   * @param authenticatedAttributes the encoding of the set of authenticated
+   *          attributes to use.
+   * @param digestEncryptionAlgorithmOID the OID of the digest encryption
+   *          algorithm. When constructing the
+   *          DigestEncryptionAlgorithmIdentifier with this OID, the parameters
+   *          part will be NULL.
+   * @param encryptedDigest the encrypted hash generated with this signer's
+   *          private key.
+   * @param unauthenticatedAttributes the encoding of the set of
+   *          unauthencticated attributes.
+   */
+  public SignerInfo(X500Principal issuer, BigInteger serialNumber,
+                    OID digestAlgorithmOID, byte[] authenticatedAttributes,
+                    OID digestEncryptionAlgorithmOID,
+                    byte[] encryptedDigest, byte[] unauthenticatedAttributes)
+  {
+    super();
+
+    this.version = BigInteger.ONE;
+    this.issuer = issuer;
+    this.serialNumber = serialNumber;
+    this.digestAlgorithmId = digestAlgorithmOID;
+    this.digestAlgorithmParams = null;
+    this.authenticatedAttributes = authenticatedAttributes;
+    this.digestEncryptionAlgorithmId = digestEncryptionAlgorithmOID;
+    this.digestEncryptionAlgorithmParams = null;
+    this.encryptedDigest = encryptedDigest;
+    this.unauthenticatedAttributes = unauthenticatedAttributes;
+  }
+
   public BigInteger getVersion()
   {
     return version;
@@ -276,4 +350,65 @@ public class SignerInfo
             ? (byte[]) unauthenticatedAttributes.clone()
             : null);
   }
+
+  /**
+   * Writes to the designated output stream the DER encoding of the current
+   * contents of this instance.
+   * 
+   * @param out the destination output stream.
+   * @throws IOException if an I/O related exception occurs during the process.
+   */
+  public void encode(OutputStream out) throws IOException
+  {
+    DERValue derVersion = new DERValue(DER.INTEGER, version);
+
+    ByteArrayOutputStream baos = new ByteArrayOutputStream(4096);
+    baos.write(issuer.getEncoded());
+    DERValue derSerialNumber = new DERValue(DER.INTEGER, serialNumber);
+    DERWriter.write(baos, derSerialNumber);
+    baos.flush();
+    byte[] b = baos.toByteArray();
+    DERValue derIssuerAndSerialNumber =
+        new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, b.length, b, null);
+
+    DERValue derDigestAlgorithmOID = new DERValue(DER.OBJECT_IDENTIFIER,
+                                                  digestAlgorithmId);
+    ArrayList digestAlgorithmIdentifier = new ArrayList(1);
+    digestAlgorithmIdentifier.add(derDigestAlgorithmOID);
+    DERValue derDigestAlgorithmIdentifier =
+        new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, digestAlgorithmIdentifier);
+
+    DERValue derAuthenticatedAttributes;
+    if (authenticatedAttributes == null)
+      derAuthenticatedAttributes = new DERValue(DER.NULL, null);
+    else
+      derAuthenticatedAttributes = new DERValue(DER.CONSTRUCTED | DER.SET,
+                                                authenticatedAttributes);
+
+    DERValue derDigestEncryptionAlgorithmOID =
+        new DERValue(DER.OBJECT_IDENTIFIER, digestEncryptionAlgorithmId);
+    ArrayList digestEncryptionAlgorithmIdentifier = new ArrayList(1);
+    digestEncryptionAlgorithmIdentifier.add(derDigestEncryptionAlgorithmOID);
+    DERValue derDigestEncryptionAlgorithmIdentifier =
+        new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, digestEncryptionAlgorithmIdentifier);
+
+    DERValue derEncryptedDigest = new DERValue(DER.OCTET_STRING, encryptedDigest);
+
+    DERValue derUnauthenticatedAttributes;
+    if (unauthenticatedAttributes == null)
+      derUnauthenticatedAttributes = new DERValue(DER.NULL, null);
+    else
+      derUnauthenticatedAttributes = new DERValue(DER.CONSTRUCTED | DER.SET,
+                                                  unauthenticatedAttributes);
+
+    ArrayList signerInfo = new ArrayList(5);
+    signerInfo.add(derVersion);
+    signerInfo.add(derIssuerAndSerialNumber);
+    signerInfo.add(derDigestAlgorithmIdentifier);
+    signerInfo.add(derDigestEncryptionAlgorithmIdentifier);
+    signerInfo.add(derEncryptedDigest);
+    DERValue derSignerInfo = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
+                                          signerInfo);
+    DERWriter.write(out, derSignerInfo);
+  }
 }
