Merge JDK 1.4 java.security changes from classpath.

       * java/security/AccessControlException.java: Merge from Classpath.
       * java/security/AccessController.java: Likewise.
       * java/security/AllPermission.java: Likewise.
       * java/security/BasicPermission.java: Likewise.
       * java/security/Certificate.java: Likewise.
       * java/security/CodeSource.java: Likewise.
       * java/security/DigestException.java: Likewise.
       * java/security/DigestOutputStream.java: Likewise.
       * java/security/DomainCombiner.java: Likewise.
       * java/security/GeneralSecurityException.java: Likewise.
       * java/security/Guard.java: Likewise.
       * java/security/GuardedObject.java: Likewise.
       * java/security/InvalidAlgorithmParameterException.java: Likewise.
       * java/security/InvalidKeyException.java: Likewise.
       * java/security/InvalidParameterException.java: Likewise.
       * java/security/Key.java: Likewise.
       * java/security/KeyException.java: Likewise.
       * java/security/KeyManagementException.java: Likewise.
       * java/security/KeyStoreException.java: Likewise.
       * java/security/MessageDigest.java: Likewise.
       * java/security/NoSuchAlgorithmException.java: Likewise.
       * java/security/NoSuchProviderException.java: Likewise.
       * java/security/Permission.java: Likewise.
       * java/security/PermissionCollection.java: Likewise.
       * java/security/Permissions.java: Likewise.
       * java/security/Policy.java: Likewise.
       * java/security/Principal.java: Likewise.
       * java/security/PrivateKey.java: Likewise.
       * java/security/PrivilegedAction.java: Likewise.
       * java/security/PrivilegedActionException.java: Likewise.
       * java/security/PrivilegedExceptionAction.java: Likewise.
       * java/security/ProtectionDomain.java: Likewise.
       * java/security/ProviderException.java: Likewise.
       * java/security/PublicKey.java: Likewise.
       * java/security/SecureClassLoader.java: Likewise.
       * java/security/SecurityPermission.java: Likewise.
       * java/security/SignatureException.java: Likewise.
       * java/security/UnrecoverableKeyException.java: Likewise.
       * java/security/UnresolvedPermission.java: Likewise.
       * java/security/acl/AclNotFoundException.java: Likewise.
       * java/security/acl/LastOwnerException.java: Likewise.
       * java/security/acl/NotOwnerException.java: Likewise.
       * java/security/cert/CRLException.java: Likewise.
       * java/security/cert/CertificateEncodingException.java: Likewise.
       * java/security/cert/CertificateException.java: Likewise.
       * java/security/cert/CertificateExpiredException.java: Likewise.
       * java/security/cert/CertificateFactory.java: Likewise.
       * java/security/cert/CertificateNotYetValidException.java: Likewise.
       * java/security/cert/CertificateParsingException.java: Likewise.
       * java/security/spec/InvalidKeySpecException.java: Likewise.
       * java/security/spec/InvalidParameterSpecException.java: Likewise.

       * java/security/cert/CertPath.java: New file.
       * java/security/cert/CertPathBuilderException.java: New file.
       * java/security/cert/CertPathValidatorException.java: New file.
       * java/security/cert/CertStoreException.java: New file.

       * Makefile.am: Add new CertPath classes.
       * Makefile.in: Rebuilt.

       * gnu/java/util/EmptyEnumeration: New file from classpath.

From-SVN: r53837

libjava/ChangeLog

 2002-05-24  Bryce McKinlay  <bryce@waitaki.otago.ac.nz>
 
+	Merge JDK 1.4 java.security changes from classpath.
+
+	* java/security/AccessControlException.java: Merge from Classpath.
+	* java/security/AccessController.java: Likewise.
+	* java/security/AllPermission.java: Likewise.
+	* java/security/BasicPermission.java: Likewise.
+	* java/security/Certificate.java: Likewise.
+	* java/security/CodeSource.java: Likewise.
+	* java/security/DigestException.java: Likewise.
+	* java/security/DigestOutputStream.java: Likewise.
+	* java/security/DomainCombiner.java: Likewise.
+	* java/security/GeneralSecurityException.java: Likewise.
+	* java/security/Guard.java: Likewise.
+	* java/security/GuardedObject.java: Likewise.
+	* java/security/InvalidAlgorithmParameterException.java: Likewise.
+	* java/security/InvalidKeyException.java: Likewise.
+	* java/security/InvalidParameterException.java: Likewise.
+	* java/security/Key.java: Likewise.
+	* java/security/KeyException.java: Likewise.
+	* java/security/KeyManagementException.java: Likewise.
+	* java/security/KeyStoreException.java: Likewise.
+	* java/security/MessageDigest.java: Likewise.
+	* java/security/NoSuchAlgorithmException.java: Likewise.
+	* java/security/NoSuchProviderException.java: Likewise.
+	* java/security/Permission.java: Likewise.
+	* java/security/PermissionCollection.java: Likewise.
+	* java/security/Permissions.java: Likewise.
+	* java/security/Policy.java: Likewise.
+	* java/security/Principal.java: Likewise.
+	* java/security/PrivateKey.java: Likewise.
+	* java/security/PrivilegedAction.java: Likewise.
+	* java/security/PrivilegedActionException.java: Likewise.
+	* java/security/PrivilegedExceptionAction.java: Likewise.
+	* java/security/ProtectionDomain.java: Likewise.
+	* java/security/ProviderException.java: Likewise.
+	* java/security/PublicKey.java: Likewise.
+	* java/security/SecureClassLoader.java: Likewise.
+	* java/security/SecurityPermission.java: Likewise.
+	* java/security/SignatureException.java: Likewise.
+	* java/security/UnrecoverableKeyException.java: Likewise.
+	* java/security/UnresolvedPermission.java: Likewise.
+	* java/security/acl/AclNotFoundException.java: Likewise.
+	* java/security/acl/LastOwnerException.java: Likewise.
+	* java/security/acl/NotOwnerException.java: Likewise.
+	* java/security/cert/CRLException.java: Likewise.
+	* java/security/cert/CertificateEncodingException.java: Likewise.
+	* java/security/cert/CertificateException.java: Likewise.
+	* java/security/cert/CertificateExpiredException.java: Likewise.
+	* java/security/cert/CertificateFactory.java: Likewise.
+	* java/security/cert/CertificateNotYetValidException.java: Likewise.
+	* java/security/cert/CertificateParsingException.java: Likewise.
+	* java/security/spec/InvalidKeySpecException.java: Likewise.
+	* java/security/spec/InvalidParameterSpecException.java: Likewise.
+
+	* java/security/cert/CertPath.java: New file.
+	* java/security/cert/CertPathBuilderException.java: New file.
+	* java/security/cert/CertPathValidatorException.java: New file.
+	* java/security/cert/CertStoreException.java: New file.
+
+	* Makefile.am: Add new CertPath classes.
+	* Makefile.in: Rebuilt.
+
+        * gnu/java/util/EmptyEnumeration.java: New file from classpath.
+
+2002-05-24  Bryce McKinlay  <bryce@waitaki.otago.ac.nz>
+
 	Merge JDK 1.4 exception chaining support from classpath.
+
 	* java/lang/Throwable.java: Merge 1.4 support from classpath.
 	(stackTraceBytes): Rename from stackTrace.
 	* java/lang/Exception.java: Merge from classpath.

libjava/Makefile.am

@@ -1422,6 +1422,7 @@ gnu/java/text/LineBreakIterator.java \
 gnu/java/text/SentenceBreakIterator.java \
 gnu/java/text/WordBreakIterator.java \
 gnu/java/util/DoubleEnumeration.java \
+gnu/java/util/EmptyEnumeration.java \
 java/lang/ref/PhantomReference.java \
 java/lang/ref/Reference.java \
 java/lang/ref/ReferenceQueue.java \
@@ -1558,6 +1559,10 @@ java/security/cert/CertificateFactory.java \
 java/security/cert/CertificateFactorySpi.java \
 java/security/cert/CertificateNotYetValidException.java \
 java/security/cert/CertificateParsingException.java \
+java/security/cert/CertPath.java \
+java/security/cert/CertPathBuilderException.java \
+java/security/cert/CertPathValidatorException.java \
+java/security/cert/CertStoreException.java \
 java/security/cert/X509CRL.java \
 java/security/cert/X509CRLEntry.java \
 java/security/cert/X509Certificate.java \

libjava/Makefile.in

@@ -1184,6 +1184,7 @@ gnu/java/text/LineBreakIterator.java \
 gnu/java/text/SentenceBreakIterator.java \
 gnu/java/text/WordBreakIterator.java \
 gnu/java/util/DoubleEnumeration.java \
+gnu/java/util/EmptyEnumeration.java \
 java/lang/ref/PhantomReference.java \
 java/lang/ref/Reference.java \
 java/lang/ref/ReferenceQueue.java \
@@ -1320,6 +1321,10 @@ java/security/cert/CertificateFactory.java \
 java/security/cert/CertificateFactorySpi.java \
 java/security/cert/CertificateNotYetValidException.java \
 java/security/cert/CertificateParsingException.java \
+java/security/cert/CertPath.java \
+java/security/cert/CertPathBuilderException.java \
+java/security/cert/CertPathValidatorException.java \
+java/security/cert/CertStoreException.java \
 java/security/cert/X509CRL.java \
 java/security/cert/X509CRLEntry.java \
 java/security/cert/X509Certificate.java \
@@ -2018,7 +2023,8 @@ DEP_FILES =  .deps/$(srcdir)/$(CONVERT_DIR)/gen-from-JIS.P \
 .deps/gnu/java/text/LineBreakIterator.P \
 .deps/gnu/java/text/SentenceBreakIterator.P \
 .deps/gnu/java/text/WordBreakIterator.P \
-.deps/gnu/java/util/DoubleEnumeration.P .deps/interpret.P \
+.deps/gnu/java/util/DoubleEnumeration.P \
+.deps/gnu/java/util/EmptyEnumeration.P .deps/interpret.P \
 .deps/java/applet/Applet.P .deps/java/applet/AppletContext.P \
 .deps/java/applet/AppletStub.P .deps/java/applet/AudioClip.P \
 .deps/java/awt/AWTError.P .deps/java/awt/AWTEvent.P \
@@ -2454,6 +2460,10 @@ DEP_FILES =  .deps/$(srcdir)/$(CONVERT_DIR)/gen-from-JIS.P \
 .deps/java/security/acl/NotOwnerException.P \
 .deps/java/security/acl/Owner.P .deps/java/security/acl/Permission.P \
 .deps/java/security/cert/CRL.P .deps/java/security/cert/CRLException.P \
+.deps/java/security/cert/CertPath.P \
+.deps/java/security/cert/CertPathBuilderException.P \
+.deps/java/security/cert/CertPathValidatorException.P \
+.deps/java/security/cert/CertStoreException.P \
 .deps/java/security/cert/Certificate.P \
 .deps/java/security/cert/CertificateEncodingException.P \
 .deps/java/security/cert/CertificateException.P \

libjava/gnu/java/util/EmptyEnumeration.java

+/* EmptyEnumeration.java -- a constant empty enumeration
+   Copyright (C) 2001, 2002 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package gnu.java.util;
+
+import java.io.Serializable;
+import java.util.Enumeration;
+import java.util.NoSuchElementException;
+
+/**
+ * This is a helper class that produces an empty Enumerations. There is only
+ * one instance of this class that can be used whenever one needs a
+ * non-null but empty enumeration. Using this class prevents multiple
+ * small objects and inner classes. <code>getInstance()</code> returns
+ * the only instance of this class. It can be shared by multiple objects and
+ * threads.
+ *
+ * @author Mark Wielaard (mark@klomp.org)
+ */
+public final class EmptyEnumeration implements Enumeration, Serializable
+{
+  /** The only instance of this class */
+  private static final EmptyEnumeration instance = new EmptyEnumeration();
+
+  /**
+   * Private constructor that creates a new empty Enumeration.
+   */
+  private EmptyEnumeration()
+  {
+  }
+
+  /**
+   * Returns the only instance of this class.
+   * It can be shared by multiple objects and threads.
+   *
+   * @return the common empty enumeration
+   */
+  public static EmptyEnumeration getInstance()
+  {
+    return instance;
+  }
+
+  /**
+   * Returns false, since there are no elements.
+   *
+   * @return false
+   */
+  public boolean hasMoreElements()
+  {
+    return false;
+  }
+
+  /**
+   * Always throws <code>NoSuchElementException</code>, since it is empty.
+   *
+   * @throws NoSuchElementException this is empty
+   */
+  public Object nextElement()
+  {
+    throw new NoSuchElementException();
+  }
+}

libjava/java/security/AccessControlException.java

 /* AccessControlException.java -- Permission is denied
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -39,38 +39,44 @@ package java.security;
 
 /**
  * This exception is thrown when the <code>AccessController</code> denies
- * an attempt to perform an operation.
+ * an attempt to perform an operation. This often keeps track of the
+ * permission that was not granted.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @see AccessController
+ * @status updated to 1.4
  */
 public class AccessControlException extends SecurityException
 {
   /**
-   * The <code>Permission</code> associated with this exception
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 5138225684096988535L;
+
+  /**
+   * The <code>Permission</code> associated with this exception.
+   *
+   * @serial the permission
    */
-  private Permission perm;
+  private final Permission perm;
 
   /**
-   * This method initializes a new instance of <code>AccessControlException</code>
-   * with a descriptive error message.  There will be no <code>Permission</code>
-   * object associated with this exception.
+   * Create a new instance with a descriptive error message, and a null
+   * <code>Permission</code> object.
    *
-   * @param msg The descriptive error message
+   * @param msg the descriptive error message
    */
   public AccessControlException(String msg)
   {
-    super(msg);
+    this(msg, null);
   }
 
   /**
-   * This method initializes a new instance of <code>AccessControlException</code>
-   * with a descriptive error message and an instance of <code>Permission</code>
-   * that is the permission that caused the exception to be thrown.
+   * Create a new instance with a descriptive error message and an associated
+   * <code>Permission</code> object.
    *
-   * @param msg The descriptive error message
-   * @param perm The <code>Permission</code> object that caused this exception.
+   * @param msg the descriptive error message
+   * @param perm the permission that caused this
    */
   public AccessControlException(String msg, Permission perm)
   {
@@ -82,10 +88,10 @@ public class AccessControlException extends SecurityException
    * This method returns the <code>Permission</code> object that caused
    * this exception to be thrown.
    *
-   * @return The requested <code>Permission</code> object, or <code>null</code> if none is available.
+   * @return the denied permission, or null
    */
   public Permission getPermission()
   {
-    return (perm);
+    return perm;
   }
 }

libjava/java/security/AccessController.java

@@ -43,7 +43,7 @@ package java.security;
  * through the <code>checkPermission()</code> method.
  * Manipulates the access control context for code that needs to be executed
  * the protection domain of the calling class (by explicitly ignoring the
- * context of the calling code) in the <code>doPriviliged()</code> methods.
+ * context of the calling code) in the <code>doPrivileged()</code> methods.
  * And provides a <code>getContext()</code> method which gives the access
  * control context of the current thread that can be used for checking
  * permissions at a later time and/or in another thread.
@@ -131,7 +131,7 @@ public final class AccessController
    * @param action the <code>PrivilegedExceptionAction</code> whose
    * <code>run()</code> should be be called.
    * @returns the result of the <code>action.run()</code> method.
-   * @exception PriviligedActionException wrapped around any exception that
+   * @exception PrivilegedActionException wrapped around any exception that
    * is thrown in the <code>run()</code> method.
    */
   public static Object doPrivileged(PrivilegedExceptionAction action)
@@ -163,7 +163,7 @@ public final class AccessController
    * @param context the <code>AccessControlContext</code> whose protection
    * domains should be added to the protection domain of the calling class.
    * @returns the result of the <code>action.run()</code> method.
-   * @exception PriviligedActionException wrapped around any exception that
+   * @exception PrivilegedActionException wrapped around any exception that
    * is thrown in the <code>run()</code> method.
    */
   public static Object doPrivileged(PrivilegedExceptionAction action,

libjava/java/security/AllPermission.java

 /* AllPermission.java -- Permission to do anything
-   Copyright (C) 1998, 2001 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,98 +37,160 @@ exception statement from your version. */
 
 package java.security;
 
+import java.util.Enumeration;
+import java.util.Collections;
+import gnu.java.util.EmptyEnumeration;
+
 /**
  * This class is a permission that implies all other permissions.  Granting
  * this permission effectively grants all others.  Extreme caution should
  * be exercised in granting this permission.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @author Eric Blake <ebb9@email.byu.edu>
+ * @see AccessController
+ * @see Permissions
+ * @see SecurityManager
+ * @since 1.1
+ * @status updated to 1.4
  */
 public final class AllPermission extends Permission
 {
   /**
-   * This method initializes a new instance of <code>AllPermission</code>.  It
-   * performs no actions.
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -2916474571451318075L;
+
+  /**
+   * Create a new AllPermission object.
    */
   public AllPermission()
   {
-    super("all");
+    super("*");
   }
 
   /**
-   * This method initializes a new instance of <code>AllPermission</code>.  The
-   * arguments passed to this method are used to set internal field for the
-   * permission name.  However, these are not used in 
-   * determining the actual permissions granted.  This class always will
-   * return <code>true</code> in its implies method.
+   * Create a new AllPermission object. The parameters are ignored, as all
+   * permission implies ALL PERMISSION.
    *
-   * @param name The name of this permission.
-   * @param actions The action list for this permission - ignored in this class.
+   * @param name ignored
+   * @param actions ignored
    */
   public AllPermission(String name, String actions)
   {
-    super(name);
+    super("*");
   }
 
   /**
    * This method always returns <code>true</code> to indicate that this
    * permission always implies that any other permission is also granted.
    *
-   * @param perm The <code>Permission</code> to test against - ignored in this class.
-   *
-   * @return Always returns <code>true</code>
+   * @param perm ignored
+   * @return true, the permission is implied
    */
   public boolean implies(Permission perm)
   {
-    return (true);
+    return true;
   }
 
   /**
-   * This method tests this class for equality against another <code>Object</code>.
-   * This will return <code>true</code> if and only if the specified 
-   * <code>Object</code> is an instance of <code>AllPermission</code>.
+   * Checks an object for equality. All AllPermissions are equal.
    *
-   * @param obj The <code>Object</code> to test for equality to this object
+   * @param obj the <code>Object</code> to test for equality
    */
   public boolean equals(Object obj)
   {
-    if (obj instanceof AllPermission)
-      return (true);
-
-    return (false);
+    return obj instanceof AllPermission;
   }
 
   /**
-   * This method returns a hash code for this object.
+   * This method returns a hash code for this object. This returns 1.
    *
-   * @return A hash value for this object.
+   * @return a hash value for this object
    */
   public int hashCode()
   {
-    return (System.identityHashCode(this));
+    return 1;
   }
 
   /**
    * This method returns the list of actions associated with this object.
    * This will always be the empty string ("") for this class.
    *
-   * @return The action list.
+   * @return the action list
    */
   public String getActions()
   {
-    return ("");
+    return "";
   }
 
   /**
-   * This method returns a new instance of <code>PermissionCollection</code>
-   * suitable for holding instance of <code>AllPermission</code>.
+   * Returns a PermissionCollection which can hold AllPermission.
    *
-   * @return A new <code>PermissionCollection</code>.
+   * @return a permission collection
    */
   public PermissionCollection newPermissionCollection()
   {
-    return (null);
+    return new AllPermissionCollection();
+  }
+} // class AllPermission
+
+/**
+ * Implements AllPermission.newPermissionCollection, and obeys serialization
+ * of JDK.
+ *
+ * @author Eric Blake <ebb9@email.byu.edu>
+ */
+final class AllPermissionCollection extends PermissionCollection
+{
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -4023755556366636806L;
+
+  /**
+   * Whether an AllPermission has been added to the collection.
+   *
+   * @serial if all permission is in the collection yet
+   */
+  private boolean all_allowed;
+
+  /**
+   * Add an AllPermission.
+   *
+   * @param perm the permission to add
+   * @throws IllegalArgumentException if perm is not an AllPermission
+   * @throws SecurityException if the collection is read-only
+   */
+  public void add(Permission perm)
+  {
+    if (isReadOnly())
+      throw new SecurityException();
+    if (! (perm instanceof AllPermission))
+      throw new IllegalArgumentException();
+    all_allowed = true;
+  }
+
+  /**
+   * Returns true if this collection implies a permission.
+   *
+   * @param perm the permission to check
+   * @return true if this collection contains an AllPermission
+   */
+  public boolean implies(Permission perm)
+  {
+    return all_allowed;
+  }
+
+  /**
+   * Returns an enumeration of the elements in the collection.
+   *
+   * @return the elements in the collection
+   */
+  public Enumeration elements()
+  {
+    return all_allowed
+      ? Collections.enumeration(Collections.singleton(new AllPermission()))
+      : EmptyEnumeration.getInstance();
   }
-}
+} // class AllPermissionCollection

libjava/java/security/BasicPermission.java

-/* BasicPermission.java -- Implements a simple named permission.
-   Copyright (C) 1998, 1999 Free Software Foundation, Inc.
+/* BasicPermission.java -- implements a simple named permission
+   Copyright (C) 1998, 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -45,89 +45,93 @@ import java.util.Enumeration;
  * This class implements a simple model for named permissions without an
  * associated action list.  That is, either the named permission is granted
  * or it is not.
- * <p>
- * It also supports trailing wildcards to allow the
- * easy granting of permissions in a hierarchical fashion.  (For example,
- * the name "org.gnu.*" might grant all permissions under the "org.gnu"
- * permissions hierarchy).  The only valid wildcard character is a '*'
- * which matches anything.  It must be the rightmost element in the
- * permission name and must follow a '.' or else the Permission name must
- * consist of only a '*'.  Any other occurrence of a '*' is not valid.
- * <p>
- * This class ignores the action list.  Subclasses can choose to implement
- * actions on top of this class if desired.
  *
- * @version 0.1
+ * <p>It also supports trailing wildcards to allow the easy granting of
+ * permissions in a hierarchical fashion.  (For example, the name "org.gnu.*"
+ * might grant all permissions under the "org.gnu" permissions hierarchy).
+ * The only valid wildcard character is a '*' which matches anything. It
+ * must be the rightmost element in the permission name and must follow a
+ * '.' or else the Permission name must consist of only a '*'. Any other
+ * occurrence of a '*' is not valid.
+ *
+ * <p>This class ignores the action list.  Subclasses can choose to implement
+ * actions on top of this class if desired.
  *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @author Eric Blake <ebb9@email.byu.edu>
+ * @see Permission
+ * @see Permissions
+ * @see PermissionCollection
+ * @see RuntimePermission
+ * @see SecurityPermission
+ * @see PropertyPermission
+ * @see AWTPermission
+ * @see NetPermission
+ * @see SecurityManager
+ * @since 1.1
+ * @status updated to 1.4
  */
 public abstract class BasicPermission extends java.security.Permission
   implements Serializable
-  // FIXME extends with fully qualified classname as workaround for gcj 3.0.4
+  // FIXME extends with fully qualified classname is workaround for gcj 3.0.4.
 {
   /**
-   * This method initializes a new instance of <code>BasicPermission</code>
-   * with the specified name.  If the name contains an illegal wildcard
-   * character, an exception is thrown.
-   *
-   * @param name The name of this permission.
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 6279438298436773498L;
+
+  /**
+   * Create a new instance with the specified permission name. If the name
+   * is empty, or contains an illegal wildcard character, an exception is
+   * thrown.
    *
-   * @exception IllegalArgumentException If the name contains an invalid wildcard character
-   * @exception NullPointerException If the name is null
+   * @param name the name of this permission
+   * @throws NullPointerException if name is null
+   * @throws IllegalArgumentException if name is invalid
    */
   public BasicPermission(String name)
-    throws IllegalArgumentException, NullPointerException
   {
     super(name);
-
     if (name.indexOf("*") != -1)
       {
-	if (!name.endsWith(".*") && !name.equals("*"))
-	  throw new IllegalArgumentException("Bad wildcard: " + name);
-
-	if (name.indexOf("*") != name.lastIndexOf("*"))
+        if ((! name.endsWith(".*") && ! name.equals("*"))
+            || name.indexOf("*") != name.lastIndexOf("*"))
           throw new IllegalArgumentException("Bad wildcard: " + name);
       }
+    if ("".equals(name))
+      throw new IllegalArgumentException("Empty name");
   }
 
   /**
-   * This method initializes a new instance of <code>BasicPermission</code>
-   * with the specified name.  If the name contains an illegal wildcard
-   * character, an exception is thrown.  The action list passed to this
-   * form of the constructor is ignored.
+   * Create a new instance with the specified permission name. If the name
+   * is empty, or contains an illegal wildcard character, an exception is
+   * thrown. The actions parameter is ignored.
    *
-   * @param name The name of this permission.
-   * @param actions The list of actions for this permission - ignored in this class.
-   *
-   * @exception IllegalArgumentException If the name contains an invalid wildcard character
-   * @exception NullPointerException If the name is null
+   * @param name the name of this permission
+   * @param actions ignored
+   * @throws NullPointerException if name is null
+   * @throws IllegalArgumentException if name is invalid
    */
   public BasicPermission(String name, String actions)
-    throws IllegalArgumentException, NullPointerException
   {
-    // ignore actions
     this(name);
   }
 
   /**
-   * This method tests to see if the specified permission is implied by 
-   * this permission.  This will be true if the following conditions are met:
-   * <p>
-   * <ul>
-   * <li>The specified object is an instance of <code>BasicPermission</code>, 
-   * or a subclass.
-   * <li>The name of the specified permission is identical to this permission's
-   * name or the name of the specified permission satisfies a wildcard match 
-   * on this permission.
+   * This method tests to see if the specified permission is implied by this
+   * permission.  This will be true if the following conditions are met:<ul>
+   * <li>The specified object is an instance of the same class as this
+   * object.</li>
+   * <li>The name of the specified permission is implied by this permission's
+   * name based on wildcard matching. For example, "a.*" implies "a.b".</li>
    * </ul>
    *
-   * @param perm The <code>Permission</code> object to test against.
-   *
-   * @return <code>true</code> if the specified permission is implied by this one or <code>false</code> otherwise.
+   * @param perm the <code>Permission</code> object to test against
+   * @return true if the specified permission is implied
    */
   public boolean implies(Permission perm)
   {
-    if (!(perm instanceof BasicPermission))
+    if (! getClass().isInstance(perm))
       return false;
 
     String otherName = perm.getName();
@@ -137,36 +141,25 @@ public abstract class BasicPermission extends java.security.Permission
       return true;
 
     int last = name.length() - 1;
-    if (name.charAt(last) == '*'
-	&& otherName.startsWith(name.substring(0, last)))
-      return true;
-
-    return false;
+    return name.charAt(last) == '*'
+      && otherName.startsWith(name.substring(0, last));
   }
 
   /**
    * This method tests to see if this object is equal to the specified
    * <code>Object</code>.  This will be true if and only if the specified
-   * object meets the following conditions:
-   * <p>
-   * <ul>
-   * <li>It is an instance of <code>BasicPermission</code>, or a subclass.
-   * <li>It has the same name as this permission.
+   * object meets the following conditions:<ul>
+   * <li>It is an instance of the same class as this.</li>
+   * <li>It has the same name as this permission.</li>
    * </ul>
    *
-   * @param obj The <code>Object</code> to test for equality against this object
-   *
-   * @return <code>true</code> if the specified <code>Object</code> is equal to this object or <code>false</code> otherwise.
+   * @param obj the <code>Object</code> to test for equality
+   * @return true if obj is semantically equal to this
    */
   public boolean equals(Object obj)
   {
-    if (!(obj instanceof BasicPermission))
-      return (false);
-
-    if (!getName().equals(((BasicPermission) obj).getName()))
-      return (false);
-
-    return (true);
+    return getClass().isInstance(obj)
+      && getName().equals(((BasicPermission) obj).getName());
   }
 
   /**
@@ -174,11 +167,11 @@ public abstract class BasicPermission extends java.security.Permission
    * code returned is the value returned by calling the <code>hashCode</code>
    * method on the <code>String</code> that is the name of this permission.
    *
-   * @return A hash value for this object
+   * @return a hash value for this object
    */
   public int hashCode()
   {
-    return (getName().hashCode());
+    return getName().hashCode();
   }
 
   /**
@@ -186,55 +179,109 @@ public abstract class BasicPermission extends java.security.Permission
    * permission.  This method always returns the empty string ("") since
    * this class ignores actions.
    *
-   * @return The action list.
+   * @return the action list
    */
   public String getActions()
   {
-    return ("");
+    return "";
   }
 
   /**
    * This method returns an instance of <code>PermissionCollection</code>
-   * suitable for storing <code>BasicPermission</code> objects.  This returns
-   * be a sub class of <code>PermissionCollection</code>
-   * that allows for an efficient and consistent implementation of
-   * the <code>implies</code> method.  The collection doesn't handle subclasses
-   * of BasicPermission correctly; they must override this method. 
+   * suitable for storing <code>BasicPermission</code> objects.  The
+   * collection returned can only store objects of the same type as this.
+   * Subclasses which use actions must override this method; but a class with
+   * no actions will work fine with this.
    *
-   * @return A new empty <code>PermissionCollection</code> object.
+   * @return a new empty <code>PermissionCollection</code> object
    */
   public PermissionCollection newPermissionCollection()
   {
-    return new PermissionCollection()
+    return new BasicPermissionCollection(getClass());
+  }
+} // class BasicPermission
+
+/**
+ * Implements AllPermission.newPermissionCollection, and obeys serialization
+ * of JDK.
+ *
+ * @author Eric Blake <ebb9@email.byu.edu>
+ */
+final class BasicPermissionCollection extends PermissionCollection
+{
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 739301742472979399L;
+
+  /**
+   * The permissions in the collection.
+   *
+   * @serial a hash mapping name to permissions, all of type permClass
+   */
+  private final Hashtable permissions = new Hashtable();
+
+  /**
+   * If "*" is in the collection.
+   *
+   * @serial true if a permission named "*" is in the collection
+   */
+  private boolean all_allowed;
+
+  /**
+   * The runtime class which all entries in the table must belong to.
+   *
+   * @serial the limiting subclass of this collection
+   */
+  private final Class permClass;
+
+  /**
+   * Construct a collection over the given runtime class.
+   *
+   * @param c the class
+   */
+  BasicPermissionCollection(Class c)
   {
-      Hashtable permissions = new Hashtable();
-      boolean allAllowed = false;
+    permClass = c;
+  }
 
-      public void add(Permission permission)
+  /**
+   * Add a Permission. It must be of the same type as the permission which
+   * created this collection.
+   *
+   * @param perm the permission to add
+   * @throws IllegalArgumentException if perm is not the correct type
+   * @throws SecurityException if the collection is read-only
+   */
+  public void add(Permission perm)
   {
     if (isReadOnly())
-	  throw new IllegalStateException("readonly");
-
-	BasicPermission bp = (BasicPermission) permission;
+      throw new SecurityException("readonly");
+    if (! permClass.isInstance(perm))
+      throw new IllegalArgumentException("Expecting instance of " + permClass);
+    BasicPermission bp = (BasicPermission) perm;
     String name = bp.getName();
     if (name.equals("*"))
-	  allAllowed = true;
+      all_allowed = true;
     permissions.put(name, bp);
   }
 
+  /**
+   * Returns true if this collection implies the given permission.
+   *
+   * @param permission the permission to check
+   * @return true if it is implied by this
+   */
   public boolean implies(Permission permission)
   {
-	if (!(permission instanceof BasicPermission))
+    if (! permClass.isInstance(permission))
       return false;
-
-	if (allAllowed)
+    if (all_allowed)
       return true;
-
     BasicPermission toImply = (BasicPermission) permission;
     String name = toImply.getName();
     if (name.equals("*"))
       return false;
-
     int prefixLength = name.length();
     if (name.endsWith("*"))
       prefixLength -= 2;
@@ -243,7 +290,6 @@ public abstract class BasicPermission extends java.security.Permission
       {
         if (permissions.get(name) != null)
           return true;
-
         prefixLength = name.lastIndexOf('.', prefixLength);
         if (prefixLength < 0)
           return false;
@@ -251,10 +297,13 @@ public abstract class BasicPermission extends java.security.Permission
       }
   }
 
+  /**
+   * Enumerate over the collection.
+   *
+   * @return an enumeration of the collection contents
+   */
   public Enumeration elements()
   {
     return permissions.elements();
   }
-    };
-  }
-}
+} // class BasicPermissionCollection

libjava/java/security/Certificate.java

-/* Certificate.java -- Interface for modeling digital certificates
-   Copyright (C) 1998 Free Software Foundation, Inc.
+/* Certificate.java -- deprecated interface for modeling digital certificates
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -46,80 +46,86 @@ import java.io.IOException;
  * authenticity of a party.  This class simply allows certificate
  * information to be queried, it does not guarantee that the certificate
  * is valid.
- * <p>
- * This class is deprecated in favor of the new java.security.cert package.
- * It exists for backward compatibility only.
- * 
- * @deprecated
  *
- * @version 0.0
+ * <p>This class is deprecated in favor of the new java.security.cert package.
+ * It exists for backward compatibility only.
  *
  * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @since 1.1
+ * @deprecated use {@link java.security.cert} instead
+ * @status updated to 1.4
  */
 public interface Certificate
 {
-
   /**
    * This method returns the <code>Principal</code> that is guaranteeing
    * this certificate.
    *
-   * @return The <code>Principal</code> guaranteeing the certificate
+   * @return the <code>Principal</code> guaranteeing the certificate
+   * @deprecated this entire interface is deprecated
    */
-  public abstract Principal getGuarantor();
+  Principal getGuarantor();
 
   /**
    * This method returns the <code>Principal</code> being guaranteed by
    * this certificate.
    *
-   * @return The <code>Principal</code> guaranteed by this certificate.
+   * @return the <code>Principal</code> guaranteed by this certificate
+   * @deprecated this entire interface is deprecated
    */
-  public abstract Principal getPrincipal();
+  Principal getPrincipal();
 
   /**
    * This method returns the public key for the <code>Principal</code> that
    * is being guaranteed.
    *
-   * @return The <code>PublicKey</code> of the <code>Principal</code> being guaranteed
-   */
-  public abstract PublicKey getPublicKey();
-
-  /**
-   * This method returns the encoding format of the certificate (e.g., "PGP",
-   * "X.509").  This format is used by the <code>encode</code. and
-   * <code>decode</code> methods.
-   *
-   * @return The encoding format being used
+   * @return the <code>PublicKey</code> of the Principal being guaranteed
+   * @deprecated this entire interface is deprecated
    */
-  public abstract String getFormat();
+  PublicKey getPublicKey();
 
   /**
    * This method writes the certificate to an <code>OutputStream</code> in
    * a format that can be understood by the <code>decode</code> method.
    *
-   * @param out The <code>OutputStream</code> to write to.
-   *
-   * @exception KeyException If there is a problem with the internals of this certificate
-   * @exception IOException If an error occurs writing to the stream.
+   * @param out the <code>OutputStream</code> to write to
+   * @throws KeyException if there is a problem with the certificate
+   * @throws IOException if an error occurs writing to the stream
+   * @see #decode(InputStream)
+   * @see #getFormat()
+   * @deprecated this entire interface is deprecated
    */
-  public abstract void
-    encode(OutputStream out) throws KeyException, IOException;
+  void encode(OutputStream out) throws KeyException, IOException;
 
   /**
    * This method reads an encoded certificate from an <code>InputStream</code>.
    *
-   * @param in The <code>InputStream</code> to read from.
+   * @param in the <code>InputStream</code> to read from
+   * @throws KeyException if there is a problem with the certificate data
+   * @throws IOException if an error occurs reading from the stream
+   * @see #encode(OutputStream)
+   * @see #getFormat()
+   * @deprecated this entire interface is deprecated
+   */
+  void decode(InputStream in) throws KeyException, IOException;
+
+  /**
+   * This method returns the encoding format of the certificate (e.g., "PGP",
+   * "X.509").  This format is used by the <code>encode</code> and
+   * <code>decode</code> methods.
    *
-   * @param KeyException If there is a problem with the certificate data
-   * @param IOException If an error occurs reading from the stream.
+   * @return the encoding format being used
+   * @deprecated this entire interface is deprecated
    */
-  public abstract void
-    decode(InputStream in) throws KeyException, IOException;
+  String getFormat();
 
   /**
    * This method returns a <code>String</code> representation of the contents
    * of this certificate.
    *
-   * @param detail <code>true</code> to provided detailed information about this certificate, <code>false</code> otherwise
+   * @param detail true to provided more detailed information
+   * @return the string representation
+   * @deprecated this entire interface is deprecated
    */
-  public abstract String toString(boolean detail);
-}
+  String toString(boolean detail);
+} // interface Certificate

libjava/java/security/CodeSource.java

 /* CodeSource.java -- Code location and certifcates
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -35,56 +35,102 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
+
 package java.security;
 
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
 import java.io.Serializable;
 import java.net.URL;
 import java.net.SocketPermission;
+// Note that this overrides Certificate in this package.
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Iterator;
 
 /**
  * This class represents a location from which code is loaded (as
- * represented by a URL) and the list of certificates that are used to
+ * represented by a URL), and the list of certificates that are used to
  * check the signatures of signed code loaded from this source.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @author Eric Blake <ebb9@email.byu.edu>
+ * @since 1.1
+ * @status updated to 1.4
  */
 public class CodeSource implements Serializable
 {
-  private static final String linesep = System.getProperty("line.separator");
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 4977541819976013951L;
 
   /**
    * This is the URL that represents the code base from which code will
    * be loaded.
+   *
+   * @serial the code location
    */
-  private URL location;
+  private final URL location;
+
+  /** The set of certificates for this code base. */
+  private transient HashSet certs;
 