diff --git a/libjava/classpath/gnu/java/security/prng/MDGenerator.java b/libjava/classpath/gnu/java/security/prng/MDGenerator.java
index 255647d1c5f..073c559ae04 100644
--- a/libjava/classpath/gnu/java/security/prng/MDGenerator.java
+++ b/libjava/classpath/gnu/java/security/prng/MDGenerator.java
@@ -122,6 +122,20 @@ public class MDGenerator extends BasePRNG implements Cloneable
     md.update(buffer, 0, buffer.length);
   }
 
+  public void addRandomByte (final byte b)
+  {
+    if (md == null)
+      throw new IllegalStateException ("not initialized");
+    md.update (b);
+  }
+
+  public void addRandomBytes (final byte[] buf, final int off, final int len)
+  {
+    if (md == null)
+      throw new IllegalStateException ("not initialized");
+    md.update (buf, off, len);
+  }
+
   // Cloneable interface implementation ---------------------------------------
 
   public Object clone() throws CloneNotSupportedException
diff --git a/libjava/classpath/gnu/java/security/provider/DSAParameterGenerator.java b/libjava/classpath/gnu/java/security/provider/DSAParameterGenerator.java
deleted file mode 100644
index ccec1136cd3..00000000000
--- a/libjava/classpath/gnu/java/security/provider/DSAParameterGenerator.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/* DSAParameterGenerator.java --- DSA Parameter Generator Implementation
-   Copyright (C) 1999 Free Software Foundation, Inc.
-
-This file is part of GNU Classpath.
-
-GNU Classpath is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2, or (at your option)
-any later version.
- 
-GNU Classpath is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with GNU Classpath; see the file COPYING.  If not, write to the
-Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA.
-
-Linking this library statically or dynamically with other modules is
-making a combined work based on this library.  Thus, the terms and
-conditions of the GNU General Public License cover the whole
-combination.
-
-As a special exception, the copyright holders of this library give you
-permission to link this library with independent modules to produce an
-executable, regardless of the license terms of these independent
-modules, and to copy and distribute the resulting executable under
-terms of your choice, provided that you also meet, for each linked
-independent module, the terms and conditions of the license of that
-module.  An independent module is a module which is not derived from
-or based on this library.  If you modify this library, you may extend
-this exception to your version of the library, but you are not
-obligated to do so.  If you do not wish to do so, delete this
-exception statement from your version. */
-
-
-package gnu.java.security.provider;
-
-import gnu.java.security.util.Prime;
-
-import java.math.BigInteger;
-import java.security.AlgorithmParameterGeneratorSpi;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.DSAParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-import java.util.Random;
-
-public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi
-{
-  private int size;
-  private SecureRandom random = null;
-
-  public DSAParameterGenerator()
-  {
-    size = 1024;
-  }
-
-  public void engineInit(int size, SecureRandom random)
-  {
-    if( (size < 512) || (size > 1024) || ( (size % 64) != 0) )
-      //throw new InvalidAlgorithmParameterException("Invalid Size");
-      return;
-    this.size = size;
-    this.random = random;
-  }
-
-  public void engineInit(AlgorithmParameterSpec genParamSpec, SecureRandom random)
-    throws InvalidAlgorithmParameterException
-  {
-    if( !( genParamSpec instanceof DSAParameterSpec ) )
-      throw new InvalidAlgorithmParameterException("Must be DSAParameterSpec");
-
-    DSAParameterSpec dsaparameterspec = (DSAParameterSpec)genParamSpec;
-    int tmp = dsaparameterspec.getP().bitLength();
-
-    if( (tmp < 512) || (tmp > 1024) || ( (tmp % 64) != 0) )
-      throw new InvalidAlgorithmParameterException("Invalid Size");
-
-    this.random = random;
-  }
-
-  //For more information see IEEE P1363 A.16.1 (10/05/98 Draft)
-  public AlgorithmParameters engineGenerateParameters()
-  {
-    DSAParameterSpec dsaparameterspec;
-
-    int L = size;
-    BigInteger r, p, k, h, g;
-
-    //q 2^159 < q < 2^160
-    r = Prime.generateRandomPrime( 159, 160, BigInteger.valueOf(1));
-
-    // 2^(L-1) < p < 2^L