   /**
-   * This is the list of certificates for this code base
+   * This creates a new instance of <code>CodeSource</code> that loads code
+   * from the specified URL location and which uses the specified certificates
+   * for verifying signatures.
+   *
+   * @param location the location from which code will be loaded
+   * @param certs the list of certificates
    */
-  // What is the serialized form of this?
-  private java.security.cert.Certificate[] certs;
+  public CodeSource(URL location, Certificate[] certs)
+  {
+    this.location = location;
+    if (certs != null)
+      this.certs = new HashSet(Arrays.asList(certs));
+  }
 
   /**
-   * This method initializes a new instance of <code>CodeSource</code> that
-   * loads code from the specified URL location and which uses the 
-   * specified certificates for verifying signatures.
+   * This method returns a hash value for this object.
    *
-   * @param location The location from which code will be loaded
-   * @param certs The list of certificates used for verifying signatures on code from this source
+   * @return a hash value for this object
    */
-  public CodeSource(URL location, java.security.cert.Certificate[] certs)
+  public int hashCode()
   {
-    this.location = location;
-    this.certs = certs;
+    return (location == null ? 0 : location.hashCode())
+      ^ (certs == null ? 0 : certs.hashCode());
+  }
+
+  /**
+   * This method tests the specified <code>Object</code> for equality with
+   * this object.  This will be true if and only if the locations are equal
+   * and the certificate sets are identical (ignoring order).
+   *
+   * @param obj the <code>Object</code> to test against
+   * @return true if the specified object is equal to this one
+   */
+  public boolean equals(Object obj)
+  {
+    if (! (obj instanceof CodeSource))
+      return false;
+    CodeSource cs = (CodeSource) obj;
+    return (certs == null ? cs.certs == null : certs.equals(cs.certs))
+      && (location == null ? cs.location == null
+          : location.equals(cs.location));
   }
 
   /**
    * This method returns the URL specifying the location from which code
    * will be loaded under this <code>CodeSource</code>.
    *
-   * @return The code location for this <code>CodeSource</code>.
+   * @return the code location for this <code>CodeSource</code>
    */
   public final URL getLocation()
   {
@@ -93,235 +139,209 @@ public class CodeSource implements Serializable
 
   /**
    * This method returns the list of digital certificates that can be used
-   * to verify the signatures of code loaded under this <code>CodeSource</code>.
+   * to verify the signatures of code loaded under this
+   * <code>CodeSource</code>.
    *
-   * @return The certifcate list for this <code>CodeSource</code>.
+   * @return the certifcate list for this <code>CodeSource</code>
    */
-  public final java.security.cert.Certificate[] getCertificates()
+  public final Certificate[] getCertificates()
   {
-    return certs;
+    if (certs == null)
+      return null;
+    Certificate[] c = new Certificate[certs.size()];
+    certs.toArray(c);
+    return c;
   }
 
   /**
    * This method tests to see if a specified <code>CodeSource</code> is
    * implied by this object.  Effectively, to meet this test, the specified
-   * object must have all the certifcates this object has (but may have 
-   * more) and must have a location that is a subset of this object's.  In order
+   * object must have all the certifcates this object has (but may have more),
+   * and must have a location that is a subset of this object's.  In order
    * for this object to imply the specified object, the following must be
-   * true:
-   * <p>
-   * <ol>
-   * <li>The specified <code>CodeSource</code> must not be <code>null</code>.
-   * <li>If the specified <code>CodeSource</code> has a certificate list, 
-   * all of that object's certificates must be present in the certificate
-   * list of this object.
+   * true:<ol>
+   * <li><em>codesource</em> must not be <code>null</code>.</li>
+   * <li>If <em>codesource</em> has a certificate list, all of it's
+   *     certificates must be present in the certificate list of this
+   *     code source.</li>
    * <li>If this object does not have a <code>null</code> location, then
-   * the following addtional tests must be passed.
-   * <ol>
-   * <li>The specified <code>CodeSource</code> must not have a <code>null</code> location.
-   * <li>The specified <code>CodeSource</code>'s location must be equal to
-   * this object's location, or<br>
-   * <ul>
-   * <li>The specifiec <code>CodeSource</code>'s location protocol, port, 
-   * and ref (aka, anchor) must equal this objects, and
-   * <li>The specified <code>CodeSource</code>'s location host must imply this
-   * object's location host, as determined by contructing 
-   * <code>SocketPermission</code> objects from each with no action list and
-   * using that classes's <code>implies</code> method. And,
-   * <li>If this object's location file ends with a '/', then the specified
-   * object's location file must start with this object's location file.
-   * Otherwise, the specified object's location file must start with this
-   * object's location file with the '/' character appended to it.
-   * </ul>
+   *     the following addtional tests must be passed.<ol>
+   *     <li><em>codesource</em> must not have a <code>null</code>
+   *         location.</li>
+   *     <li><em>codesource</em>'s location must be equal to this object's
+   *         location, or<br><ul>
+   *         <li><em>codesource</em>'s location protocol, port, and ref (aka,
+   *             anchor) must equal this objects</li>
+   *         <li><em>codesource</em>'s location host must imply this object's
+   *             location host, as determined by contructing
+   *             <code>SocketPermission</code> objects from each with no
+   *             action list and using that classes's <code>implies</code>
+   *             method</li>
+   *         <li>If this object's location file ends with a '/', then the
+   *             specified object's location file must start with this
+   *             object's location file. Otherwise, the specified object's
+   *             location file must start with this object's location file
+   *             with the '/' character appended to it.</li>
+   *         </ul></li>
    *     </ol>
    * </ol>
    *
-   * @param cs The <code>CodeSource</code> to test against this object
+   * <p>For example, each of these locations imply the location
+   * "http://java.sun.com/classes/foo.jar":<ul>
+   * <pre>
+   * http:
+   * http://*.sun.com/classes/*
+   * http://java.sun.com/classes/-
+   * http://java.sun.com/classes/foo.jar
+   * </pre>
+   * Note that the code source with null location and null certificates implies
+   * all other code sources.
    *
-   * @return <code>true</code> if this specified <code>CodeSource</code> is specified by this object, <code>false</code> otherwise.
+   * @param cs the <code>CodeSource</code> to test against this object
+   * @return true if this specified <code>CodeSource</code> is implied
    */
   public boolean implies(CodeSource cs)
   {
     if (cs == null)
       return false;
-
-    // First check the certificate list
-    java.security.cert.Certificate[] their_certs = cs.getCertificates();
-    java.security.cert.Certificate[] our_certs = getCertificates();
-
-    if (our_certs != null)
-      {
-	if (their_certs == null)
+    // First check the certificate list.
+    if (certs != null && (cs.certs == null || ! certs.containsAll(cs.certs)))
       return false;
-
-	for (int i = 0; i < our_certs.length; i++)
-	  {
-	    int j;
-	    for (j = 0; j < their_certs.length; j++)
-	      if (our_certs[i].equals(their_certs[j]))
-		break;
-
-	    if (j == their_certs.length)
-	      return false;
-	  }
-      }
-
-    // Next check the location
-    URL their_loc = getLocation();
-    URL our_loc = getLocation();
-
-    if (our_loc == null)
+    // Next check the location.
+    if (location == null)
       return true;
-    else if (their_loc == null)
-      return false;
-
-    if (!our_loc.getProtocol().equals(their_loc.getProtocol()))
-      return false;
-
-    if (our_loc.getPort() != -1)
-      if (our_loc.getPort() != their_loc.getPort())
+    if (cs.location == null
+        || ! location.getProtocol().equals(cs.location.getProtocol())
+        || (location.getPort() != -1
+            && location.getPort() != cs.location.getPort())
+        || (location.getRef() != null
+            && ! location.getRef().equals(cs.location.getRef())))
       return false;
-
-    if (our_loc.getRef() != null)
-      if (!our_loc.getRef().equals(their_loc.getRef()))
-	return false;
-
-    // See javadoc comments for what we are doing here.
-    if (our_loc.getHost() != null)
+    if (location.getHost() != null)
       {
-	String their_host = their_loc.getHost();
+        String their_host = cs.location.getHost();
         if (their_host == null)
           return false;
-
         SocketPermission our_sockperm =
-	  new SocketPermission(our_loc.getHost(), "accept");
+          new SocketPermission(location.getHost(), "accept");
         SocketPermission their_sockperm =
           new SocketPermission(their_host, "accept");
-
-	if (!our_sockperm.implies(their_sockperm))
+        if (! our_sockperm.implies(their_sockperm))
           return false;
       }
-
-    String our_file = our_loc.getFile();
+    String our_file = location.getFile();
     if (our_file != null)
       {
-	if (!our_file.endsWith("/"))
-	  our_file = our_file + "/";
-
-	String their_file = their_loc.getFile();
-	if (their_file == null)
-	  return false;
-
-	if (!their_file.startsWith(our_file))
+        if (! our_file.endsWith("/"))
+          our_file += "/";
+        String their_file = cs.location.getFile();
+        if (their_file == null
+            || ! their_file.startsWith(our_file))
           return false;
       }
-
     return true;
   }
 
   /**
-   * This method tests the specified <code>Object</code> for equality with
-   * this object.  This will be true if and only if:
-   * <p>
-   * <ul>
-   * <li>The specified object is not <code>null</code>.
-   * <li>The specified object is an instance of <code>CodeSource</code>.
-   * <li>The specified object's location is the same as this object's.
-   * <li>The specified object's certificate list contains the exact same
-   * entries as the object's.  Note that the order of the certificate lists
-   * is not significant.
-   * </ul>
-   *
-   * @param obj The <code>Object</code> to test against.
+   * This method returns a <code>String</code> that represents this object.
+   * The result is in the format <code>"(" + getLocation()</code> followed
+   * by a space separated list of certificates (or "<no certificates>"),
+   * followed by <code>")"</code>.
    *
-   * @return <code>true</code> if the specified object is equal to this one, <code>false</code> otherwise.
+   * @return a <code>String</code> for this object
    */
-  public boolean equals(Object obj)
-  {
-    if (obj == null)
-      return false;
-
-    if (!(obj instanceof CodeSource))
-      return false;
-
-    CodeSource cs = (CodeSource) obj;
-
-    // First check the certificate list
-    java.security.cert.Certificate[] their_certs = cs.getCertificates();
-    java.security.cert.Certificate[] our_certs = getCertificates();
-
-    if ((our_certs == null) && (their_certs != null))
-      return false;
-    else if ((our_certs != null) && (their_certs == null))
-      return false;
-
-    if (our_certs != null)
+  public String toString()
   {
-	if (our_certs.length != their_certs.length)
-	  return false;
-
-	for (int i = 0; i < our_certs.length; i++)
+    StringBuffer sb = new StringBuffer("(").append(location);
+    if (certs == null || certs.isEmpty())
+      sb.append(" <no certificates>");
+    else
       {
-	    int j;
-	    for (j = 0; j < their_certs.length; j++)
-	      if (our_certs[i].equals(their_certs[j]))
-		break;
-
-	    if (j == their_certs.length)
-	      return false;
+        Iterator iter = certs.iterator();
+        for (int i = certs.size(); --i >= 0; )
+          sb.append(' ').append(iter.next());
       }
-      }
-
-    // Now the location
-    URL their_loc = cs.getLocation();
-    URL our_loc = getLocation();
-
-    if ((our_loc == null) && (their_loc != null))
-      return false;
-
-    if (!our_loc.equals(their_loc))
-      return false;
-
-    return true;
+    return sb.append(")").toString();
   }
 
   /**
-   * This method returns a hash value for this object.
+   * Reads this object from a serialization stream.
    *
-   * @return A hash value for this object.
+   * @param s the input stream
+   * @throws IOException if reading fails
+   * @throws ClassNotFoundException if deserialization fails
+   * @serialData this reads the location, then expects an int indicating the
+   *             number of certificates. Each certificate is a String type
+   *             followed by an int encoding length, then a byte[] encoding
    */
-  public int hashCode()
+  private void readObject(ObjectInputStream s)
+    throws IOException, ClassNotFoundException
   {
-    URL location = getLocation();
-    if (location == null)
-      return System.identityHashCode(this);
-
-    return location.hashCode();
+    s.defaultReadObject();
+    int count = s.readInt();
+    certs = new HashSet();
+    while (--count >= 0)
+      {
+        String type = (String) s.readObject();
+        int bytes = s.readInt();
+        byte[] encoded = new byte[bytes];
+        for (int i = 0; i < bytes; i++)
+          encoded[i] = s.readByte();
+        ByteArrayInputStream stream = new ByteArrayInputStream(encoded);
+        try
+          {
+            CertificateFactory factory = CertificateFactory.getInstance(type);
+            certs.add(factory.generateCertificate(stream));
+          }
+        catch (CertificateException e)
+          {
+            // XXX Should we ignore this certificate?
+          }
+      }
   }
 
   /**
-   * This method returns a <code>String</code> that represents this object.
-   * This <code>String</code> will contain the object's hash code, location,
-   * and certificate list.
+   * Writes this object to a serialization stream.
    *
-   * @return A <code>String</code> for this object
+   * @param s the output stream
+   * @throws IOException if writing fails
+   * @serialData this writes the location, then writes an int indicating the
+   *             number of certificates. Each certificate is a String type
+   *             followed by an int encoding length, then a byte[] encoding
    */
-  public String toString()
+  private void writeObject(ObjectOutputStream s) throws IOException
   {
-    StringBuffer sb = new StringBuffer("");
-
-    sb.append(super.toString() + " (" + linesep);
-    sb.append("Location: " + getLocation() + linesep);
-
-    java.security.cert.Certificate[] certs = getCertificates();
+    s.defaultWriteObject();
     if (certs == null)
-      sb.append("<none>" + linesep);
+      s.writeInt(0);
     else
-      for (int i = 0; i < certs.length; i++)
-	sb.append(certs[i] + linesep);
-
-    sb.append(")" + linesep);
-
-    return sb.toString();
+      {
+        int count = certs.size();
+        s.writeInt(count);
+        Iterator iter = certs.iterator();
+        while (--count >= 0)
+          {
+            Certificate c = (Certificate) iter.next();
+            s.writeObject(c.getType());
+            byte[] encoded;
+            try
+              {
+                encoded = c.getEncoded();
+              }
+            catch (CertificateEncodingException e)
+              {
+                // XXX Should we ignore this certificate?
+                encoded = null;
+              }
+            if (encoded == null)
+              s.writeInt(0);
+            else
+              {
+                s.writeInt(encoded.length);
+                for (int i = 0; i < encoded.length; i++)
+                  s.writeByte(encoded[i]);
+              }
+          }
+      }
   }
-}
+} // class CodeSource

libjava/java/security/DigestException.java

 /* DigestException.java -- A generic message digest exception
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,26 +41,27 @@ package java.security;
  * This exception indicates that a generic message digest exception has
  * occurred.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @status updated to 1.4
  */
 public class DigestException extends GeneralSecurityException
 {
   /**
-   * This method initializes a new <code>DigestException</code> with no
-   * descriptive message.
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 5821450303093652515L;
+
+  /**
+   * Create a new instance with no descriptive message.
    */
   public DigestException()
   {
-    super();
   }
 
   /**
-   * This method initializes a new instance of <code>DigestException</code>
-   * with a descriptive error message.
+   * Create a new instance with a descriptive error message.
    *
-   * @param msg The descriptive message
+   * @param msg the descriptive message
    */
   public DigestException(String msg)
   {

libjava/java/security/DigestOutputStream.java

@@ -112,7 +112,7 @@ public class DigestOutputStream extends FilterOutputStream
     if (state)
       digest.update((byte) b);
 
-    super.write(b);
+    out.write(b);
   }
 
   /**
@@ -131,7 +131,7 @@ public class DigestOutputStream extends FilterOutputStream
     if (state)
       digest.update(b, off, len);
 
-    super.write(b, off, len);
+    out.write(b, off, len);
   }
 
   /**

libjava/java/security/DomainCombiner.java

-/* DomainCombiner.java - Combines ProtectionDomains
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* DomainCombiner.java -- Combines ProtectionDomains
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,27 +38,30 @@ exception statement from your version. */
 package java.security;
 
 /**
-   A public interface used to combine two ProtectionDomains in a new
-   ProtectionDomain and update the current Protection Domains
-   associated with the current AccessControllerContext.
-
-   It can add, subtract, or update ProtectionDomains or possibly
-   remove duplicates or any possible complex action but just not add
-   ones that do not already exist in either array.
-
-   @since JDK 1.3
-   @author Mark Benvenuto 
+ * A public interface used to combine two ProtectionDomains in a new
+ * ProtectionDomain and update the current Protection Domains
+ * associated with the current AccessControlContext.
+ *
+ * It can add, subtract, or update ProtectionDomains or possibly
+ * remove duplicates or any possible complex action but just not add
+ * ones that do not already exist in either array.
+ *
+ * @author Mark Benvenuto
+ * @see AccessControlContext
+ * @see AccessController
+ * @since 1.3
+ * @status updated to 1.4
  */
 public interface DomainCombiner
 {
   /**
-     Combines the current ProtectionDomains of the Thread with new
-     ProtectionDomains.
-
-     @param currentDomains - the ProtectionDomains for the current thread.
-     @param assignedDomains - ProtectionsDomains to add
-     @returns a new array of all the ProtectionDomains 
+   * Combines the current ProtectionDomains of the Thread with new
+   * ProtectionDomains.
+   *
+   * @param currentDomains - the ProtectionDomains for the current thread.
+   * @param assignedDomains - ProtectionsDomains to add
+   * @return a new array of all the ProtectionDomains
    */
-  public ProtectionDomain[] combine(ProtectionDomain[]currentDomains,
-				    ProtectionDomain[]assignedDomains);
-}
+  ProtectionDomain[] combine(ProtectionDomain[] currentDomains,
+                             ProtectionDomain[] assignedDomains);
+} // interface DomainCombiner

libjava/java/security/GeneralSecurityException.java

 /* GeneralSecurityException.java -- Common superclass of security exceptions
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,31 +41,32 @@ package java.security;
  * This class is the common superclass of all security exceptions.  All
  * exceptions in java.security extend this class with the exception (no
  * pun intended) of <code>AccessControlException</code> and 
- * <code>CertificateException</code> which extend <code>SecurityException</code>
- * and <code>ProviderException</code> which extens <code>RuntimeException</code>.
- * and <code>InvalidParamterException</code> which extends
- * <code>IllegalArgumentException</code>.
+ * <code>CertificateException</code> (which extend
+ * <code>SecurityException</code>), <code>ProviderException</code>
+ * (<code>RuntimeException</code>), and <code>InvalidParamterException</code>
+ * (<code>IllegalArgumentException</code>).
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @status updated to 1.4
  */
 public class GeneralSecurityException extends Exception
 {
   /**
-   * This method initializes a new instance of <code>GeneralSecurityException</code> 
-   * with no descriptive error message.
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 894798122053539237L;
+
+  /**
+   * Create a new instance with no descriptive error message.
    */
   public GeneralSecurityException()
   {
-    super();
   }
 