-    p = Prime.generateRandomPrime( r, BigInteger.valueOf(1), L - 1, L, BigInteger.valueOf(1));
-
-    k = p.subtract( BigInteger.valueOf(1) );
-    k = k.divide( r );
-
-    Random rand = new Random();
-    h = BigInteger.valueOf(1);
-
-    for(;;) {
-      h = h.add(BigInteger.valueOf( 1 ) );
-
-      g = h.modPow(k, p);
-
-      if( g.compareTo( BigInteger.valueOf(1) ) != 1 )
-	break;
-    }
-
-    try {
-      dsaparameterspec = new DSAParameterSpec(p, r, g);
-      AlgorithmParameters ap = AlgorithmParameters.getInstance("DSA");
-      ap.init( dsaparameterspec );
-      return ap;
-    } catch ( NoSuchAlgorithmException nsae ) {
-      return null;
-    } catch ( InvalidParameterSpecException ipse) {
-      return null;
-    }
-  }
-}
diff --git a/libjava/classpath/gnu/java/security/provider/Gnu.java b/libjava/classpath/gnu/java/security/provider/Gnu.java
index 06135664427..6ea96c1e4f3 100644
--- a/libjava/classpath/gnu/java/security/provider/Gnu.java
+++ b/libjava/classpath/gnu/java/security/provider/Gnu.java
@@ -86,6 +86,7 @@ public final class Gnu extends Provider
         put("Alg.Alias.Signature.md5WithRSAEncryption", "MD5withRSA");
         put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.4", "MD5withRSA");
         put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5withRSA");
+        put("Alg.Alias.Signature.RSA", "MD5withRSA");
 
         put("Signature.SHA160withRSA",
             gnu.java.security.jce.sig.SHA160withRSA.class.getName());
diff --git a/libjava/classpath/gnu/java/security/sig/ISignature.java b/libjava/classpath/gnu/java/security/sig/ISignature.java
index 77653ee3722..e77f39d2cf1 100644
--- a/libjava/classpath/gnu/java/security/sig/ISignature.java
+++ b/libjava/classpath/gnu/java/security/sig/ISignature.java
@@ -56,8 +56,6 @@ import java.util.Map;
  *    Cryptography</a>, Alfred J. Menezes, Paul C. van Oorschot and Scott A.
  *    Vanstone. Section 11.2.2 Digital signature schemes with appendix.</li>
  * </ol>
- *
- * @version $Revision: 1.1 $
  */
 public interface ISignature extends Cloneable
 {
diff --git a/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java b/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java
index 119eca5fd0d..b6ab0ba9b1e 100644
--- a/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java
+++ b/libjava/classpath/gnu/java/security/sig/ISignatureCodec.java
@@ -45,8 +45,6 @@ import gnu.java.security.Registry;
  * cryptographic signatures. Codecs are useful for (a) externalising signature
  * output data for storage and on-the-wire transmission, as well as (b) re-
  * creating their internal Java representation from external sources.</p>
- *
- * @version $Revision: 1.1 $
  */
 public interface ISignatureCodec
 {
diff --git a/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java b/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java
index 6bedfaefa3a..370a93854e1 100644
--- a/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java
+++ b/libjava/classpath/gnu/java/security/sig/dss/DSSSignature.java
@@ -111,8 +111,6 @@ import java.util.Random;
  *    Signature Standard (DSS)</a>, Federal Information Processing Standards
  *    Publication 186. National Institute of Standards and Technology.</li>
  * </ol>
- *
- * @version $Revision: 1.1 $
  */
 public class DSSSignature extends BaseSignature
 {
diff --git a/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java b/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
index 02f6b1ddc41..b0590a573dc 100644
--- a/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
+++ b/libjava/classpath/gnu/java/security/sig/dss/DSSSignatureRawCodec.java
@@ -47,8 +47,6 @@ import java.math.BigInteger;
 /**
  * <p>An object that implements the {@link ISignatureCodec} operations for the
  * <i>Raw</i> format to use with DSS signatures.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class DSSSignatureRawCodec implements ISignatureCodec
 {
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
index 2ea8a304a9c..d155fc88fb4 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PKCS1_V1_5.java
@@ -57,8 +57,6 @@ import java.io.ByteArrayOutputStream;
  *    RSA Cryptography Specifications Version 2.1.<br>
  *    Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
- *
- * @version $Revision: 1.2 $
  */
 public class EMSA_PKCS1_V1_5 implements Cloneable
 {
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java