   /**
-   * This method initializes a new instance of <code>GeneralSecurityException</code>
-   * with a descriptive error message.
+   * Create a new instance with a descriptive error message.
    *
-   * @param msg The descriptive error message.
+   * @param msg the descriptive error message
    */
   public GeneralSecurityException(String msg)
   {

libjava/java/security/Guard.java

 /* Guard.java -- Check access to a guarded object
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,9 +41,10 @@ package java.security;
  * This interface specifies a mechanism for querying whether or not
  * access is allowed to a guarded object.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @see GuardedObject
+ * @since 1.1
+ * @status updated to 1.4
  */
 public interface Guard
 {
@@ -52,10 +53,8 @@ public interface Guard
    * guarded object. Access is allowed if this method returns silently. If
    * access is denied, an exception is generated.
    *
-   * @param obj The <code>Object</code> to test
-   *
-   * @exception SecurityException If access to the object is denied.
+   * @param obj the <code>Object</code> to test
+   * @throws SecurityException if access to the object is denied
    */
-  public abstract void checkGuard(Object obj) throws SecurityException;
-
-}
+  void checkGuard(Object obj);
+} // interface Guard

libjava/java/security/GuardedObject.java

 /* GuardedObject.java -- An object protected by a Guard
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,6 +38,8 @@ exception statement from your version. */
 package java.security;
 
 import java.io.Serializable;
+import java.io.IOException;
+import java.io.ObjectOutputStream;
 
 /**
  * This class is an object that is guarded by a <code>Guard</code> object.
@@ -47,29 +49,39 @@ import java.io.Serializable;
  * <code>Guard</code>.  If the <code>Guard</code> disallows access, an
  * exception will be thrown.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @since 1.1
+ * @status updated to 1.4
  */
 public class GuardedObject implements Serializable
 {
   /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -5240450096227834308L;
+
+  /**
    * This is the Guard that is protecting the object.
+   *
+   * @serial the guard
    */
-  private Guard guard;
+  private final Guard guard;
 
   /**
    * This is the object that is being guarded.
+   *
+   * @serial the protected object
    */
-  private Object object;
+  private final Object object;
 
   /**
    * This method initializes a new instance of <code>GuardedObject</code>
    * that protects the specified <code>Object</code> using the specified
-   * <code>Guard</code>
+   * <code>Guard</code>. A null guard means there are no restrictions on
+   * accessing the object.
    *
-   * @param object The <code>Object</code> to guard
-   * @param guard The <code>Guard</code> that is protecting the object.
+   * @param object the <code>Object</code> to guard
+   * @param guard the <code>Guard</code> that is protecting the object
    */
   public GuardedObject(Object object, Guard guard)
   {
@@ -84,12 +96,25 @@ public class GuardedObject implements Serializable
    * the <code>Object</code> is returned.
    *
    * @return The object being guarded
+   * @throws SecurityException if access is denied
+   */
+  public Object getObject()
+  {
+    if (guard != null)
+      guard.checkGuard(object);
+    return object;
+  }
+
+  /**
+   * Ensures that serialization is legal, by checking the guard.
    *
-   * @exception SecurityException If the <code>Guard</code> disallows access to the object.
+   * @param s the stream to write to
+   * @throws IOException if the underlying stream fails
    */
-  public Object getObject() throws SecurityException
+  private void writeObject(ObjectOutputStream s) throws IOException
   {
+    if (guard != null)
       guard.checkGuard(object);
-    return (object);
+    s.defaultWriteObject();
   }
-}
+} // class GuardedObject

libjava/java/security/InvalidAlgorithmParameterException.java

-/* InvalidAlgorithmParameterException.java
-   Copyright (C) 2000  Free Software Foundation, Inc.
+/* InvalidAlgorithmParameterException.java -- an invalid parameter to a
+   security algorithm
+   Copyright (C) 2000, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,23 +39,33 @@ exception statement from your version. */
 package java.security;
 
 /**
+ * Thrown for an invalid security algorithm parameter.
+ *
  * @author Warren Levy <warrenl@cygnus.com>
- * @date February 2, 2000.
+ * @since 1.2
+ * @status updated to 1.4
  */
-
-/**
- * Written using on-line Java Platform 1.2 API Specification.
- * Status:  Believed complete and correct.
+public class InvalidAlgorithmParameterException
+  extends GeneralSecurityException
+{
+  /**
+   * Compatible with JDK 1.2+.
    */
+  private static final long serialVersionUID = 2864672297499471472L;
 
-// JDK1.2
-public class InvalidAlgorithmParameterException extends GeneralSecurityException
-{
+  /**
+   * Construct an exception with no message.
+   */
   public InvalidAlgorithmParameterException()
   {
     super();
   }
 
+  /**
+   * Construct an exception with a message.
+   *
+   * @param msg the message
+   */
   public InvalidAlgorithmParameterException(String msg)
   {
     super(msg);

libjava/java/security/InvalidKeyException.java

-/* Copyright (C) 2000  Free Software Foundation
+/* InvalidKeyException -- thrown for an invalid key
+   Copyright (C) 2000, 2002 Free Software Foundation
 
 This file is part of GNU Classpath.
 
@@ -37,22 +38,30 @@ exception statement from your version. */
 package java.security;
 
 /**
+ * Thrown for an invalid key.
+ *
  * @author Warren Levy <warrenl@cygnus.com>
- * @date February 1, 2000.
+ * @status updated to 1.4
  */
-
-/**
- * Written using on-line Java Platform 1.2 API Specification.
- * Status:  Believed complete and correct.
- */
-
 public class InvalidKeyException extends KeyException
 {
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 5698479920593359816L;
+
+  /**
+   * Construct an exception with no message.
+   */
   public InvalidKeyException()
   {
-    super();
   }
 
+  /**
+   * Construct an exception with a message.
+   *
+   * @param msg the message
+   */
   public InvalidKeyException(String msg)
   {
     super(msg);

libjava/java/security/InvalidParameterException.java

-/* Copyright (C) 2000  Free Software Foundation
+/* InvalidParameterException.java -- an invalid parameter in the JCA/JCE engine
+   Copyright (C) 2000, 2002 Free Software Foundation
 
 This file is part of GNU Classpath.
 
@@ -37,22 +38,31 @@ exception statement from your version. */
 package java.security;
 
 /**
+ * Thrown when an invalid parameter is passed to a method of the JCA/JCE
+ * engine classes.
+ *
  * @author Warren Levy <warrenl@cygnus.com>
- * @date February 1, 2000.
+ * @status updated to 1.4
  */
-
-/**
- * Written using on-line Java Platform 1.2 API Specification.
- * Status:  Believed complete and correct.
- */
-
 public class InvalidParameterException extends IllegalArgumentException
 {
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -857968536935667808L;
+
+  /**
+   * Construct an exception with no message.
+   */
   public InvalidParameterException()
   {
-    super();
   }
 
+  /**
+   * Construct an exception with a message.
+   *
+   * @param msg the message
+   */
   public InvalidParameterException(String msg)
   {
     super(msg);

libjava/java/security/Key.java

 /* Key.java -- A abstract representation of a digital key
-   Copyright (C) 1998, 2000 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2000, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -43,28 +43,36 @@ import java.io.Serializable;
  * This interfaces models the base characteristics that all keys must
  * have.  These are:  a key algorithm, an encoded form, and a format used
  * to encode the key.  Specific key types inherit from this interface.
- * <p>
  * Note that since this interface extends <code>Serializable</code>, all
- * keys may be serialized.
+ * keys may be serialized. Keys are generally obtained through key generators,
+ * including {@link KeyFactory}.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @see PublicKey
+ * @see PrivateKey
+ * @see KeyPair
+ * @see KeyPairGenerator
+ * @see KeyFactory
+ * @see KeySpec
+ * @see Identity
+ * @see Signer
+ * @since 1.1
+ * @status updated to 1.4
  */
 public interface Key extends Serializable
 {
   /**
    * The verion identifier used for serialization.
    */
-  public static final long serialVersionUID = 6603384152749567654L;
+  long serialVersionUID = 6603384152749567654L;
 
   /**
    * This method returns the name of the algorithm for this key.  This is a
    * <code>String</code> such as "RSA".
    *
-   * @return The name of the algorithm in use
+   * @return the name of the algorithm in use
    */
-  public abstract String getAlgorithm();
+  String getAlgorithm();
 
   /**
    * This method returns the name of the encoding format for this key.  This
@@ -72,15 +80,15 @@ public interface Key extends Serializable
    * "X.509" or "PKCS#8".  This method returns <code>null</code> if this key
    * does not have an encoding format.
    *
-   * @return The name of the encoding format for this key, or <code>null</code> if there is no such format.
+   * @return the name of the encoding format for this key, or null
    */
-  public abstract String getFormat();
+  String getFormat();
 
   /**
    * This method returns the encoded form of the key.  If this key does not
-   * support encoding, this method returns <code>null</code>
+   * support encoding, this method returns <code>null</code>.
    *
-   * @return The encoded form of the key, or <code>null</code> if no encoded form is available.
+   * @return the encoded form of the key, or null
    */
-  public abstract byte[] getEncoded();
-}
+  byte[] getEncoded();
+} // interface Key

libjava/java/security/KeyException.java

 /* KeyException.java -- Thrown when there is a problem with a key
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,26 +40,30 @@ package java.security;
 /**
  * This exception is thrown when there is a problem with a key.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @see Key
+ * @status updated to 1.4
  */
 public class KeyException extends GeneralSecurityException
 {
   /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -7483676942812432108L;
+
+  /**
    * This method initializes a new instance of <code>KeyException</code>
    * with no descriptive message.
    */
   public KeyException()
   {
-    super();
   }
 
   /**
    * This method initializes a new instance of <code>KeyException</code>
    * with a descriptive message.
    *
-   * @param msg The descriptive message.
+   * @param msg the descriptive message
    */
   public KeyException(String msg)
   {

libjava/java/security/KeyManagementException.java

-/* KeyManagementException.java -- What it says
-   Copyright (C) 1998 Free Software Foundation, Inc.
+/* KeyManagementException.java -- an exception in key management
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,26 +41,28 @@ package java.security;
  * This exception is thrown whenever a problem related to the management of
  * security keys is encountered.
  *
-   * @version 0.0
-   *
-   * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @see Key
+ * @status updated to 1.4
  */
 public class KeyManagementException extends KeyException
 {
   /**
-   * This method initializes a new instance of <code>KeyManagementException</code>
-   * with no descriptive error message.
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 947674216157062695L;
+
+  /**
+   * Create a new instance with no descriptive error message.
    */
   public KeyManagementException()
   {
-    super();
   }
 
   /**
-   * This method initializes a new instance of <code>KeyManagementException</code>
-   * with a descriptive error message.
+   * Create a new instance with a descriptive error message.
    *
-   * @param msg The descriptive error message
+   * @param msg the descriptive error message
    */
   public KeyManagementException(String msg)
   {

libjava/java/security/KeyStoreException.java

 /* KeyStoreException.java -- Indicates a problem with the key store
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,26 +40,28 @@ package java.security;
 /**
  * Indicates a problem with the key store.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @since 1.2
+ * @status updated to 1.4
  */
 public class KeyStoreException extends GeneralSecurityException
 {
   /**
-   * This method initializes a new <code>KeyStoreException</code> with no
-   * detailed error message.
+   * Compatible with JDK 1.2+.
+   */
+  private static final long serialVersionUID = -1119353179322377262L;
+
+  /**
+   * Create a new instance detailed error message.
    */
   public KeyStoreException()
   {
-    super();
   }
 
   /**
-   * This method initializes a new <code>KeyStoreException</code> with a
-   * detailed error message.
+   * Create a new instance with a detailed error message.
    *
-   * @param msg The descriptive error message.
+   * @param msg the descriptive error message
    */
   public KeyStoreException(String msg)
   {

libjava/java/security/MessageDigest.java

@@ -170,7 +170,7 @@ public abstract class MessageDigest extends MessageDigestSpi
    */
   public void update(byte[]input, int offset, int len)
   {
-    engineUpdate(input, 0, input.length);
+    engineUpdate(input, offset, len);
   }
 
   /**

libjava/java/security/NoSuchAlgorithmException.java

-/* NoSuchAlgorithmException.java -- What it says
-   Copyright (C) 1998 Free Software Foundation, Inc.
+/* NoSuchAlgorithmException.java -- an algorithm was not available
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,26 +41,27 @@ package java.security;
  * This exception is thrown when the requested security algorithm is
  * not available
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @status updated to 1.4
  */
 public class NoSuchAlgorithmException extends GeneralSecurityException
 {
   /**
-   * This method initializes a new instance of <code>NoSuchAlgorithmException</code>
-   * with no descriptive error message.
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -7443947487218346562L;
+
+  /**
+   * Create a new instance with no descriptive error message.
    */
   public NoSuchAlgorithmException()
   {
-    super();
   }
 
   /**
-   * This method initializes a new instance of <code>NoSuchAlgorithmException</code>
-   * with a descriptive error message.
+   * Create a new instance with a descriptive error message.
    *
-   * @param msg The descriptive error message
+   * @param msg the descriptive error message
    */
   public NoSuchAlgorithmException(String msg)
   {

libjava/java/security/NoSuchProviderException.java

-/* NoSuchProviderException.java -- What it says
-   Copyright (C) 1998 Free Software Foundation, Inc.
+/* NoSuchProviderException.java -- thrown when a provider is not found
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,26 +41,27 @@ package java.security;
  * This exception is thrown when the requested security provider is
  * not available.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @status updated to 1.4
  */
 public class NoSuchProviderException extends GeneralSecurityException
 {
   /**
-   * This method initializes a new instance of <code>NoSuchProviderException</code>
-   * with no descriptive error message.
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 8488111756688534474L;
+
+  /**
+   * Create a new instance with no descriptive error message.
    */
   public NoSuchProviderException()
   {
-    super();
   }
 
   /**
-   * This method initializes a new instance of <code>NoSuchProviderException</code>
-   * with a descriptive error message.
+   * Create a new instance with a descriptive error message.
    *
-   * @param msg The descriptive error message.
+   * @param msg the descriptive error message
    */
   public NoSuchProviderException(String msg)
   {

libjava/java/security/Permission.java

 /* Permission.java -- The superclass for all permission objects
-   Copyright (C) 1998, 2001 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -51,66 +51,59 @@ import java.io.Serializable;
  * actions associated with them.  That is, you either have the permission
  * or you don't.
  *
- * The most important method in this class is <code>implies</code>.  This
+ * <p>The most important method in this class is <code>implies</code>.  This
  * checks whether if one has this permission, then the specified
  * permission is also implied.  As a conceptual example, consider the
  * permissions "Read All Files" and "Read File foo".  The permission
  * "Read All Files" implies that the caller has permission to read the
  * file foo.
  *
- * <code>Permission</code>'s are not dynamic objects.  Once created, a 
- * <code>Permission</code>'s name and action list cannot be changed.
+ * <p><code>Permission</code>'s must be immutable - do not change their
+ * state after creation.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @see Permissions
+ * @see PermissionCollection
+ * @since 1.1
+ * @status updated to 1.4
  */
 public abstract class Permission implements Guard, Serializable
 {
   /**
-   * This is the name assigned to this permission object.
+   * Compatible with JDK 1.1+.
    */
-  private String name;		// Taken from the serializable form information
+  private static final long serialVersionUID = -5636570222231596674L;
 
   /**
-   * This method initializes a new instance of <code>Permission</code> to
-   * have the specified name.
+   * This is the name assigned to this permission object.
+   *
+   * @serial the name of the permission
    */
-  public Permission(String name)
-  {
-    this.name = name;
-  }
+  private String name;
 
   /**
-   * This method returns the name of this <code>Permission</code>
+   * Create an instance with the specified name.
    *
-   * @return The name of this <code>Permission</code>
+   * @param name the permission name
    */
-  public final String getName()
+  public Permission(String name)
   {
-    return (name);
+    this.name = name;
   }
 
   /**
-   * This method returns the list of actions for this <code>Permission</code>
-   * as a <code>String</code>.
-   *
-   * @return The action list for this <code>Permission</code>.
-   */
-  public abstract String getActions();
-
-  /**
    * This method implements the <code>Guard</code> interface for this class.
    * It calls the <code>checkPermission</code> method in
    * <code>SecurityManager</code> with this <code>Permission</code> as its
    * argument.  This method returns silently if the security check succeeds
    * or throws an exception if it fails.
    *
-   * @param obj The <code>Object</code> being guarded - ignored by this class
-   *
-   * @exception SecurityException If the security check fails
+   * @param obj the <code>Object</code> being guarded - ignored by this class
+   * @throws SecurityException if the security check fails
+   * @see GuardedObject
+   * @see SecurityManager#checkPermission(Permission)
    */
-  public void checkGuard(Object obj) throws SecurityException
+  public void checkGuard(Object obj)
   {
     SecurityManager sm = System.getSecurityManager();
     if (sm != null)
@@ -118,48 +111,77 @@ public abstract class Permission implements Guard, Serializable
   }
 
   /**
-   * Check to see if this object equals OBJ.
-   */
-  public abstract boolean equals (Object obj);
-
-  /**
    * This method tests whether this <code>Permission</code> implies that the
    * specified <code>Permission</code> is also granted.
    *
-   * @param perm The <code>Permission</code> to test against
-   *
-   * @return <code>true</code> if the specified <code>Permission</code> is implied by this one, <code>false</code> otherwise.
+   * @param perm the <code>Permission</code> to test against
+   * @return true if perm is implied by this
    */
   public abstract boolean implies(Permission perm);
 
   /**
-   * This method returns a hash code for this <code>Permission</code>.
+   * Check to see if this object equals obj. Use <code>implies</code>, rather
+   * than <code>equals</code>, when making access control decisions.
    *
-   * @return A hash value.
+   * @param obj the object to compare to
+   */
+  public abstract boolean equals(Object obj);
+
+  /**
+   * This method returns a hash code for this <code>Permission</code>. It
+   * must satisfy the contract of <code>Object.hashCode</code>: it must be
+   * the same for all objects that equals considers to be the same.
+   *
+   * @return a hash value
    */
   public abstract int hashCode();
 
   /**
-   * This method returns a <code>String</code> representation of this
-   * <code>Permission</code> object.
+   * Get the name of this <code>Permission</code>.
    *
-   * @return This object as a <code>String</code>.
+   * @return the name
    */
-  public String toString()
+  public final String getName()
   {
-    return ("'\"" + getClass().getName() + "\" \"" + getName() +
-	    "\"" + " \"" + getActions() + "\")'");
+    return name;
   }
 
   /**
+   * This method returns the list of actions for this <code>Permission</code>
+   * as a <code>String</code>. The string should be in canonical order, for
+   * example, both <code>new FilePermission(f, "write,read")</code> and
+   * <code>new FilePermission(f, "read,write")</code> have the action list
+   * "read,write".
+   *
+   * @return the action list for this <code>Permission</code>
+   */
+  public abstract String getActions();
+
+  /**
    * This method returns an empty <code>PermissionCollection</code> object
    * that can store permissions of this type, or <code>null</code> if no
-   * such collection is defined.
+   * such collection is defined. Subclasses must override this to provide
+   * an appropriate collection when one is needed to accurately calculate
+   * <code>implies</code>.
    *
-   * @return A new <code>PermissionCollection</code>
+   * @return a new <code>PermissionCollection</code>
    */
   public PermissionCollection newPermissionCollection()
   {
     return null;
   }
-}
+
+  /**
+   * This method returns a <code>String</code> representation of this
+   * <code>Permission</code> object. This is in the format:
+   * <code>'(' + getClass().getName() + ' ' + getName() + ' ' + getActions
+   * + ')'</code>.
+   *
+   * @return this object as a <code>String</code>
+   */
+  public String toString()
+  {
+    return '(' + getClass().getName() + ' ' + getName() + ' '
+      + getActions() + ')';
+  }
+} // class Permission

libjava/java/security/PermissionCollection.java

 /* PermissionCollection.java -- A collection of permission objects
-   Copyright (C) 1998, 2001 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2001, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,12 +40,12 @@ package java.security;
 import java.io.Serializable;
 import java.util.Enumeration;
 
-  /**
+/**
  * This class models a group of Java permissions.  It has convenient
  * methods for determining whether or not a given permission is implied
  * by any of the permissions in this collection.
-   * <p>
-   * Some care must be taken in storing permissions.  First, a collection of
+ *
+ * <p>Some care must be taken in storing permissions.  First, a collection of
  * the appropriate type must be created.  This is done by calling the
  * <code>newPermissionCollection</code> method on an object of the
  * permission class you wish to add to the collection.  If this method
@@ -53,123 +53,115 @@ import java.util.Enumeration;
  * can be used to store permissions of that type.  However, if a
  * <code>PermissionCollection</code> collection object is returned, that
  * type must be used.
-   * <p>
-   * The <code>PermissionCollection</code>'s returned
-   * by the <code>newPermissionCollection</code> instance in a subclass of
+ *
+ * <p>A <code>PermissionCollection</code> returned by the
+ * <code>newPermissionCollection</code> method in a subclass of
  * <code>Permission</code> is a homogeneous collection.  It only will
  * hold permissions of one specified type - instances of the class that
  * created it.  Not all <code>PermissionCollection</code> subclasses
  * have to hold permissions of only one type however.  For example,
  * the <code>Permissions</code> class holds permissions of many types.
-   * <p>
-   * Since the <code>newPermissionCollection</code> in <code>Permission</code>
+ *
+ * <p>Since the <code>newPermissionCollection</code> in <code>Permission</code>
  * itself returns <code>null</code>, by default a permission can be stored
  * in any type of collection unless it overrides that method to create its
  * own collection type.
  *
-   * @version 0.0
-   *
-   * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @author Eric Blake <ebb9@email.byu.edu>
+ * @see Permission
+ * @see Permissions
+ * @since 1.1
+ * @status updated to 1.4
  */
-public abstract class PermissionCollection
-  extends Object
-  implements Serializable
+public abstract class PermissionCollection implements Serializable
 {
-  private static final String linesep = null;
-
-  static
-  {
-    String linesep = System.getProperty("line.separator");
-    if (linesep == null);
-      linesep = "\n";
-  }
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -6727011328946861783L;
 
   /**
    * Indicates whether or not this collection is read only.
+   *
+   * @serial if the collection is read-only
    */
   private boolean readOnly;
 
   /**
-   * This method initializes a new instance of <code>PermissionCollection</code>.
-   * This is provided only as a default constructor and does nothing in this
-   * class.
+   * Create a new collection.
    */
   public PermissionCollection()
   {
   }
 
   /**
-   * This method tests whether or not this <code>PermissionCollection</code>
-   * object is read only.
+   * This method adds a new <code>Permission</code> object to the collection.
    *
-   * @return <code>true</code> if this collection is read only, <code>false</code> otherwise
-   */
-  public boolean isReadOnly()
-  {
-    return (readOnly);
-  }
-
-  /**
-   * This method sets this <code>PermissionCollection</code> object to be
-   * read only.  No further permissions can be added to it after calling this
-   * method.
+   * @param perm the <code>Permission</code> to add
+   *
+   * @throws SecurityException if the collection is marked read only
+   * @throws IllegalArgumentException if perm is of the wrong type
    */
-  public void setReadOnly()
-  {
-    readOnly = true;
-  }
+  public abstract void add(Permission perm);
 
   /**
-   * This method adds a new <code>Permission</code> object to the collection.
-   *
-   * @param perm The <code>Permission</code> to add.
+   * This method tests whether the specified <code>Permission</code> object is
+   * implied by this collection of <code>Permission</code> objects.
    *
-   * @exception SecurityException If the collection is marked read only.
-   * @exception IllegalArgumentException If a permission of the specified type cannot be added
+   * @param perm the <code>Permission</code> object to test
+   * @return true if the collection implies perm
    */
-  public abstract void
-    add(Permission perm) throws SecurityException, IllegalArgumentException;
+  public abstract boolean implies(Permission perm);
 
   /**
    * This method returns an <code>Enumeration</code> of all the objects in
    * this collection.
    *
-   * @return An <code>Enumeration</code> of this collection's objects.
+   * @return an <code>Enumeration</code> of this collection's objects
    */
   public abstract Enumeration elements();
 
   /**
-   * This method tests whether the specified <code>Permission</code> object is
-   * implied by this collection of <code>Permission</code> objects.
-   *
-   * @param perm The <code>Permission</code> object to test.
+   * This method sets this <code>PermissionCollection</code> object to be
+   * read only.  No further permissions can be added to it after calling this
+   * method.
+   */
+  public void setReadOnly()
+  {
+    readOnly = true;
+  }
+
+  /**
+   * This method tests whether or not this <code>PermissionCollection</code>
+   * object is read only.
    *
-   * @return <code>true</code> if the specified <code>Permission</code> is implied by this collection, <code>false</code> otherwise.
+   * @return true if this collection is read only
    */
-  public abstract boolean implies(Permission perm);
+  public boolean isReadOnly()
+  {
+    return readOnly;
+  }
 
   /**
    * This method returns a <code>String</code> representation of this
-   * collection.  It will print the class name and has code in the same
-   * manner as <code>Object.toString()</code> then print a listing of all
-   * the <code>Permission</code> objects contained.
+   * collection.  It is formed by:
+   * <pre>
+   * super.toString()" (\n"
+   *   // enumerate all permissions, one per line
+   * ")\n"
+   * </pre>
    *
-   * @return A <code>String</code> representing this object.
+   * @return a <code>String</code> representing this object
    */
   public String toString()
   {
-    StringBuffer sb = new StringBuffer("");
+    StringBuffer sb = new StringBuffer(super.toString());
 
-    sb.append(super.toString() + " (" + linesep);
+    sb.append(" (\n");
     Enumeration e = elements();
     while (e.hasMoreElements())
-      {
-	Object obj = e.nextElement();
-	if (obj instanceof Permission)
-	  sb.append(((Permission) obj).toString() + linesep);
-      }
-
-    sb.append(")" + linesep);
-    return (sb.toString());
+      sb.append(' ').append(e.nextElement()).append('\n');
+    return sb.append(")\n").toString();
   }
-}
+} // class PermissionCollection

libjava/java/security/Permissions.java

-/* Permissions.java -- A collection of permission collections
-   Copyright (C) 1998, 2001 Free Software Foundation, Inc.
+/* Permissions.java -- a collection of permission collections
+   Copyright (C) 1998, 2001, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -52,23 +52,31 @@ import java.util.NoSuchElementException;
  * collection type which stores its permissions in a hash table will be
  * used.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @author Eric Blake <ebb9@email.byu.edu>
+ * @since 1.1
  */
-public final class Permissions
-  extends PermissionCollection
+public final class Permissions extends PermissionCollection
   implements Serializable
 {
   /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 4858622370623524688L;
+
+  /**
    * Holds instances of <code>AllPermission</code>.
+   *
+   * @serial the permission collection for AllPermission
    */
   private PermissionCollection allPermission;
 
   /**
    * This is the <code>Hashtable</code> that contains our collections.
+   *
+   * @serial maps Class to PermissionCollection
    */
-  Hashtable perms = new Hashtable();
+  private final Hashtable perms = new Hashtable();
 
   /**
    * This method initializes a new instance of <code>Permissions</code>.
@@ -83,50 +91,37 @@ public final class Permissions
    * type, as determined by calling <code>newPermissionCollection</code> on
    * the specified permission (if an appropriate collection does not already
    * exist). If this object does not specify a particular type of collection,
-   * a default collection which stores in permissions in a hash table will
+   * a default collection, which stores in permissions in a hash table, will
    * be used.
    *
-   * @param perm The <code>Permission</code> object to be added to this collection.
-   *
-   * @exception SecurityException If this collection is marked as read only.
-   * @exception IllegalArgumentException If the specified <code>Permission</code> cannot be added to this collection
+   * @param perm the <code>Permission</code> to add
+   * @throws SecurityException if this collection is marked as read only
    */
   public void add(Permission perm)
-    throws SecurityException, IllegalArgumentException
   {
     if (isReadOnly())
       throw new SecurityException("PermissionCollection is read only");
-
     if (perm instanceof AllPermission)
       {
         if (allPermission == null)
           {
-	    allPermission = new
-	      DefaultPermissionCollection("java.security.AllPermission");
-
-	    perms.put("java.security.AllPermission", allPermission);
+            allPermission = perm.newPermissionCollection();
+            allPermission.add(perm);
+            perms.put(perm.getClass(), allPermission);
           }
       }
     else
       {
-	Object obj = perms.get(perm.getClass().getName());
-	if (obj != null)
-	  {
-	    if (!(obj instanceof PermissionCollection))
-	      throw new RuntimeException("Internal error in Permissions");
-
-	    ((PermissionCollection) obj).add(perm);
-	  }
-	else
+        PermissionCollection pc
+          = (PermissionCollection) perms.get(perm.getClass());
+        if (pc == null)
           {
-	    PermissionCollection pc = perm.newPermissionCollection();
+            pc = perm.newPermissionCollection();
             if (pc == null)
-	      pc = new DefaultPermissionCollection(perm.getClass().getName());
-
-	    pc.add(perm);
-
-	    perms.put(perm.getClass().getName(), pc);
+              pc = new PermissionsHash();
+            perms.put(perm.getClass(), pc);
           }
+        pc.add(perm);
       }
   }
 
@@ -134,23 +129,16 @@ public final class Permissions
    * This method tests whether or not the specified <code>Permission</code>
    * is implied by this <code>PermissionCollection</code>.
    *
-   * @param perm The <code>Permission</code> to test.
-   *
-   * @return <code>true</code> if the specified permission is implied by this <code>PermissionCollection</code>, or <code>false</code> otherwise.
+   * @param perm the <code>Permission</code> to test
+   * @return true if the specified permission is implied by this
    */
   public boolean implies(Permission perm)
   {
     if (allPermission != null)
-      return (true);
-
-    Object obj = perms.get(perm.getClass().getName());
-    if (obj == null)
-      return (false);
-
-    if (!(obj instanceof PermissionCollection))
-      return (false);
-
-    return (((PermissionCollection) obj).implies(perm));
+      return true;
+    PermissionCollection pc
+      = (PermissionCollection) perms.get(perm.getClass());
+    return pc == null ? false : pc.implies(perm);
   }
 
   /**
@@ -158,7 +146,7 @@ public final class Permissions
    * list of all <code>Permission</code> objects contained in this
    * collection.
    *
-   * @return An <code>Enumeration</code> of this collection's elements.
+   * @return an <code>Enumeration</code> of this collection's elements
    */
   public Enumeration elements()
   {
@@ -170,101 +158,86 @@ public final class Permissions
       public boolean hasMoreElements()
       {
         if (sub_enum == null)
-	  if (main_enum == null)
-	    return (false);
-	  else
-	    {
-	      if (!main_enum.hasMoreElements())
-		return (false);
-	      else
           {
-		  try
+            if (main_enum == null)
+              return false;
+            if (! main_enum.hasMoreElements())
               {
+                main_enum = null;
+                return false;
+              }
             PermissionCollection pc =
               (PermissionCollection) main_enum.nextElement();
             sub_enum = pc.elements();
           }
-		  catch (NoSuchElementException e)
-		    {
-		      return (false);
-		    }
-		}
-	    }
-	else if (!sub_enum.hasMoreElements())
+        if (! sub_enum.hasMoreElements())
           {
             sub_enum = null;
-	    return (hasMoreElements());
+            return hasMoreElements();
           }
-
-	return (true);
+        return true;
       }
 
-      public Object nextElement() throws NoSuchElementException
+      public Object nextElement()
       {
-	if (!hasMoreElements())
+        if (! hasMoreElements())
           throw new NoSuchElementException();
-
-	return (sub_enum.nextElement());
+        return sub_enum.nextElement();
       }
     };
   }
+} // class Permissions
 
-  static class DefaultPermissionCollection extends PermissionCollection
-    implements Serializable
-  {
-
-    // Type of Permission we can store
-    private Class permcls;
-
-    // Hashtable where we store permissions.
-    private Hashtable perms = new Hashtable();
+/**
+ * Implements the permission collection for all permissions without one of
+ * their own, and obeys serialization of JDK.
+ *
+ * @author Eric Blake <ebb9@email.byu.edu>
+ */
+class PermissionsHash extends PermissionCollection
+{
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -8491988220802933440L;
 
-    DefaultPermissionCollection(String permtype) throws IllegalArgumentException
-    {
-      try
-	{
-	  permcls = Class.forName(permtype);
-	}
-      catch(ClassNotFoundException e)
-	{
-	  throw new IllegalArgumentException(e.getMessage());
-	}
-    }
+  /**
+   * Hashtable where we store permissions.
+   *
+   * @serial the stored permissions, both as key and value
+   */
+  private final Hashtable perms = new Hashtable();
 
+  /**
+   * Add a permission. We don't need to check for read-only, as this
+   * collection is never exposed outside of Permissions, which has already
+   * done that check.
+   *
+   * @param perm the permission to add
+   */
   public void add(Permission perm)
-      throws SecurityException, IllegalArgumentException
   {
-      if (isReadOnly())
-	throw new SecurityException("PermissionCollection is read only");
-
-      if (!permcls.isInstance(perm))
-	throw new IllegalArgumentException("Wrong permission type: " + 
-                                	   perm.getClass().getName());
-
-      if (perms.get(perm.getName()) != null)
-	throw new IllegalArgumentException("Duplicate permission: " +
-                                	   perm.getName());
-
-      perms.put(perm.getName(), perm);
+    perms.put(perm, perm);
   }
 
+  /**
+   * Returns true if perm is in the collection.
+   *
+   * @param perm the permission to check
+   * @return true if it is implied
+   */
   public boolean implies(Permission perm)
   {
-      Object obj = perms.get(perm.getName());
-      if (obj == null)
-	return(false);
-
-      if (!(obj instanceof Permission))
-	return(false);
-
-      Permission p = (Permission)obj;
-
-      return(p.implies(perm));
+    return perms.get(perm) != null;
   }
 
+  /**
+   * Return the elements.
+   *
+   * @return the elements
+   */
   public Enumeration elements()
   {
-      return(perms.elements());
-    }
+    return perms.elements();
   }
-}
+} // class Permissions

libjava/java/security/Policy.java

@@ -85,8 +85,22 @@ public abstract class Policy
   // FIXME: The class name of the Policy provider should really be sourced 
   // from the "java.security" configuration file. For now, just hard-code 
   // a stub implementation.
-  static private Policy currentPolicy 
-    = new gnu.java.security.provider.DefaultPolicy();
+  static private Policy currentPolicy = null;
+  static 
+  {
+    String pp = System.getProperty ("policy.provider");
+    if (pp != null)
+      try
+	{
+	  currentPolicy = (Policy)Class.forName(pp).newInstance();
+	} 
+      catch (Exception _) 
+	{
+	  currentPolicy = null;
+	}
+    if (currentPolicy == null)
+      currentPolicy = new gnu.java.security.provider.DefaultPolicy();
+  }
   
   /**
      Constructs a new Policy class.

libjava/java/security/Principal.java

 /* Principal.java -- A security entity
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -35,48 +35,51 @@ this exception to your version of the library, but you are not
 obligated to do so.  If you do not wish to do so, delete this
 exception statement from your version. */
 
+
 package java.security;
 
 /**
  * This interface models an entity (such as a user or a certificate authority)
  * for the purposes of applying the Java security model.
  *
-   * @version 0.0
-   *
-   * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @see X509Certificate
+ * @since 1.1
+ * @status updated to 1.4
  */
 public interface Principal
 {
   /**
-   * This method returns a <code>String</code> that names this 
-   * <code>Principal</code>.
+   * This method tests another <code>Principal</code> object for equality
+   * with this one.
    *
-   * @return The name of this <code>Principal</code>.
+   * @param obj the Object to test for equality
+   * @return true if the specified <code>Principal</code> is equal
    */
-  public abstract String getName();
+  boolean equals(Object obj);
 
   /**
-   * This method tests another <code>Principal</code> object for equality
-   * with this one.
-   * 
-   * @param obj The <code>Object</code> (which is a <code>Principal</code>) to test for equality against.
+   * This method returns a <code>String</code> representation of this
+   * <code>Principal</code>.
    *
-   * @return <code>true</code> if the specified <code>Principal</code> is equal to this one, <code>false</code> otherwise.
+   * @return this <code>Principal</code> represented as a <code>String</code>
    */
-  public abstract boolean equals(Object obj);
+  String toString();
 
   /**
    * This method returns a hash code value for this <code>Principal</code>.
+   * Remember the contract of hashCode - two objects which compare as
+   * equals() must have the same hashCode().
    *
-   * @return A hash value
+   * @return a hash value
    */
-  public abstract int hashCode();
+  int hashCode();
 
   /**
-   * This method returns a <code>String</code> representation of this
+   * This method returns a <code>String</code> that names this
    * <code>Principal</code>.
    *
-   * @return This <code>Principal</code> represented as a <code>String</code>.
+   * @return the name of this <code>Principal</code>
    */
-  public abstract String toString();
-}
+  String getName();
+} // interface Principal

libjava/java/security/PrivateKey.java

-/* PrivateKey.java -- "Super-interface" for all private keys
-   Copyright (C) 1998, 2001 Free Software Foundation, Inc.
+/* PrivateKey.java -- tagging interface for all private keys
+   Copyright (C) 1998, 2001, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -42,10 +42,21 @@ package java.security;
  * This interface specified no methods.  In simply provides a common
  * super-interface for all algorithm specific private key values.
  *
-   * @version 0.0
-   *
-   * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @see Key
+ * @see PublicKey
+ * @see Certificate
+ * @see Signature#initVerify(PublicKey)
+ * @see DSAPrivateKey
+ * @see RSAPrivateKey
+ * @see RSAPrivateCrtKey
+ * @since 1.1
+ * @status updated to 1.4
  */
 public interface PrivateKey extends Key
 {
-}
+  /**
+   * The verion identifier used for serialization.
+   */
+  long serialVersionUID = 6034044314589513430L;
+} // interface PrivateKey

libjava/java/security/PrivilegedAction.java

 /* PrivilegedAction.java -- Perform a privileged action
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -43,9 +43,11 @@ package java.security;
  * <code>AccessController.doPrivileged()</code> after that method
  * activiates the required privileges.
  *
- * @version 0.0
- *
  * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @see AccessController
+ * @see PrivilegedExceptionAction
+ * @since 1.1
+ * @status updated to 1.4
  */
 public interface PrivilegedAction
 {
@@ -55,6 +57,8 @@ public interface PrivilegedAction
    * <code>AccessController.doPrivileged()</code>.
    *
    * @return obj An implementation dependent return value
+   * @see AccessController#doPrivileged(PrivilegedAction)
+   * @see AccessController#doPrivileged(PrivilegedAction, AccessControlContext)
    */
-  public abstract Object run();
-}
+  Object run();
+} // interface PrivilegedAction

libjava/java/security/PrivilegedActionException.java

-/* PrivilegedActionException.java -- An exception occurred in a 
-   privileged action.
-   Copyright (C) 1998 Free Software Foundation, Inc.
+/* PrivilegedActionException.java -- wrap an exception in a privileged action
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,76 +37,73 @@ exception statement from your version. */
 
 package java.security;
 