index d11a861b52e..c1c9760ed5c 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/EMSA_PSS.java
@@ -67,8 +67,6 @@ import java.util.Arrays;
  *    Primitive specification and supporting documentation.<br>
  *    Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
- *
- * @version $Revision: 1.1 $
  */
 public class EMSA_PSS implements Cloneable
 {
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
index d4b69a7a18f..e64d30b6937 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPKCS1V1_5Signature.java
@@ -67,8 +67,6 @@ import java.util.Arrays;
  *    RSA Cryptography Specifications Version 2.1.<br>
  *    Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
- *
- * @version $Revision: 1.2 $
  */
 public class RSAPKCS1V1_5Signature extends BaseSignature
 {
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java
index 95a6653f393..7ec62568a98 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignature.java
@@ -70,8 +70,6 @@ import java.security.interfaces.RSAPublicKey;
  *    Primitive specification and supporting documentation.<br>
  *    Jakob Jonsson and Burt Kaliski.</li>
  * </ol>
- *
- * @version $Revision: 1.2 $
  */
 public class RSAPSSSignature extends BaseSignature
 {
diff --git a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
index 64a972ca366..2be79165f18 100644
--- a/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
+++ b/libjava/classpath/gnu/java/security/sig/rsa/RSAPSSSignatureRawCodec.java
@@ -46,8 +46,6 @@ import java.io.ByteArrayOutputStream;
 /**
  * <p>An object that implements the {@link gnu.crypto.sig.ISignatureCodec}
  * operations for the <i>Raw</i> format to use with RSA-PSS signatures.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class RSAPSSSignatureRawCodec implements ISignatureCodec
 {
diff --git a/libjava/classpath/gnu/java/security/util/Util.java b/libjava/classpath/gnu/java/security/util/Util.java
index 53f8e3c2cca..f39afb93159 100644
--- a/libjava/classpath/gnu/java/security/util/Util.java
+++ b/libjava/classpath/gnu/java/security/util/Util.java
@@ -42,8 +42,6 @@ import java.math.BigInteger;
 
 /**
  * <p>A collection of utility methods used throughout this project.</p>
- *
- * @version $Revision: 1.1 $
  */
 public class Util
 {
diff --git a/libjava/classpath/gnu/java/security/x509/X500DistinguishedName.java b/libjava/classpath/gnu/java/security/x509/X500DistinguishedName.java
index daf746f5dc5..02adad7d2fd 100644
--- a/libjava/classpath/gnu/java/security/x509/X500DistinguishedName.java
+++ b/libjava/classpath/gnu/java/security/x509/X500DistinguishedName.java
@@ -1,5 +1,5 @@
 /* X500DistinguishedName.java -- X.500 distinguished name.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -61,7 +61,6 @@ import java.util.Set;
 
 public class X500DistinguishedName implements Principal
 {
-
   // Constants and fields.
   // -------------------------------------------------------------------------
 
@@ -221,6 +220,10 @@ public class X500DistinguishedName implements Principal
       putComponent(DC, value);
     else if (name.equals("uid"))
       putComponent(UID, value);
+    else if (name.equals("o"))
+      putComponent(O, value);
+    else if (name.equals("ou"))
+      putComponent(OU, value);
     else
       putComponent(new OID(name), value);
   }
@@ -328,16 +331,18 @@ public class X500DistinguishedName implements Principal
   {
     if (fixed && encoded != null)
       return (byte[]) encoded.clone();
+
     ArrayList name = new ArrayList(components.size());
     for (Iterator it = components.iterator(); it.hasNext(); )
       {
         Map m = (Map) it.next();
         if (m.isEmpty())
           continue;
+
         Set rdn = new HashSet();
         for (Iterator it2 = m.entrySet().iterator(); it2.hasNext(); )
           {
-            Map.Entry e = (Map.Entry) it.next();
+            Map.Entry e = (Map.Entry) it2.next();
             ArrayList atav = new ArrayList(2);
             atav.add(new DERValue(DER.OBJECT_IDENTIFIER, e.getKey()));
             atav.add(new DERValue(DER.UTF8_STRING, e.getValue()));
@@ -486,6 +491,9 @@ public class X500DistinguishedName implements Principal
                 throw new EOFException();
               default:
                 buf.append((char) ch);
+                ch = in.read();
+                if (ch == -1)
+                  return buf.toString();
               }
           }
       }
-- 
cgit v1.2.3