-import java.io.PrintStream;
-import java.io.PrintWriter;
-
 /**
  * This exception is thrown when an exception is thrown during a
  * privileged action being performed with the
- * <code>AccessController.doPrivileged()</code> method.  It wrappers the
+ * <code>AccessController.doPrivileged()</code> method.  It wraps the
  * actual exception thrown in the privileged code.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @author Eric Blake <ebb9@email.byu.edu>
+ * @see PrivilegedExceptionAction
+ * @see AccessController#doPrivileged(PrivilegedExceptionAction)
+ * @see AccessController#doPrivileged(PrivilegedExceptionAction, AccessControlContext)
+ * @status updated to 1.4
  */
 public class PrivilegedActionException extends Exception
 {
-
   /**
-   * This is the actual exception that occurred
+   * Compatible with JDK 1.1+.
    */
-  private Exception e;
+  private static final long serialVersionUID = 4724086851538908602L;
 
   /**
-   * This method initializes a new instance of <code>PrivilegedActionException</code>
-   * that wrappers the specified <code>Exception</code>.
+   * This is the actual exception that occurred.
    *
-   * @param e The <code>Exception</code> to wrapper
+   * @serial the wrapped exception
    */
-  public PrivilegedActionException(Exception e)
-  {
-    this.e = e;
-  }
+  private Exception exception;
 
   /**
-   * This method returns the underlying <code>Exception</code> that caused
-   * this exception to be raised.
+   * Create a new instance that wraps the specified <code>Exception</code>.
    *
-   * @return The wrappered <code>Exception</code>.
+   * @param e the <code>Exception</code> to wrap
    */
-  public Exception getException()
+  public PrivilegedActionException(Exception e)
   {
-    return (e);
+    super(e);
+    exception = e;
   }
 
   /**
-   * This method prints the stack trace of the wrappered exception.
+   * Get the underlying <code>Exception</code> that caused this one. This
+   * is a legacy method, the preferred way is {@link #getCause()}.
+   *
+   * @return the cause
    */
-  public void printStackTrace()
+  public Exception getException()
   {
-    e.printStackTrace();
+    return exception;
   }
 
   /**
-   * This method prints the stack trace of the wrappered exception to the
-   * specified <code>PrintStream</code>.
+   * Gets the cause of this exception.
    *
-   * @param ps The <code>PrintStream</code> to print the stack trace to.
+   * @return the cause
+   * @since 1.4
    */
-  public void printStackTrace(PrintStream ps)
+  public Throwable getCause()
   {
-    e.printStackTrace(ps);
+    return exception;
   }
 
   /**
-   * This method prints the stack trace of the wrappered exception to the
-   * specified <code>PrintWriter</code>.
+   * Convert this to a String.
    *
-   * @param pw The <code>PrintWriter</code> to print the stack trace to.
+   * @return the string representation
    */
-  public void printStackTrace(PrintWriter pw)
+  public String toString()
   {
-    e.printStackTrace(pw);
+    return super.toString();
   }
 }

libjava/java/security/PrivilegedExceptionAction.java

 /* PrivilegedExceptionAction.java -- Perform a privileged operation
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -44,9 +44,9 @@ package java.security;
  * differs from <code>PrivilegedAction</code> in that the <code>run</code>
  * method in this interface may throw a checked exception.
  *
- * @version 0.0
- *
  * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @since 1.1
+ * @status updated to 1.4
  */
 public interface PrivilegedExceptionAction
 {
@@ -55,9 +55,11 @@ public interface PrivilegedExceptionAction
    * successfully complete.  It is called when a section of code invokes
    * <code>AccessController.doPrivileged()</code>.
    *
-   * @return obj An implementation defined return value.
-   *
-   * @exception Exception An implementation specific exception.
+   * @return obj An implementation defined return value
+   * @throws Exception An implementation specific exception
+   * @see AccessController#doPrivileged(PrivilegedExceptionAction)
+   * @see AccessController#doPrivileged(PrivilegedExceptionAction,
+   *                                    AccessControlContext)
    */
-  public abstract Object run() throws Exception;
-}
+  Object run() throws Exception;
+} // interface PrivilegedExceptionAction

libjava/java/security/ProtectionDomain.java

@@ -132,11 +132,13 @@ public class ProtectionDomain
   public String toString()
   {
     StringBuffer sb = new StringBuffer("");
-
-    sb.append(super.toString() + " (" + linesep);
-    sb.append(code_source.toString());
-    sb.append(perms.toString());
-    sb.append(")" + linesep);
+    sb.append("ProtectionDomain (" + linesep);
+    if (code_source == null)
+      sb.append("CodeSource:null" + linesep);
+    else
+      sb.append(code_source + linesep);
+    sb.append(perms);
+    sb.append(linesep + ")" + linesep);
     
     return sb.toString();
   }

libjava/java/security/ProviderException.java

 /* ProviderException.java -- Generic security provider runtime exception
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,26 +41,27 @@ package java.security;
  * This exception indicates that a runtime problem was encounterd with
  * a security provider. 
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @status updated to 1.4
  */
 public class ProviderException extends RuntimeException
 {
   /**
-   * This method initializes a new instance of <code>ProviderException</code>
-   * with no descriptive error message.
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 5256023526693665674L;
+
+  /**
+   * Create an instance with no descriptive error message.
    */
   public ProviderException()
   {
-    super();
   }
 
   /**
-   * This method initializes a new instance of <code>ProviderException</code>
-   * with a descriptive error message.
+   * Create an instance with a descriptive error message.
    *
-   * @param msg The descriptive error message.
+   * @param msg the descriptive error message
    */
   public ProviderException(String msg)
   {

libjava/java/security/PublicKey.java

-/* PublicKey.java -- "Super-interface" for all public keys
-   Copyright (C) 1998, 2001 Free Software Foundation, Inc.
+/* PublicKey.java -- tagging interface for all public keys
+   Copyright (C) 1998, 2001, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,10 +41,20 @@ package java.security;
  * This interface specified no methods.  In simply provides a common
  * super-interface for all algorithm specific public key values.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @see Key
+ * @see PrivateKey
+ * @see Certificate
+ * @see Signature#initVerify(PublicKey)
+ * @see DSAPublicKey
+ * @see RSAPublicKey
+ * @since 1.1
+ * @status updated to 1.4
  */
 public interface PublicKey extends Key
 {
-}
+  /**
+   * The verion identifier used for serialization.
+   */
+  long serialVersionUID = 7187392471159151072L;
+} // interface PublicKey

libjava/java/security/SecureClassLoader.java

@@ -51,12 +51,16 @@ public class SecureClassLoader extends ClassLoader
   protected SecureClassLoader(ClassLoader parent)
   {
     super(parent);
-    // FIXME: What else?
+    SecurityManager sm = System.getSecurityManager();
+    if(sm != null)
+      sm.checkCreateClassLoader();
   }
 
   protected SecureClassLoader()
   {
-    // FIXME: What do we need to do here?
+    SecurityManager sm = System.getSecurityManager();
+    if(sm != null)
+      sm.checkCreateClassLoader();
   }
 
   /** 

libjava/java/security/SecurityPermission.java

 /* SecurityPermission.java -- Class for named security permissions
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -40,54 +40,124 @@ package java.security;
 /**
  * This class provides a mechanism for specified named permissions
  * related to the Java security framework.  These permissions have no
- * associated actions list.  They are either granted or no granted.
- * <p>
- * The list of valid permission names is:
- * <p><ul>
- * <li>getPolicy - Allows retrieval of the system security policy.
- * <li>setPolicy - Allows the security policy to be changed.
- * <li>getProperty.&lt;key&gt; - Allows retrieval of the value of the named
- * property or all properties if &lt;key&gt is a '*'.
- * <li>setProperty.&lt;key&gt; - Allows changing of the value of the named
- * property or all properties if &lt;key&gt is a '*'.
- * <li>insertProvider.&lt;key&gt; - Allows the named provider to be added,
- * or any provide if the key is '*'.
- * <li>removeProvider.&lt;key&gt; - Allows the named provider to be removed,
- * or any provide if the key is '*'.
- * <li>setSystemScope - Allows the system identity scope to be set.
- * <li>setIdentityPublicKey - Allows the public key of an Identity to be set.
- * <li>SetIdentityInfo - Allows the description of an Identity to be set.
- * <li>addIdentityCertificate - Allows a certificate to be set for the public
- * key of an identity.
- * <li>removeIdentityCertificate - Allows a certificate to be removed from the 
- * public key of an identity.
- * <li>clearProviderProperties.&lt;key%gt; - Allows the properties of the
- * named provider to be cleared, or all providers if key is '*'.
- * <li>putProviderProperty.&lt;key%gt; - Allows the properties of the
- * named provider to be changed, or all providers if key is '*'.
- * <li>removeProviderProperty.&lt;key%gt; - Allows the properties of the
- * named provider to be deleted, or all providers if key is '*'.
- * <li>getSignerPrivateKey - Allows the retrieval of the private key for
- * a signer.
- * <li>setSignerKeyPair - Allows the public and private key of a Signer to
- * be changed.
- * </ul>
- * <p>
- * There is some degree of security risk in granting any of these permissions.
- * Some of them can completely compromise system security.  Please exercise
- * extreme caution in granting these permissions.
+ * associated actions list.  They are either granted or not granted.
  *
- * @version 0.0
+ * <p>The list of valid permission names is:<br>
+ * <table border=1>
+ * <tr><th>Permission Name</th><th>Permission Allows</th><th>Risks</th</tr>
+ * <tr>
+ *   <td><code>createAccessControlContext</code></td>
+ *   <td>Allows creation of an AccessControlContext</td>
+ *   <td>The new control context can have a rogue DomainCombiner, leading
+ *       to a privacy leak</td></tr>
+ * <tr>
+ *   <td><code>getDomainCombiner</code></td>
+ *   <td>Get a DomainCombiner from an AccessControlContext</td>
+ *   <td>Access to a DomainCombiner can lead to a privacy leak</td></tr>
+ * <tr>
+ *   <td><code>getPolicy</code></td>
+ *   <td>Allows retrieval of the system security policy</td>
+ *   <td>Malicious code can use information from the policy to better plan
+ *       an attack</td></tr>
+ * <tr>
+ *   <td><code>setPolicy</code></td>
+ *   <td>Allows the security policy to be changed</td>
+ *   <td>Malicious code can give itself any permission it wants</td></tr>
+ * <tr>
+ *   <td><code>getProperty.</code><em>key</em></td>
+ *   <td>Retrieve the property specified by the key</td>
+ *   <td>Malicious code can use information from the property to better plan
+ *       an attack</td></tr>
+ * <tr>
+ *   <td><code>setProperty.</code><em>key</em></td>
+ *   <td>Allows changing of the value of all properties implied by key</td>
+ *   <td>Malicious code can insert rogue classes to steal keys or recreate
+ *       the security policy with whatever permissions it desires</td></tr>
+ * <tr>
+ *   <td><code>insertProvider.</code><em>key</em></td>
+ *   <td>Allows the named provider to be added</td>
+ *   <td>Malicious code can insert rogue providers that steal data</td></tr>
+ * <tr>
+ *   <td><code>removeProvider.</code><em>key</em></td>
+ *   <td>Allows the named provider to be removed</td>
+ *   <td>A missing provider can cripple code that relies on it</td></tr>
+ * <tr>
+ *   <td><code>setSystemScope</code></td>
+ *   <td>Allows the system identity scope to be set</td>
+ *   <td>Malicious code can add certificates not available in the original
+ *       identity scope, to gain more permissions</td></tr>
+ * <tr>
+ *   <td><code>setIdentityPublicKey</code></td>
+ *   <td>Allows the public key of an Identity to be set</td>
+ *   <td>Malicious code can install its own key to gain permissions not
+ *       allowed by the original identity scope</td></tr>
+ * <tr>
+ *   <td><code>SetIdentityInfo</code></td>
+ *   <td>Allows the description of an Identity to be set</td>
+ *   <td>Malicious code can spoof users into trusting a fake identity</td></tr>
+ * <tr>
+ *   <td><code>addIdentityCertificate</code></td>
+ *   <td>Allows a certificate to be set for the public key of an identity</td>
+ *   <td>The public key can become trusted to a wider audience than originally
+ *       intended</td></tr>
+ * <tr>
+ *   <td><code>removeIdentityCertificate</code></td>
+ *   <td>Allows removal of a certificate from an identity's public key</td>
+ *   <td>The public key can become less trusted than it should be</td></tr>
+ * <tr>
+ *   <td><code>printIdentity</code></td>
+ *   <td>View the name of the identity and scope, and whether they are
+ *       trusted</td>
+ *   <td>The scope may include a filename, which provides an entry point for
+ *       further security breaches</td></tr>
+ * <tr>
+ *   <td><code>clearProviderProperties.</code><em>key</em></td>
+ *   <td>Allows the properties of the named provider to be cleared</td>
+ *   <td>This can disable parts of the program which depend on finding the
+ *       provider</td></tr>
+ * <tr>
+ *   <td><code>putProviderProperty.</code><em>key</em></td>
+ *   <td>Allows the properties of the named provider to be changed</td>
+ *   <td>Malicious code can replace the implementation of a provider</td></tr>
+ * <tr>
+ *   <td><code>removeProviderProperty.</code><em>key</em></td>
+ *   <td>Allows the properties of the named provider to be deleted</td>
+ *   <td>This can disable parts of the program which depend on finding the
+ *       provider</td></tr>
+ * <tr>
+ *   <td><code>getSignerPrivateKey</code></td>
+ *   <td>Allows the retrieval of the private key for a signer</td>
+ *   <td>Anyone that can access the private key can claim to be the
+ *       Signer</td></tr>
+ * <tr>
+ *   <td><code>setSignerKeyPair</code></td>
+ *   <td>Allows the public and private key of a Signer to be changed</td>
+ *   <td>The replacement might be a weaker encryption, or the attacker
+ *       can use knowledge of the replaced key to decrypt an entire
+ *       communication session</td></tr>
+ * </table>
+ *
+ * <p>There is some degree of security risk in granting any of these
+ * permissions. Some of them can completely compromise system security.
+ * Please exercise extreme caution in granting these permissions.
  *
  * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @see Permission
+ * @see SecurityManager
+ * @since 1.1
+ * @status updated to 1.4
  */
 public final class SecurityPermission extends BasicPermission
 {
   /**
-   * This method initializes a new instance of <code>SecurityPermission</code>
-   * to have the specified name.
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 5236109936224050470L;
+
+  /**
+   * Create a new instance with the specified name.
    *
-   * @param name The name to assign to this permission.
+   * @param name the name to assign to this permission
    */
   public SecurityPermission(String name)
   {
@@ -95,15 +165,14 @@ public final class SecurityPermission extends BasicPermission
   }
 
   /**
-   * This method initializes a new instance of <code>SecurityPermission</code>
-   * to have the specified name.  The actions parameter is ignored in this
-   * class.
+   * Create a new instance with the specified name. As SecurityPermission
+   * carries no actions, the second parameter is ignored.
    *
-   * @param name The name to assign to this permission.
-   * @param actions The action list for this permission - ignored.
+   * @param name the name to assign to this permission
+   * @param actions ignored
    */
   public SecurityPermission(String name, String actions)
   {
-    super(name, actions);
+    super(name);
   }
-}
+} // class SecurityPermission

libjava/java/security/SignatureException.java

 /* SignatureException.java -- Generic error in signature
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,24 +41,27 @@ package java.security;
  * This exception is thrown when a problem is encountered with a
  * digital signature.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @status updated to 1.4
  */
 public class SignatureException extends GeneralSecurityException
 {
   /**
-   * This method initializes a new instance of <code>SignatureException</code>
-   * with no descriptive error message.
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 7509989324975124438L;
+
+  /**
+   * Create an instance with no descriptive error message.
    */
   public SignatureException()
   {
-    super();
   }
 
   /**
-   * This method initializes a new instance of <code>SignatureException</code>
-   * with a descriptive error message.
+   * Create an instance with a descriptive error message.
+   *
+   * @param msg the message
    */
   public SignatureException(String msg)
   {

libjava/java/security/UnrecoverableKeyException.java

 /* UnrecoverableKeyException.java -- Cannot recover a key from the key store
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,26 +41,28 @@ package java.security;
  * This exception is thrown when a key cannot be recovered from the key
  * store.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @since 1.2
+ * @status updated to 1.4
  */
 public class UnrecoverableKeyException extends GeneralSecurityException
 {
   /**
-   * This method initializes a new instance of <code>UnrecoverableKeyException</code>
-   * with no descriptive error message.
+   * Compatible with JDK 1.2+.
+   */
+  private static final long serialVersionUID = 7275063078190151277L;
+
+  /**
+   * Create an instance with no descriptive error message.
    */
   public UnrecoverableKeyException()
   {
-    super();
   }
 
   /**
-   * This method initializes a new instance of <code>UnrecoverableKeyException</code>
-   * with a descriptive error message.
+   * Create an instance with a descriptive error message.
    *
-   * @param msg The descriptive error message.
+   * @param msg the descriptive error message
    */
   public UnrecoverableKeyException(String msg)
   {

libjava/java/security/UnresolvedPermission.java

-/* UnresolvedPermission.java -- Placeholder for unresolved permissions.
-   Copyright (C) 1998, 2001 Free Software Foundation, Inc.
+/* UnresolvedPermission.java -- Placeholder for unresolved permissions
+   Copyright (C) 1998, 2001, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,162 +38,266 @@ exception statement from your version. */
 package java.security;
 
 import java.io.Serializable;
-// All uses of Certificate in this file refer to this class.
+// All uses of Certificate in this file refer to the one in the listed
+// package, not this one.
 import java.security.cert.Certificate;
+import java.util.Arrays;
+import java.util.Hashtable;
+import java.util.Vector;
+import java.util.Enumeration;
+import java.util.NoSuchElementException;
 
 /**
  * This class is used to hold instances of all permissions that cannot
  * be resolved to available permission classes when the security
  * <code>Policy</code> object is instantiated.  This may happen when the
  * necessary security class has not yet been downloaded from the network.
- * <p>
- * Instances of this class are re-resolved when <code>AccessController</code>
- * check is done.  At that time, a scan is made of all existing
- * <code>UnresolvedPermission</code> objects and they are converted to
- * objects of the appropriate permission type if the class for that type
- * is then available.
  *
- * @version 0.0
+ * <p>Instances of this class are re-resolved when
+ * <code>AccessController</code> check is done.  At that time, a scan is
+ * made of all existing <code>UnresolvedPermission</code> objects and they
+ * are converted to objects of the appropriate permission type if the class
+ * for that type is then available.
  *
  * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @see Permission
+ * @see Permissions
+ * @see PermissionCollection
+ * @see Policy
+ * @since 1.1
+ * @status updated to 1.4
  */
-public final class UnresolvedPermission
-  extends Permission
-  implements Serializable
+public final class UnresolvedPermission extends Permission
 {
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -4821973115467008846L;
 
   /**
-   * The list of actions associated with this permission object
+   * The list of actions associated with this permission object.
+   *
+   * @serial the permission actions
    */
-  private String actions;
+  private final String actions;
 
   /**
-   * The list of <code>Certificates</code> associated with this object
+   * The list of <code>Certificates</code> associated with this object.
    */
-  private Certificate[] certs;
+  private final transient Certificate[] certs;
 
   /**
    * The name of the class this object should be resolved to.
+   *
+   * @serial the fully-qualified classname of the resolved type
    */
-  private String type;
+  // Package visible for use by UnresolvedPermissionCollection.
+  final String type;
 
   /**
-   * This method initializes a new instance of <code>UnresolvedPermission</code>
-   * with all the information necessary to resolve it to an instance of the
-   * proper class at a future time.
+   * The name of the permission.
    *
-   * @param type The name of the desired class this permission should be resolved to
-   * @param name The name of this permission
-   * @param actions The action list for this permission
-   * @param certs The list of certificates this permission's class was signed with
+   * @serial the permission name
+   */
+  private final String name;
+
+  /**
+   * Create a new instance with all the information necessary to resolve it
+   * to an instance of the proper class at a future time.
+   *
+   * @param type the fully-qualified name of the class of this permission
+   * @param name the name of this permission
+   * @param actions the action list for this permission
+   * @param certs the list of certificates that sign this permission
    */
   public UnresolvedPermission(String type, String name, String actions,
                               Certificate[] certs)
   {
     super(name);
-
+    this.name = name;
     this.type = type;
     this.actions = actions;
     this.certs = certs;
   }
 
   /**
-   * This method returns the list of actions associated with this
-   * permission.
-   *
-   * @return The action list
-   */
-  public String getActions()
-  {
-    return (actions);
-  }
-
-  /**
    * This method returns <code>false</code> always to indicate that this
    * permission does not imply the specified permission.  An
    * <code>UnresolvedPermission</code> never grants any permissions.
    *
-   * @param perm The <code>Permission</code> object to test against - ignored by this class
-   *
-   * @return <code>false</code> to indicate this permission does not imply the specified permission.
+   * @param perm the <code>Permission</code> object to test
+   * @return false; until a permission is resolved, it implies nothing
    */
   public boolean implies(Permission perm)
   {
-    return (false);
+    return false;
   }
 
   /**
    * This method tests this permission for equality against the specified
    * <code>Object</code>. This will be true if and only if the following
-   * conditions are met:
-   * <p>
-   * <ul>
-   * <li>The specified <code>Object</code> is an instance of 
-   * <code>UnresolvedPermission</code>, or a subclass.
+   * conditions are met:<ul>
+   * <li>The specified <code>Object</code> is an UnresolvedPermission</li>
    * <li>The specified permission has the same type (i.e., desired class name)
-   * as this permission.
-   * <li>The specified permission has the same name as this one.
-   * <li>The specified permissoin has the same action list as this one.
-   * <li>The specified permission has the same certificate list as this one.
+   *     as this permission.</li>
+   * <li>The specified permission has the same name as this one.</li>
+   * <li>The specified permissoin has the same action list as this one.</li>
+   * <li>The specified permission has the same certificate list as this
+   *     one.</li>
    * </ul>
    *
-   * @param obj The <code>Object</code> to test for equality
-   *
-   * @return <code>true</code> if the specified object is equal to this one, <code>false</code> otherwise.
+   * @param obj the <code>Object</code> to test for equality
+   * @return true if the specified object is equal to this one
    */
   public boolean equals(Object obj)
   {
-    if (!(obj instanceof UnresolvedPermission))
+    if (! (obj instanceof UnresolvedPermission))
       return (false);
-
     UnresolvedPermission up = (UnresolvedPermission) obj;
-
-    if (!getName().equals(up.getName()))
-      return (false);
-
-    if (!getActions().equals(up.getActions()))
-      return (false);
-
-    if (!type.equals(up.type))
-      return (false);
-
-    if (!certs.equals(up.certs))
-      return (false);
-
-    return (true);
+    return up.name.equals(name) && up.actions.equals(actions)
+      && up.type.equals(type) && Arrays.equals(up.certs, certs);
   }
 
   /**
-   * Returns a hash code value for this object.
+   * Returns a hash code value for this object. Following the lead of
+   * Permission, this returns the hashcode of the permission name.
    *
    * @return A hash value
    */
   public int hashCode()
   {
-    return (System.identityHashCode(this));
+    return name.hashCode();
+  }
+
+  /**
+   * This method returns the list of actions associated with this
+   * permission.
+   *
+   * @return the action list
+   */
+  public String getActions()
+  {
+    return actions;
   }
 
   /**
    * This method returns a <code>String</code> representation of this
    * class.  The format is: '(unresolved "ClassName "name" "actions")'
    *
-   * @return A <code>String</code> representation of this object
+   * @return  <code>String</code> representation of this object
    */
   public String toString()
   {
-    return "(unresolved " + type + " " + getName() + " " + getActions() + ")";
+    return "(unresolved " + type + ' ' + name + ' ' + actions + ')';
   }
 
   /**
    * This class returns a <code>PermissionCollection</code> object that can
-   * be used to store instances of <code>UnresolvedPermission</code>.  If
-   * <code>null</code> is returned, the caller is free to use any desired
-   * <code>PermissionCollection</code>.
+   * be used to store instances of <code>UnresolvedPermission</code>.
    *
-   * @return A new <code>PermissionCollection</code>.
+   * @return a new <code>PermissionCollection</code>
    */
   public PermissionCollection newPermissionCollection()
   {
-    return (null);
+    return new UnresolvedPermissionCollection();
+  }
+} // class UnresolvedPermission
+
+/**
+ * Implements the permission collection for unresolved permissions, and
+ * obeys serialization of JDK.
+ *
+ * @author Eric Blake <ebb9@email.byu.edu>
+ */
+class UnresolvedPermissionCollection extends PermissionCollection
+{
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -7176153071733132400L;
+
+  /**
+   * Hashtable where we store permissions.
+   *
+   * @serial map of typename to a Vector of permissions (you'd think Sun
+   *         would document this better!)
+   */
+  private final Hashtable permissions = new Hashtable();
+
+  /**
+   * Add a permission.
+   *
+   * @param perm the permission to add
+   * @throws IllegalArgumentException if perm is not an UnresolvedPermission
+   * @throws SecurityException if the collection is read-only
+   */
+  public void add(Permission perm)
+  {
+    if (isReadOnly())
+      throw new SecurityException();
+    if (! (perm instanceof UnresolvedPermission))
+      throw new IllegalArgumentException();
+    UnresolvedPermission up = (UnresolvedPermission) perm;
+    Vector v = (Vector) permissions.get(up.type);
+    if (v == null)
+      {
+        v = new Vector();
+        permissions.put(up.type, v);
+      }
+    v.add(up);
+  }
+
+  /**
+   * Returns true if perm is implied by the collection.
+   *
+   * @param perm the permission to check
+   * @return false; unresolved permissions imply nothing
+   */
+  public boolean implies(Permission perm)
+  {
+    return false;
+  }
+
+  /**
+   * Return the elements.
+   *
+   * @return the elements
+   */
+  public Enumeration elements()
+  {
+    return new Enumeration()
+    {
+      Enumeration main_enum = permissions.elements();
+      Enumeration sub_enum;
+
+      public boolean hasMoreElements()
+      {
+        if (sub_enum == null)
+          {
+            if (main_enum == null)
+              return false;
+            if (! main_enum.hasMoreElements())
+              {
+                main_enum = null;
+                return false;
+              }
+            Vector v = (Vector) main_enum.nextElement();
+            sub_enum = v.elements();
+          }
+        if (! sub_enum.hasMoreElements())
+          {
+            sub_enum = null;
+            return hasMoreElements();
+          }
+        return true;
+      }
+
+      public Object nextElement()
+      {
+        if (! hasMoreElements())
+          throw new NoSuchElementException();
+        return sub_enum.nextElement();
+      }
+    };
   }
-}
+} // class UnresolvedPermissionCollection

libjava/java/security/acl/AclNotFoundException.java

-/* AclNotFoundException.java -- What it says
-   Copyright (C) 1998 Free Software Foundation, Inc.
+/* AclNotFoundException.java -- thrown when an ACL is not found
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,17 +41,20 @@ package java.security.acl;
  * This exception is thrown when a requested access control list (ACL) is
  * not found.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @status updated to 1.4
  */
 public class AclNotFoundException extends Exception
 {
   /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = 5684295034092681791L;
+
+  /**
    * Initializes a new instance of this class with no descriptive message
    */
   public AclNotFoundException()
   {
-    super();
   }
 }

libjava/java/security/acl/LastOwnerException.java

 /* LastOwnerException.java -- User attempted to delete last ACL owner
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -41,18 +41,22 @@ package java.security.acl;
  * This exception is thrown when an attempt is made to delete the last owner
  * of an access control list (ACL)
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @see Owner#deleteOwner(java.security.Principal, java.security.Principal)
+ * @status updated to 1.4
  */
-public class LastOwnerException extends java.lang.Exception
+public class LastOwnerException extends Exception
 {
   /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -5141997548211140359L;
+
+  /**
    * Initialize a new instance of <code>LastOwnerException</code> that does
    * not have a log message.
    */
   public LastOwnerException()
   {
-    super();
   }
 }

libjava/java/security/acl/NotOwnerException.java

 /* NotOwnerException.java -- Attempt to modify an unowned ACL
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -42,12 +42,15 @@ package java.security.acl;
  * the caller to be the owner of the access control list (ACL) when the caller
  * is in fact not the owner of the ACL.
  *
- * @version 0.0
- *
- * @author Aaron M. Renn (arenn@urbanophile.com)
+ * @author Aaron M. Renn <arenn@urbanophile.com>
+ * @status updated to 1.4
  */
-public class NotOwnerException extends java.lang.Exception
+public class NotOwnerException extends Exception
 {
+  /**
+   * Compatible with JDK 1.1+.
+   */
+  private static final long serialVersionUID = -5555597911163362399L;
 
   /**
    * Initializes a new instance of <code>NotOwnerException</code> that does
@@ -55,6 +58,5 @@ public class NotOwnerException extends java.lang.Exception
    */
   public NotOwnerException()
   {
-    super();
   }
 }

libjava/java/security/cert/CRLException.java

-/* CRLException.java --- Certificate Revocation List Exception
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* CRLException.java -- Certificate Revocation List Exception
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,34 +37,37 @@ exception statement from your version. */
 
 
 package java.security.cert;
+
 import java.security.GeneralSecurityException;
 
 /**
-   Exception for a Certificate Revocation List.
-
-   @since JDK 1.2
-
-   @author Mark Benvenuto
+ * Exception for a Certificate Revocation List.
+ *
+ * @author Mark Benvenuto
+ * @since 1.2
+ * @status updated to 1.4
 */
 public class CRLException extends GeneralSecurityException
 {
+  /**
+   * Compatible with JDK 1.2+.
+   */
+  private static final long serialVersionUID = -6694728944094197147L;
 
   /**
-     Constructs an CRLExceptionwithout a message string.
+   * Constructs an CRLExceptionwithout a message string.
    */
   public CRLException()
   {
-    super();
   }
 
   /**
-     Constructs an CRLException with a message string.
-
-     @param msg A message to display with exception
+   * Constructs an CRLException with a message string.
+   *
+   * @param msg a message to display with exception
    */
   public CRLException(String msg)
   {
-    super( msg );
+    super(msg);
   }
-
 }

libjava/java/security/cert/CertPath.java

+/* CertPath.java -- a sequence of certificates
+   Copyright (C) 2002 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+package java.security.cert;
+
+import java.io.ByteArrayInputStream;
+import java.io.NotSerializableException;
+import java.io.ObjectStreamException;
+import java.io.Serializable;
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * This class represents an immutable sequence, or path, of security
+ * certificates. The path type must match the type of each certificate in the
+ * path, or in other words, for all instances of cert in a certpath object,
+ * <code>cert.getType().equals(certpath.getType())</code> will return true.
+ *
+ * <p>Since this class is immutable, it is thread-safe. During serialization,
+ * the path is consolidated into a {@link CertPathRep}, which preserves the
+ * data regardless of the underlying implementation of the path.
+ *
+ * @author Eric Blake <ebb9@email.byu.edu>
+ * @since 1.4
+ * @status updated to 1.4
+ */
+public abstract class CertPath implements Serializable
+{
+  /**
+   * The serialized representation of a path.
+   *
+   * @author Eric Blake <ebb9@email.byu.edu>
+   */
+  protected static class CertPathRep implements Serializable
+  {
+    /**
+     * Compatible with JDK 1.4+.
+     */
+    private static final long serialVersionUID = 3015633072427920915L;
+
+    /**
+     * The certificate type.
+     *
+     * @serial the type of the certificate path
+     */
+    private final String type;
+
+    /**
+     * The encoded form of the path.
+     *
+     * @serial the encoded form
+     */
+    private final byte[] data;
+
+    /**
+     * Create the new serial representation.
+     *
+     * @param type the path type
+     * @param data the encoded path data
+     */
+    protected CertPathRep(String type, byte[] data)
+    {
+      this.type = type;
+      this.data = data;
+    }
+
+    /**
+     * Decode the data into an actual {@link CertPath} upon deserialization.
+     *
+     * @return the replacement object
+     * @throws ObjectStreamException if replacement fails
+     */
+    protected Object readResolve() throws ObjectStreamException
+    {
+      try
+        {
+          return CertificateFactory.getInstance(type)
+            .generateCertPath(new ByteArrayInputStream(data));
+        }
+      catch (CertificateException e)
+        {
+          throw (ObjectStreamException)
+            new NotSerializableException("java.security.cert.CertPath: "
+                                         + type).initCause(e);
+        }
+    }
+  } // class CertPathRep
+
+  /**
+   * Compatible with JDK 1.4+.
+   */
+  private static final long serialVersionUID = 6068470306649138683L;
+
+  /**
+   * The path type.
+   *
+   * @serial the type of all certificates in this path
+   */
+  private final String type;
+
+  /**
+   * Create a certificate path with the given type. Most code should use
+   * {@link CertificateFactory} to create CertPaths.
+   *
+   * @param type the type of the path
+   */
+  protected CertPath(String type)
+  {
+    this.type = type;
+  }
+
+  /**
+   * Get the (non-null) type of all certificates in the path.
+   *
+   * @return the path certificate type
+   */
+  public String getType()
+  {
+    return type;
+  }
+
+  /**
+   * Get an immutable iterator over the path encodings (all String names),
+   * starting with the default encoding. The iterator will throw an
+   * <code>UnsupportedOperationException</code> if an attempt is made to
+   * remove items from the list.
+   *
+   * @return the iterator of supported encodings in the path
+   */
+  public abstract Iterator getEncodings();
+
+  /**
+   * Compares this path to another for semantic equality. To be equal, both
+   * must be instances of CertPath, with the same type, and identical
+   * certificate lists. Overriding classes must not change this behavior.
+   *
+   * @param o the object to compare to
+   * @return true if the two are equal
+   */
+  public boolean equals(Object o)
+  {
+    if (! (o instanceof CertPath))
+      return false;
+    CertPath cp = (CertPath) o;
+    return type.equals(cp.type)
+      && getCertificates().equals(cp.getCertificates());
+  }
+
+  /**
+   * Returns the hashcode of this certificate path. This is defined as:<br>
+   * <code>31 * getType().hashCode() + getCertificates().hashCode()</code>.
+   *
+   * @return the hashcode
+   */
+  public int hashCode()
+  {
+    return 31 * type.hashCode() + getCertificates().hashCode();
+  }
+
+  public String toString()
+  {
+    List l = getCertificates();
+    int size = l.size();
+    int i = 0;
+    StringBuffer result = new StringBuffer(type);
+    result.append(" Cert Path: length = ").append(size).append(".\n[\n");
+    while (--size >= 0)
+      result.append(l.get(i++)).append('\n');
+    return result.append("\n]").toString();
+  }
+
+  /**
+   * Returns the encoded form of this path, via the default encoding.
+   *
+   * @return the encoded form
+   * @throws CertificateEncodingException if encoding fails
+   */
+  public abstract byte[] getEncoded() throws CertificateEncodingException;
+
+  /**
+   * Returns the encoded form of this path, via the specified encoding.
+   *
+   * @param encoding the encoding to use
+   * @return the encoded form
+   * @throws CertificateEncodingException if encoding fails or does not exist
+   */
+  public abstract byte[] getEncoded(String encoding)
+    throws CertificateEncodingException;
+
+  /**
+   * Returns the immutable, thread-safe list of certificates in this path.
+   *
+   * @return the list of certificates, non-null but possibly empty
+   */
+  public abstract List getCertificates();
+
+  /**
+   * Serializes the path in its encoded form, to ensure reserialization with
+   * the appropriate factory object without worrying about list implementation.
+   * The result will always be an instance of {@link CertPathRep}.
+   *
+   * @return the replacement object
+   * @throws ObjectStreamException if the replacement creation fails
+   */
+  protected Object writeReplace() throws ObjectStreamException
+  {
+    try
+      {
+        return new CertPathRep(type, getEncoded());
+      }
+    catch (CertificateEncodingException e)
+      {
+        throw (ObjectStreamException)
+          new NotSerializableException("java.security.cert.CertPath: "
+                                       + type).initCause(e);
+      }
+  }
+} // class CertPath

libjava/java/security/cert/CertPathBuilderException.java

+/* CertPathBuilderException.java -- wraps an exception during certificate
+   path building
+   Copyright (C) 2002 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package java.security.cert;
+
+import java.io.PrintStream;
+import java.io.PrintWriter;
+import java.security.GeneralSecurityException;
+
+/**
+ * Indicates a problem while using a <code>CertPathBuilder</code>, wrapping
+ * the lower exception. This class is not thread-safe.
+ *
+ * @author Eric Blake <ebb9@email.byu.edu>
+ * @see CertPathBuilder
+ * @since 1.4
+ * @status updated to 1.4
+*/
+public class CertPathBuilderException extends GeneralSecurityException
+{
+  /**
+   * Compatible with JDK 1.4+.
+   */
+  private static final long serialVersionUID = 5316471420178794402L;
+
+  /**
+   * Create an exception without a message. The cause may be initialized.
+   */
+  public CertPathBuilderException()
+  {
+  }
+
+  /**
+   * Create an exception with a message. The cause may be initialized.
+   *
+   * @param msg a message to display with exception
+   */
+  public CertPathBuilderException(String msg)
+  {
+    super(msg);
+  }
+
+  /**
+   * Create an exception with a cause. The message will be
+   * <code>cause == null ? null : cause.toString()</code>.
+   *
+   * @param cause the cause
+   */
+  public CertPathBuilderException(Throwable cause)
+  {
+    this(cause == null ? null : cause.toString(), cause);
+  }
+
+  /**
+   * Create an exception with a cause and a message.
+   *
+   * @param msg the message
+   * @param cause the cause
+   */
+  public CertPathBuilderException(String msg, Throwable cause)
+  {
+    super(msg);
+    initCause(cause);
+  }
+
+  /**
+   * Get the detail message.
+   *
+   * @return the detail message
+   */
+  public String getMessage()
+  {
+    return super.getMessage();
+  }
+
+  /**
+   * Get the cause, null if unknown.
+   *
+   * @return the cause
+   */
+  public Throwable getCause()
+  {
+    return super.getCause();
+  }
+
+  /**
+   * Convert this to a string, including its cause.
+   *
+   * @return the string conversion
+   */
+  public String toString()
+  {
+    return super.toString();
+  }
+
+  /**
+   * Print the stack trace to <code>System.err</code>.
+   */
+  public void printStackTrace()
+  {
+    super.printStackTrace();
+  }
+
+  /**
+   * Print the stack trace to a stream.
+   *
+   * @param stream the stream
+   */
+  public void printStackTrace(PrintStream stream)
+  {
+    super.printStackTrace(stream);
+  }
+
+  /**
+   * Print the stack trace to a stream.
+   *
+   * @param stream the stream
+   */
+  public void printStackTrace(PrintWriter stream)
+  {
+    super.printStackTrace(stream);
+  }
+}

libjava/java/security/cert/CertPathValidatorException.java

+/* CertPathValidatorException.java -- wraps an exception during validation
+   of a CertPath
+   Copyright (C) 2002 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package java.security.cert;
+
+import java.io.PrintStream;
+import java.io.PrintWriter;
+import java.security.GeneralSecurityException;
+
+/**
+ * Indicates a problem while validating a certification path. In addition,
+ * it can store the path an index in that path that caused the problem. This
+ * class is not thread-safe.
+ *
+ * @author Eric Blake <ebb9@email.byu.edu>
+ * @see CertPathValidator
+ * @since 1.4
+ * @status updated to 1.4
+*/
+public class CertPathValidatorException extends GeneralSecurityException
+{
+  /**
+   * Compatible with JDK 1.4+.
+   */
+  private static final long serialVersionUID = -3083180014971893139L;
+
+  /**
+   * The index of the certificate path that failed, or -1.
+   *
+   * @serial the failed index
+   */
+  private final int index;
+
+  /**
+   * The <code>CertPath</code> that failed.
+   *
+   * @serial the object being validated at time of failure
+   */
+  private final CertPath certPath;
+
+  /**
+   * Create an exception without a message. The cause may be initialized. The
+   * index is set to -1 and the failed CertPath object to null.
+   */
+  public CertPathValidatorException()
+  {
+    this((String) null);
+  }
+
+  /**
+   * Create an exception with a message. The cause may be initialized. The
+   * index is set to -1 and the failed CertPath object to null.
+   *
+   * @param msg a message to display with exception
+   */
+  public CertPathValidatorException(String msg)
+  {
+    super(msg);
+    index = -1;
+    certPath = null;
+  }
+
+  /**
+   * Create an exception with a cause. The message will be
+   * <code>cause == null ? null : cause.toString()</code>. The index is set
+   * to -1 and the failed CertPath object to null.
+   *
+   * @param cause the cause
+   */
+  public CertPathValidatorException(Throwable cause)
+  {
+    this(cause == null ? null : cause.toString(), cause, null, -1);
+  }
+
+  /**
+   * Create an exception with a cause and a message. The index is set to -1
+   * and the failed CertPath object to null.
+   *
+   * @param msg the message
+   * @param cause the cause
+   */
+  public CertPathValidatorException(String msg, Throwable cause)
+  {
+    this(msg, cause, null, -1);
+  }
+
+  /**
+   * Create an exception with a cause, message, failed object, and index of
+   * failure in that CertPath.
+   *
+   * @param msg the message
+   * @param cause the cause
+   * @param certPath the path that was being validated, or null
+   * @param index the index of the path, or -1
+   * @throws IndexOutOfBoundsException if index is &lt; -1 or
+   *         &gt; certPath.getCertificates().size()
+   * @throws IllegalArgumentException if certPath is null but index != -1
+   */
+  public CertPathValidatorException(String msg, Throwable cause,
+                                    CertPath certPath, int index)
+  {
+    super(msg);
+    initCause(cause);
+    if (index < -1 || (certPath != null
+                       && index >= certPath.getCertificates().size()))
+      throw new IndexOutOfBoundsException();
+    if ((certPath == null) != (index == -1))
+      throw new IllegalArgumentException();
+    this.certPath = certPath;
+    this.index = index;
+  }
+
+  /**
+   * Get the detail message.
+   *
+   * @return the detail message
+   */
+  public String getMessage()
+  {
+    return super.getMessage();
+  }
+
+  /**
+   * Get the certificate path that had the failure, or null.
+   *
+   * @return the culprit path
+   */
+  public CertPath getCertPath()
+  {
+    return certPath;
+  }
+
+  /**
+   * Get the index that failed, or -1.
+   *
+   * @return the colprit index
+   */
+  public int getIndex()
+  {
+    return index;
+  }
+
+  /**
+   * Get the cause, null if unknown.
+   *
+   * @return the cause
+   */
+  public Throwable getCause()
+  {
+    return super.getCause();
+  }
+
+  /**
+   * Convert this to a string, including its cause.
+   *
+   * @return the string conversion
+   */
+  public String toString()
+  {
+    return super.toString();
+  }
+
+  /**
+   * Print the stack trace to <code>System.err</code>.
+   */
+  public void printStackTrace()
+  {
+    super.printStackTrace();
+  }
+
+  /**
+   * Print the stack trace to a stream.
+   *
+   * @param stream the stream
+   */
+  public void printStackTrace(PrintStream stream)
+  {
+    super.printStackTrace(stream);
+  }
+
+  /**
+   * Print the stack trace to a stream.
+   *
+   * @param stream the stream
+   */
+  public void printStackTrace(PrintWriter stream)
+  {
+    super.printStackTrace(stream);
+  }
+}

libjava/java/security/cert/CertStoreException.java

+/* CertStoreException.java -- wraps an exception during certificate storage
+   Copyright (C) 2002 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package java.security.cert;
+
+import java.io.PrintStream;
+import java.io.PrintWriter;
+import java.security.GeneralSecurityException;
+
+/**
+ * Indicates a problem while retrieving certificates and CRLs from
+ * <code>CertStore</code>, wrapping the lower exception. This class is not
+ * thread-safe.
+ *
+ * @author Eric Blake <ebb9@email.byu.edu>
+ * @see CertStore
+ * @since 1.4
+ * @status updated to 1.4
+*/
+public class CertStoreException extends GeneralSecurityException
+{
+  /**
+   * Compatible with JDK 1.4+.
+   */
+  private static final long serialVersionUID = 2395296107471573245L;
+
+  /**
+   * Create an exception without a message. The cause may be initialized.
+   */
+  public CertStoreException()
+  {
+  }
+
+  /**
+   * Create an exception with a message. The cause may be initialized.
+   *
+   * @param msg a message to display with exception
+   */
+  public CertStoreException(String msg)
+  {
+    super(msg);
+  }
+
+  /**
+   * Create an exception with a cause. The message will be
+   * <code>cause == null ? null : cause.toString()</code>.
+   *
+   * @param cause the cause
+   */
+  public CertStoreException(Throwable cause)
+  {
+    this(cause == null ? null : cause.toString(), cause);
+  }
+
+  /**
+   * Create an exception with a cause and a message.
+   *
+   * @param msg the message
+   * @param cause the cause
+   */
+  public CertStoreException(String msg, Throwable cause)
+  {
+    super(msg);
+    initCause(cause);
+  }
+
+  /**
+   * Get the detail message.
+   *
+   * @return the detail message
+   */
+  public String getMessage()
+  {
+    return super.getMessage();
+  }
+
+  /**
+   * Get the cause, null if unknown.
+   *
+   * @return the cause
+   */
+  public Throwable getCause()
+  {
+    return super.getCause();
+  }
+
+  /**
+   * Convert this to a string, including its cause.
+   *
+   * @return the string conversion
+   */
+  public String toString()
+  {
+    return super.toString();
+  }
+
+  /**
+   * Print the stack trace to <code>System.err</code>.
+   */
+  public void printStackTrace()
+  {
+    super.printStackTrace();
+  }
+
+  /**
+   * Print the stack trace to a stream.
+   *
+   * @param stream the stream
+   */
+  public void printStackTrace(PrintStream stream)
+  {
+    super.printStackTrace(stream);
+  }
+
+  /**
+   * Print the stack trace to a stream.
+   *
+   * @param stream the stream
+   */
+  public void printStackTrace(PrintWriter stream)
+  {
+    super.printStackTrace(stream);
+  }
+}

libjava/java/security/cert/CertificateEncodingException.java

-/* CertificateEncodingException.java --- Certificate Encoding Exception
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* CertificateEncodingException.java -- Certificate Encoding Exception
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -39,31 +39,33 @@ exception statement from your version. */
 package java.security.cert;
 
 /**
-	Exception for a Certificate Encoding.
-
-	@since JDK 1.2
-
-	@author Mark Benvenuto
-*/
+ * Exception for a Certificate Encoding.
+ *
+ * @author Mark Benvenuto
+ * @since 1.2
+ * @status updated to 1.4
+ */
 public class CertificateEncodingException extends CertificateException
 {
+  /**
+   * Compatible with JDK 1.2+.
+   */
+  private static final long serialVersionUID = 6219492851589449162L;
 
   /**
-     Constructs an CertificateEncodingException without a message string.
+   * Constructs an exception without a message string.
    */
   public CertificateEncodingException()
   {
-    super();
   }
 
   /**
-     Constructs an CertificateEncodingException with a message string.
-
-     @param msg A message to display with exception
+   * Constructs an exception with a message string.
+   *
+   * @param msg A message to display with exception
    */
   public CertificateEncodingException(String msg)
   {
-    super( msg );
+    super(msg);
   }
-
 }

libjava/java/security/cert/CertificateException.java

-/* CertificateException.java --- Certificate Exception
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* CertificateException.java -- Certificate Exception
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,34 +37,38 @@ exception statement from your version. */
 
 
 package java.security.cert;
+
 import java.security.GeneralSecurityException;
 
 /**
-	Exception for a Certificate.
-
-	@since JDK 1.2
-
-	@author Mark Benvenuto
-*/
+ * Exception for a Certificate.
+ *
+ * @author Mark Benvenuto
+ * @see Certificate
+ * @since 1.2
+ * @status updated to 1.4
+ */
 public class CertificateException extends GeneralSecurityException
 {
+  /**
+   * Compatible with JDK 1.2+.
+   */
+  private static final long serialVersionUID = 3192535253797119798L;
 
   /**
-     Constructs an CertificateException without a message string.
+   * Constructs an exception without a message string.
    */
   public CertificateException()
   {
-    super();
   }
 
   /**
-     Constructs an CertificateException with a message string.
-
-     @param msg A message to display with exception
+   * Constructs an exception with a message string.
+   *
+   * @param msg a message to display with exception
    */
   public CertificateException(String msg)
   {
-    super( msg );
+    super(msg);
   }
-
 }

libjava/java/security/cert/CertificateExpiredException.java

 /* CertificateExpiredException.java --- Certificate Expired Exception
-   Copyright (C) 1999 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -39,31 +39,33 @@ exception statement from your version. */
 package java.security.cert;
 
 /**
-   Exception for a Certificate Expiring.
-   
-   @since JDK 1.2
-   
-   @author Mark Benvenuto
-*/
+ * Exception for a Certificate Expiring.
+ *
+ * @author Mark Benvenuto
+ * @since 1.2
+ * @status updated to 1.4
+ */
 public class CertificateExpiredException extends CertificateException
 {
+  /**
+   * Compatible with JDK 1.2+.
+   */
+  private static final long serialVersionUID = 9071001339691533771L;
 
   /**
-     Constructs an CertificateExpiredException without a message string.
+   * Constructs an exception without a message string.
    */
   public CertificateExpiredException()
   {
-    super();
   }
 
   /**
-     Constructs an CertificateExpiredException with a message string.
-
-     @param msg A message to display with exception
+   * Constructs an exception with a message string.
+   *
+   * @param msg a message to display with exception
    */
   public CertificateExpiredException(String msg)
   {
-    super( msg );
+    super(msg);
   }
-
 }

libjava/java/security/cert/CertificateFactory.java

-/* CertificateFactory.java --- Certificate Factory Class
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* CertificateFactory.java -- Certificate Factory Class
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -52,9 +52,9 @@ import java.util.Collection;
    java.security.cert.X509Certificate class, and CRLs of the 
    java.security.cert.X509CRL class. 
    
-   @since JDK 1.2
-
    @author Mark Benvenuto
+   @since JDK 1.2
+   @status still missing full 1.4 support
 */
 public class CertificateFactory
 {
@@ -267,4 +267,9 @@ public class CertificateFactory
     return certFacSpi.engineGenerateCRLs( inStream );
   }
 
-}
+  public final CertPath generateCertPath(InputStream inStream)
+    throws CertificateException
+  {
+    throw new CertificateException("not implemented");
+  }
+} // class CertificateFactory

libjava/java/security/cert/CertificateNotYetValidException.java

-/* CertificateNotYetValidException.java --- Certificate Not Yet Valid Exception
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* CertificateNotYetValidException.java -- Certificate Not Yet Valid Exception
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -39,31 +39,33 @@ exception statement from your version. */
 package java.security.cert;
 
 /**
-   Exception for a Certificate being not yet valid.
-   
-   @since JDK 1.2
-   
-   @author Mark Benvenuto
+ * Exception for a Certificate that is not yet valid.
+ *
+ * @author Mark Benvenuto
+ * @since 1.2
+ * @status updated to 1.4
 */
 public class CertificateNotYetValidException extends CertificateException
 {
+  /**
+   * Compatible with JDK 1.2+.
+   */
+  private static final long serialVersionUID = 4355919900041064702L;
 
   /**
-     Constructs an CertificateNotYetValidException without a message string.
+   * Constructs an exception without a message string.
    */
   public CertificateNotYetValidException()
   {
-    super();
   }
 
   /**
-     Constructs an CertificateNotYetValidException with a message string.
-
-     @param msg A message to display with exception
+   * Constructs an exception with a message string.
+   *
+   * @param msg A message to display with exception
    */
   public CertificateNotYetValidException(String msg)
   {
-    super( msg );
+    super(msg);
   }
-
 }

libjava/java/security/cert/CertificateParsingException.java

-/* CertificateParsingException.java --- Certificate Parsing Exception
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* CertificateParsingException.java -- Certificate Parsing Exception
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -39,31 +39,33 @@ exception statement from your version. */
 package java.security.cert;
 
 /**
-   Exception for a Certificate Parsing.
-   
-   @since JDK 1.2
-   
-   @author Mark Benvenuto
+ * Exception for parsing a DER-encoded Certificate.
+ *
+ * @author Mark Benvenuto
+ * @since 1.2
+ * @status updated to 1.4
 */
 public class CertificateParsingException extends CertificateException
 {
+  /**
+   * Compatible with JDK 1.2+.
+   */
+  private static final long serialVersionUID = -7989222416793322029L;
 
   /**
-     Constructs an CertificateParsingException without a message string.
+   * Constructs an exception without a message string.
    */
   public CertificateParsingException()
   {
-    super();
   }
 
   /**
-     Constructs an CertificateParsingException with a message string.
-
-     @param msg A message to display with exception
+   * Constructs an exception with a message string.
+   *
+   * @param msg a message to display with exception
    */
   public CertificateParsingException(String msg)
   {
-    super( msg );
+    super(msg);
   }
-
 }

libjava/java/security/spec/InvalidKeySpecException.java

-/* InvalidKeySpecException.java --- Invalid KeySpec Exception
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* InvalidKeySpecException.java -- invalid KeySpec Exception
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,34 +37,38 @@ exception statement from your version. */
 
 
 package java.security.spec;
+
 import java.security.GeneralSecurityException;
 
 /**
-	Exception for an invalid key specification.
-
-	@since JDK 1.2
-
-	@author Mark Benvenuto
-*/
+ * Exception for an invalid key specification.
+ *
+ * @author Mark Benvenuto
+ * @see KeySpec
+ * @since 1.2
+ * @status updated to 1.4
+ */
 public class InvalidKeySpecException extends GeneralSecurityException
 {
+  /**
+   * Compatible with JDK 1.2+.
+   */
+  private static final long serialVersionUID = 3546139293998810778L;
 
   /**
-     Constructs an InvalidKeySpecException without a message string.
+   * Constructs an InvalidKeySpecException without a message string.
    */
   public InvalidKeySpecException()
   {
-    super();
   }
 
   /**
-     Constructs an InvalidKeySpecException with a message string.
-
-     @param msg A message to display with exception
+   * Constructs an InvalidKeySpecException with a message string.
+   *
+   * @param msg a message to display with exception
    */
   public InvalidKeySpecException(String msg)
   {
-    super( msg );
+    super(msg);
   }
-
 }

libjava/java/security/spec/InvalidParameterSpecException.java

-/* InvalidParameterSpecException.java --- Invalid ParameterSpec Exception
-   Copyright (C) 1999 Free Software Foundation, Inc.
+/* InvalidParameterSpecException.java --- invalid ParameterSpec Exception
+   Copyright (C) 1999, 2002 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -37,34 +37,40 @@ exception statement from your version. */
 
 
 package java.security.spec;
+
 import java.security.GeneralSecurityException;
 
 /**
-	Exception for an invalid algorithm specification.
-
-	@since JDK 1.2
-
-	@author Mark Benvenuto
+ * Exception for an invalid algorithm specification.
+ *
+ * @author Mark Benvenuto
+ * @see AlogorithmParameters
+ * @see AlogorithmParameterSpec
+ * @see DSAParameterSpec
+ * @since 1.2
+ * @status updated to 1.4
 */
 public class InvalidParameterSpecException extends GeneralSecurityException
 {
+  /**
+   * Compatible with JDK 1.2+.
+   */
+  private static final long serialVersionUID = -970468769593399342L;
 
   /**
-     Constructs an InvalidParameterSpecException without a message string.
+   * Constructs an InvalidParameterSpecException without a message string.
    */
   public InvalidParameterSpecException() 
   {
-    super();
   }
 
   /**
-     Constructs an InvalidParameterSpecException with a message string.
-
-     @param msg A message to display with exception
+   * Constructs an InvalidParameterSpecException with a message string.
+   *
+   * @param msg a message to display with exception
    */
   public InvalidParameterSpecException(String msg)
   {
-    super( msg );
+    super(msg);
   }
-
 }